This bill mandates the secretary of state to establish a public vulnerability disclosure program for election systems, enhancing the security of voter registration and election processes. The new legal language inserted into RSA 652:23 outlines the responsibilities of the secretary of state as the chief election officer, including the implementation of the vulnerability disclosure program within 180 days of the bill's effective date. The program is required to align with the guidelines from the Cybersecurity and Infrastructure Security Agency, covering all relevant information technology systems, such as the centralized voter registration database and user interfaces for various election stakeholders.

Additionally, the bill amends RSA 21-R:16 to assign oversight of the vulnerability disclosure program to the cybersecurity advisory committee. This new paragraph emphasizes the committee's role in ensuring the program's effectiveness and compliance with established security standards. The act is set to take effect immediately upon passage, reflecting a proactive approach to safeguarding election integrity through enhanced cybersecurity measures.

Statutes affected:
Introduced: 652:23, 21-R:16