FL H1033

Adds a cybersecurity expert requirement to the Technology Advisory Council membership within the Agency for State Technology.

Authorizes private sector vendors to conduct risk assessments and security audits for state agencies.

Requires state agencies to establish computer security incident response teams and develop tiered reporting procedures for information technology security incidents to the Agency for State Technology and Department of Law Enforcement.

Mandates state agencies provide information technology security and cybersecurity awareness training to all employees within 30 days of hire.

Requires the Agency for State Technology to establish an information technology policy for state contracts covering product/service categories, solicitation requirements, evaluation criteria, contract terms, and vendor authorization limits; effective July 1, 2016.