NC H813

Prohibits any state agency, local government entity, or public authority from paying ransoms or communicating with actors conducting ransomware attacks that encrypt data and demand payment for decryption

Requires state agencies and local government entities experiencing ransom requests to consult with the Department of Information Technology

Defines "local government entity" to include cities, counties, local school administrative units, and community colleges

Defines "state agency" to include all executive, judicial, and legislative branch entities, The University of North Carolina, and other entities with state oversight responsibility

Establishes definitions for cybersecurity incidents, ransomware attacks, and significant cybersecurity incidents based on factors including data classification levels and operational impact