HB425 (2021) Detail

(New Title) establishing technical committees and a cybersecurity advisory committee in the department of information technology


HB 425-FN - AS AMENDED BY THE HOUSE

 

24Feb2021... 0027h

2021 SESSION

21-0546

05/08

 

HOUSE BILL 425-FN

 

AN ACT establishing technical committees and a cybersecurity  advisory committee in the department of information technology.

 

SPONSORS: Rep. L. Ober, Hills. 37

 

COMMITTEE: Executive Departments and Administration

 

-----------------------------------------------------------------

 

AMENDED ANALYSIS

 

This bill establishes certain technical committees and a cybersecurity advisory committee in the department of information technology.

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 

Explanation: Matter added to current law appears in bold italics.

Matter removed from current law appears [in brackets and struckthrough.]

Matter which is either (a) all new or (b) repealed and reenacted appears in regular type.

24Feb2021... 0027h 21-0546

05/08

 

STATE OF NEW HAMPSHIRE

 

In the Year of Our Lord Two Thousand Twenty One

 

AN ACT establishing technical committees and a cybersecurity  advisory committee in the department of information technology.

 

Be it Enacted by the Senate and House of Representatives in General Court convened:

 

1  New Paragraphs; Department of Information Technology; Technical Committees.  Amend RSA 21-R:7 by inserting after paragraph VI the following new paragraphs:

VII.  Cyber security.

VIII.  Cloud technologies or strategies.

2  New Section; Cyber security Advisory Committee.  Amend RSA 21-R by inserting after section 15 the following new section:

21-R:16  Cybersecurity Advisory Committee

I.  There is hereby established the cybersecurity advisory committee (CAC) which shall be chaired by the chief information security officer.

II.  The committee shall advise the commissioner or the commissioner's designee on cybersecurity concerns, promote awareness, develop effective policies and solutions, and obtain consensus on enterprise-wide initiatives that advance the cybersecurity of information assets and technology resources.

III.  All executive departments and agencies shall identify and appoint an employee with cybersecurity responsibilities to spearhead agency cybersecurity matters including information security, confidentiality, privacy, and regulatory compliance, and to represent the agency on the CAC.  Contributors to the CAC may include representatives with cybersecurity responsibilities from the New Hampshire National Guard, New Hampshire political subdivisions, academic institutions, and select private industry representatives as identified by the CAC.

3  Effective Date.  This act shall take effect July 1, 2021.

 

LBA

21-0546

1/6/21

 

HB 425-FN- FISCAL NOTE

AS INTRODUCED

 

AN ACT establishing the position of chief information security officer and deputy chief information security officer in the department of information technology.

 

FISCAL IMPACT:      [ X ] State              [    ] County               [    ] Local              [    ] None

 

 

 

Estimated Increase / (Decrease)

STATE:

FY 2021

FY 2022

FY 2023

FY 2024

   Appropriation

$0

Indeterminable

Indeterminable

Indeterminable

   Revenue

$0

$0

$0

$0

   Expenditures

$0

Indeterminable

Indeterminable

Indeterminable

Funding Source:

  [ X ] General            [    ] Education            [    ] Highway           [ X ] Other

 

METHODOLOGY:

This bill establishes the position of chief information security officer and deputy chief information security officer in the department of information technology.  The commissioner of the department of information technology shall appoint a chief information security officer (CISO) and a deputy CISO with the advice and consent of the information technology council, established in RSA 21-R:6, and the director of homeland security and emergency management. The salaries for these unclassified positions shall be determined after assessment and review of the appropriate temporary letter grade allocation in RSA 94:1-a, I(b), which shall be conducted pursuant to RSA 94:1-d and RSA 14:14-c.  

 

The unclassified positions of chief information security officer and deputy chief information security officer currently exist and are fully funded, but are subject to a different appointment process.  Because the bill does not transfer existing appropriations and abolish the existing positions, the legislation creates duplicative positions.

 

AGENCIES CONTACTED:

Department of Information Technology

 

Links

HB425 at GenCourtMobile
HB425 Discussion

Action Dates

Date Body Type
Feb. 1, 2021 House Hearing
House Floor Vote

Bill Text Revisions

HB425 Revision: 32128 Date: Feb. 26, 2021, 9:47 a.m.
HB425 Revision: 31735 Date: Jan. 10, 2021, 10:27 a.m.

Docket


Feb. 24, 2021: Referred to Finance 02/24/2021


Feb. 24, 2021: Ought to Pass with Amendment 2021-0027h: MA VV 02/24/2021


Feb. 24, 2021: Amendment # 2021-0027h: AA VV 02/24/2021


: Committee Report: Ought to Pass with Amendment # 2021-0027h (Vote 17-0; RC) HC 12 P. 20


Feb. 1, 2021: Public Hearing: 02/01/2021 09:15 am Members of the public may attend using the following link: To join the webinar: https://zoom.us/j/94106022547 / Executive session on pending legislation may be held throughout the day (time permitting) from the time the committee is initially convened.


Jan. 6, 2021: Introduced (in recess of) 01/06/2021 and referred to Executive Departments and Administration HJ 2 P. 47