Andrew Powell
Florida’s cybersecurity could be bolstered by the creation of a more robust framework if a new measure is passed this Regular Session.
Stuart Republican Sen. Gayle Harrell filed the bill (SB 770) which aims to create a more resilient and secure digital infrastructure for Florida to protect sensitive information and reduce the risks and impacts of cyber threats.
The Florida Digital Service (DS), which is established within the Department of Management Services (DMS), would be the lead entity responsible for the creation of enterprise information technology and cybersecurity standards to propose and evaluate innovative solutions that securely modernize state government.
DS duties would include developing and publishing information policy to manage the state’s information technology resources, while addressing how information technology infrastructure can support the state’s cloud-first policy objectives set out in Florida statutes.
State agencies and local governments would be required to comply with national and state data compliance security standards, such as the National Inistutute of Standards and Technology Cybersecurity Framework. While ransomware and cybersecurity incidences would be required to be immediately reported to the Cybersecurity Operations Center and the Cybercrime Office to ensure timely mitigation.
The State Chief Information Officer (CIO), in consultation with the Secretary of DMS, would designate a State Chief Technology Officer (CTO) who has substantive experience in information technology, operational technology, technology-related projects, and enterprise architecture.
A CTO would be responsible for conducting comprehensive evaluations of potential technology solutions, cultivating strategic partnerships with state enterprise agencies, leverage the state’s technological capabilities, and support program management of enterprise information technology initiatives, as well as provide advisory support and recommend best practices to optimize outcomes.
Long-term technology strategies to support the state’s goals and objectives would further be developed through the CTO, while the role would require managing relationships with technology vendors, service providers, negotiating contracts, and ensuring compliance with agreements.
The CTO would oversee technology projects that have a projected cost of $10 million or more to ensure they are completed on time and within budget, while fostering a skilled technology workforce within the state government to provide training and professional development opportunities. The CTO would be exempted from the Career Service System.
The legislation further aims to support better coordination between agencies and local governments by consolidating incident reports and providing updates to the governor, the Legislature, and the Florida Cybersecurity Advisory Council. If passed, the bill would take effect July 1.
