HARRISBURG – Following a recent cyberattack on the Pennsylvania court system, the Senate approved legislation spearheaded by Sen. Phillips-Hill (R-York) to fortify the cybersecurity defenses of Pennsylvania’s information technology (IT) contracts. With cyberattacks increasing on state government, this crucial legislation would set cybersecurity standards for IT procurement within state government.
Multiple state agencies have been subject to cyberattacks and data breaches, which are a significant risk to the valuable data of every Pennsylvanian. Phillips-Hill points to these instances impacting the Department of Labor and Industry, Department of Human Services, Department of Education, Department of Health and, most recently, the Pennsylvania court system. These incidents underscore the urgent need for enhanced cybersecurity measures to shield the sensitive data of every Pennsylvanian.
“Pennsylvania must showcase its ability to stand resilient against adversaries launching relentless cyberattacks. To achieve this, we must utilize the best tools and procedures available on the market,” Phillips-Hill said, highlighting the legislation’s focus on adopting gold-standard cybersecurity practices.
Phillips-Hill emphasizes that cybersecurity should be integral to every computer hardware purchase decision made by state government. The legislation mandates that any acquisition of computer hardware by the state must adhere to the National Institute of Standards and Technology (NIST) guidelines for computer security. NIST’s comprehensive approach includes standards, guidelines, and best practices to effectively manage cybersecurity-related risks, aligning with the practices adopted by the U.S. Government in all its IT procurements.
Senate Bill 745 is now pending further consideration in the House of Representatives.