Budget Amendment ID: FY2019-S4-379

GOV 379

Vendor Cyber Insurance

Messrs. Tarr, O'Connor and Fattman moved that the proposed new text be amended in section 2, Chapter 30B of the General Laws, as appearing in the 2016 Official Edition, is hereby amended by inserting after section 23 the following new section:-

Section 24. Any state agency procuring information technology goods or services shall give preference to vendors which carry cybersecurity insurance, or to such vendors who have implemented cybersecurity measures, such as, but not limited to, ransomware prevention software, phishing prevention tools, multi-factor authentication procedures, and other cybersecurity measures as outlined by the framework for improving critical infrastructure cybersecurity by the national institute of standards and technology. This section shall not be construed to preclude vendors without cybersecurity insurance from submitting solicitations to the state or being awarded bids by the state for information technology goods or services.”.