Md. cybersecurity bill would create defense plan for local agencies

ANNAPOLIS, Md. — A new Maryland bill would ask the state’s Department of Information Technology to develop a baseline plan for localities within the state to help battle cyber attacks.

Senate bill 120, introduced by Sen. Susan Lee, D-Montgomery, would give the Maryland Department of Information Technology the expanded responsibility of developing a cybersecurity strategy and helping agencies within the state implement it at their discretion.

Under current law, the Department of Information Technology oversees the defense of state systems, but not that of counties, school districts and other similar entities. Having a sample plan in place could be beneficial in preventing future attacks that disrupted the likes of the city of Baltimore and Salisbury Police Department recently and cost millions in reparations.

The legislation does not mandate significant increases in expenditures by the state or local governments, but rather leaves it up to each entity to potentially implement the plan, according to Lee.

This Maryland bill follows a 2019 North Dakota law that added the same provisions and power to its state Information Technology department.



The main point of this bill is to simply draw up guidance and advice for those around the state to be able to help prepare themselves brace for potential attacks, Lee told Capital News Service.

During a Senate Education, Health, and Environmental Affairs Committee hearing on Jan. 14, Lee compared this plan to having a fire extinguisher for protection and to prevent a possibly worse situation.

“Today we have to prepare for and respond to digital fires … upfront rather than scrambling on the back end,” Lee said during the hearing.

Senate committee members responded favorably toward the bill, but looked to generate tighter language to define the tasks this bill sets forward.

Delegate Ned Carey, D-Anne Arundel, has cross-filed this bill in the House — along with three co-sponsors — and said he believes it should receive bipartisan support due to the well-known threat that professional hackers pose.

“The bill is intended to help,” Carey said. “We’re going to work hard to make sure this bill succeeds.”

Carey’s legislation, House bill 235, was heard by the Health and Government Operations Committee on Tuesday afternoon.

Federal News Network Logo
Log in to your WTOP account for notifications and alerts customized for you.

Sign up