Bill Text: NY A02833 | 2023-2024 | General Assembly | Introduced

Bill Title: Directs that state agencies require that procurement of personal computing goods, services and solutions meet the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

Spectrum: Slight Partisan Bill (Democrat 2-1)

Status: (Passed) 2024-12-21 - approval memo.50 [A02833 Detail]

Download: New_York-2023-A02833-Introduced.html




                STATE OF NEW YORK
        ________________________________________________________________________

                                          2833

                               2023-2024 Regular Sessions

                   IN ASSEMBLY

                                    January 27, 2023
                                       ___________

        Introduced  by  M. of A. OTIS -- read once and referred to the Committee
          on Science and Technology

        AN ACT to amend the  state  finance  law,  in  relation  to  procurement
          requirements for end point device security

          The  People of the State of New York, represented in Senate and Assem-
        bly, do enact as follows:

     1    Section 1. Section 165 of the state finance law is amended by adding a
     2  new subdivision 9 to read as follows:
     3    9. End point device security. (a) For the purposes of this subdivision
     4  "end point device" shall mean  personal  computing  goods  that  include
     5  desktops,  laptops, all-in-ones, tablets, mobile or cellular telephones,
     6  thin clients, and monitors of various sizes; printers;  and  multi-func-
     7  tional devices that include imaging devices that combine operations such
     8  as copying, printing, scanning and faxing into one machine.
     9    (b)  The commissioner and all state agencies, when procuring end point
    10  devices, shall require those devices, services and solutions to meet the
    11  National Institute of  Standards  and  Technology  (NIST)  Cybersecurity
    12  Framework.
    13    (c)  Within  one  year  of  adoption of any amendments to the security
    14  standards and guidelines referenced in paragraph (b) of this subdivision
    15  the commissioner and each state agency  shall  update  their  end  point
    16  device procurement requirements.
    17    §  2.  This  act shall take effect on the ninetieth day after it shall
    18  have become a law.



         EXPLANATION--Matter in italics (underscored) is new; matter in brackets
                              [ ] is old law to be omitted.
                                                                   LBD07739-01-3

LegiScan Search

View Top 50 Searches

Select area of search.
Find an exact bill number.
Search bill text and data. [help]
Reset

LegiScan Trends

View Top 50 National

VA HB2509 Virginia Clean Energy Innovation Board established
VA HB2537 Electric utilities; energy storage requirements; Department of Energy and...
NJ S1029 Prohibits sale, distribution, import, export or propagation of certain...
NY S01537 Relates to maintaining the continued viability of the state's existing...
VA SB973 Pilot program; electric generation from captured waste mine methane; renewable...
US HB238 To amend the Federal Food, Drug, and Cosmetic Act to clarify that artificial...
VA HB2365 Electric utilities; renewable energy portfolio standard program; zero-carbon...
MS HB496 Divorce; authorize where marriage is irretrievably broken.
NY A01035 Prohibits the use of social media websites for the purposes of debt co...
VA HB2437 Utility Facilities Act; definition of public utility.
feedback