WeVote

Bill

Bill

H 560

An act relating to the Cybersecurity Advisory Council

2025-2026 Regular Session Introduced by Kathleen James and 2 co-sponsors

Establishes and empowers a Cybersecurity Advisory Council to develop standards, coordinate incident response, and guide Vermont’s cyber policy across agencies and critical infrastr

Read first time and referred to the Committee on Energy and Digital Infrastructure
0
WeVote Research Nonpartisan
Bill Summary · H 560

Overview

H.560 (2025-2026) of Vermont proposes changes related to the state's Cybersecurity Advisory Council. The bill aims to clarify the Council’s duties, structure, and authorities to strengthen Vermont’s cybersecurity posture across state government, critical infrastructure, and other relevant sectors.

Purpose and intent

  • Establish or refine the responsibilities of the Cybersecurity Advisory Council to better coordinate cybersecurity efforts within Vermont.
  • Enhance collaboration among state agencies, private sector partners, and other stakeholders in addressing cyber threats.
  • Provide a formal mechanism for guidance, policy development, and incident response coordination.

Key provisions and changes

  • Council composition and governance: The bill outlines who serves on the Cybersecurity Advisory Council, including possible membership from state agencies, the private sector, and other partners. It may specify terms, leadership roles, and advisory functions.
  • Roles and duties: The Council’s core duties likely include advising on cybersecurity policy, risk management practices, incident response planning, and cybersecurity workforce development.
  • Policy and standards: Provisions may authorize the Council to develop or recommend standards, best practices, and statewide cybersecurity guidance for state agencies and critical infrastructure.
  • Incident response and coordination: The bill may establish or reinforce processes for coordinating responses to cyber incidents, including information sharing protocols and coordination with law enforcement or federal partners.
  • Reporting and accountability: The Council could be required to publish annual or periodic reports on cybersecurity posture, threats, initiatives, and budget considerations.
  • Funding and resources: The bill may authorize funding for the Council’s operations, programs, and any required technology or personnel.
  • Interagency collaboration: Expect language promoting collaboration with other Vermont agencies (e.g., Department of Public Safety, Agency of Digital Services) and with external partners.

Who is affected

  • State government agencies: Increased guidance, standards, and potential coordination requirements.
  • Critical infrastructure sectors: Possible inclusion in guidance and incident coordination efforts.
  • Private sector and organizations partnering with the state: Opportunities for participation on the Council or adherence to recommended practices.
  • General public: Indirect impact through improved cybersecurity resilience and incident response.

Procedural and timeline aspects

  • Introduction and referral: The bill was read for the first time and referred to the Committee on Energy and Digital Infrastructure on January 6, 2026.
  • Next steps: The committee would consider, amend, and potentially advance the bill before a full chamber vote. If enacted, the provisions would take effect on a date specified within the act or upon the bill’s passage.

Potential impact highlights

  • Enhanced coordination: A formalized Cybersecurity Advisory Council could improve cross-agency and public-private collaboration on cyber risk management.
  • Standardization: Adoption of statewide cybersecurity standards could raise security baselines for state operations and critical infrastructure.
  • Transparency: Regular reporting could improve visibility into Vermont’s cyber threats and mitigation efforts.
  • Resource allocation: Clarified funding and responsibilities may lead to more strategic use of resources in cybersecurity initiatives.

Note: This summary reflects the bill’s stated focus and typical components of similar cybersecurity advisory legislation. For precise language, definitions, and any amendments, consulting the official bill text and subsequent amendments from the Vermont General Assembly is recommended.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.