Loading chat...
MD SB907
Bill
Status
2/3/2025
Primary Sponsor
Katie Hester
Click for details
AI Summary
-
Local school systems must comply with State minimum cybersecurity standards beginning in 2026 and certify compliance to the Office of Security Management by June 30, 2026, and every 2 years thereafter
-
Each local school system must conduct a cybersecurity maturity assessment every 2 years and provide sufficient cybersecurity staffing as determined by the State Chief Information Security Officer
-
The Department of Information Technology must assign at least 3 information security officers to assist local school systems with compliance, assessments, and remediation efforts
-
County boards must submit annual reports by August 15 detailing IT staffing (including dedicated cybersecurity professionals) and cybersecurity expenditures related to State minimum standards
-
The Office of Security Management must annually review and update the State minimum cybersecurity standards, and the Office of Legislative Audits must use these standards as guidance when conducting audits
Legislative Description
Cybersecurity - Standards, Compliance, and Audits - Alterations
Counties
Last Action
Hearing 3/05 at 1:00 p.m.
2/5/2025