House Bill 1293 amends various sections of Florida Statutes to enhance the state's cybersecurity framework and improve the management of information technology resources. The bill introduces new definitions such as "as a service," "cloud provider," and "enterprise digital data," clarifying the roles of state agencies in cybersecurity and IT management. It designates the Florida Digital Service as the leader in enterprise IT and cybersecurity efforts, requiring state agencies to report any IT projects costing $25 million or more to ensure compliance with established standards. Additionally, the bill establishes a Cybersecurity Operations Center and mandates that state agencies report ransomware and cybersecurity incidents within specified timeframes, emphasizing the importance of confidentiality for sensitive data.

Key amendments include the increase of the IT project cost threshold requiring oversight from $10 million to $25 million and the introduction of a comprehensive cybersecurity strategic plan. The bill also revises incident notification requirements for local governments, reducing the reporting time for ransomware and severe cybersecurity incidents to 6 and 12 hours, respectively. Furthermore, the Florida Cybersecurity Advisory Council's membership is expanded to include representatives from local government and utility providers, ensuring broader representation of critical infrastructure sectors. The act is set to take effect on July 1, 2025.

Statutes affected:
H 1293 Filed: 282.00515, 282.319