HARRISBURG – With cyber threats continuing to rise, Sen. Kristin Phillips-Hill (R-York) has introduced a legislative package to bolster Pennsylvania’s information technology (IT) security, protect state assets, and prevent data breaches. These proposals align the Commonwealth with industry best practices, ensuring a proactive defense against cyberattacks.
“Cyber threats are escalating, and Pennsylvania must act now to safeguard personal data and critical systems,” Phillips-Hill said. “These bills will strengthen cybersecurity measures, enhance oversight, and improve government responsiveness to digital threats.”
Key Legislative Measures:
Requiring NIST Standards for IT Contracts: Ensures all state IT procurements meet federal cybersecurity standards, reducing vulnerabilities, and strengthening security.
Elevating the Commonwealth’s Chief Information Officer (CIO): Establishes the CIO as a cabinet-level position to enhance coordination and efficiency in IT security and infrastructure management.
Strengthening State Cybersecurity: Mandates updated security standards, biannual audits by leading cybersecurity firms, and the creation of a bipartisan cybersecurity committee to provide ongoing oversight and policy recommendations.
Safeguarding Against Ransomware Attacks: Criminalizes ransomware possession and use, prohibits state agencies from paying ransom demands, and ensures robust recovery protocols are in place.
Banning TikTok on State-Owned Devices: Prohibits state devices and networks from using and accessing TikTok due to national security concerns, aligning Pennsylvania with 39 other states and federal policy, as well as a policy instituted by Pennsylvania Treasurer Stacy Garrity.
“We cannot afford to be reactive on cybersecurity. These bills take a decisive, proactive approach to protecting taxpayer dollars, personal information, and the Commonwealth’s IT infrastructure,” Phillips-Hill added.
Phillips-Hill’s legislative package reflects a commitment to protecting Pennsylvania from emerging cyber threats and ensuring the state is a leader in digital security. By implementing these critical reforms, Pennsylvania can safeguard its infrastructure, enhance public trust, and prevent costly breaches before they occur.
The legislation will be referred to standing committees in the Senate for further consideration.