SB 1522 – Security of State Information Technology Systems

• Requires each Florida state agency to deploy cloud native cybersecurity platforms to safeguard cloud and hybrid infrastructure as part of the state's cloud-first policy
• Mandates that deployed platforms provide unified visibility across multi-cloud and hybrid environments, continuous posture management, misconfiguration detection, and automated risk prioritization
• Platforms must also support secure cloud application development (code-to-runtime protection), real-time threat detection and response, and automated compliance monitoring across state and federal cybersecurity frameworks
• Requires the state chief information officer to brief appropriate legislative committees by October 1, 2026, on cloud security monitoring progress, systemic risks across agency cloud deployments, and a future artificial intelligence security roadmap
• Takes effect July 1, 2026