The bill aims to strengthen Florida's cybersecurity framework by amending various sections of the Florida Statutes. It introduces new positions, including a state chief technology officer and chief information security officers within state agencies, and establishes their associated salaries and benefits. The Florida Digital Service will lead enterprise IT and cybersecurity efforts, oversee high-cost IT projects exceeding $25 million, and provide quarterly reports on high-risk projects. Additionally, the bill mandates prompt reporting of ransomware and cybersecurity incidents by state agencies and outlines the responsibilities of the Cybersecurity Operations Center in managing these incidents.

Key amendments include raising the threshold for notifying the Florida Digital Service of planned IT procurements from $10 million to $25 million, establishing a streamlined notification process for cybersecurity incidents, and requiring the Florida Center for Cybersecurity to conduct annual risk assessments of the state's critical infrastructure. The bill also deletes previous reporting requirements to the Cybercrime Office and local sheriffs, replacing them with a more efficient process through the Cybersecurity Operations Center. Furthermore, it adds a local government representative to the Florida Cybersecurity Advisory Council and mandates that findings from risk assessments be reported to state leadership starting January 31, 2026. The act is set to take effect on July 1, 2025.

Statutes affected:
S 1536 Filed: 110.205, 282.00515, 282.319