Cybersecurity Association Legislative Updates - 02.26.2024

image-20240307093513-1

Last week, we hosted our annual Legislative Reception for legislators, government IT leaders, and cyber executives of Maryland-based companies. Cybersecurity Association Board Member Ted Pibil, ePlus, Inc., hosted an enlightening conversation with: Nishant Shah (State of Maryland), Greg Rogers (Maryland Department of IT), Damian Doyle (UMBC), and Kathryn Poff (Calvert County).

The resounding message from the panel - artificial intelligence is powerfully revolutionizing the cybersecurity workforce, economic development opportunities, security operations, and data security. Many of our state and local IT agencies are working in multidisciplinary teams to deploy solutions that are transforming the way our government works. Instead of broad regulation, we need public-private partnerships to study the impact of AI on government and the private sector. Excessive regulation will restrict innovation. 

We were privileged to have Comptroller Brooke Lierman and Senator J.B. Jennings share their vision and perspective on where Maryland is headed with tech and cyber.

Thank you to our generous sponsors, Varonis, ePlus, Inc., Cisco, and the Maryland Department of Commerce for making this event a grand success!


Last week, we also provided oral testimony in support of SB 982, augmenting Maryland's IT modernization efforts through key strategies:
•    Creates a non-lapsing Information Technology Investment Fund to finance legacy system assessments and replacements. 
•    Expands the duties of the Modernize Maryland Oversight Commission to focus on best practices for modernization and providing recommendations to government units and the legislature.
•    Exempts IT modernization projects from approval by the Board of Public Works, streamlining the process and reducing friction in the modernization process. 
•    Requires the Secretary of Information Technology to develop a State Modernization Plan and a strategy for centralizing IT management to reduce costs and unnecessary redundancies.

We anticipate that a version of this Bill that incorporates aspects of the departmental Bill will be passed.


This week, we plan to provide oral testimony in support of SB 692, establishing a workgroup that will examine data security issues and make recommendations for improved data protection within Maryland state and local government agencies. Recent cyberattacks on Maryland agencies, schools, and municipalities highlight the need for stronger data security measures.

The workgroup will include representatives from: the Maryland General Assembly; state government agencies focused on IT, emergency management, and data security; local government associations (counties and municipalities); Maryland higher education institutions; and Cybersecurity Association and cybersecurity associations and private companies. The ultimate activity will include developing recommendations and assess the cost of implementing standards related to data protection, data inventory practices, limiting user access to sensitive data, monitoring for threats, and notifying citizens when data breaches occur.

Robust data security including strong cybersecurity measures like encryption, access controls, and regular security audits are crucial to protect data from unauthorized access, a significant concern when it comes to AI.

Additionally, we will be opposing HB 1294, which defunds the Buy Maryland Cybersecurity Tax Credit and makes AI tools taxable. The Buy Maryland Cybersecurity Tax Credit is a powerful tool for small businesses to invest in cybersecurity measures and supports economic stimulation for Maryland-based companies.