WeVote

Bill

Bill

A 426

Relates to procurement requirements for end point device security

2025 Regular Session Introduced by Steve Otis

Bill A 426 mandates state agencies to procure only secure endpoint devices, enhancing cybersecurity and protecting sensitive data from cyber threats.

SIGNED CHAP.12
0
WeVote Research Nonpartisan
Bill Summary · A 426

Summary of Bill A 426: Procurement Requirements for Endpoint Device Security

Bill Overview

  • Bill Number: A 426
  • Title: Relates to procurement requirements for endpoint device security
  • Status: Signed into law as Chapter 12
  • Introduced On: January 8, 2025

Purpose and Intent

The primary purpose of Bill A 426 is to enhance the security of endpoint devices used by state agencies and other public entities. With the increasing reliance on technology and the growing threat of cyberattacks, this legislation aims to establish stringent procurement requirements that ensure only secure and compliant devices are acquired.

Key Provisions

  1. Procurement Standards:

    • The bill mandates that all endpoint devices purchased by state agencies must meet specific security standards. These standards will be defined by the relevant state authorities and are intended to mitigate risks associated with cyber vulnerabilities.
  2. Compliance Verification:

    • Vendors seeking to supply endpoint devices must provide proof of compliance with the established security standards. This may include certifications or documentation demonstrating that the devices have been tested for security vulnerabilities.
  3. Regular Updates:

    • The legislation requires that the security standards be reviewed and updated regularly to keep pace with evolving cybersecurity threats and technological advancements.
  4. Training and Awareness:

    • Agencies will be required to implement training programs for personnel on the importance of endpoint security and the proper use of devices to minimize risks.

Affected Parties

  • State Agencies: All state departments and agencies will be directly impacted as they will need to adhere to the new procurement requirements.
  • Vendors and Suppliers: Companies that provide endpoint devices will need to ensure their products meet the new security standards to be eligible for state contracts.
  • Public Sector Employees: Employees using these devices will benefit from enhanced security measures, reducing the risk of data breaches and cyber incidents.

Legislative Timeline

  • January 8, 2025: Bill introduced and referred to the Committee on Science and Technology.
  • January 28, 2025: Reported and referred to Rules; ordered to third reading.
  • February 3, 2025: Passed in the Assembly and delivered to the Senate.
  • February 11, 2025: Passed in the Senate; returned to the Assembly and substituted for companion bill S 2671.
  • February 12, 2025: Delivered to the Governor.
  • February 14, 2025: Signed into law as Chapter 12.

Conclusion

Bill A 426 represents a significant step towards improving cybersecurity within state agencies by establishing rigorous procurement requirements for endpoint devices. By ensuring that only secure devices are acquired, the legislation aims to protect sensitive information and enhance the overall security posture of public sector operations.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.