The bill amends the Cybersecurity Act to update the definitions, structure, and responsibilities of the Cybersecurity Office and the Cybersecurity Advisory Committee in New Mexico. Key changes include the creation of the "office of cybersecurity," which will be managed by the state chief information security officer, and the establishment of new definitions related to cybersecurity, information security, and information technology. The office will oversee cybersecurity functions for state agencies, develop minimum security standards, and create a centralized reporting process for cybersecurity incidents.

Additionally, the membership and duties of the Cybersecurity Advisory Committee are revised. The committee will now include a broader range of representatives, including appointees from the New Mexico association of counties and the municipal league, and will have the authority to assist in developing a statewide cybersecurity plan and guidelines for best practices. The committee will also be responsible for reporting on the status of cybersecurity preparedness to legislative committees and the governor, with the first report due by November 30, 2023. The bill emphasizes the importance of collaboration among various governmental entities to enhance cybersecurity measures across the state.

Statutes affected:
introduced version: 9-27A-3, 9-27A-5
RU substitute: 9-27A-2, 9-27A-3, 9-27A-5