§ 42-7-9. Cybersecurity incident response group.
(a) The governor shall establish a cybersecurity incident response group, which shall include the superintendent of the Rhode Island state police, or designee; the adjutant general of the Rhode Island national guard, or designee; the director of the Rhode Island division of information technology, or designee; the director of the Rhode Island emergency management agency, or designee; the executive director of the Rhode Island League of Cities and Towns, or designee; and the secretary of state, or designee.
(b) The cybersecurity incident response group shall:
(1) Establish communication protocols in the event of a breach of cybersecurity in any agency or public body. The protocols shall include, but not be limited to:
(i) A list of potential cybersecurity breaches that would require reporting;
(ii) State and local entities covered within the communication plan;
(iii) Mechanisms to communicate a cybersecurity breach in a timely manner to members of the public and other relevant parties who may be affected by the breach; and
(iv) Primary contact at each agency or public body.
(c) The cybersecurity incident response group shall also establish long-term policy planning and goals for the state and municipalities regarding evolving cybersecurity threats and how to address them in a coordinated manner.
(d) The cybersecurity incident response group shall be subject to chapter 46 of this title (open meetings) and chapter 2 of title 38 (access to public records).
History of Section.
P.L. 2022, ch. 59, § 3, effective June 15, 2022; P.L. 2022, ch. 60, § 3, effective
June 15, 2022.