Why does the General Assembly need to exercise greater oversight on the Commonwealth's IT and cybersecurity infrastructure? Here are some headlines on issues we KNOW about which have cost taxpayers around $1 billion in government waste and jeopardized our citizens' personal information:
Pa. terminates $170 million project with IBM over failure to deliver computer system it promised Pa. terminates $170 million project with IBM over failure to deliver computer system it promised - pennlive.com Shapiro Administration Cancels $10.7 Million Contract for PA Voter Roll System Upgrade Shapiro Administration Cancels $10.7 Million Contract for PA Voter Roll System Upgrade - BCTV Thousands of records mistakenly deleted from Pa. state government computer servers Thousands of records mistakenly deleted from Pa. state government computer servers - pennlive.com After sinking $810 million into failed radio system, senators look for guarantee new system will work After sinking $810 million into failed radio system, senators look for guarantee new system will work - pennlive.com Vendor That Mishandled Pennsylvania Virus Data to Pay $2.7 Million in Federal Whistleblower Case Vendor That Mishandled Pennsylvania Virus Data to Pay $2.7 Million in Federal Whistleblower Case Cyberattack on Pennsylvania courts didn’t appear to compromise data, officials say Cyberattack on Pennsylvania courts didn't appear to compromise data, officials say | AP News Under the bill, Office of Information and Technology (OIT) is given the broad necessary powers to consolidate and oversee all IT systems and contracts within the executive branch. These powers include:
- Consolidation of all IT functions, powers, duties, infrastructure, and support services in state agencies under the governor’s jurisdiction.
- Assist in the development and review the strategic plans of state agencies for handling IT
- Identify and make recommendations on which services are common and can be shared throughout state government
- Supervise and manage the procurement of all IT services
- Serve as the liaison between state agencies and IT contractors
- Establish standards and policies for IT procurement and cybersecurity
- Establish and maintain a comprehensive IT Portal for all state agencies
- Oversee and manage all state agency contracts regarding IT
Equally important to the IT consolidation within the bill, is the improvements made to the commonwealth’s cybersecurity capabilities. As cyber-attacks within the United States from hackers or hostile nations continue to increase, the commonwealth must begin to update our security. The director is also required to develop a two-year schedule to test the cybersecurity capabilities of all state agencies which are to be paid for by the respective agency. These cybersecurity audits/assessments are to be performed by a nationally recognized organization in the field of cybersecurity.
The bill also establishes a committee including each branch of government and their IT staff to collaborate on how to handle future cybersecurity threats. The bill further provides for the Pennsylvania Statewide Radio Network.
Statutes/Laws affected: Printer's No. 2686 (Dec 09, 2025): P.L.491, No.45
Printer's No. 2725 (Dec 18, 2025): P.L.491, No.45