State Governments Started 2021 with a Focus …
In their 2021 legislative sessions, 42 states and Puerto Rico have introduced more than 300 pieces of legislation pertaining to cybersecurity, according to research from the National Conference of State Legislatures. That compares with 280 pieces of legislation in 38 states in 2020.
Some of these measures, whether in the form of bills or resolutions, go on to create task forces that focus on the state’s own cyber infrastructure. Others focus on training and development, incident response and data protection strategies for citizens’ data.
According to the report from NCSL, this governmental action was in direct response to the influx of cyber threats, particularly at the start of the COVID-19 pandemic in spring and summer of 2020.
While hundreds of these bills are still in “pending” status, a few have successfully passed and have been either enacted or brought forth for the governor’s signature or veto.
For example, in Mississippi, House Bill 633 passed the Computer Science and Cyber Education Equality Act, which implements a mandatory computer science curriculum for students in grades K-12, based on standards that include training in cybersecurity.
Virginia has had one of the most active state houses in terms of passing cybersecurity legislation, with the most impactful being the state’s March 5 passage of the Consumer Data Protection Act (CDPA). Legislators seem to have taken a page from the 2018 California Consumer Privacy Act (CCPA), but withheld the revenue thresholds for imposing obligations.
However, further legislation in Virginia included the addition of cyber attacks and virtual infrastructure to be included under the Emergency Services and Disaster Law. The state CIO was also given the opportunity to develop security awareness training for all state employees annually. They also expanded the definition of computer trespass, and equated the penalty of someone convincing another to spend cash under false pretenses as a Class 1 misdemeanor.
That said, the bills that remain in “Pending” status may continue to wait there for many months. For example, Maryland, which has more than 20 bills waiting to be voted on, adjourned their session on April 12. With legislative sessions ending as we draw closer to summer, many of these bills may be left untouched until 2022.
Recent news posts
Privacy Update: What States are Enacting Privacy Legislation in 2022?
Holiday Weekend Leaves Many Vulnerable to Cyber Attacks
Costa Rica Ransomware Attack Continues to Plague Citizens
What the Crypto Crash Means for Cyber Crime
Scaling, Improving and Automating Your GRC Strategy
Attend an Event!
Connect and collaborate with fellow security innovators at our Virtual Cybersecurity Summits.