OH HB475

Requires the state cybersecurity strategic advisor to annually assess cybersecurity infrastructure of municipal corporations and submit reports to the governor, adjutant general, and general assembly

Authorizes the state cybersecurity strategic advisor to certify Ohio-based private cybersecurity firms and contract with them to assist with municipal assessments and respond to cybersecurity incidents

Certified private firms must meet specific requirements including Ohio registration, cybersecurity liability insurance, staff with professional certifications (CISSP, CISM, CISA, GIAC, OSCP, or SOC 2), and 48-hour response capability

Establishes a toll-free, secure telephone hotline staffed 24/7 for state, county, and local governments to report cyberattacks and request immediate support from the Ohio Cyber Reserve

Mandates the Ohio Cyber Reserve respond within 48 hours when a government entity requests support after a cyberattack, and allows coordination with certified private cybersecurity firms during response