Cybersecurity 2025 Legislation

Technology

The widespread adoption of remote work, increasing reliance on e-commerce and growing sophistication of cybercriminals using tools like artificial intelligence means the risk of cyberattacks remains high for government and businesses. Increasingly, many aspects of daily life are conducted online and via digital applications. For example, the use of popular social media apps owned by countries that collect large amounts of data from U.S. consumers has raised national security concerns. Cybersecurity threats like ransomware attacks continue to affect businesses, health care organizations, educational institutions, and government agencies. These incidents impose costs on and can even shut down operations in government, schools and colleges, and businesses.  

State legislatures focused on cybersecurity concerns in many ways in 2025, as detailed below.  

Forty-eight states and Puerto Rico introduced or considered more than 500 bills or resolutions that deal significantly with cybersecurity. At least nineteen states enacted at least 28 bills and adopted at least fifteen resolutions in 2025, as indicated in boldface in the table below. Examples of those actions include:

Arkansas enacted legislation which requires the Division of Information Systems to establish and maintain policies to ensure the security of state information aligned with standards developed by the State Cybersecurity Office.
Hawaii adopted a resolution which requests the Department of Education and University of Hawaii to assess the criteria required to establish an educational pipeline and curriculum to ensure that students acquire the necessary skills in advanced manufacturing and cybersecurity.
Hawaii adopted a resolution which requests the state Technology Development Corporation to increase its focus on advanced manufacturing and cybersecurity to build a stronger, diversified economy, create high-wage job opportunities and position Hawaii as a leader in innovation and national security in the Pacific.
Idaho enacted legislation that requires the Office of Information Technology Services to ensure that all state agencies implement and maintain cybersecurity best practices, such as requiring all state agencies to implement and use multifactor identification to access information technology devices or services.
Mississippi enacted legislation that establishes limits on claims paid due to cyber liability and other requirements related to cybersecurity insurance.
Montana enacted legislation which expands the workforce development program created under the Health and Economic Livelihood Partnership Act to include more occupations beyond entry-level cybersecurity analysts.
New York enacted legislation which amends procurement requirements for the purchase of end point devices to be in line with the National Institute of Standards and Technology Cybersecurity Framework, among other requirements.
New York enacted legislation that provides “assessment relief” to eligible properties following a major or local disaster after certain conditions are met.
New York enacted legislation that allows call centers for a gas or electric corporation to send customer assistance requests outside of such corporation state service territory or outside of the state in specified circumstances, including after a natural disaster, cyberattack, or temporary loss of internet or phone connection.
North Dakota enacted legislation that creates data security requirements for insurance producers.
Virginia enacted legislation that prohibits certain entities to use any hardware, software or services that have been prohibited by the U.S. Department of Homeland Security.
Virginia created a working group to evaluate cybersecurity of investor-owned electric utilities and electric cooperatives.
Virginia enacted legislation which creates new procurement requirements related to the purchase of school-issued devices to ensure the protection of student personal information and educational records.

Jurisdiction	Bill	Title	Status	Summary
Alabama	H 159	U.S. Space and Rocket Center Commission	To Governor	Changes the name of the State Space Science Exhibit Commission to the U.S. Space and Rocket Center Commission; provides that the commission may, among other things, create, maintain, and operate additional education programs in rocketry, space exploration, astronomy, aviation, aeronautics, robotics, computer programming, cybersecurity and any other topic deemed appropriate to fulfilling the educational mission and mandate of the U.S. Space and Rocket Center.
Alabama	H 170	Education Trust Fund	Pending	Relates to making supplemental appropriations for the fiscal year. Includes appropriations such as $600,000 for the FCC K-1 Cybersecurity Pilot Project and $1 million to the Alabama School of Cyber Technology and Engineering for one-time expenses for deferred maintenance and school safety.
Alabama	H 186	Expenses of the Executive	Pending	Relates to making appropriations for the ordinary expenses of the executive, legislative, and judicial agencies of the state, for other functions of government, for debt service, and for capital outlay for the fiscal year ending specific date. Includes cybersecurity appropriations. Requires the Office of Information Technology shall report semi-annually to the Chair of the House Ways and Means-General Fund Committee and the Chair of the Senate Finance and Taxation-General Fund Committee, Director of Finance and the Legislative Fiscal Officer on the status of the updates to the state’s cybersecurity system.
Alabama	H 207	State Government	Pending	Relates to office of Information Technology, duties expanded to include cybersecurity and tasks previously performed by Division of Data Systems Management and Telecommunications Division of the Department of Finance.
Alabama	H 332	Public Education	Pending	Relates to education, public kindergarten through grade 12 schools, completion of approved computer science course required.
Alabama	S 74	State Board of Education	Pending	Relates to requiring the state board of education to create a cyber safety education program; provides parameters for the curriculum of the program and the training of instructors; requires the state board to adopt rules and local boards of education to implement the program.
Alabama	S 112	Maintenance and Development	Pending	Relates to making appropriations for the support, maintenance and development of public education in state, for debt service, and for capital outlay for the fiscal year ending specific date. Includes cybersecurity appropriations such as to the Alabama Cyber Range and to improve cybersecurity.
Alabama	S 113	Education Trust Fund	Pending	Relates to making supplemental appropriations for the fiscal year ending specific date, from the Education Trust Fund to various agencies and entities in a total amount of specific amount. Includes appropriations such as $600.000 for the FCC K-1 Cybersecurity Pilot Project and $1 million to the Alabama School of Cyber Technology and Engineering for one-time expenses for deferred maintenance and school safety.
Alabama	S 148	Regular Session State General Fund	Pending	Relates to the FY25 Regular Session State General Fund. Includes cybersecurity appropriations. Requires the Office of Information Technology shall report semi-annually to the Chair of the House Ways and Means-General Fund Committee and the Chair of the Senate Finance and Taxation-General Fund Committee, Director of Finance and the Legislative Fiscal Officer on the status of the updates to the state’s cybersecurity system.
Alaska	S 2	Deepfake Disclosure	Pending	Relates to the disclosure of election-related deepfakes; relates to use of AI by state agencies; relates to the transfer of data about individuals between state agencies. Requires the head of a state agency that uses a system that employs generative AI for consequential decisions shall conduct an impact assessment of the system. An impact assessment must include, at a minimum, an analysis of the current and potential benefits, liability, and risks to the state from the system, including risks related to cybersecurity and intellectual property and any measures used to mitigate liability and risks.
Alaska	S 38	Office of Information Technology	Pending	Establishes the Office of Information Technology; relates to information technology projects undertaken by state agencies. Requirements include overseeing the development, implementation and enforcement of information technology security policies, standards and practices in all executive branch agencies, contractors of executive branch agencies, and third-party, information-sharing partners of executive branch agencies.
Alaska	S 64	Elections	Pending	Relates to elections; relates to voters; relates to voting; relates to voter preregistration for minors at least 16 years of age; relates to voter registration; relates to the Alaska Public Offices Commission; relates to synthetic media in electioneering communications; relates to campaign signs; relates to public official financial disclosures; relates to the crime of unlawful interference with voting in the first degree; provides for an effective date. Requires the lieutenant governor shall, by regulation, develop a cybersecurity program to defend the voter registration records kept by the division against cyberattacks and data breaches and enable the division to detect and recover from cyberattacks. The program must include cybersecurity training for election officials.
Alaska	S 139	Land Ownership	Pending	Relates to certain agreements having to do with critical infrastructure; relates to who may own or hold certain land; provides for an effective date. Prohibits a person, state agency, or political subdivision of the state may not enter into an agreement relating to a critical infrastructure facility in the state with a company if the company to directly or remotely access or control the facility or a cybersecurity system related to the facility under the agreement.
Arizona	H 2433	County Treasurers and Continuing Education	Pending	Provides that a county board of supervisors shall complete at least a specified number of hours of professional development trainings within a year after the date of the certification of their election; provides that a county governing board member who knowingly fails to complete professional development certification may be subject to a civil penalty; provides that continuing education topics shall include, among other things, fraud and abuse prevention and cybersecurity.
Arizona	H 2693	Genetic Sequencing and Insurance and Prohibition	Pending	Relates to genetic sequencing; relates to insurance; relates to prohibition. Requires health care institutions and research facilities that store genetic sequencing data, including through contracts with third-party data storage companies, shall ensure that the data is secured through reasonable encryption methods, restriction on access and other cybersecurity methods.
Arizona	H 2696	Critical Infrastructure and Foreign Adversary	Pending	Relates to critical infrastructure; relates to foreign adversary; relates to prohibition; relates to gas and oil production, storage or delivery systems, water supply refinement, storage or delivery systems, electrical power delivery systems, telecommunications networks, transportation systems and services and cybersecurity.
Arizona	H 2736	Cybersecurity and Data Encryption and Pilot Program	Pending	Relates to cybersecurity assessments, audits, requests, authorization and procedures.
Arizona	S 1027	Critical Telecommunications Infrastructure	Pending	Relates to critical telecommunications infrastructure; relates to construction requirements; relating to information technology; secures state's telecommunications grid and protect national security by eliminating telecommunications hardware and software from state's telecommunications grid that comes from countries of concern and sanctioned entities.
Arizona	S 1064	Voting and Equipment	Pending	Relates to voting; relates to equipment; relates to internet and custody; relates to violations. Requires the secretary of state to ensure that vote recording and vote tabulating machines and devices maintain operating systems in line with the United States Department of Homeland and Security Cybersecurity and Infrastructure Security Agency.
Arizona	S 1501	Grid Security and Cybersecurity	Pending	Relates to the power plant and transmission line siting committee. Requires the commission to conduct a grid security review which includes researching and evaluating the generation and grid management technologies that can protect against or withstand a physical attack or cyberattack. Requires each investor-owned public service corporation to update and submit the public service corporations cybersecurity and grid protection protocols to the commission for review.
Arkansas	H 1363	State Government	Enacted	Relates to the emergency relocation of the seat of government; provides that each unit of state and local government and each state agency that operates or maintains a website shall incorporate a machine readable privacy policy into each of its websites; relates to health disparities; provides that each state entity shall submit a cybersecurity policy to the state Cybersecurity Office; provides that the Department of Education shall develop a cybersecurity policy.
Arkansas	H 1443	Second Amendment Financial Privacy Act	Pending	Creates the second amendment financial privacy act; prohibits financial institutions and payment networks from using certain discriminatory practices; provides for enforcement of violations.
Arkansas	H 1466	Fair Mortgage Lending Act	Enacted	Amends the Fair Mortgage Lending Act; relates to a mortgage servicer solely owning or conducting reverse mortgage servicing, or both, or the reverse mortgage portfolio administered by a large mortgage servicer; relates to contractual right to service residential mortgage loans on behalf of the owner of the associated mortgage in exchange for specified compensation according to a servicing contract; provides that mortgage information is lawfully made available to the public. Requires a financial institution to develop, implement and maintain a comprehensive information security program.
Arkansas	H 1467	Uniform Money Services Act	Pending	Amends the Uniform Money Services Act; provides that the surety bond under subsection shall be in a form satisfactory to the Securities Commissioner and shall run to the State of Arkansas for the benefit of any claimants against the licensee to secure the faithful performance of the obligations of the licensee with respect to the receipt, handling, transmission, and payment of money in connection with money transmission. The commissioner has the discretion to require the applicant to obtain additional security coverage to address related cybersecurity risks inherent in the applicant's business model as it relates to virtual currency transmission and to the extent the risks are not within the scope of the required surety bond.
Arkansas	H 1548	Division of Information Systems	Enacted	Amends the law concerning the Division of Information Systems; abolishes the Data and Transparency Panel; provides that the division shall, among other things, oversee a statewide data program, evaluate and identify data that may be provided to the public, maintain and enhance a statewide shared services data hub for data sharing to link state information, and establish and maintain policies to ensure the security of state information in accordance with standards developed by the State Cybersecurity Office.
Arkansas	H 1549	State Cybersecurity	Pending	Creates the State Cybersecurity Act; defines cybersecurity as the practice of protecting a system, network, device and data from cyber threats, unauthorized access and malicious activities; involves a combination of technologies, processes, policies and practices designed to safeguard and ensure the confidentiality, integrity and availability of digital assets.
Arkansas	H 1557	Duties and Powers of the Division of Information System	Pending	Amends the duties and powers of the division of information systems concerning information technology.
Arkansas	H 1647	Division of Information Systems	Enacted	Amends the law concerning the Division of Information Systems; changes the name of the Division of Information Systems to Office of State Technology including in references to the Arkansas Cyber Response Board; declares an emergency.
Arkansas	H 1666	Self Funded Cyber Response	Pending	Amends the law concerning the state self-funded cyber response program.
Arkansas	H 1680	Foreign Party Controlled Business	Pending	Prevents a foreign party-controlled business from leasing land located within a 10-mile radius of critical infrastructure; prohibits a prohibited foreign party from holding an interest in real property or agricultural land in certain circumstances. Critical infrastructure includes a classified information storage system.
Arkansas	H 1821	Sustainable System of Property Insurance	Pending	Creates a more sustainable system of property insurance for public schools, institutions of higher education, and state-owned property; declares an emergency. Requires cybersecurity risks insurance for public elementary and secondary schools and a report to the State Insurance Department from each school district, education service cooperative or open-enrollment charter school to furnish a complete report of its cybersecurity risks insurance program.
Arkansas	S 147	Department of Transformation and Shared Services	Enacted	Provides that the state Code Revision Commission may change references to the Department of Transformation and Shared Services to the Department of Shared Administrative Services in reference to required cybersecurity requirements; provides that the Department of Shared Administrative Services shall assign one individual to serve as a technology liaison to the Division of Public School Academic Facilities and Transportation; provides that the Post Prison Transfer Board shall administer a mobile application that shall provide certain information.
Arkansas	S 227	Freedom of Information Act of 1967	Pending	Amends the Freedom of Information Act of 1967; amends the provisions of the Freedom of Information Act of 1967 concerning public meetings; provides that the public meeting is conducted in a manner that allows the public to attend and hear the governing body's meaningful discussion and deliberation. Creates exemptions for public meetings, including discussing how a governing body will respond to cybersecurity breach.
Arkansas	S 311	End Organ and Genomic Harvesting	Pending	Creates the end organ and genomic harvesting act; prohibits coverage of certain human organ transplant or post-transplant care; prohibits certain genetic sequencers and genetic analysis technologies. An entity is required to ensure the security of genetic sequencing data using reasonable encryption methods, restrictions on access, and other cybersecurity best practices if there is contracts with a third-party data storage company.
Arkansas	S 481	Sustainable System	Pending	Creates a more sustainable system of property insurance for public schools, state-supported institutions of higher education, and state-owned property; declares an emergency. Requires cybersecurity risks insurance for public elementary and secondary schools and a report to the State Insurance Department from each school district, education service cooperative or open-enrollment charter school to furnish a complete report of its cybersecurity risks insurance program.
California	A 227	Budget Act of 2025	Pending	Makes appropriations for the support of state government for the 2025-26 fiscal year. Includes cybersecurity appropriations. Appropriates $2 million to be used to establish and operate the Office of Elections Cybersecurity. Activities performed by the Office of Elections Cybersecurity are intended to be specific to elections and shall be designed to minimize overlap and in coordination with statewide cybersecurity efforts performed by the California Cybersecurity Integration Center.
California	A 236	Digital Financial Asset Businesses: Regulatory Fees	Pending	Relates to existing law that requires an applicant for a license under the Digital Financial Assets Law to submit the application with a nonrefundable fee in an amount determined by the Department of Financial Protection and Innovation to cover the reasonable costs of application review. Prohibits that fee from exceeding a specified amount. An application for a license under this division is required to provide a copy of the certificate, or a detailed summary acceptable to the department, of coverage for any liability, casualty, business interruption or cybersecurity insurance policy maintained by the applicant for itself, an executive officer, a responsible individual, or the applicant's users
California	A 370	California Public Records Act: Cyberattacks	Pending	Provides that existing law requires each agency, within a certain number of days of a request for a copy of records, to determine whether the request seeks copies of disclosable public records. Authorizes that time limit to be extended under unusual circumstances, including the inability of the agency, because of a cyberattack, to access its electronic servers or systems to search for and obtain a record that the agency believes is responsive to a request.
California	A 869	State Agencies: Information Security: Architecture	Pending	Requires every state agency, and subject to specified exceptions, to implement zero trust architecture for all data, hardware, software, internal systems and essential third-party software, including for on-premises, cloud, and hybrid environments, to achieve prescribed levels of maturity based on the Cybersecurity and Infrastructure Security Agency Maturity Model, as defined, by specified dates.
California	S 65	Budget Act of 2025	Pending	Makes appropriations for the support of state government for the 2025-2026 fiscal year. Include cybersecurity appropriations for the Office of Elections Cybersecurity, California Cybersecurity Integration Center, among others.
California	S 826	California Workforce Development Board: Port	Pending	Determines how to best mitigate national security, cybersecurity, workforce and economic impacts of automation at California seaports. Relates to the California Workforce Development Board. Relates to port automation.
Colorado	H 1193	Vote Transparency Protocol Act	Pending	Concerns the creation of the Vote Transparency Protocol Act which relates to election transparency and security.
Colorado	S 1	Voting Rights Act	Pending	Concerns the administration of elections; creates the state voting rights act. Requires the secretary of state to provide adequate technological security measures to prevent unauthorized access to voter-related records and must establish adequate and reasonable technological security requirements for the exchange or transfer of data.
Colorado	S 81	Treasurers Office	Pending	Concerns public financing; establishes the building urgent infrastructure and leveraging dollars authority, modifying the state public financing cash fund, and allowing the state treasurer to use a security token offering for state capital financing. Creates the Building Urgent Infrastructure and Leveraging Dollars Authority, which is responsible for maintaining physical and information security, among other tasks related to infrastructure projects.
Connecticut	H 6003	Election Inform	Pending	Requires the secretary of state to annually provide information on the activities, costs and benefits of the Election Information Security Analyst.
Connecticut	S 273	Cybersecurity Task Force	Failed	Establishes a Cybersecurity Task Force to ensure protection from cyberattacks and for the prevention of government, business and personal cyberattacks; requires a report on such study.
Connecticut	S 1189	Registration and Maintenance of Municipal Internet Web	Pending	Relates to provisions of any municipal charter, special act or home rule ordinance, each municipality shall register a .gov Internet top-level domain for such municipality with the Cybersecurity and Infrastructure Security Agency within the United States Department of Homeland Security.
Connecticut	S 1319	Cybersecurity Task Force	Pending	Establishes a cybersecurity task force.
District of Columbia	None
Florida	H 925	Threats From Foreign Nations	Pending	Provides directives and regulations regarding persons acting as agents of certain foreign principals from adversarial nations or foreign terrorist organization; exempts certain agents from specified requirements; provides duties of the attorney general with regard to such agents; provides criminal penalties for willful violations of specified provisions; requires state University System and state College System to adopt specified rules. To remain registered with the department to access critical infrastructure, a company must meet certain requirements. One of the requirements is to immediately report any cyberattack, security breach, or suspicious activity to the department. Creates and requires the Council on Pacific Conflict, to prepare an annual report on multiple areas, including a risk assessment on the state’s cybersecurity.
Florida	H 1183	Cybersecurity Incident Liability	Pending	Provides county, municipality, other political subdivision of state, covered entity or third-party agent that complies with certain requirements is not liable in connection with cybersecurity incident; requires covered entities and third-party agents to adopt revised frameworks, standards, laws, or regulations within specified time period; provides private cause of action is not established; provides certain failures are not evidence of negligence, do not constitute negligence per se, and cannot be used.
Florida	H 1203	Elections	Pending	Revises provisions relating to elections including election systems, election security, reconciliation, vote-by-mail, poll watchers, hotline, canvassing of votes, audits, ballots, identification, eligibility, secure ballot intake stations, early voting, and election crimes. Polling place procedures must include security procedures, including building security, physical port security and system cybersecurity.
Florida	H 1293	Cybersecurity	Pending	Revises duties of State Digital Service; requires state CIO, in consultation with Secretary of Management Services, to designate state chief technology officer; requires state agency and local government to report ransomware and cybersecurity incidents within certain time periods; requires Cybersecurity Operations Center to provide notifications and reports; requires state agency head to annually designate chief information security officer; revises membership of State Cybersecurity Advisory Council.
Florida	H 1337	Emergencies	Pending	Revises provisions related to emergencies including powers, duties, responsibilities of and funding for Division of Emergency Management and political subdivisions, medical care, special needs registry and shelters, planning, reporting, transportation of essentials, debris management and alternate power sources. Requires the Division of Emergency Management to assist political subdivisions in preparing and maintaining emergency management plans by developing a template for comprehensive emergency management plans, including natural disasters and cyberattacks.
Florida	H 1379	Cybersecurity Risks From Unmanned Aircraft Systems	Pending	Requires Florida Cybersecurity Advisory Council to specified risks and develop certain recommendations.
Florida	H 7013	Public Records	Pending	Concerns public records; concerns cybersecurity.
Florida	PCB 6013	Public Records	Pending	Concerns public records; concerns cybersecurity.
Florida	S 394	Elections	Pending	Requires the Department of State; adopts rules for minimum standards for security measures for electronic and electromechanical voting and other election systems; requires that a certain full supply chain analysis; conducts on specified components; revises the name of the Bureau of Voting Systems to the Bureau of Voting Systems and Other Election Systems; prohibits governing bodies from purchasing any other election system unless such system has been certified by the Department of State.
Florida	S 396	Elections	Pending	Requires the Department of State; adopts rules; relates to the security of certain voting procedures; authorizes political action committees and political committees; have poll watchers in polling rooms and early voting areas; requires that a certain audit; conducts after each election; requires a person; requests a vote-by-mail ballot; provides and attests to an allowed reason for such request; requires a supervisor of elections; verifies a certificate signature, a voter certificate envelope.
Florida	S 600	Manufacturing	Pending	Creates the Statewide Office of Manufacturing within the Department of Commerce for a certain purpose; requires that the office be headed by a Chief Manufacturing Officer appointed by and serving at the pleasure of the Secretary of Commerce; requires the department to biennially prepare a report regarding manufacturing efforts in this state; creates the Florida Manufacturers Workforce Development Grant Program. The grant program may be used to support small manufacturers in this state with the deployment of new technologies or cybersecurity infrastructure and to provide training support to the workforce.
Florida	S 770	Cybersecurity	Pending	Exempts the state chief technology officer from the Career Service System; requires the State Digital Service to support state agencies with the use of electronic credentials in compliance with specified standards; revises the standards and processes for assessing state agency cybersecurity risks of the Department of Management Services, acting through the State Digital Service; requires the Cybersecurity Operations Center to notify immediately the state chief information.
Florida	S 912	Threats From Foreign Nations	Pending	Prohibits a person from acting as a certain agent unless such person files a specified statement with the attorney general; requires an agent who has registered to periodically file supplements with the attorney general; provides criminal penalties for willful violations of specified provisions; creates the Florida Critical Infrastructure Protection Act; creates the Florida Secure Communications Act; creates the Pacific Conflict Stress Test. To remain registered with the department to access critical infrastructure, a company must meet certain requirements. One of the requirements is to immediately report any cyberattack, security breach, or suspicious activity to the department. Creates and requires the Council on Pacific Conflict to prepare an annual report on multiple areas, including a risk assessment on the state’s cybersecurity.
Florida	S 1216	Cybersecurity of Mortgage Brokers and Lenders	Pending	Requires licensees to develop and maintain a specified information security program; requires licensees to make a prompt investigation of a cybersecurity event that has occurred or may occur; requires licensees to provide a specified notice to the Office of Financial Regulation; revises the actions that constitute grounds for disciplinary actions for mortgage brokers and lenders and grounds for the issuance of a cease and desist order or removal order or the denial, suspension, or revocation of a license.
Florida	S 1532	Executive Branch	Pending	Revises policies regarding equal employment opportunity in state government; repeals a provision relating to utilization of minority business enterprises in contracts for public construction works; revises provisions governing preferences for Florida-based businesses in procurement; repeals a provision relating to the certification of minority business enterprises; authorizes the attorney general to bring a civil action against a vendor or affiliate that violates specified provisions. Allows each department head to designate a maximum of three cybersecurity positions as being exempt from the Career Service System.
Florida	S 1536	Cybersecurity	Pending	Revises the purposes for which the Florida Digital Service is established; provides that the Florida Digital Service is the lead entity for a certain purpose; requires a local government to report ransomware and certain cybersecurity incidents to the Cybersecurity Operations Center within certain time periods; revises the membership of the Florida Cybersecurity Advisory Council; requires the Florida Center for Cybersecurity at the University of South Florida to annually conduct certain comprehensive risk.
Florida	S 1566	Emergencies	Pending	Authorizes certain servicemembers to provide medical care in specified circumstances; authorizes the Division of Emergency Management to create certain local organizations in county constitutional offices; provides that the division has command and control of specified emergency management efforts; requires certain political subdivisions to publish specified information on publicly available websites. Requires the Division of Emergency Management to assist political subdivisions in preparing and maintaining emergency management plans by developing a template for comprehensive emergency management plans, including natural disasters and cyberattacks.
Florida	S 1656	Office of Insurance Regulation	Pending	Specifies that the Chief Financial Officer is the agent for service of process under certain circumstances for health maintenance organizations; deletes a provision relating to the charge and collection of the actual costs and expenses incurred by the office to review certain requests by the insurer; requires the Financial Services Commission to adopt rules to ensure the cybersecurity of consumers nonpublic insurance data.
Florida	S 1662	Transportation	Pending	Authorizes the Secretary of Transportation to appoint a specified number of assistant secretaries; creates the Florida Transportation Research Institute; requires the department to distribute a certain amount from the proceeds of a specified tax to the State Transportation Trust Fund for a specified purpose; requires seaports located in a specified county to include certain statements in any agreement with the department as a condition of receiving certain grants; relates to private airport. Requires a commercial service airport to notify the department as soon as is reasonably possible, but no later than 48 hours, after the discovery of a potential cybersecurity breach or other occurrence impacting the traveling public, a disruption in state aviation operations directly impacting multiple airports within this state, or an incident occurring on airport property which requires coordination with multiple local, state or federal agencies.
Florida	S 7020	Agency Cybersecurity Information	Pending	Amends a provision which provides exemptions from public records requirements for agency cybersecurity information held by a state agency and exemptions from public meetings requirements for portions of meetings which would reveal confidential and exempt information; amends a provision which provides exemptions from public records and public meetings requirements for portions of risk assessments, evaluations, external audits, and other reports of a state agency's cybersecurity program for the data.
Florida	SPB 7020	Agency Cybersecurity Information	Pending	Amends a provision which provides exemptions from public records requirements for agency cybersecurity information held by a state agency and exemptions from public meetings requirements for portions of meetings which would reveal confidential and exempt information; amends a provision which provides exemptions from public records and public meetings requirements for portions of risk assessments, evaluations, external audits, and other reports of a state agency cybersecurity program for the data.
Florida	SPB 7026	Information Technology	Pending	Creates the Agency for State Systems and Enterprise Technology (ASSET); requires that the Division of Elections comprehensive risk assessment comply with the risk assessment methodology developed by asset; requires agencies and the judicial branch to include a cumulative inventory and a certain status report of specified projects with their legislative budget requests; revises the powers, duties, and functions of the Department of Management Services, through the Florida Digital Service. Creates multiple workgroups like the enterprise security workgroup and enterprise information technology operations workgroup to work on best practices related to cybersecurity governance and cybersecurity threats.
Florida	SR 1860	Recognition Resolution	Adopted	Recognizes March 27, 2025, as Keiser University Day in Florida and celebrating the university nearly 50 years of providing quality education, serving a diverse student population, and positively impacting both this state and the global economy. Recognizes degree programs in many of Florida's critical workforce sectors, including nursing, health care, defense and homeland security, information technology, and transportation and logistics, as well as highly specialized fields, such as cybersecurity, digital forensics and incident response, and AI.
Georgia	H 7	Income Tax	Pending	Relates to the imposition, rate, computation, exemptions, and credits relative to income taxes, so as to provide for a tax credit for workforce-ready graduates employed in high-tech full-time jobs in rural counties in the state; requires the Department of Labor to establish certain criteria; provides for conditions and limitations; provides for definitions; provides for rules and regulations and forms; provides for related matters. A data scientist, software developer, information security analyst, web developer, computer sales engineer, information technology manager, computer research scientist, network and systems administrator, or computer support specialist qualifies as a high-tech full-time job.
Georgia	H 15	Banking and Finance	To Governor	Revises procedures concerning incorporators of credit unions; revises requirements of articles of incorporation of credit unions; revises licensure requirements for money transmissions, cashing payment instruments, mortgage lenders and mortgage brokers, foreign banking institutions, and installment loans; provides for revised auditing procedures for mortgage lenders and mortgage brokers; provides for corporate governance requirements for mortgage lenders and mortgage brokers. Prohibits individuals convicted of specific crimes like cybersecurity are disqualified from specific licenses.
Georgia	H 39	Habersham County	To Governor	Authorizes the assessment, collection and distribution of a technology fee by the Magistrate Court of Habersham County; identifies the authorized uses of such technology fee; provides for the maintenance of such technology fee funds; provides for the termination of such technology fee and dedication of residual funds to technology uses; provides for related matters; provides for an effective date; repeals a specific act; repeals conflicting laws. Allows technology fees to be used for cybersecurity insurance.
Georgia	H 67	Appropriations	Enacted	Provides appropriations for the specified fiscal year; makes, provides, and changes certain appropriations for the operation of the state government and its departments, boards, bureaus, commissions, institutions, and other agencies, for the university system, common schools, counties, municipalities, and political subdivisions, for all other governmental activities, projects, and undertakings authorized by law. Includes appropriations to the Georgia Cyber Innovation and Training Center to enhance cybersecurity technology for private and public industries through unique education, training, research, and practical applications.
Georgia	H 68	General Appropriations	Pending	Makes and provides appropriations for the state fiscal year beginning July 1, 2025, and ending June 30, 2026; makes and provides such appropriations for the operation of the state government and its departments, boards, bureaus, commissions, institutions, and other agencies, for the university system, common schools, counties, municipalities, and political subdivisions, for all other governmental activities, projects, and undertakings authorized by law, and for all leases, contracts, agreements. Includes appropriations to the Georgia Cyber Innovation and Training Center to enhance cybersecurity technology for private and public industries through unique education, training, research, and practical applications.
Georgia	H 423	Emergency Telephone Number	To Governor	Relates to emergency communications authority and emergency telephone number 9-1-1 system, respectively, so as to provide for Next Generation 9-1-1 systems and services; revises and provides for definitions; revises the duties and responsibilities of the State Emergency Communications Authority as relevant to Next Generation 9-1-1 systems and services; adds members to the board of directors of such authority; requires all new 9-1-1 systems conform to wireless enhanced 9-1-1 service or NG9-1-1 service. The authority shall have the duties and responsibilities to establish and operate a network management center in coordination with cybersecurity subject matter experts to protect the state ESInet, Next Generation core services, and public safety answering points.
Georgia	HR 353	Recognitions	Adopted	Recognizes and commends Kayode Adekunle who is a highly regarded cybersecurity consultant with expertise in cyber threat management, regulatory compliance, layered defense strategies, computing platforms, and network design who holds multiple professional certifications.
Georgia	HR 408	Honorary Resolution	Adopted	Honors the work of Georgia’s aerospace and defense industry and recognizes Feb. 26, 2025, as Georgia Aerospace Day at the state capitol. Highlights Middle Georgia University is home to Georgia's flagship School of Aviation and is the only university in Georgia offering three FAA-certified programs; the only public university to offer a bachelor's degree in flight, supporting the aviation industry through programs in business administration, information technology, cybersecurity, and specialized aviation disciplines.
Georgia	SR 62	Recognitions	Adopted	Recognizes and commends Reinhardt University for serving the students of North Georgia for over 140 years. Highlights the University has made significant contributions to the workforce in Georgia in the areas of arts, sciences, business and cybersecurity.
Georgia	SR 254	Honorary Resolution	Adopted	Honors the work of Georgia’s aerospace and defense industry and recognizes Feb. 26, 2025, as Georgia Aerospace Day at the state capitol. Highlights that Georgia is proud of its longstanding connection to the United States military community, including eight active military bases, the United States Army Cyber Command Headquarters, and the VECTR military workforce training center.
Guam	None
Hawaii	H 726	Data and Artificial Intelligence Governance	Pending	Establishes and appropriates funds for a data and AI governance and decision intelligence center and necessary positions to improve data quality and data sharing statewide. The center is responsible for enabling secured and efficient data sharing across state agencies through implementing statewide data sharing tools and platforms to improve interoperability.
Hawaii	H 1205	Defense Related Workforce Diversification and Expansion	Pending	Appropriates funds for the workforce development council; incorporates and implements a framework for the workforce diversification and expansion of the defense related workforce in fields such as information technology, cybersecurity, intelligence, data science and advanced manufacturing.
Hawaii	H 1206	University Defense Sector Workforce Development	Pending	Appropriates funds for faculty positions, student programs, and facilities at the University of Hawaii at Manoa and University of Hawaii, West Oahu for workforce development in the defense sector. The purpose of this act is to build a local workforce to meet the growing demand for jobs in the areas of information technology, cybersecurity, intelligence, and data science fields by utilizing the expertise at two university campuses, the university of Hawaii at Manoa's college of social sciences and the university of Hawaii, West Oahu's business administration department, focused on producing the workforce for the defense sector in these related fields.
Hawaii	HCR 75	Students Manufacturing and Cybersecurity Curriculum	Pending	Requests the Department of Education and University of Hawaii to assess the criteria required to establish an educational pipeline and curriculum to ensure that students acquire the necessary skills in advanced manufacturing and cybersecurity.
Hawaii	HCR 156	Advanced Manufacturing and Cybersecurity	Pending	Requests the state Technology Development Corporation to increase its focus on advanced manufacturing and cybersecurity to build a stronger, diversified economy, create high wage job opportunities and position Hawaii as a leader in innovation and national security in the Pacific.
Hawaii	HR 67	Students Manufacturing and Cybersecurity Curriculum	Adopted	Requests the Department of Education and University of Hawaii to assess the criteria required to establish an educational pipeline and curriculum to ensure that students acquire the necessary skills in advanced manufacturing and cybersecurity.
Hawaii	HR 151	Advanced Manufacturing and Cybersecurity	Adopted	Requests the state Technology Development Corporation to increase its focus on advanced manufacturing and cybersecurity to build a stronger, diversified economy, create high-wage job opportunities and position Hawaii as a leader in innovation and national security in the Pacific.
Hawaii	S 125	State Enterprise Zones Business Tax Credit	Pending	Amends the definition of "eligible business activity" for State Enterprise Zone Program purposes to include retail sales of tangible personal property manufactured and sold in the enterprise zone to the final consumer, the processing of value-added agricultural products grown within an enterprise zone, the provision of professional services by health care professionals in health-care-related sectors, the use of advanced manufacturing to produce products, or the development of cybersecurity technology.
Hawaii	S 338	Technology Infrastructure Renovation Tax Credit	Pending	Reinstates, temporarily, the Technology Infrastructure Renovation Tax Credit and expands the definition of technology-enabled infrastructure to include data servers; requires the Department of Taxation to submit a report to the Legislature. The legislature finds that upgrading and modernizing equipment necessary for data storage will improve resilience against physical damage caused by weather-related events and cybersecurity threats and ensure the continued, uninterrupted provision of services to Hawaii businesses, state government and satellite agencies, and residents.
Hawaii	S 371	Offenses Against Property Rights	Pending	Establishes the offense of criminal property damage to critical infrastructure facilities in the first and second degree; provides that a person commits the offense of criminal property damage of a critical infrastructure facility in the second degree if the person intentionally or knowingly damages any critical infrastructure facility without the owner or operator's consent, and causes substantial impairment to the critical infrastructure facility.
Hawaii	S 959	Health Infrastructure Grant Program	Pending	Establishes the health infrastructure grant program within the Department of Health, to be administered by the state health planning and development agency, to support health information technology infrastructure and the implementation of interoperable health information technologies in federally qualified health centers, rural health clinics, Ryan White HIV/AIDs program centers, and Native Hawaiian health centers; appropriates funds for the grant program. The state agency may award grants to eligible applicants for eligible projects to procure certified, hosted, and maintained health information technology software and hardware, including digital security programs and devices.
Hawaii	S 1341	Energy Data Collection Program	To Governor	Adds the State Emergency Management Agency and Office of Homeland Security to the list of agencies that may examine the energy industry information statements submitted pursuant to specified section; adds the promotion of emergency management and critical infrastructure protection as relevant purposes of the energy data collection program.
Hawaii	S 1502	University Defense Sector Workforce Development	Pending	Appropriates funds for the establishment of faculty positions, student programs, and facilities at the College of Social Sciences at the University of Hawaii at Manoa and the University of Hawaii, West Oahu for workforce development such as information technology, cybersecurity, intelligence, and data science personnel in the defense sector of the state's economy.
Hawaii	S 1503	Local Workforce Development	Pending	Requires the Department of Labor and Industrial Relations to develop and implement training programs, public-private partnerships, funding opportunities and recruitment strategies to develop a local workforce to meet the growing demand in defense-related personnel such as information technology, cybersecurity, intelligence and data science positions and promote economic diversification.
Hawaii	SCR 40	Advanced Manufacturing and Cybersecurity	Pending	Requests the state technology development corporation to increase its focus on advanced manufacturing and cybersecurity to allow local manufacturers to expand production, lower costs and create new products.
Hawaii	SR 24	Advanced Manufacturing and Cybersecurity	Pending	Requests the state technology development corporation to increase its focus on advanced manufacturing and cybersecurity to allow local manufacturers to expand production, lower costs and create new products.
Idaho	H 4	Information Technology Services	Pending	Amends and adds to existing law to require the implementation of cybersecurity best practices and the use of multifactor identification in Idaho state government.
Idaho	H 35	Information Technology Services	Enacted	Authorizes and directs the Office of Information Technology Services to, among other things, ensure that all state agencies implement and maintain cybersecurity best practices and to require all state agencies to implement and use multifactor identification to access information technology devices or services, including, but not limited to, local and remote network access to any email accounts, cloud storage accounts, web applications, networks, databases or servers; defines multifactor identification.
Idaho	H 117	Insurance Data Security Act	Pending	Adds to existing law to establish the Insurance Data Security Act in the event of cybersecurity attacks.
Idaho	H 277	Office of Information Technology Services	Enacted	Amends existing law to provide for certain criminal history checks to be performed on prospective employees and contractors with the state office of information technology services.
Idaho	H 421	Cybersecurity and Resiliency Fund	Pending	Adds to existing law to establish the Cybersecurity and Resiliency Fund to address the state's need for information technology and cybersecurity infrastructure.
Illinois	H 1631	Innovation and Technology Act	Pending	Amends the Department of Innovation and Technology Act; repeals the definition of client agency and makes changes in the definitions of dedicated unit, state agency, and transferring agency; replaces references to transferring agency with references to transferred agency; makes changes in provisions concerning the powers and duties of the Department of Innovation and Technology, including changes in the scope of services provided by the department. The principal executive officer, or his or her designee, of each municipality with a population of 35,000 or greater and of each county shall designate a local official or employee as the primary point of contact for local cybersecurity issues. Each jurisdiction must provide the name and contact information of the cybersecurity designee to the Statewide Chief Information Security Officer and update the information as necessary.
Illinois	H 1768	Public Safety and Justice Privacy Act	Pending	Creates the Public Safety and Justice Privacy Act; defines terms; provides that government agencies, persons, businesses, and associations shall not publicly post or display publicly available content that includes a law enforcement officer's, prosecutor's, public defender's, or probation officer's personal information, provided that the government agency, person, business, or association has received a written request from the person that it refrain from disclosing the person's personal information. Cybersecurity vulnerabilities are exempt from vulnerability assessments.
Illinois	H 3119	Prairie State Infrastructure Protection Act	Pending	Creates the Prairie State Infrastructure Protection Act; provides that a business entity in the state may not enter into a contract or other agreement relating to critical infrastructure in the state with a company if the company, under the contract or agreement, would be able to directly or remotely access or control critical infrastructure in the state and is associated with China, Iran, North Korea, Russia, or another designated county.
Illinois	H 3485	Emergency Management Agency Act	Pending	Amends the Emergency Management Agency Act; changes the name of the act to the IEMA-OHS Act; makes conforming changes and adds references to homeland security and the Office of Homeland Security within the Emergency Management Agency and Office of Homeland Security throughout the act; adds and changes definitions; deletes provisions regarding certain salaries in previous years; in provisions listing responsibilities of IEMA-OHS, adds responsibilities regarding nuclear and radiation safety and homeland. The Homeland Security advisor shall be responsible for leading the state's strategic response and policy recommendations on all matters pertaining to homeland security, including, but not limited to, development and execution of Statewide prevention efforts associated with violence/targeted violence, terrorism, domestic violent extremism, school safety, cybersecurity, critical infrastructure protection, online safety, public safety training, and mutual aid assistance.
Illinois	H 3576	Public Utilities Act	Pending	Amends the Public Utilities Act; provides that, within 120 days after the effective date of the amendatory provisions, each water purveyor; develops a cybersecurity program that defines and implements organizational accountabilities and responsibilities for cyber risk management activities; establishes policies, plans, processes and procedures for identifying and mitigating cyber risk to its public community water system; provides that, within certain time periods after the effective date.
Illinois	H 3620	Emergency Management Agency Act	Pending	Amends the Emergency Management Agency Act regarding disasters, like cybersecurity; specifies in provisions regarding the emergency management powers of the governor, adds mobile support teams to provisions that include emergency services and disaster agencies, and changes other provisions; specifies in provisions regarding MSTs, adds provisions with respect to mutual aid, powers of the governor or the Director of Emergency Management Agency and Office of Homeland Security, and the Emergency Management Assistance Compact.
Illinois	H 3933	Department of Innovation and Technology	Pending	Makes appropriations for the ordinary and contingent expenses of the Department of Innovation and Technology for the fiscal as follows; relates to General Funds; relates to other state funds; relates to total. Appropriates funding to the Department of Innovation and Technology for all costs associated with the Cybersecurity Liaison Program.
Illinois	S 52	Privacy Rights Act	Pending	Creates the Privacy Rights Act; sets forth duties and obligations of businesses that collected consumers' personal information and sensitive personal information to keep such information private; sets forth consumer rights in relation to the collected personal information and sensitive personal information, including the right to: delete personal information; corrects inaccurate personal information; knows what personal information is sold or shared and to whom. By July 1, 2026, the attorney general shall solicit broad public participation and adopt rules to further the purposes of this Act, including, but not limited to perform a cybersecurity audit on an annual basis, including defining the scope of the audit and establishing a process to ensure that audits are thorough and independent. The factors to be considered in determining when processing may result in significant risk to the security of personal information shall include the size and complexity of the business and the nature and scope of processing activities.
Illinois	S 225	State Records Act and Local Records Act	Pending	Amends the State Records Act and Local Records Act; provides that, when an agency generates a record in an encrypted format, an encryption key must be available to decrypt the record for its entire retention period as established by the State or Local Records Commission; provides that, when an agency maintains a digital format record within a digital storage system that allows the user to set retention timers, these timers must be set to retain the record for its entire retention period as established.
Illinois	S 1363	State Officials and Employees Ethics Act	Pending	Amends the State Officials and Employees Ethics Act; requires each officer, member, and employee to complete, at least annually, a cybersecurity training program, with certain requirements; requires each ultimate jurisdictional authority to submit to the applicable Ethics Commission, at least annually, a report regarding that training, with certain requirements.
Illinois	S 1512	Consumer Financial Protection Law	Pending	Creates the Consumer Financial Protection Law; creates the Financial Protection Fund; sets forth provisions concerning findings and purpose, exemptions, administration of the provisions, funds, supervision, registration requirements, consumer protection, cybersecurity, anti-fraud and anti-money laundering, enforcement, procedures, and rulemaking; defines terms; makes conforming changes in the Freedom of Information Act and the State Finance Act.
Illinois	S 1542	Department of Innovation and Technology Act	Pending	Amends the Department of Innovation and Technology Act; repeals the definition of client agency and makes changes in the definitions of dedicated unit, state agency and transferring agency; replaces references to transferring agency with references to transferred agency; makes changes in provisions concerning the powers and duties of the Department of Innovation and Technology. The principal executive officer, or his or her designee, of each municipality with a population of 35,000 or greater and of each county shall designate a local official or employee as the primary point of contact for local cybersecurity issues. Each jurisdiction must provide the name and contact information of the cybersecurity designee to the Statewide Chief Information Security Officer and update the information as necessary.
Illinois	S 2364	Unmanned Aerial Systems Security Act	Pending	Creates the Unmanned Aerial Systems Security Act; provides that a government agency may use a drone only if the manufacturer of the drone meets the minimum security requirements specified in the act; prohibits a government agency from purchasing, acquiring or otherwise using a drone or any related services or equipment produced by a manufacturer domiciled in a country of concern or a manufacturer the government agency reasonably believes to be owned or controlled, in whole or in part, by a country.
Illinois	S 2367	Pacific Conflict Stress Test Act	Pending	Creates the Pacific Conflict Stress Test Act; provides that the governor shall produce and publish a state risk assessment no later than the day before the annual address made to the General Assembly by the governor, and annually thereafter; provides that the state risk assessment shall include all substantial risks to state or national security, state or national economic security, state or national public health, or any combination of those matters, occurring within and threatening the state.
Illinois	S 2408	Emergency Management Agency Act	Pending	Amends the Emergency Management Agency Act regarding disasters; in provisions regarding the emergency management Powers of the governor, adds mobile support teams to provisions that include emergency services and disaster agencies, and changes other provisions; in provisions regarding MSTs, adds provisions with respect to mutual aid, Powers of the governor or the Director of Emergency Management Agency and Office of Homeland Security, and the Emergency Management Assistance Compact.
Illinois	S 2540	Department of Innovation and Technology	Pending	Makes appropriations for the ordinary and contingent expenses of the Department of Innovation and Technology for the fiscal year beginning of specified date, as follows general funds, federal funds, total. Appropriates funding to the Department of Innovation and Technology for all costs associated with the Cybersecurity Liaison Program.
Illinois	SR 5	Recognition Resolution	Pending	Recognizes the work of organizations such as the Judges Association in educating our youth, parents, and schools about remaining safe and vigilant in the rapidly changing online environment of today and seeks to expand this essential online safety education to all students, parents, and schools in our state. The resolution states, “along with the innumerable benefits of the internet, this invaluable tool has also been used by many to bring harm, such as cyberattacks, ransomware, online threats and intimidation, and the spread of misinformation, along with great societal challenges such as increased social isolation, decreased time outside and in nature, decreased in-person interaction, and unhealthy distractions and addictions.”
Indiana	H 1032	Foreign Interests	Pending	Prohibits a prohibited person from entering into a contract for the provision of goods or services with the state, a state agency, and a political subdivision the company would be able to directly or remotely access or control critical infrastructure or a cybersecurity system of a critical infrastructure; provides that a local hospital authority or corporation is excluded from a political subdivision for purposes of a prohibition on contracts with certain foreign owned companies and individuals; establishes the Foreign Adversary Enforcement Fund; requires schools and school corporations to disclose foreign gifts and contracts; appropriates funds.
Indiana	H 1050	Technical Corrections	Enacted	Addresses technical issues in the Indiana Code, including those related to spelling, tabulation, formatting, grammar, and cross-references; resolves technical conflicts from the 2024 legislative session; makes conforming amendments.
Indiana	H 1383	Indiana Civilian Cyber Corps	Pending	Relates to Indiana civilian cyber corps; establishes the Indiana civilian cyber corps program; provides that the adjutant general of the military department shall administer the program; provides that the program includes civilian volunteers who have expertise in addressing cybersecurity incidents and who volunteer at the invitation of the adjutant general to provide rapid response assistance to a cybersecurity client in need of expert assistance after recognition of a cybersecurity incident.
Indiana	H 1432	Gaming Matters	Pending	Authorizes the Lottery Commission to operate the sale of draw games and e-Instant games over the internet. Requires an interactive gaming operator to implement appropriate data security standards to prevent unauthorized access by any person whose identity has not been verified or cannot be verified, in accordance with rules adopted by the commission.
Indiana	S 459	Wastewater Reuse and Cybersecurity Requirements	Pending	Relates to environmental matters; provides that the environmental rules board may adopt rules establishing requirements for the reclamation and reuse of treated wastewater; requires certain entities to, conduct an annual public water system cybersecurity vulnerability assessment, annually provide the office of technology with the name and contact information of any individual who will act as the primary reporter of a cybersecurity incident, submit an annual certification to the department.
Indiana	S 472	Cybersecurity	Pending	Requires political subdivisions, state agencies, school corporations and state educational institutions, with the exception of specified categories of hospitals and the Indianapolis department of public utilities, to adopt a technology resources policy and cybersecurity policy; provides the department is not required to report a cybersecurity incident to the office of technology.
Iowa	H 59	Grocer Reinvestment Program	Pending	Creates a grocer reinvestment program, a local produce processing grant program, and a grocer reinvestment and local food processing fund under the purview of the Economic Development Authority; modifies the Local Food and Farm Program; makes appropriations; allows the authority to establish the eligibility criteria for the grocer program by rule. Funds can be used for technology that allows increased capacity or business resilience, including software and hardware related to business functions, logistics, inventory management, temperature monitoring controls, cybersecurity and internet site design that enables electronic commerce.
Iowa	H 954	Conduct of Elections	Pending	Relates to the conduct of elections; includes effective date and retroactive applicability provisions. Requires a county commissioner of elections shall notify the state commissioner when the county commissioner’s office is involved in physical or cybersecurity assessments performed by a federal or state agency or other entity.
Iowa	HSB 72	Department of Management	Pending	Relates to matters under the purview of the Department of Management; makes appropriations; includes applicability provisions. Creates confidentiality requirements for communications with chief information security officer. Exemptions are made for a few purposes including identifying a cybersecurity threat, including the source of the cybersecurity threat, or a security vulnerability to government officials for purposes of addressing the threat.
Iowa	S 89	Statewide Interoperable Communications System	Pending	Relates to the statewide interoperable communications system; includes effective date provisions. The bill provides that all equipment and programming costs associated with communications on the SICS, including encryption equipment, shall be the sole responsibility of the public service organization to purchase, program, and maintain. The state will provide the system access setup, training, support, and electronic codes or keys to public service organizations at no cost.
Iowa	S 145	Confidential Information of the Iowa Lottery	Pending	Concerns confidential information of the state lottery; includes applicability provisions. Building plans and operational security measures, systems, or procedures and building plans, including but not limited to security plans and procedures of the commission designed to ensure the integrity and security of lottery operations, and information that ensures the integrity and security of the selection process for winning tickets or numbers, other than general information about that process is prohibited from being shared.
Iowa	S 540	Administration of Elections	Pending	Relates to the administration of elections. A county commissioner of elections shall notify the state commissioner when the county commissioner’s office is involved in physical or cybersecurity assessments performed by a federal or state agency or other entity.
Iowa	SSB 1054	Grocer Reinvestment Program	Pending	Creates a grocer reinvestment program, a local produce processing grant program, and a grocer reinvestment and local food processing fund under the purview of the Economic Development Authority; modifies the local food and farm program; makes appropriations. Funds can be used for technology that allows increased capacity or business resilience, including software and hardware related to business functions, logistics, inventory management, temperature monitoring controls, cybersecurity and internet site design that enables electronic commerce.
Iowa	SSB 1175	Administration of Elections	Pending	Relates to the administration of elections. A county commissioner of elections shall notify the state commissioner when the county commissioner’s office is involved in physical or cybersecurity assessments performed by a federal or state agency or other entity.
Kansas	H 2270	Chief Information Security Officer to Receive Reports	Pending	Relates to authorizing the chief information security officer to receive audit reports and updating statutes related to services provided by the chief information technology officer.
Kansas	H 2271	Expiration Provisions of Cybersecurity Legislation	Pending	Relates to removing the expiration of provisions relating to moving cybersecurity services under the chief information technology officer of each branch of government.
Kentucky	H 280	Information Technology Systems	Pending	Renames the Investments in Information Technology Improvement and Modernization Projects Oversight Board to the Information Technology Oversight Committee; defines application, cybersecurity system, and legacy system; requires state agencies to report on information technology systems or applications not later than July 15, 2025, and not later than April 15, 2027, and biennially thereafter.
Kentucky	H 373	Campaign Finance	Pending	Allows the use of campaign funds to pay for the reasonable costs of security measures for a state candidate, officeholder, his or her family, and employees of the candidate's campaign or the officeholder's office; defines security measure and usual and normal charge. Security measures can include cybersecurity software, devices and services.
Kentucky	H 672	Protection of Information	Pending	Defines terms relating to artificial intelligence; requires the Commonwealth Office of Technology to establishes and implement policy standards for the use of artificial intelligence; creates the Artificial intelligence Governance Committee; relates to tasks the committee with the establishment of responsible, ethical, and transparent procedures for the allowable use, development, and approval of artificial intelligence for any department, program, cabinet, agency, and administrative body. Requires the office to establish, publish, maintain and implement comprehensive policy standards and procedures for the responsible, ethical, and transparent use of generative artificial intelligence systems and high-risk artificial intelligence systems, including but not limited to policy standards and procedures that address and provide resources for security of data and privacy.
Kentucky	S 4	Protection of Information	Enacted	Defines terms relating to artificial intelligence; provides that a department, agency, or administrative body shall disclose to the public, through a clear and conspicuous disclaimer, when generative artificial intelligence, artificial intelligence systems, or other artificial intelligence-related capabilities are used, among other things, to render any decision regarding individual citizens or businesses within the state. Requires the office to establish, publish, maintain and implement comprehensive policy standards and procedures for the responsible, ethical, and transparent use of generative artificial intelligence systems and high-risk artificial intelligence systems, including but not limited to policy standards and procedures that address and provide resources for security of data and privacy.
Kentucky	S 176	Legislative Research Commission	Enacted	Creates a permanent subcommittee of the Legislative Research Commission to be known as the Capital Projects and Bond Oversight Committee, Administrative Regulation Review Subcommittee, Government Contract Review Committee, Education Assessment and Accountability Review Subcommittee, Tobacco Settlement Agreement Fund Oversight Committee. Requires each state agency shall provide information regarding an estimated timeline and funding source for each cybersecurity program.
Kentucky	S 260	Cybersecurity	Pending	Requires the executive director of the Office of Homeland Security to submit monthly reports to the Legislative Research Commission and the Interim Joint Committee on Appropriations and Revenue on items such as: assessing the Commonwealth's preparedness to respond to acts of war or terrorism, including nuclear, biological, chemical, electromagnetic pulse, agro-, eco-, or cyber-terrorism.
Louisiana	H 125	Technology	Pending	Provides for the protection, storage and access of genomic information.
Maine	H 147	Definition of Terrorism	Pending - Carryover	Expands the definition of terrorism in the laws governing the state emergency management agency to include a cyberattack.
Maryland	H 56	Control Authority	Pending	Relates to procurement; relates to State Department of Education; relates to control authority; relates to local food purchasing. Removes the ability for the Maryland Port Commission to purchase cybersecurity upgrades and modernization without prior approval.
Maryland	H 82	Cyber Program Revisions	Pending	Transfers the Cyber Maryland Program from the Maryland Technology Development Corporation to the Maryland Department of Labor; alters the duties of the program; alters the purposes for which the Cyber Maryland Fund may be used; repeals certain funding requirements related to the program; alters the membership of the Cyber Maryland Board.
Maryland	H 209	Local Cybersecurity Preparedness and Response Plan	Pending	Concerns state finance and procurement; relates to Local Cybersecurity Preparedness and Response Plan and Assessment; relates to a repeal.
Maryland	H 235	Cybersecurity Revisions	Pending	Concerns state government; relates to information technology; relates to cybersecurity revisions.
Maryland	H 333	Healthcare Ecosystem Cybersecurity	Pending	Concerns cybersecurity; relates to the health care ecosystem.
Maryland	H 350	Budget Bill Fiscal Year 2026	Pending	Makes the proposed appropriations contained in the state budget for the fiscal year ending on specified date, in accordance with Article III, Section 52 of the state constitution. Includes cybersecurity appropriations such as to the Cybersecurity Investment Fund, Cyber Workforce Grants, and for local education agencies cybersecurity efforts.
Maryland	H 376	Cybersecurity Council	Pending	Alters the selection of the membership and chair of the State Cybersecurity Council; provides that beginning on a specified date, and every specified number of years thereafter, the council shall elect a chair from among the members of the council.
Maryland	H 423	911 Board and Department of Emergency Management	Pending	Authorizes the State 911 Board to adopt regulations to implement and enforce certain responsibilities of the Board; authorizes the State Department of Emergency Management to adopt regulations to implement and enforce the responsibilities of the Department. Requires the Board to establish minimum standards for cybersecurity, oversight, and accountability of service level agreements between counties and core service providers of Next Generation 9-1-1 services.
Maryland	H 444	Interference with Critical Infrastructure	Pending	Prohibits a person from taking certain actions with the intent to deny access to an authorized user or interrupt or impair the functioning of critical infrastructure or a public safety answering point; prohibits a person from taking certain actions that deny access to an authorized user or interrupt or impair the functioning of critical infrastructure or a public safety answering point; relates to critical infrastructure and public safety answering points.
Maryland	H 500	Procurement Reform Act of 2025	Pending	Authorizes the Secretary of General Services; delegates certain powers and duties to the Chief Procurement Officer; alters the authority of the Department of General Services; engages in or control procurement of certain equipment and services, including cybersecurity tools; alters the authority of the Department of Transportation and the State Transportation Authority; engages in procurement for certain supplies and services for transportation related activities.
Maryland	H 761	Uniform Disposition of Abandoned Property Act	Pending	Makes certain virtual currency subject to the Abandoned Property Laws in the State; establishes certain provisions to determine certain information about certain apparent owners of abandoned property; alters and establishes certain provisions pertaining to the presumption of abandonment for certain types of property; establishes certain procedures to establish the death of a certain insured or certain annuitant; alters the procedures for filing a claim with the Comptroller to reclaim abandoned property. Appropriates funding to the State Controller for information technology, including cybersecurity costs.
Maryland	H 807	Data Governance Modernization	Pending	Establishes the position and responsibilities of the State Chief Data Officer; establishes the Office of Enterprise Data in the Department of Information Technology and the responsibilities of the Office; requires each unit of state government to appoint an Agency Data Officer; renames the Council on Open Data to be the Council for Open Data Advancement; alters the membership, member terms, and responsibilities of the Council. Requires the State Chief Data Officer to direct, coordinate and implement a statewide data strategy which includes responsible governance and management of state data.
Maryland	H 919	State Tax Credits Exemptions and Deductions	Pending	Extends termination dates of the job creation tax credit, opportunity zone enhancement program, research and development tax credit, biotechnology investment incentive tax credit, security clearance administrative expense tax credit, and cybersecurity technology and service tax credit; provides for the termination of the One Maryland Economic Development Tax Credit Program on a certain date; alters eligibility for a certain tax credit for certain qualified vehicles.
Maryland	H 1062	Community Water and Sewerage Systems	Pending	Requires the Department of the Environment to coordinate, in coordination with the Department of Information Technology and the Maryland Department of Emergency Management, cybersecurity efforts within community water systems and community sewerage systems; establishes the roles and responsibilities of various state agencies with respect to regulating, assessing, and promoting cybersecurity efforts within the water and wastewater sector.
Maryland	H 1079	Electric Transmission and Distribution System Study	Pending	Requires the Public Service Commission to conduct a study on the electric transmission system and the electric distribution system in the state; establishes that the purpose of the study is to provide a comprehensive assessment of the potential application of grid-enhancing technologies and advanced conductors in a manner that ensures system reliability and safeguards the cybersecurity and physical security of the electric transmission system and electric distribution system in the state.
Maryland	H 1097	Workgroup on Mail In Ballot Accessibility	Pending	Establishes the Workgroup on Mail-In Ballot Accessibility to examine current processes in the state relating to mail-in ballot return, assessing the impact on voters with disabilities, collect information about current practices for accessible alternatives to paper mail-in ballot return, and evaluate the alternatives for individuals with disabilities; requires the Workgroup to report its findings and recommendations to the governor and the General Assembly by a specified amount. Requires a member of the taskforce to have cybersecurity expertise.
Maryland	H 1219	Co Location Energy Innovation and Reliability Act	Pending	Requires the Public Service Commission to adopt regulations related to the construction of a generating station that is co-located with a data center but is not interconnected with the electric transmission system or electric distribution system. Requires a generating station to include cybersecurity safeguards.
Maryland	H 1225	Affordable Grid Act	Pending	Requires the Public Service Commission to adopt regulations or issue orders on or before a specified date, that require electric companies to, every three years, develop an electric system distribution plan to be approved by the Commission and provide the Commission with annual progress reports; requires the Commission to adopt regulations or issue orders adopting certain metrics to monitor and assess electric distribution system plans. Requires electric companies to adhere to industry-recommended cybersecurity guidelines.
Maryland	H 1309	Cybersecurity Standards Compliance and Audits	Pending	Repeals the requirement that county boards of education prioritize the purchase of digital devices with certain funds; requires each local school system to comply with, and certify compliance with, the state minimum cybersecurity standards and to conduct a cybersecurity maturity assessment every two years; requires the Office of Security Management within the Department of Information Technology to annually update the state minimum cybersecurity standards.
Maryland	H 1321	Cybersecurity Measures Income Tax Credit	Pending	Authorizes a credit against the state income tax for a certain small business that employs 50 or fewer employees for costs incurred by the small business during the taxable year for certain cybersecurity measures undertaken by the small business; makes the credit refundable; applies the Act to all taxable years beginning after Dec. 31, 2024.
Maryland	H 1468	Cyber Maryland Program	Pending	Transfers the Cyber State Program from the State Technology Development Corporation to the State Department of Labor; alters the duties of the program; requires the program to issue certain competitive grants and contracts beginning in fiscal year 2026; alters the purposes for which the Cyber State Fund may be used; alters certain funding requirements related to the Program.
Maryland	S 239	State Finance and Procurement Local Cybersecurity	Pending	Repeals a duplicative provision of law requiring each county government, local school system, and local health department, in consultation with the local emergency manager, to create or update a cybersecurity preparedness and response plan and complete a cybersecurity preparedness assessment in a manner and frequency established by the Department of Information Technology.
Maryland	S 241	Cyber Maryland Program Revisions	Pending	Transfers the Cyber Maryland Program from the Maryland Technology Development Corporation to the Maryland Department of Labor; alters the duties of the program; alters the purposes for which the Cyber Maryland Fund may be used; repeals certain funding requirements related to the Program; alters the membership of the Cyber Maryland Board.
Maryland	S 244	State Government Information Technology Cybersecurity	Pending	Alters the duties of the Cyber Preparedness Unit in the Maryland Department of Emergency Management; alters the duties of the Office of Security Management in the Department of Information Technology; alters the content of a certain report on the activities of the Office and the state of cybersecurity preparedness in the state; alters the responsibilities of the Secretary of Information Technology with regard to information technology policies and a statewide cybersecurity strategy.
Maryland	S 294	Cybersecurity Council	Pending	Alters the selection of the membership and chair of the State Cybersecurity Council.
Maryland	S 319	Budget Bill Fiscal Year 2026	Pending	Makes the proposed appropriations contained in the State Budget for the fiscal year ending on specified date, in accordance with Article III, Section 52 of the State Constitution. Includes cybersecurity appropriations.
Maryland	S 426	Procurement Reform Act of 2025	Pending	Authorizes the Secretary of General Services to delegate certain powers and duties to the Chief Procurement Officer; alters the authority of the Department of General Services to engage in or control procurement of certain equipment and services, including cybersecurity technology; alters the authority of the Department of Transportation and the State Transportation Authority to engage in procurement for certain supplies and services for transportation related activities.
Maryland	S 665	Uniform Disposition of Abandoned Property Act	Pending	Makes certain virtual currency subject to the Abandoned Property Laws in the state; establishes certain provisions to determine certain information about certain apparent owners of abandoned property; alters and establishes certain provisions pertaining to the presumption of abandonment for certain types of property; establishes certain procedures to establish the death of a certain insured or certain annuitant; alters the procedures for filing a claim with the comptroller to reclaim abandoned property. Appropriates funding to the State Controller for information technology, including cybersecurity costs.
Maryland	S 691	Healthcare Ecosystem Cybersecurity	Pending	Requires the State Health Care Commission and the State Insurance Administration to include a cybersecurity expert as staff to perform certain functions and submit to the State Chief Information Security Officer a report on the cybersecurity practices and policies of certain health care ecosystem entities on a certain basis; requires health care ecosystem entities to take certain actions related to cybersecurity.
Maryland	S 867	Cyber Maryland Program	Pending	Transfers the Cyber Maryland Program from the Maryland Technology Development Corporation to the Maryland Department of Labor; alters the duties of the program; requires the program to issue certain competitive grants and contracts beginning in fiscal year 2026; alters the purposes for which the Cyber Maryland Fund may be used; alters certain funding requirements related to the Program.
Maryland	S 871	Community Water and Sewerage Systems	Pending	Requires the Department of the Environment to coordinate, in coordination with the Department of Information Technology and the Maryland Department of Emergency Management, cybersecurity efforts within community water systems and community sewerage systems; establishes the roles and responsibilities of various state agencies with respect to regulating, assessing, and promoting cybersecurity efforts within the water and wastewater sector.
Maryland	S 907	Cybersecurity Standards Compliance and Audits	Pending	Repeals the requirement that county boards of education prioritize the purchase of digital devices with certain funds; requires each local school system to comply with, and certify compliance with, the state minimum cybersecurity standards and to conduct a cybersecurity maturity assessment every specified year; requires the Office of Security Management within the Department of Information Technology to annually update the state minimum cybersecurity standards.
Maryland	S 908	Affordable Grid Act	Pending	Requires the Public Service Commission to adopt regulations or issue orders on or before a specified date, that require electric companies to develop an electric system distribution plan to be approved by the Commission and provide the Commission with annual progress reports; requires the Commission to adopt regulations or issue orders adopting certain metrics to monitor and assess electric distribution system plans; requires an electric company to provide certain public comment opportunities. Requires electric companies to adhere to industry-recommended cybersecurity guidelines.
Maryland	S 929	Workgroup on Mail in Ballot Accessibility	Pending	Establishes the Workgroup on Mail-In Ballot Accessibility to examine current processes in the state relating to mail-in ballot return, assessing the impact on voters with disabilities, collect information about current practices for accessible alternatives to paper mail-in ballot return, and evaluate the alternatives for individuals with disabilities; requires the Workgroup to report its findings and recommendations to the governor and the General Assembly by a specified date. Requires the Executive Director of the Cybersecurity Association of Maryland, or the Executive Director's designee to be a member of the working group.
Maryland	S 947	Co Location Energy Innovation and Reliability Act	Pending	Requires the Public Service Commission to adopt regulations related to the construction of a generating station that is co-located with a data center but is not interconnected with the electric transmission system or electric distribution system. Requires a generating station to include cybersecurity.
Northern Mariana Islands	None
Massachusetts	H 82	Cyberattack Responses	Pending	Relates to cyberattack responses.
Massachusetts	H 97	Consumers Interactions With Artificial Intelligence	Pending	Relates to consumers interactions with artificial intelligence systems. Specifies high-risk AI systems do not include cybersecurity systems.
Massachusetts	H 102	Potential Future Social Media Companies	Pending	Protects residents of the Commonwealth from the threat posed by certain foreign adversaries using current or potential future social media companies. Requires the Secretary of the Executive Office of Technology Services and Security develop and implement a plan to remove any referenced hardware products from the commonwealth, county and municipal networks which includes risks associated with these technologies into the Commonwealth’s Cybersecurity Awareness Training Program through the Office of the Comptroller.
Massachusetts	H 103	Massachusetts Neural Data Privacy Protection Act	Pending	Establishes the Massachusetts Neural Data Privacy Protection Act. Not later than 3 years after the date of enactment of this chapter, and annually no later than December 31 of each year thereafter, the attorney general shall submit to the joint committee on ways and means, the joint committee on racial equity, civil rights, and inclusion, and the joint committee on advanced information technology, the internet and cybersecurity a report that includes a summary of the enforcement actions taken under this subsection.
Massachusetts	H 105	Electronic Security for Certain Procurements	Pending	Relates to electronic security for certain procurements involving electronic or cyber security equipment components.
Massachusetts	H 1105	Business to Business Commercial Insurance Transactions	Pending	Relates to business-to-business commercial insurance transactions. “Specialty commercial lines” includes property or casualty insurance coverage for cybersecurity, including first and third party commercial lines coverage for losses arising out of or relating to data privacy breaches, network security, computer viruses and similar exposures.
Massachusetts	H 1280	Autonomous Vehicle Safety Insurance Coverage	Pending	Relates to insurance coverage for testing and deployment of and school zone safety protocol for autonomous vehicles. Autonomous vehicles operating on public roads in the Commonwealth shall comply with insurance requirements established by the Division of Insurance (DOI), in consultation with the Department of Transportation (MassDOT). These requirements shall ensure adequate coverage for cybersecurity risks, including unauthorized access, hacking, and operational disruptions.
Massachusetts	H 3585	Supporting Offshore Wind Energy Generation Projects	Pending	Establishes a special commission to study the potential risks to cities and towns from the onshore electrical infrastructure supporting offshore wind energy generation projects. The scope of the study shall include the implementation of risk assessments and routine audits of electric substations supporting offshore wind-generated power to ensure compliance with safety standards, including potential cybersecurity risks.
Massachusetts	HD 1316	Cyberattack Response	Pending	Relates to cyberattack response in Massachusetts.
Massachusetts	S 14	Senate Rules	Pending	Proposes Senate Rules for the 2025-2026 Legislative Session. Requires the Senate, in coordination with Legislative Information Services, to host a training on cybersecurity awareness on an annual basis, which shall be mandatory for all members and staff.
Massachusetts	S 19	Senate Rules	Pending	Relates to Senate Rules for the 2025-2026 Legislative Session. Requires the Senate, in coordination with Legislative Information Services, to host a training on cybersecurity awareness on an annual basis, which shall be mandatory for all members and staff.
Massachusetts	S 31	State Agency Information Technology Systems	Pending	Modernizes state agency information technology systems. Creates the Massachusetts Innovation Fund and board to make awards of financial assistance to state agencies from the fund or account for qualifying information technology modernization projects, including implementing cybersecurity solutions consistent with principles of Zero Trust architecture as defined by the National Institute of Standards and Technology.
Massachusetts	S 35	Electronic Monitoring Tools	Pending	Promotes employee physical and mental health and wellbeing by limiting the use of electronic monitoring tools. Specifies conditions when an employee shall be protected from termination, disciplinary action, retaliation, or other adverse employment action for refusing to follow the output of an AI system, automated decision system, algorithm, or other similar technology.
Massachusetts	S 37	Artificial Intelligence Models and Safety	Pending	Promotes economic development with emerging artificial intelligence models and safety. Before beginning to train a covered model, a developer shall implement reasonable administrative, technical and physical cybersecurity protections to prevent unauthorized access to, misuse of or unsafe post-training modifications of the covered model and all covered model derivatives controlled by the developer that are appropriate in light of the risks associated with the covered model, including from advanced persistent threats or other sophisticated actors.
Massachusetts	S 39	Massachusetts Cyber Incident Response Team	Pending	Protects sensitive personal information from breaches and other cybersecurity incidents by creating a Massachusetts Cyber Incident Response Team.
Massachusetts	S 42	Against Cyber Ransom	Pending	Protects against cyber ransom.
Massachusetts	S 49	Annual Statewide Public Employee Cybersecurity Training	Pending	Implements annual statewide public employee cybersecurity training.
Massachusetts	S 463	Screen Time and Technology Privacy in Education	Pending	Regulates screen time and technology privacy in early and K-12 education. Requires that early education certification and re-certification provides relevant education on cybersecurity, privacy, screen time and technology concerns.
Massachusetts	S 1636	Safer and Secure Communications	Pending	Ensures safer and secure communications by improving technological safety with radiation limits through the Massachusetts Broadband Institute. Requires the Broadband Institute Board to have members with expertise in cybersecurity; telecommunications infrastructure; and grid or utility security.
Massachusetts	SD 873	Cybersecurity and Artificial Intelligence	Pending	Relates to cybersecurity and artificial intelligence.
Massachusetts	SD 2333	Sensitive Personal Information	Pending	Protects sensitive personal information from breaches and other cybersecurity incidents.
Michigan	H 4037	Health Records	Pending	Establishes certain requirements to operate a health data utility.
Michigan	S 198	Occupations Automobile Dealers	Pending	Provides requirements for automobile dealer data collection. Requires a dealer to submit or push data or information to a manufacturer or third party through a widely acceptable electronic file format or protocol that complies with star standards or other generally accepted cybersecurity standards that are at least as comprehensive as star standards.
Minnesota	H 140	State Government	Pending	Relates to state government; establishes a state-funded county and city Cybersecurity Grant Program; requires a report; appropriates money.
Minnesota	H 747	Business Organizations	Pending	Relates to business organizations; modifies the Minnesota Business Corporation Act. Relates to emergency powers to be used during emergencies, such as cybersecurity.
Minnesota	H 1226	Natural Gas Utilities	Pending	Relates to energy; authorizes natural gas utilities to sell extraordinary event bonds under certain circumstances; establishes an account; appropriates money. An extraordinary event includes but is not limited to a storm event or other natural disaster, an act of God, war, terrorism, sabotage, vandalism, a cybersecurity attack, or a temporary significant increase in the wholesale price of natural gas.
Minnesota	H 1246	Economic Development	Pending	Relates to economic development; appropriates money for a grant to the Neighborhood Development Center. Money may be used to assist organizations outside of the seven-county metropolitan area with technical assistance and grants to help implement elements of NDC's small business support model; provide one-on-one technical assistance for entrepreneurs; and support the operations and marketing of a cybersecurity center.
Minnesota	H 2073	Election Administration	Pending	Relates to elections; makes various changes related to election administration; modifies provisions related to voter registration; modifies provisions related to absentee voting; modifies requirements relating to appointing election judges. Requires the county auditor to develop a county elections chain of custody plan that must account for both the physical and cyber security of elections-related materials.
Minnesota	H 2131	Higher Education	Pending	Relates to higher education; expands program eligibility for workforce development scholarships, including cybersecurity.
Minnesota	H 2139	Workforce Development	Pending	Relates to workforce development; appropriates money for the Gateways2Growth Initiative to expand training in information technology, cybersecurity, transportation, and health care across the state; requires a report.
Minnesota	H 2300	Certification of Certain Juvenile Court Expenses	Pending	Relates to judiciary; eliminates certification of certain juvenile court expenses; modifies filing, copying, printing, and distribution of certain court papers; appropriates money. Includes funding for supreme court cybersecurity.
Minnesota	H 2442	Biennial Budget for Commerce and Energy	Pending	Relates to commerce; establishes a biennial budget for commerce and energy; modifies provisions governing consumer small loans and lending; modifies the state premium security plan; requires submission of a state innovation waiver; modifies provisions governing renewable energy, energy conservation, and energy efficiency; regulates retail electric vehicle supply equipment; modifies provisions governing certain cannabis licenses; imposes assessments and fees; appropriates money.
Minnesota	H 2443	Biennial Budget for Commerce and Energy	Pending	Relates to commerce; establishes a biennial budget for commerce and energy; modifies provisions governing consumer small loans and lending; modifies the Minnesota premium security plan; requires submission of a state innovation waiver; modifies provisions governing renewable energy, energy conservation, and energy efficiency; regulates retail electric vehicle supply equipment; modifies provisions governing certain cannabis licenses; imposes assessments and fees; appropriates money.
Minnesota	H 2561	Higher Education	Pending	Relates to higher education; expands the authority to offer applied doctoral degrees at state universities. Permits cybersecurity to be offered as an applied doctoral degree.
Minnesota	H 2610	Higher Education	Pending	Relates to higher education; permits cybersecurity to be offered as an applied doctoral degree.
Minnesota	S 379	State Government	Pending	Relates to state government; establishes a state-funded county and city cybersecurity grant program; requires a report; appropriates money.
Minnesota	S 554	Community Care Hub Grant	Pending	Relates to health; establishes a community care hub grant; requires reports; appropriates money. Grantees may use funding for technology and information security.
Minnesota	S 999	Natural Gas Utilities	Pending	Relates to energy; authorizes natural gas utilities to sell extraordinary event bonds under certain circumstances; establishes an account; appropriates money. An extraordinary event includes but is not limited to a storm event or other natural disaster, an act of God, war, terrorism, sabotage, vandalism, a cybersecurity attack, or a temporary significant increase in the wholesale price of natural gas.
Minnesota	S 1098	Mandatory Binding Arbitration	Pending	Relates to judiciary; modifies claim amount for mandatory binding arbitration; eliminates certification of certain juvenile court expenses; modifies filing, copying, printing, and distribution of certain court papers; appropriates money. Includes funding to the Supreme Court for ongoing cyber security costs.
Minnesota	S 1431	Business Organizations	Pending	Relates to business organizations; modifies the State Business Corporation Act. Outlines emergency powers including a cyberattack.
Minnesota	S 1798	Economic Development	Pending	Relates to economic development; appropriates money for a grant to the Neighborhood Development Center. Money may be used to assist organizations outside of the seven-county metropolitan area with technical assistance and grants to help implement elements of NDC's small business support model; provide one-on-one technical assistance for entrepreneurs; and support the operations and marketing of a cybersecurity center.
Minnesota	S 2069	Higher Education	Pending	Relates to higher education; provides funding to Metropolitan State University for cyber range services; appropriates money.
Minnesota	S 2216	Biennial Budget for Commerce and Energy	Pending	Relates to commerce; establishes a biennial budget for commerce and energy; modifies provisions governing consumer small loans and lending; modifies the Minnesota premium security plan; requires submission of a state innovation waiver; modifies provisions governing renewable energy, energy conservation, and energy efficiency; regulates retail electric vehicle supply equipment; modifies provisions governing certain cannabis licenses; imposes assessments and fees; appropriates money.
Minnesota	S 2384	Elections	Pending	Relates to elections; makes various changes related to election administration. Requires the county auditor to develop a county elections chain of custody plan that must account for both the physical and cyber security of elections-related materials.
Minnesota	S 2393	Biennial Budget for Commerce and Energy	Pending	Relates to commerce; establishes a biennial budget for commerce and energy; modifies provisions governing consumer small loans and lending; modifies the Minnesota premium security plan; requires submission of a state innovation waiver; modifies provisions governing renewable energy, energy conservation, and energy efficiency; regulates retail electric vehicle supply equipment; modifies provisions governing certain cannabis licenses; imposes assessments and fees; appropriates money.
Minnesota	S 2505	Workforce Development	Pending	Relates to workforce development; appropriates money for the Gateways2Growth Initiative to expand training in information technology including cybersecurity, transportation, and health care across the state; requires a report.
Minnesota	S 2527	Higher Education	Pending	Relates to higher education; expands program eligibility for workforce development scholarships to include cybersecurity.
Minnesota	S 2753	Higher Education	Pending	Relates to higher education; permits cybersecurity to be offered as an applied doctoral degree.
Minnesota	S 2888	Higher Education	Pending	Relates to higher education; expands the authority to offer applied doctoral degrees at state universities.
Minnesota	S 3034	State Government	Pending	Relates to state government; appropriates money for public educational radio stations. Includes an appropriation for the Association of Minnesota Public Educational Radio Stations to purchase the emergency equipment and increased cybersecurity and broadcast technology.
Minnesota	S 3094	Education Finance	Pending	Relates to education finance; increases safe schools revenue; creates a safe schools aid; expands safe schools revenue to all cooperative units; appropriates money. Funds may be used for the costs of cybersecurity measures, including updating computer hardware and software, other systems upgrades, and cybersecurity insurance costs.
Mississippi	H 11	MissCATEE Program	Failed	Creates the State Career and Technical Education Employability (MissCATEE) Program, which shall be directed by the Office of Workforce Development for the purpose of providing tuition free community college attendance for eligible recipients for Career and Technical Education (CTE) and training leading to associate degree credentials or industry certifications in high wage, high demand industries with documented workforce shortages prioritized by the office; provides for definitions. Fields that are eligible include information technology: preparing workers for roles in cybersecurity, software development and IT support.
Mississippi	H 20	Digital Services and Procurement Modernization	Pending	Modernizes procurement and digital services in the state; creates the Procurement Modernization Advisory Council; provides for the establishment of a statewide cloud storage center for state agencies; implements strategic initiatives for data integration, cybersecurity and technological infrastructure development; authorizes the State Department of Information Technology Services to implement statewide digital services.
Mississippi	H 731	Corporate Breach of Security	Failed	Requires business entities to report breaches of security to the office of the attorney general.
Mississippi	H 958	State Agencies Procurement	Pending	Brings forward code sections related to state agencies procurement of information technology equipment.
Mississippi	H 1096	D'lo Town Road Projects	Failed	Amends specified section, to authorize the funds provided to the town of D'lo for certain road projects to be used for other streets. Includes funding to assist the Mississippi State University Research and Technology Corporation in paying costs associated with the Mississippi Cybersecurity Center adjacent to Keesler Air Force Base.
Mississippi	H 1169	Insurance Guaranty Association Law	Failed	Amends the state insurance guaranty association law to revise the definition of covered claim and to include the definition of cybersecurity insurance; establishes the obligations for claimants for property damage covered claims and all first and third party claims under a policy or endorsement providing for cybersecurity insurance coverage.
Mississippi	H 1380	Cybersecurity for Governmental Entities	Pending	Provides that state and local governmental entities and certain covered commercial entities are not liable in connection with a cybersecurity incident if the entity involved has adopted certain cybersecurity standards; defines certain terms; requires cybersecurity standards to align with nationally recognized standards and the requirements of specified federal laws; creates a rebuttable presumption against liability in connection with a cybersecurity incident for commercial entities.
Mississippi	H 1489	Technology Innovation Fund	Failed	Establishes the Technology Innovation Fund to be administered by the State Department of Information Technology Services; prescribes that the purpose of the fund is to provide financial support for technology driven projects that address critical needs, improve service delivery and foster collaboration among public and private entities. The fund can be used to enhance cybersecurity and protect the integrity of state digital infrastructure.
Mississippi	H 1491	Cloud Center of Excellence	Pending	Establishes a Cloud Center of Excellence (CCoE) within the State Department of Information Technology services; facilitates the adoption and management of cloud computing across state agencies and political subdivisions; provides strategic guidance, best practices, and governance frameworks for cloud migration and optimization; enhances security, scalability, and cost efficiency in statewide cloud operations; authorizes the phased implementation of the CCoE over a five year period.
Mississippi	H 1556	MissCATEE Program	Failed	Creates the State Career and Technical Education Employability (MissCATEE) Program, which shall be directed by the office of workforce development for the purpose of providing tuition free community college attendance for eligible recipients for career and technical education (cte) and training leading to associate degree credentials or industry certifications in high wage, high demand industries with documented workforce shortages prioritized by the office; provides for definitions. Fields that are eligible include information technology: preparing workers for roles in cybersecurity, software development and IT support.
Mississippi	S 2046	Breach of Security	Failed	Amends Section 75-24-29, Mississippi Code of 1972, to authorize reporting of a breach of security to the office of the attorney general; provides for related purposes.
Mississippi	S 2443	Technology Innovation Fund	Failed	Establishes the Technology Innovation Fund; provides the objectives of the fund. The objectives of the fund shall include, but are not limited to enhance cybersecurity and protect the integrity of state digital infrastructure.
Mississippi	S 2471	Cyber Breach Limit Liability	Failed	Provides that a county or municipality and any other political subdivision of the state shall not be liable in connection with a cybersecurity incident if the entity adopts certain cybersecurity standards; requires cybersecurity programs to align with nationally recognized standards and the requirements of specified federal laws; provides a rebuttable presumption against liability for commercial entities that are in substantial compliance with this act by adopting a cybersecurity program.
Mississippi	S 2508	Mortgage Brokers and Lenders	Enacted	Authorizes mortgage loan originators to perform origination activities at a remote location under the supervision and in compliance with the licensees policies and procedures. Requires a licensee to ensure that appropriate security updates, patches, or other alterations to the security of all devices used at remote locations are installed and maintained.
Mississippi	S 2894	Cybersecurity Insurance	Enacted	Includes cybersecurity insurance for purposes of State Insurance Guaranty Association statutes; provides limits on claims paid due to a cyber liability and for property damage; provides that in no event shall the association be obligated to pay an amount in excess of a certain amount for first and third party claims under a policy or endorsement providing or that is found to provide cybersecurity insurance coverages and arising out of a single insured event, regardless of the number of claims or claimants.
Missouri	H 116	Media Literacy and Critical Thinking Act	Pending	Establishes the Media Literacy and Critical Thinking Act and pilot programs. Pilot program sites must develop guidelines to provide students with information regarding social media behavior that ensures cyber safety, cybersecurity and cyber ethics.
Missouri	H 210	Unmanned Aerial Systems Security Act of 2025	Pending	Establishes the Unmanned Aerial Systems Security Act of 2025. A drone or its software in use by a government agency shall not connect with a telephone, tablet, or other mobile device issued by a government agency or that connects to a government agency network. Requires a drone or its software in use by a government agency to be used in compliance with all other applicable data standards as required by law and the government agency’s own policy and procedure.
Missouri	H 436	Cybersecurity and Informational Security	Pending	Establishes cybersecurity and informational security standards to safeguard insurance company customer information.
Missouri	H 865	Task Forces	Pending	Creates the Missouri State Technology Task Force with members who have expertise in fields such as cybersecurity, among others.
Missouri	H 1231	New Provisions Related To Infrastructure Security	Pending	Creates new provisions related to infrastructure security.
Missouri	H 1281	Employment Security Program	Pending	Modifies provisions of the employment security program and establishes the Employment Security Program Integrity Act of 2025, relating to the administration of unemployment compensation.
Missouri	H 1576	Computer Science Courses in Schools	Pending	Establishes additional requirements for computer science courses in schools.
Missouri	S 113	Cybersecurity Grant	Pending	Creates a one-time grant for employers to enhance cybersecurity.
Missouri	S 362	Election Administration	Pending	Modifies provisions relating to election administration. Requires source code for any software or firmware used for election tabulation purposes in prior elections shall be retained by the secretary of state and made available upon request for a period of ten years after the certification of the results of the relevant election.
Missouri	S 385	Insurance Companies Data Security	Pending	Enacts provisions relating to insurance companies' data security.
Montana	H 230	Medicaid Laws	Pending	Revises Medicaid laws. Makes the Montana HELP Act workforce development permanent instead of temporary, which supports new professionals like cybersecurity analysts.
Montana	H 245	Health and Economic Livelihood Partnership Act	Enacted	Revises the state Health and Economic Livelihood Partnership Act workforce development provisions and termination date to include more occupations other than entry-level cybersecurity analysts.
Montana	H 255	Online Data Privacy Laws	Pending	Revises online data privacy laws for K-12 pupil records.
Montana	H 488	Disabled Voter to Electronically Return a Ballot	Pending	Allows a disabled voter to electronically return a ballot. The secretary of state shall adopt rules to implement rules to protect the accuracy, integrity, and secrecy of a ballot transmitted electronically by the encrypted electronic transmission system. The rules must include encryption and security standards for an electronic transmission system before the system may be approved by the secretary of state for use.
Montana	S 118	Student Data Laws	Pending	Revises laws related to education data; establishes the right to be forgotten; enhances student data privacy protections in the statewide K-12 data system and in the work of the Education and Workforce Data Governing Board. The superintendent of public instruction shall ensure that any contracts governing databases, assessments, or instructional supports that include education data or deidentified data and are outsourced to private vendors include express provisions that safeguard data privacy and data security and include penalties for noncompliance.
Nebraska	L 94	Digital Skills Empowerment Act	Pending	Adopts the Digital Skills Empowerment Act; changes the use of the Workforce Development Program Cash Fund.
Nebraska	L 241	Data Privacy	Enacted	Relates to data privacy; provides an exemption from liability for certain private entities; provides that a private entity shall not be liable in a class action resulting from a cybersecurity event unless the cybersecurity event was caused by willful, wanton, or gross negligence on the part of the private entity.
Nebraska	L 326	Unfair Insurance Trade Practices Act	Pending	Changes provisions relating to the Unfair Insurance Trade Practices Act and the Nebraska Property and Liability Insurance Guaranty Association Act. The association shall not be obligated to pay an amount in excess of three hundred thousand dollars for all first-party and third-party claims under a policy or endorsement providing, or that is found to provide, cybersecurity insurance coverage and arising out of, or related to, a single insured event, without regard to the number of claims made or the number of claimants.
Nebraska	L 599	Cybersecurity	Pending	Requires the State Board of Education to adopt a policy relating to cybersecurity.
Nebraska	L 602	Data Elimination and Limiting Tracking Act	Pending	Adopts the Data Elimination and Limiting Extensive Tracking and Exchange Act. Requires a data broker conducting business in the state to develop, implement, and maintain a comprehensive information security program that is written in one or more readily accessible parts and contains administrative, technical, and physical safeguards.
Nebraska	L 660	Secure Drone Purchasing Act	Pending	Adopts the Secure Drone Purchasing Act, including cybersecurity and data protection requirements drones must meet.
Nevada	S 12	Governmental Administration	Pending	Relates to governmental administration; creates and sets forth the composition of the governor's Technology Office within the Office of the Governor; transfers the Powers and duties of the Office of the Chief Information Officer within the Office of the Governor to the governor's Technology Office, including developing strategies to prepare for and mitigate risks to, and otherwise protect, the security of information systems.
New Hampshire	H 541	Energy and Telecommunications Infrastructure	Failed	Establishes a committee to study energy and telecommunications infrastructure survivability and resiliency. The committee shall evaluate the current state of resiliency and survivability of New Hampshire’s critical telecommunications and energy utility infrastructure, particularly Internet, telephony, electric power, and natural gas services, against physical and cyber threats from malicious actors in the context of current known and anticipated threats and to propose actionable recommendations to enhance their resilience and survivability against physical and cyber security threats.
New Hampshire	H 626	Vulnerability Disclosure Program	Pending	Provides that the secretary of state shall implement and operate a public vulnerability disclosure program which substantially meets or exceeds the recommendations contained within the publication Guide to Vulnerability Reporting for Americas Election Administrators published by the Cybersecurity and Infrastructure Security Agency of the United States Department of Homeland Security, to make it easier for security researchers and the general public to report security vulnerabilities appropriately.
New Hampshire	S 60	Advanced Deposit Account Wagering	Pending	Allows advanced deposit wagering on pari-mutuel betting on horse racing and authorizes the lottery commission to adopt rules governing the license and regulation of such wagers. The commission shall not license or authorize a person or entity to conduct advance deposit wagering under this section unless the person or entity has submitted, and the commission approved, a plan of operation for advance deposit wagering. At a minimum, the plan of operation shall provide for annually contracting with an independent third-party cybersecurity audit and submit the results of the audit to the commission.
New Jersey	A 253	State Technology Contracts Restrictions	Pending	Prohibits state contracts for technology with Chinese government-owned or affiliated companies.
New Jersey	A 535	State Critical Infrastructure	Pending	Prohibits any foreign company created under laws of foreign adversary from participating in critical infrastructure. The involvement of a foreign company created under the laws of a foreign adversary raises substantial security threats, such as cyberattacks or the intentional disruption of services.
New Jersey	A 817	Higher Education Cyber Security Plans	Pending	Requires public institutions of higher education to establish plans concerning cyber security and prevention of cyberattacks.
New Jersey	A 828	State Issued Electronic Devices TikTok Prohibition	Pending	Prohibits download or use of TikTok application on any state issued electronic device.
New Jersey	A 1204	Cybersecurity Infrastructure Study	Pending	Requires state Cybersecurity and Communications Integration Cell to study cybersecurity infrastructure and establish cybersecurity guidelines.
New Jersey	A 1410	Executive Branch and State College Cybersecurity	Pending	Requires each principal department in Executive Branch and each state college to conduct review of department's or college's cybersecurity infrastructure and make recommendations.
New Jersey	A 1484	Feasibility of Paperless State Government	Pending	Establishes a task force to study the feasibility of a paperless Executive Branch of state government; provides for membership; provides that the task force shall study, among other things, opportunities and risks associated with using electronic registrations and electronic transactions, cybersecurity protections and technology upgrades, opportunities and risks associated with a paperless electronic permit submission process and the feasibility of a paperless records retention process.
New Jersey	A 1687	Office of Supportive Action Functionality Experts	Pending	Establishes Office of Supportive Action Functionality Experts to prepare for catastrophic loss of technological services.
New Jersey	A 1912	State Employee Cybersecurity Practices	Pending	Requires state employees to receive best cybersecurity practices.
New Jersey	A 2199	Cybersecurity Incidents	Pending	Requires businesses in financial, essential infrastructure and health care industries to report cybersecurity incidents.
New Jersey	A 2200	Cybersecurity Plans	Pending	Requires businesses in financial, essential infrastructure and health care industries to develop cybersecurity plans.
New Jersey	A 2226	Information Security Standards and Guidelines	Pending	Concerns information security standards and guidelines for state and local government.
New Jersey	A 2424	Governmental Employees Cybersecurity Awareness Training	Pending	Requires state, county, and municipal employees and certain state contractors to complete cybersecurity awareness training.
New Jersey	A 2453	Comprehensive Information Security Program	Pending	Requires certain persons and business entities to maintain comprehensive information security program.
New Jersey	A 2568	Debarment of Contractors Computer Crime Conviction	Pending	Concerns debarment of contractors for conviction of certain computer related crimes.
New Jersey	A 2818	Deceptive Audio or Visual Election Media	Pending	Concerns certain intentionally deceptive audio or visual media and elections; prohibits and imposes criminal penalty on disclosure of certain intentionally deceptive audio or visual media within specified days of election. It shall not be a violation of this section to disclose any deceptive audio or visual media in furtherance of an investigation concerning fraud, cybersecurity, identity theft, harassment, or a violation of a commercial computer network's contractual terms of service.
New Jersey	A 2999	Instruction on Cybersecurity	Pending	Requires instruction on cybersecurity in grades nine through 12; requires Office of Secretary of Higher Education to develop cybersecurity model curricula; establishes loan redemption programs for individuals in certain cybersecurity occupations.
New Jersey	A 3540	Deceptive Audio or Visual Media	To Governor	Establishes criminal penalties for production or dissemination of deceptive audio or visual media, commonly known as deepfakes. It shall not be a violation of this section to disclose any deceptive audio or visual media in furtherance of an investigation concerning fraud, cybersecurity, identity theft, harassment, or a violation of a commercial computer network's contractual terms of service.
New Jersey	A 3897	Cybersecurity Incident Reporting	Pending	Requires municipalities, counties, and school districts to report cybersecurity incidents; provides that the attorney general, in consultation with the New Jersey Cybersecurity and Communications Integration Cell, shall develop an online cybersecurity incident reporting form on the New Jersey Cybersecurity and Communications Integration Cells Internet website.
New Jersey	A 3949	Cybersecurity Incidents Reports and Training	Pending	Requires certain procedures, reports, and training for municipalities, counties, and school districts in response to cybersecurity incidents.
New Jersey	A 4020	Public Water Systems Grant Programs	Pending	Directs Department of Community Affairs to establish grant programs for public water systems for the purpose of improving the sharing of information concerning water quality, water infrastructure needs, and water technology, including cybersecurity technology, between or among public water systems.
New Jersey	A 4363	Nonprofit Smart Technology Security Infrastructure	Pending	Provides funding to nonprofit organizations to implement smart technology and artificial intelligence systems to enhance security infrastructure.
New Jersey	A 4768	Cyber Security Reserve Corps	Pending	Establishes Cyber Security Reserve Corps; appropriates monies.
New Jersey	A 5036	Office of Cybersecurity Infrastructure	Pending	Establishes the Office of Cybersecurity Infrastructure.
New Jersey	A 5211	Pathways to Career Opportunities Initiative	Pending	Establishes the state Pathways to Career Opportunities Initiative Act. The New Jersey Community College Consortium for Workforce and Economic Development may establish Centers of Workforce Innovation that offer career pathways in areas that include, but are not limited to, the following: data science, cybersecurity, program, and software development, among others.
New Jersey	AJR 40	Cyber Security Awareness Month	Pending	Designates a specified month of each year as Cyber Security Awareness Month.
New Jersey	S 205	Advanced Cyber Infrastructure Strategic Plan	Pending	Directs the state Cybersecurity and Communications Integration Cell, Office of Information Technology, and the State Big Data Alliance to develop an advanced cyber infrastructure strategic plan.
New Jersey	S 510	State Issued Electronic Devices TikTok Ban	Pending	Prohibits download or use of TikTok application on any state issued electronic device.
New Jersey	S 513	Power Supply Interruptions	Pending	Upgrades offense of criminal mischief if person interrupts or impairs power supply.
New Jersey	S 728	Foreign Companies Technology Products	Pending	Prohibits government entities from procuring and using technology products and services from companies owned by, controlled by, or domiciled in certain foreign countries.
New Jersey	S 731	Critical Infrastructure Foreign Company Involvement	Pending	Prohibits any foreign company created under laws of foreign adversary from participating in critical infrastructure.
New Jersey	S 1053	Cybersecurity Infrastructure and Guidelines	Pending	Requires the state Cybersecurity and Communications Integration Cell to study cybersecurity infrastructure and establish cybersecurity guidelines.
New Jersey	S 1414	Grant Programs for Public Water System	Pending	Directs Department of Community Affairs to establish grant programs for public water systems for the purpose of improving the sharing of information concerning water quality, water infrastructure needs, and water technology, including cybersecurity technology, between or among public water systems.
New Jersey	S 1580	Nonprofit Partnerships Funding	Pending	Establishes the Innovation Partnership; provides funding for certain nonprofit partnerships to promote certain emerging technology businesses.
New Jersey	S 1862	State Technology Contracts Restrictions	Pending	Prohibits state contracts for technology with Chinese government owned or affiliated companies.
New Jersey	S 2271	Review of Colleges Cybersecurity Infrastructure	Pending	Requires each government entity in the state to conduct review of cybersecurity infrastructure and make recommendations.
New Jersey	S 2464	Breaches of Security Affirmative Defense	Pending	Creates affirmative defense for certain breaches of security.
New Jersey	S 3100	Cybersecurity Plans	Pending	Requires businesses in financial essential infrastructure and health care industries to develop cybersecurity plans and report cybersecurity incidents; provides that the New Jersey Cybersecurity and Communications Integration Cell, in consultation with the attorney general, shall adopt rules and regulations that establish standards for the definitions and implementation of organization accountabilities and responsibilities for cyber risk management activities.
New Jersey	S 3101	Business and Industries Cybersecurity Incident Reports	Pending	Requires businesses in financial, essential infrastructure, and health care industries to report cybersecurity incidents.
New Jersey	S 3220	Cybersecurity Employment Grant Program	Pending	Establishes cybersecurity employment grant program for qualified businesses; appropriates funds.
New Jersey	S 3222	Cybersecurity Model Curricula	Pending	Requires instruction on cybersecurity in grades nine through 12; requires Office of Secretary of Higher Education to develop cybersecurity model curricula; establishes loan redemption programs for individuals in certain cybersecurity occupations.
New Jersey	S 3313	Cybersecurity Incidents Response Procedures	Pending	Requires certain procedures and training for municipalities, counties, and school districts in response to cybersecurity incidents; provides that in the event that a cybersecurity incident impacts a municipality, county, or school district, the State Office of Homeland Security and Preparedness shall contract with an independent cybersecurity company to audit the cybersecurity program of the municipality, county or school district.
New Jersey	S 3569	Cybersecurity Grant Program	Pending	Establishes the state Cybersecurity Grant Program; appropriates 5 million from general fund.
New Jersey	S 3665	State Employees Cybersecurity Training	Pending	Requires certain state employees to receive training in cybersecurity best practices.
New Jersey	S 4023	Pathways to Career Opportunities Initiative	Pending	Establishes New Jersey Pathways to Career Opportunities Initiative Act. The New Jersey Community College Consortium for Workforce and Economic Development may establish Centers of Workforce Innovation that offer career pathways in areas that include, but are not limited to, the following: data science, cybersecurity, program, and software development, among others.
New Mexico	H 2	General Appropriation Act	To Governor	Makes general appropriations and authorizes expenditures by state agencies required by law. Includes cybersecurity appropriations such as funding for a software tool to provide cybersecurity and cyber vulnerability information for state agencies and funding for cybersecurity insurance coverage.
New Mexico	H 139	Inspection of Public Records Act Changes	Failed - Adjourned	Relates to inspection of public records act changes. Exempt from inspection include records that relate to cybersecurity information or critical infrastructure, the disclosure of which may expose or create vulnerability of critical infrastructure systems; or the safeguarding of telecommunications, electric, water, sanitary sewage, storm water drainage, energy, fuel supply, hazardous liquid, natural gas, coal or other critical infrastructure system.
New Mexico	H 141	General Appropriation Act	Failed - Adjourned	Relates to general appropriation act of 2025. Includes cybersecurity appropriations such as funding for the Cybersecurity Center of Excellence, Administrative Office of the Courts to upgrade cybersecurity tools, and cybersecurity initiatives including public education and higher education.
New Mexico	H 497	Inspection of Public Records Act Changes	Failed - Adjourned	Relates to inspection of public records act changes. Exceptions include records that relate to cybersecurity information or critical infrastructure, the disclosure of which could expose the related systems to vulnerabilities or could jeopardize the safety of critical infrastructure systems and a public body's security system plan and records regarding: disaster mitigation, preparation, response, vulnerability or recovery; and cybersecurity planning or threat mitigation.
New Mexico	S 107	STEM Center of Excellence	Failed - Adjourned	Relates to state university STEM Center of Excellence, for goals such as developing and promoting innovation in and expanding cybersecurity industries. Adds New Mexico State University to work toward innovations in science, technology, engineering and mathematics.
New Mexico	S 137	Rename Enhanced 911 Act	Failed - Adjourned	Relates to communications; renames the enhanced 911 Act. The definition of 911 equipment includes, “border control functions and other cybersecurity functions and geographic information system equipment necessary to obtain and process locational map and emergency service zone data for a 911 call.”
New Mexico	S 254	Cybersecurity Act and Office Changes	Failed - Adjourned	Relates to cybersecurity; amends the cybersecurity act; changes the name and duties of the cybersecurity office; changes the membership of the cybersecurity advisory committee.
New York	A 416	Keep Police Radio Public Act	Pending	Enacts the Keep Police Radio Public Act; ensures that, except for sensitive information, all radio communications are accessible to emergency services organizations and professional journalists. Relates to assessment relief for disasters, including a cyber event.
New York	A 426	National Institute of Standards and Technology	Enacted	Relates to procurement requirements for end point device security; provides that the Commissioner of General Services and all state agencies, when procuring end point devices, shall be consistent with any relevant standards, guidelines, or guidance developed as part of the National Institute of Standards and Technology Cybersecurity Framework.
New York	A 1205	Chief Artificial Intelligence Officer	Pending	Establishes the position of chief artificial intelligence officer and such person's functions, powers and duties; includes, but not limited to, developing statewide artificial intelligence policies and governance, coordinating the activities of any and all state departments, boards, commissions, agencies and authorities performing any functions using artificial intelligence tools; makes related provisions. Creates an advisory committee and requires the committee to advise the chief artificial intelligence officer on leveraging local resources to optimize and improve operations in various areas of government operations, including but not limited to medical services, cybersecurity, infrastructure and recovery from natural disasters.
New York	A 1239	Cyberattacks Damage Policies	Pending	Requires policies covering losses or damages from cyberattacks to include a requirement that the insured notify a law enforcement agency before receiving payment for losses or damages suffered as a result of the cyberattack.
New York	A 2121	Voting Rights and Access for Incarcerated Individuals	Pending	Relates to voting rights and access for incarcerated individuals; authorizes polling places to be available at correctional facilities and local facilities; requires such facilities to provide persons detained or confined in such facilities access to register to vote or apply for an absentee ballot; requires voting information to be included in the inmate handbook. The board of elections shall develop a facility voter access plan with details such as the technology, electricity and cybersecurity needed to effectuate the plan.
New York	A 2127	Hudson Valley Power Authority	Pending	Establishes the Hudson Valley power authority to own and operate electricity service and to create or acquire one or more wholly owned subsidiaries or membership interests in subsidiaries; establishes energy observatory corporations for studying and enabling effective community governance of power authorities; makes related provisions. Allows the trustees to hire personnel, such as information technology and cybersecurity professionals.
New York	A 2348	Sharing of Electronic Health Records	Pending	Requires providers to share electronic health records with plans for purposes of improving patient care and reducing administrative delays. Health plans shall also seek to be Health Information Trust Alliance (HITRUST) certification, which requires demonstrating and following global standards for data security and privacy compliance.
New York	A 2579	Call Centers for Gas and Electric Corporations	Pending	Relates to call centers for gas and electric corporations. Allows a gas or electric corporation to send customer assistance requests outside of such corporation's New York state service territory or outside of New York state in the following circumstances: (i) when a call center or customer assistance facility is unable to adequately respond to customer assistance requests due to natural disaster, cyberattack, temporary loss of internet or phone connection or power, a state or local declared emergency that impacts the ability of a call center to manage customer assistance requests, or customer call volume that exceeds the capacity of the call center given normal staffing levels.
New York	A 2614	Strengthening of Utility Storm Response and Compliance	Pending	Relates to strengthening of utility storm response and compliance by reviewing mitigating factors including but not limited to mitigating factors and the specifics surrounding the violation or violations. Each corporation subject to this article shall annually submit to the commission an emergency response plan for review and approval. The emergency response plan shall be designed for the reasonably prompt restoration of service in the case of an emergency event, like a cyberattack.
New York	A 3005	Public Protection and General Government Budget	Pending	Implements the state public protection and general government budget for the 2025-2026 state fiscal year. Creates cybersecurity incident reporting requirements for municipal corporations.
New York	A 3006	Education, Labor, Housing and Family Assistance Budget	Pending	Enacts into law major components of legislation necessary to implement the state education, labor, housing and family assistance budget for the state for specified fiscal year; relates to contracts for excellence; relates to calculation of state aid to school districts; relates to a statewide dual enrollment policy; extends workforce education. Creates the New York Opportunity Promise Scholarship with tuition assistance for high-demand fields such as advanced manufacturing, technology, cybersecurity, engineering, artificial intelligence, nursing and allied health professions, green and renewable energy, and pathways to teaching.
New York	A 3009	State Fiscal Plan	Pending	Implements the state fiscal plan for the 2025-2026 state fiscal year. Creates the CATALIST NY program with priority given to entities that support businesses within the following sectors: clean energy and climate technology; life sciences; computing and cybersecurity; agricultural technology; advanced manufacturing; materials; and microelectronics.
New York	A 3356	Advanced Artificial Intelligence Licensing Act	Pending	Enacts the Advanced Artificial Intelligence Licensing Act; provides for regulation of advanced AI systems; requires registration and licensing of high-risk advanced AI systems and related provisions regarding the operation of such systems; establishes the advanced AI ethical code of conduct; prohibits the development and operation of certain AI systems. Every third-party system which integrates with a licensee shall, prior to integration, apply for and receive a certificate of compliance. Such certificate shall be issued by the department and shall only be issued where such third-party system is assessed by the department and the department finds it conforms to the cybersecurity standards set by the office.
New York	A 4102	NY State Digital Equity Plan Act	Pending	Relates to enacting the N.Y. State Digital Equity Plan Act; requires the division of broadband access to develop a state digital equity plan to increase broadband access to underserved populations by Jan. 1, 2027. Requires the state digital equity plan to include awareness and use of measures to secure the online privacy and cybersecurity of an individual.
New York	A 4739	State Employees Who Use a Computer	Pending	Requires state employees who use a computer to complete at least 25% of such employees' required duties to undergo annual cyber security training.
New York	A 4746	Cyber Security Enhancement Fund	Pending	Creates a cyber security enhancement fund to be used for the purpose of upgrading cyber security in local governments, including but not limited to, villages, towns and cities with a population of one million or less; restricts the use of taxpayer moneys in paying ransoms in response to ransomware attacks.
New York	A 5739	Secure Our Data Act	Pending	Establishes the Secure Our Data Act; relates to cybersecurity protection by state entities; requires the office of information technology services to develop standards for data protection of state entity-maintained information.
New York	A 5916	One City Act	Pending	Establishes the One City Act which applies to cities with a population of one million or more and provides for an agency to disclose the personal information of individuals that would otherwise be restricted from disclosure to another agency or agent thereof for the limited purpose of providing benefits, services, or care coordination to individuals or a research study concerning the provision of benefits, services or care coordination. Required cooperative data-sharing arrangements can be developed and implemented with appropriate safeguards and protocols for protecting personal privacy and cybersecurity.
New York	A 6301	Critical Infrastructure Standards and Procedures Act	Pending	Enacts the Critical Infrastructure Standards and Procedures (CRISP) Act. The act outlines requirements in order to comply with cybersecurity standards for critical infrastructure.
New York	A 6347	Governmental Entities Local and Remote Network Access	Pending	Requires governmental entities to, whenever possible and feasible, consider implementing multifactor authentication for local and remote network access; requires public websites to encrypt all exchanges and to comply with privacy standards.
New York	A 6453	Artificial Intelligence Frontier Models	Pending	Relates to the training and use of AI frontier models; defines terms; establishes remedies for violations. Requires developers of a frontier model to implement a safety and security protocol.
New York	A 6656	Companies Which Utilize Artificial Intelligence	Pending	Requires certain companies which utilize artificial intelligence to file responsible capability scaling policies with the chief information officer.
New York	A 6769	Municipal Corporations	Pending	Requires all municipal corporations to report cybersecurity incidents and demands of ransom payments to the division of homeland security and emergency services; defines terms; requires that within 48 hours of receiving a cybersecurity incident report or notice of a demand for ransom payment, the commissioner of the division for homeland security and emergency services, or their designee, shall provide advice and technical assistance to the municipal corporation.
New York	A 6995	Privacy Protections for Public Benefits Recipients	Pending	Provides privacy protections for public benefits recipients regarding disclosure or inquiry about immigration status and eligibility; provides penalties for employees of state or local agencies that knowingly violate such provisions. The office of temporary and disability assistance shall establish security protocols, including but not limited to encryption and restricted access policies, to ensure compliance.
New York	S 193	Cyber Security Enhancement Fund	Pending	Creates a Cyber Security Enhancement Fund to be used for the purpose of upgrading cybersecurity in local governments, including but not limited to, villages, towns and cities with a population of one million or less; restricts the use of taxpayer moneys in paying ransoms in response to ransomware attacks.
New York	S 440	Voting Rights and Access for Incarcerated Individuals	Pending	Relates to voting rights and access for incarcerated individuals; authorizes polling places to be available at correctional facilities and local facilities; requires such facilities to provide persons detained or confined in such facilities access to register to vote or apply for an absentee ballot; requires voting information to be included in the inmate handbook. The board of elections shall develop a facility voter access plan with details such as the technology, electricity and cybersecurity needed to effectuate the plan.
New York	S 821	Climate Change Property Tax Relief Act	Enacted	Relates to the Real Property Tax Law; provides that after a major or local disaster, including a cyber event, the governing body of an eligible municipality may authorize assessment relief for eligible properties after conducting a public hearing, by adopting a local law, ordinance or, in the case of a school district, a resolution; provides that where real property is impacted by a major or local disaster, and such property is located within a participating municipality, assessment relief shall be granted in a specified manner.
New York	S 933	Position of Chief Artificial Intelligence Officer	Pending	Establishes the position of chief artificial intelligence officer and such person's functions, powers and duties; including, but not limited to, developing statewide artificial intelligence policies and governance, coordinating the activities of any and all state departments, boards, commissions, agencies and authorities performing any functions using artificial intelligence tools; makes related provisions. Creates an advisory committee and requires the committee to advise the chief artificial intelligence officer on leveraging local resources to optimize and improve operations in various areas of government operations, including but not limited to medical services, cybersecurity, infrastructure and recovery from natural disasters.
New York	S 1139	Governmental Entities	Pending	Requires governmental entities to, whenever possible and feasible, consider implementing multifactor authentication for local and remote network access; requires public websites to encrypt all exchanges and to comply with privacy standards.
New York	S 1336	NY State Digital Equity Plan Act	Pending	Enacting the New York State Digital Equity Plan Act; requires the division of broadband access; develops a state digital equity plan; increases broadband access to underserved populations by a specified date. Requires the state digital equity plan to include awareness and use of measures to secure the online privacy and cybersecurity of an individual.
New York	S 1840	2022 Uniform Law Commission Recommended Amendments	Pending	Incorporates the 2022 Uniform Law Commission recommended amendments to the Uniform Commercial Code to provide for emerging technologies; addresses emerging technologies, providing updated rules for commercial transactions involving virtual currencies, distributed ledger technologies (including blockchain), artificial intelligence, and other technological developments. Requires a security procedure.
New York	S 1961	Secure Our Data Act	Pending	Establishes the Secure Our Data Act; relates to cybersecurity protection by state entities; requires the office of information technology services to develop standards for data protection of state entity-maintained information.
New York	S 2026	Hudson Valley Power Authority	Pending	Establishes the Hudson Valley power authority to own and operate electricity service and to create or acquire one or more wholly owned subsidiaries or membership interests in subsidiaries; establishes energy observatory corporations for studying and enabling effective community governance of power authorities; makes related provisions. Allows the trustees to hire personnel related to functions like cyber security.
New York	S 2524	State Contracts With Internet Service Providers	Pending	Requires that state contracts only be with internet service providers compliant with net neutrality and reasonable network management, including deterring or preventing cybersecurity threats; establishes a revolving fund for the establishment of municipal internet service providers; appropriates a specified sum therefor.
New York	S 2671	National Institute of Standards and Technology	Pending	Directs that state agencies require that procurement of end point devices be consistent with any relevant standards, guidelines, or guidance developed as part of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
New York	S 2679	Call Centers for Gas and Electric Corporations	Enacted	Relates to call centers for gas and electric corporations; provides that it shall be permissible for a gas or electric corporation to send customer assistance requests outside of such corporation state service territory or outside of the state in specified circumstances, including when a call center or customer assistance facility is unable to adequately respond to customer assistance requests due to, among other things, a natural disaster, cyberattack, or temporary loss of internet or phone connection.
New York	S 3005	Public Protection and General Government Budget	Pending	Implements the state public protection and general government budget for the state fiscal year. Creates cybersecurity incident reporting requirements for municipal corporations.
New York	S 3006	Education, Labor, Housing and Family Assistance Budget	Pending	Enacts into law major components of legislation necessary to implement the state education, labor, housing and family assistance budget for the state fiscal year. Creates the New York Opportunity Promise Scholarship for state tuition assistance leading to an associate's degree in a high-demand field, such as advanced manufacturing, technology, cybersecurity, engineering, AI, nursing and allied health professions, green and renewable energy and pathways to teaching.
New York	S 3009	State Fiscal Plan	Pending	Amends the generally; enacts into law major components of legislation which are necessary to implement the state fiscal plan for the state fiscal year. Creates the CATALIST NY program companies to attract talent to advance leading innovations and scale technologies in New York. Priority shall be given to entities that support businesses within the following sectors: clean energy and climate technology; life sciences; computing and cybersecurity; agricultural technology; advanced manufacturing; materials; and microelectronics.
New York	S 3044	New York Privacy Act	Pending	Enacts the New York Privacy Act. Requires controllers to develop, implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of the personal data of consumers including adopting reasonable administrative, technical and physical safeguards appropriate to the volume and nature of the personal data at issue.
New York	S 3078	Notification of Security Breach	Pending	Provides that if the person or business providing the notification was the source of the breach, an offer to provide appropriate identity theft prevention and mitigation services, shall be provided at no cost to the affected person for not less than a specified months, along with all information necessary to take advantage of the offer to any person whose information was or may have been breached if the breach exposed or may have exposed personal information.
New York	S 3258	Department of Education	Pending	Requires the department of education; provides annual notifications to school districts; combats cyber-crime.
New York	S 3262	Limited Purpose Trust Companies	Pending	Establishes requirements; creates and operates of limited purpose trust companies; establishes how to apply; operates as a limited purpose trust company. Encryption and data protection measures relative to virtual currency shall be reviewed and approved by the department as part of the department's review of an application by a limited purpose trust company to issue any stablecoin.
New York	S 3344	Commission to Study Cyber Security	Pending	Establishes a commission to study the European Union's general protection data regulation and the current state of cyber security in the state.
New York	S 3392	One City Act	Pending	Amends the General Municipal Law, in relation to interagency data sharing by agencies of a city with a population of a specified number or more for providing benefits, services or care coordination; provides that the disclosure of personal information shall only be made subject to a written agreement between the parties involved in the disclosure of the personal information. Cooperative data-sharing arrangements must be developed and implemented with appropriate safeguards and protocols for protecting personal privacy and cybersecurity.
New York	S 4427	Business Tax Credit for Data Breach Insurance	Pending	Relates to a business tax credit for purchase of data breach insurance.
New York	S 4430	Contents of Emergency Response Plans	Pending	Requires emergency response plans, in response to storms, cyberattacks or other causes, required to be submitted to the public service commission by electric corporations; requires such plans to include details of staffing, equipment, and ability to perform toward certain standards; requires the public service commission to establish a time-based restoration schedule.
North Carolina	H 215	Retirement System Data Breaches	Pending	Protects participants and beneficiaries of the Charlotte firefighters' Retirement System from harm related to breaches of data.
North Carolina	S 83	Primary Care Task Force	Pending	Extends and clarifies the primary care payment reform taskforce. Requires the Department of Health and Human Services to develop and the taskforce and the Department of Health and Human Services to implement, a detailed data security and safeguarding plan. The plan must include data security policies, including electronic, physical, and administrative safeguards such as data encryption and training of employees.
North Carolina	S 269	Insurance Guaranty Association Act Revisions	Pending	Enacts revisions to the Insurance Guaranty Association Act which includes cybersecurity insurance.
North Dakota	H 1127	Financial Institution Data Security	Pending	Requires to the financial institution to develop, implement, and maintain a comprehensive information security program and data security program; relates to the Department of Financial Institutions, financial institutions, response to department requests, renewal of licenses, orders to cease and desist, issuance of licenses, revocation of licenses, and exemptions from licenses.
North Dakota	H 1265	State Information Technology Research Center	Pending	Relates to the state information technology research center, advanced technology review committee, compute credits grant program, and advanced technology grant fund; provides for a transfer; provides an appropriation. Grant funds may be used for advanced technology solutions, including AI, machine learning, quantum computing, digital literacy, and cybersecurity initiatives.
North Dakota	S 2049	Information Technology Projects	To Governor	Relates to executive steering committees of major information technology projects, including cybersecurity projects.
North Dakota	S 2088	Insurance Producers Data Security Requirements	Enacted	Relates to data security requirements for insurance producers; relates to implementation dates for certain data security requirements for insurance producers.
North Dakota	S 2127	Uniform Electronic Estate Planning Documents Act	Enacted	Relates to the Uniform Electronic Estate Planning Documents Act. Requires an electronic estate planning document or electronic signature on an electronic estate to include a security procedure.
Ohio	H 54	Transportation Program Appropriations	To Governor	Makes appropriations for programs related to transportation for the biennium beginning July 1, 2025, and ending June 30, 2027; provides authorization and conditions for the operation of those programs. Includes cybersecurity appropriations such as funding for the Tolles Cybersecurity Lab renovation.
Ohio	H 163	Enhanced Cybersecurity for Snap Act	Pending	Requires the state's snap program to begin using chip-enabled Electronic Benefit Transfer cards and names this act the Enhanced Cybersecurity for Snap Act of 2025.
Ohio	HR 11	Manufacturing of Domestic Drones	Pending	Urges the state to expand the manufacturing of domestic drones to ensure competitiveness and national security against the increased presence of Chinese-manufactured drones.
Oklahoma	H 1120	Federal Election Guidance	Pending	Relates to elections; prohibits implementation of federal election guidance without legislative approval; provides for notice requirement; provides for method of notice; provides exception; provides penalty; defines term; requires new federal funds be approved by the state legislature. The use of new federal election funds shall not mean funding or grants provided under the Help America Vote Act, other federal funding or grants are authorized to be accepted by state law, or any Cybersecurity or Physical Security subgrants provided by the Oklahoma Office of Homeland Security.
Oklahoma	H 1160	Insurance	Pending	Relates to insurance; relates to the Oklahoma Property and Casualty Insurance Guaranty Association Act; modifies purpose, applicability, and definitions; modifies the powers and duties of the Association; clarifies parties and timelines; permits the Association to join certain organizations; permits the association to make certain payments such as cybersecurity insurance obligations.
Oklahoma	H 1498	Insurance	Pending	Relates to insurance; relates to information security; modifies to whom certain information shall be reported; relates to the duties of the Insurance Commissioner; relates to permits required for prepaid funeral services; requires notifying the Insurance Commissioner of changes in certain information; permits the Insurance Commissioner to suspend, revoke, or refuse to renew permits; relates to permit applications under the Cemetery Merchandise Trust Act.
Oklahoma	H 1799	Cybersecurity	Pending	Relates to cybersecurity; establishes the Cybersecurity Act of 2025.
Oklahoma	H 1800	Cybersecurity	Pending	Relates to cybersecurity; establishes the Cybersecurity Act of 2025.
Oklahoma	H 1801	Cybersecurity	Pending	Relates to cybersecurity; establishes the Cybersecurity Act of 2025.
Oklahoma	H 1802	Cybersecurity	Pending	Relates to cybersecurity; establishes the Cybersecurity Act of 2025.
Oklahoma	S 179	Information Technology	Pending	Directs state agencies to maintain information technology services; relates to county and state purchasing; relates to the State Finance Act and the Information Technology Consolidation and Coordination Act; provides that the Information Services Division of the Office of Management and Enterprise Services shall be responsible for cybersecurity duties and services to agencies and political subdivisions; provides that office shall create a standard security risk assessment for information technology systems.
Oklahoma	S 325	Bitcoin	Pending	Relates to Bitcoin; defines terms; exempts certain firms from certain licensing requirements; authorizes state employees, private businesses, and individuals to negotiate and receive payments in Bitcoin; authorizes certain employees and vendors to elect to receive compensation in Bitcoin. The treasurer shall consider multiple factors when determining a firm to implement the processing of Bitcoin payments such as the cybersecurity protocols of the firm applying.
Oklahoma	S 488	Unmanned Aerial Systems	Pending	Relates to unmanned aerial systems; defines term; prohibits certain purchase by state agencies after certain date; prohibits certain purchase by political subdivisions after certain date; directs the Office of Homeland Security to consult with recognized cybersecurity experts from the private and public sector to ensure the integrity and security of all data collected by drones and unmanned aerial systems used in this state.
Oklahoma	S 525	Elections	Pending	Relates to elections; relates to offices of county election boards; requires county election board to provide certain training in order to secure the election process; provides an effective date.
Oklahoma	S 893	Property and Critical Infrastructure	Pending	Relates to property and critical infrastructure including information storage systems and cybersecurity; creates the Military Installation and Critical Infrastructure Protection Act of 2025; provides short title; defines terms; prohibits foreign principals from foreign adversary countries from owning, having an interest in, or acquiring agricultural land; describes scope of de minimis indirect interest; directs the sale, transfer, or divestiture of agricultural land under certain circumstances; establishes registration requirements.
Oklahoma	S 910	Property and Critical Infrastructure	Pending	Relates to property and critical infrastructure, including information storage systems and cybersecurity; creates the Military Installation and Critical Infrastructure Protection Act of 2025; provides short title; defines terms; prohibits foreign principals from foreign adversary countries from owning, having an interest in, or acquiring agricultural land; describes scope of de minimis indirect interest; directs the sale, transfer, or divestiture of agricultural land under certain circumstances; establishes registration requirements.
Oregon	H 2130	Oregon Insurance Guaranty Association	Pending	Makes various changes to the responsibilities of the Oregon Insurance Guaranty Association with respect to providing coverage for the obligations of member insurers, including cybersecurity insurance policies.
Oregon	H 2508	Implement a Standardized Method	Pending	Directs the Department of Education to develop and implement a standardized method to be used by school districts, education service districts and the department to electronically create, collect, use, maintain, disclose, transfer and access student data. Creates a technical advisory committee to analyze and make recommendations regarding cybersecurity issues that may affect student data.
Oregon	H 2512	Maintain a Statewide Data System for the Education	Pending	Directs the Department of Education, in conjunction with various education stakeholders, to develop, administer and maintain a statewide data system for the education workforce in this state. The statewide data system must ensure all underlying data is validated, accurate and secure and complies with privacy laws. Requires any personally identifiable information that is collected to be linked in a secure data location.
Oregon	H 3121	Oregon Association of Water Utilities Contract	Pending	Directs the Oregon Department of Administrative Services to enter into a contract with the Oregon Association of Water Utilities to provide technical assistance to address the needs and vulnerabilities of small and very small community water systems, construct and equip a water utility training center and employ three staff to provide related support and resources. Support and resources for information technology, management and cybersecurity are allowed.
Oregon	H 3228	Cybersecurity Insurance Use Study	Pending	Requires the state Cybersecurity Advisory Council to study the use of cybersecurity insurance for public bodies.
Oregon	H 3238	Cybersecurity Study	Pending	Requires the office of Enterprise Information Services to study cybersecurity.
Oregon	H 3822	Office of Enterprise Information Services Study	Pending	Requires the office of enterprise information services to study cybersecurity.
Oregon	H 3931	E Oregon Task Force	Pending	Establishes the E-Oregon Task Force for the purposes of evaluating potential solutions and methods for creating a coordinated electronic portal or portals that create a common pathway for residents of this state to apply for and receive licenses, registrations, certifications, identification cards and other credentials or permits necessary for engaging in business or other common transactions in this state.
Oregon	S 167	Uniform Commercial Code	Pending	Amends portions of the Uniform Commercial Code to enable the code to govern the use of certain types of digital assets, electronic money, chattel paper, hybrid transactions, including bundles of goods and services, documents of title and payment systems. Amends the statute that requires a security procedure for receiving banks.
Oregon	S 312	Develop and Implement a Standardized Method	Pending	Directs the Department of Education to develop and implement a standardized method to be used by school districts, education service districts and the department to electronically create, collect, use, maintain, disclose, transfer and access student data. Creates a technical advisory committee with tasks such as analyzing and making recommendations regarding cybersecurity issues that may affect student data.
Oregon	S 1089	Information Technology	Pending	Requires contracting agencies to purchase common off-the-shelf software or other information technology products or services that do not require customization through an information technology marketplace portal. Requires the Oregon Department of Administrative Services to create a program to make loans and grants to state agencies for purposes such as providing and enhancing adequate, risk-based and cost-effective cybersecurity solutions to respond to evolving threats to information security.
Oregon	S 1090	Information Technology	Pending	Requires the Oregon Department of Administrative Services to create a program to award grants and provide loans to state agencies for replacing outdated information technology and for certain other purposes. Funds may be used for providing and enhancing adequate, risk-based and cost-effective cybersecurity solutions to respond to evolving threats to information security.
Pennsylvania	H 705	Development of Grid Infrastructure	Pending	Amends Title 66 Public Utilities of the Pennsylvania Consolidated Statutes, in restructuring of electric utility industry; provides for development of grid infrastructure. Requires the commission to issue guidelines for electric distribution companies to prepare infrastructure development plans to promote grid security and improve the resilience and reliability of the grid while addressing growing demand. The plan should address the establishment of a secure, resilient grid network capable of withstanding cyber and physical threats, as well as any capacity expansion or other modification required to maintain reliability and meet demand from new and growing sectors, including transportation electrification.
Pennsylvania	H 1330	General Fund Appropriations	Pending	Provides appropriations from the General Fund for the expenses of the Executive, Legislative and Judicial Departments of the Commonwealth, the public debt and the public schools for the fiscal year, and for the payment of bills incurred and remaining unpaid at the close of the fiscal year. Includes cybersecurity appropriations such as funding for enhanced enterprise cybersecurity and for cybersecurity and disaster recovery.
Pennsylvania	S 280	Appropriation of Federal and State Funds	Pending	Provides appropriations from the General Fund for the expenses of the Executive, Legislative and Judicial Departments of the Commonwealth, the public debt and the public schools for the fiscal year. Includes cybersecurity appropriations such as funding for enhanced enterprise cybersecurity and for cybersecurity and disaster recovery.
Pennsylvania	S 373	Strengthening State Government Cybersecurity	Pending	Amends Title 71 of the Pennsylvania Consolidated Statutes, in boards and offices; provides for information technology and security. Creates the Joint Cybersecurity Oversight Committee.
Pennsylvania	S 415	Ransomware Attacks	Pending	Amends Title 18, Crimes and Offenses of the State Consolidated Statutes, in computer offenses; provides for the offense of ransomware; imposes duties on the Office of Administration.
Pennsylvania	S 431	Right to Know Law	Pending	Amends the act known as the Right-to-Know Law, in preliminary provisions; provides for definitions; provides for acceptable denials.
Puerto Rico	S 24	Cybersecurity Training Act	Pending	Relates to the Cybersecurity Training Act.
Rhode Island	H 5075	Revising Appropriations in Support of Fiscal Year 2025	Pending	Relates to making revised appropriations in support of FY 2025. Includes cybersecurity appropriations such as funds to the establishment of the institute for cybersecurity and emerging technologies at Rhode Island College, which will provide certificate, baccalaureate and master's level courses with focuses on research and developing highly skilled cybersecurity professionals.
Rhode Island	H 5076	Making Appropriations in Support of Fiscal Year	Pending	Makes appropriations for the support of the state for the fiscal year ending June 30, 2026. Specifies the office of internal audit and program integrity may conduct reviews and assessments of the various government computer systems and the security systems established to safeguard these computer systems.
Rhode Island	H 5415	Financial Institutions Licensed Activities	Pending	Provides standards for developing, implementing, and maintaining reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information held by entities licensed under chapter 14 of title 19 relating to licensed activities of financial institutions.
Rhode Island	H 5548	Voluntary Restructuring of Solvent Insurers	Pending	Makes numerous technical corrections related to insurance, provides a definition for cybersecurity insurance, and would repeal the chapter relating to reciprocal exchanges and interinsurer.
Rhode Island	H 5564	The State Economic Growth Blockchain Act	Pending	Establishes an economic growth blockchain and would regulate virtual and digital assets and establish depository banks for these purposes. Creates a Rhode Island blockchain technology advisory council with at least one member with expertise in cybersecurity.
Rhode Island	H 5945	Pubic Officers and Employees Merit System	Pending	Provides for the creation of a new job classification for new or existing specialized information technology positions.
Rhode Island	H 5997	Inspector General an Independent Administrative Agency	Pending	Establishes the Office of Inspector General as an independent administrative agency charged with the responsibility to investigate, detect and prevent fraud, waste, abuse and mismanagement in the expenditure of public funds; merges the Auditor General into the Office of Inspector General. The auditor must share when a computer system is vulnerable, or security over the system is lacking to the inspector general.
Rhode Island	H 5998	Inspector General an Independent Administrative Agency	Pending	Establishes an office of inspector general as an independent administrative agency, charged with preventing and detecting fraud, waste, abuse and mismanagement in the expenditure of public funds. Requires the inspector general independent commission to include the chair of the institute of cybersecurity.
Rhode Island	S 405	The State Clean Air Preservation Act	Pending	Establishes the State Clean Air Preservation Act that establishes a regulatory process to prohibit polluting atmospheric experimentation such as solar radiation modification, sunlight reflection methods, solar radiation management, geoengineering, weather modification, cloud seeding, or other atmospheric interventions involving the release of pollutants including Perfluoroalkyl and Polyfluoroalkyl Substances known also as forever chemicals, within the state, providing penalties for violations. Acknowledges cyberattacks, potentially can lead to accidents, fatalities, damage to critical infrastructures, possible collapse of commerce systems and the failure of essential public utilities, costing the state billions of dollars.
Rhode Island	S 600	Voluntary Restructuring of Solvent Insurers	Pending	Makes numerous technical corrections related to insurance, provides a definition for cybersecurity insurance, and repeals the chapter relating to reciprocal exchanges and interinsurer.
Rhode Island	S 603	Financial Institutions Licensed Activities	Pending	Provides standards for developing, implementing, and maintaining reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information held by entities licensed under chapter 14 of title 19 relating to licensed activities of financial institutions.
American Samoa	None
South Carolina	H 3201	Expansion and Enhancement of Computer Science Education	Pending	Provides for the expansion and enhancement of computer science education in public high schools through the creation and implementation of a statewide computer science education plan and the requirement that each public school offers at least one computer science course that meets certain criteria; provides related requirements of the state board of education and the state Department of Education.
South Carolina	H 3309	Energy Security Act	Pending	Provides that the Public Service Commission must promulgate regulations to establish safety, maintenance and inspection standards for the public utilities and may assess fines for public utilities that violate these standards; provides that the commission must consider the economic impact to the state when fixing just and reasonable standards, classifications, regulations, practices, and measurements of service to be furnished, imposed, or observed, and followed by every electrical utility in the state. The public utility and the Office of Regulatory Staff shall work to investigate and resolve individual service issues raised by public witnesses. An issue does not include any confidential information that affects energy security, such as physical or cybersecurity matters.
South Carolina	H 3344	Prohibit Contracts with Critical Infrastructure	Pending	Prohibits certain contracts with certain foreign-owned companies in connection with critical infrastructure.
South Carolina	H 3369	Foreign and Domestic Threats	Pending	Requires all agencies and departments of the state and its political subdivisions to prohibit the electronic devices it manages from access and use of websites and applications that threaten cybersecurity and infrastructure from foreign and domestic threats, such as TikTok and WeChat.
South Carolina	H 3375	Prohibit the Electronic Devices	Pending	Requires all agencies and departments of the state and its political subdivisions to prohibit the electronic devices it manages from access and use of websites and applications that threaten cybersecurity and infrastructure from foreign and domestic threats, such as TikTok.
South Carolina	H 4025	Ordinary Expenses of State Government	Pending	Makes appropriations and to provide revenues to meet the ordinary expenses of state government for the fiscal year beginning July 1, 2025; regulates the expenditure of such funds; provides further for the operation of state government during this fiscal year and for other purposes. Requires all state agencies must adopt and implement cyber security policies, guidelines and standards developed by the Department of Administration.
South Carolina	H 4026	Capital Reserve Fund	Pending	Appropriates monies from the Capital Reserve Fund for fiscal year 2024-2025; allows unexpended funds appropriated to be carried forward to succeeding fiscal years and expended for the same purposes. Includes cybersecurity appropriations like funding for a new building for Cybersecurity, Energy and Healthcare at Denmark Technical College and the Center for Industrial Cyber Security and AI at Greenville Technical College.
South Dakota	SCR 606	Carbon Oxide Pipeline and Mass Destruction Potential	Pending	Expresses the Legislature's concern about the potential for a carbon oxide pipeline to become a weapon of mass destruction to be used by terrorists or unfriendly governments and urging the Public Utilities Commission to conduct risk assessments and establish stronger regulatory and security measures for carbon oxide pipelines to ensure adequate state, county, business, and family emergency response planning. Carbon oxide pipelines are vulnerable to cyberattacks, sabotage and terrorist attacks targeting energy and other infrastructure to inflict mass casualties or disrupt economies.
Tennessee	H 481	State Government	Pending	Increases membership of the information systems council by adding a state employee with experience in the field of cybersecurity, to be appointed by the governor.
Tennessee	H 511	Health and Accident Insurance	Pending	Requires a health care provider, health care group, practice, or clinic, health care facility, or other entity to provide notice to each health insurance entity with which it is under contract as soon as practicable if the health care provider, health care group, practice, or clinic, health care facility, or other entity is the subject of a cyberattack.
Tennessee	H 549	State Government	Pending	Creates the Tennessee Critical Infrastructure Act.
Tennessee	H 1033	Civil Procedure	Pending	Creates an affirmative defense that may be utilized by a covered entity that is the subject of a data breach, if the covered entity's cybersecurity program meets certain criteria at the time the breach occurs.
Tennessee	S 318	Anatomical Gifts	Pending	Enacts the Tennessee Genomic Security and End Organ Harvesting Act. Medical facilities, research institutions, and other companies and entities storing genetic sequencing data, including through contracts with third-party data storage companies, must ensure the security of genetic sequencing data using reasonable encryption methods, restrictions on access, and other cybersecurity best practices.
Tennessee	S 378	State Government	Pending	Creates the Tennessee Critical Infrastructure Act. To maintain registration as a company with access to critical infrastructure, a company must meet specific requirements like immediately reporting any cyberattack, security breach or suspicious activity to the department.
Tennessee	S 555	Health and Accident Insurance	Pending	Requires a health care provider, health care group, practice, or clinic, health care facility, or other entity to provide notice to each health insurance entity with which it is under contract as soon as practicable if the health care provider, health care group, practice, or clinic, health care facility, or other entity is the subject of a cyberattack.
Tennessee	S 1370	State Government	Pending	Increases Membership of the Information Systems Council; adds a state employee with experience in the field of cybersecurity; appoints by the governor.
Tennessee	S 1421	Civil Procedure	Pending	Creates an affirmative defense that may be utilized by a covered entity that is the subject of a data breach, if the covered entity's cybersecurity program meets certain criteria at the time the breach occurs.
Tennessee	S 1431	Appropriations	Pending	Makes appropriations for the fiscal years beginning the specified date, and July 1, 2025. Includes cybersecurity appropriations such as funding for a cybersecurity grant program.
Texas	H 1	General Appropriations Bill	Pending	Relates to the General Appropriations of the State of Texas. Includes cybersecurity appropriations such as funding for cybersecurity services to state agencies and institutions of higher education.
Texas	H 3	Education Savings Account Program	Pending	Relates to the establishment of an education savings account program. In order to be eligible for certification, an organization must establish cybersecurity requirements for certified educational assistance organizations, including the implementation of best practices.
Texas	H 112	Creation and Operation of a Science Park District	Pending	Relates to the creation and operation of a science park district in certain counties that may impose assessments, fees and taxes. A school district must adopt guidelines for district projects to balance the effective functioning of businesses in the district and national security concerns associated with any district project that requires security from threats of terrorism, cyberattacks, and natural disasters.
Texas	H 118	State Advisory Committee on Pacific Conflict	Pending	Relates to the establishment and powers and duties of the State Advisory Committee on Pacific Conflict. Requires the advisory committee to investigate potential threats to critical infrastructure in this state in the event of a geopolitical conflict. The initial report must identify specific risks posed to each critical infrastructure or other asset in the event of a geopolitical conflict, including known vectors of attack such as cyberattack and physical sabotage.
Texas	H 130	Genetic Information Security	Pending	Relates to genetic information security for residents of this state; provides a civil penalty; provides a private cause of action.
Texas	H 150	Establishment of the Texas Cyber Command	Pending	Relates to the establishment of the State Cyber Command as a component institution of The University of Texas System and the transfer to it of certain Powers and duties of the Department of Information Resources.
Texas	H 500	Making Supplemental Appropriations and Reductions	Pending	Includes cybersecurity appropriations such as to the Department of Information Resources for the continuation and expansion of cybersecurity services and to the Department of Family and Protective Services for cybersecurity protections and technologies to address current cybersecurity threats and prepare the department to mitigate future risks.
Texas	H 657	Counties Posting Election Information on a Website	Pending	Requires for counties posting election information on an Internet website to use the top-level domain “.gov.”
Texas	H 876	Information Sharing and Analysis Organizations	Pending	Relates to the establishment of certain information sharing and analysis organizations by the Department of Information Resources. Allows the department to establish an interstate information sharing and analysis organization to provide a forum for states to share information regarding cybersecurity threats, best practices and remediation strategies.
Texas	H 941	Resilience of the Electric Grid and Municipalities	Pending	Relates to the resilience of the electric grid and certain municipalities. Creates the Texas Grid Security Commission which has the goal of mitigating all hazards, including cybersecurity threats, to the grid in this state.
Texas	H 1007	Security of Election Systems	Pending	Relates to the security of election systems.
Texas	H 1013	Election Integrity and Security and Penalties	Pending	Relates to election integrity and security, including by preventing fraud in the conduct of elections in this state; authorizes a penalty, increasing a penalty.
Texas	H 1061	Examination Fee Reimbursement	Pending	Allows for reimbursement for certain examination fees and other required cost subsidies for public school teachers and students. Amends the Education Code that qualified certification examination fees related to cybersecurity to career and technology education.
Texas	H 1169	Adoption of a Comprehensive Plan to Protect Oil and Gas	Pending	Relates to the adoption of a comprehensive plan to protect oil and gas infrastructure in this state from threats such as natural disasters, severe weather events, cybersecurity threats, acts of terrorism, and others.
Texas	H 1172	Mitigation of Transportation Security	Pending	Relates to requiring the Department of Information Resources to conduct a study concerning the cybersecurity of small businesses.
Texas	H 1500	Department of Information Resources	Pending	Relates to the continuation and functions of the Department of Information Resources, including the composition of the governing body of the department. Once every two years, the department shall conduct a limited evaluation of the information resources deployment review of at least five state agencies to verify the accuracy of those reviews. The department may limit the evaluation to review responses on subjects that represent the highest risks or greatest opportunities for improvement regarding the state agency's software, hardware, compliance and cybersecurity.
Texas	H 1527	Tuition and Fee Exemptions at Public Institutions	Pending	Relates to tuition and fee exemptions at public institutions of higher education for certain peace officers, including a law enforcement-related degree program including programs in computer science, data science, and cybersecurity.
Texas	H 1588	Training Requirements for Certain Public Officials	Pending	Relates to training requirements for certain public officials and candidates for public office. Requires cybersecurity training programs to be provided by a state agency or local government.
Texas	H 1621	Matching Grant Program for Technological Enhancements	Pending	Relates to a matching grant program for technological enhancements at hospitals providing mental health care services. Acceptable uses of grant money and matching funds include improvements to information technology infrastructure and patient information security.
Texas	H 2196	Provision of Virtual Education in Public Schools	Pending	Relates to the provision of virtual education in public schools and to certain waivers and modifications by the commissioner of education to the method of calculating average daily attendance in an emergency or crisis for purposes of preserving school district funding entitlements under the Foundation School Program during that emergency or crisis; authorizes a fee. Requires a school district or open-enrollment charter school to develop an operations plan that addresses cybersecurity and student data privacy measures.
Texas	H 3112	Application of the Open Meetings Law	Pending	Relates to the application of the open meetings law and public information law to government information related to certain cybersecurity measures.
Texas	H 3963	Early Childhood Integrated Data System	Pending	Relates to an early childhood integrated data system. Requires the early childhood integrated data system complies with state and federal laws relating to privacy, cybersecurity and data collection. Annual reports are required to be submitted to the governor and the legislature and must include documentation of relevant state and federal privacy, cybersecurity, and data collection laws.
Texas	H 4148	Records Management and Taxation of Navigation Districts	Pending	Relates to the records, management, and taxation of navigation districts and certain port and harbor facilities. A port commission is not required to make a recording of the proceedings of a closed meeting to deliberate security measures, including cybersecurity measures, related to the navigation district or port authority.
Texas	H 4231	Cybersecurity for Retail Public Utilities	Pending	Relates to cybersecurity for retail public utilities that provide water or sewer service.
Texas	H 4857	Creation of the Fiscal Risk Management Commission	Pending	Relates to the creation of the Fiscal Risk Management Commission. The commission shall: study: the effect of federal fiscal policy on this state's economy, including the effect of power outages caused by acts of cyberterrorism, including an electromagnetic pulse, on financial markets and critical infrastructure in this state.
Texas	H 4901	Platforms for the Sale of Software	Pending	Relates to the regulation of platforms for the sale and distribution of software applications for mobile devices.
Texas	H 5145	Utility Proprietary Customer Information	Pending	Relates to the sharing and protection of certain utility proprietary customer information.
Texas	H 5331	Contract Security Incident Notifications	Pending	Relates to the enforceability of certain state agency and local government contract language regarding required security incident notifications.
Texas	H 5352	State Blockchain Technology Pilot Program	Pending	Relates to the establishment of the State Blockchain Technology Pilot Program by the Department of Information Resources.
Texas	HR 131	Recognition Resolution	Adopted	Recognizes Feb. 4, 2025, as UTSA and UT Health San Antonio Day at the State Capitol. The university is home to the National Security Collaboration Center, the Cybersecurity Manufacturing Innovation Institute and the School of Data Science.
Texas	HR 568	Congratulatory Resolution	Pending	Congratulates Nancy Rainosek on her retirement from the State Department of Information Resources.
Texas	S 1	General Appropriations Bill	Pending	Relates to the general appropriations of the state of Texas. Includes cybersecurity appropriations such as funds to provide cybersecurity services to state agencies and institutions of higher education.
Texas	S 2	Establishment of an Education Savings Account Program	Pending	Relates to the establishment of an education savings account program. In order to be eligible for certification, the comptroller shall establish cybersecurity requirements for certified educational assistance organizations, including the implementation of best practices.
Texas	S 75	Electric Grid Resiliency	Pending	Relates to the resilience of the electric grid and certain municipalities. The presiding officer of the security commission or the chief of the Texas Division of Emergency Management may invite to advise the security commission any person whose expertise the security commission considers necessary to carry out the purposes of this chapter, including individuals recognized as experts in the fields of law enforcement, emergency services, communications, water and sewer services, health care, financial services, agriculture, transportation, electricity markets, cybersecurity of grid control systems, electromagnetic pulse mitigation, terrestrial and solar weather, and micro-grids. The security commission shall identify universities based in this state that have expertise in cybersecurity and other matters that can contribute to the security commission's goal of mitigating all hazards to the grid in this state.
Texas	S 78	Election Systems Security	Pending	Relates to the security of election systems. Requires the secretary of state shall appoint a dedicated cybersecurity expert to implement cybersecurity measures to protect all election data and other election-related data held by the state or a county in the state, including technology that blocks, notifies, and reports on unauthorized attempts to access or transfer data.
Texas	S 470	Issuance of Certificates of Obligation	Pending	Relates to the issuance of certificates of obligation by local governments for public works. “Public works” include a telecommunications, wireless communications, or information technology system and any computer application hardware or software or a cybersecurity system.
Texas	S 483	Utility Proprietary Customer Information	Pending	Relates to the sharing and protection of certain utility proprietary customer information. An electric utility or another person who obtains proprietary customer information under this section shall, for purposes of protecting the confidentiality, integrity, and accessibility of the information, establish, implement, and maintain reasonable administrative, technical, and physical data security practices that are appropriate to the volume and nature of the information at issue, including encryption and secure data storage.
Texas	S 569	Provision of Virtual Education in Public Schools	Pending	Relates to the provision of virtual education in public schools and to certain waivers and modifications by the Commissioner of Education to the method of calculating average daily attendance in an emergency or crisis for purposes of preserving school district funding entitlements under the Foundation School Program during that emergency or crisis; authorizes a fee. The commissioner shall adopt rules establishing the requirements for and process by which a school district or open-enrollment charter school may apply for authorization to operate a full-time hybrid campus or a full-time virtual campus. The rules adopted by the commissioner may require certain written application materials and interviews and shall require a school district or open-enrollment charter school to cybersecurity and student data privacy measures.
Texas	S 672	Emergency Department Diversion Plans	Pending	Relates to a requirement that certain hospitals submit a summary of parts of their emergency department diversion plans to the Health and Human Services Commission. A hospital to which this section applies shall submit to the commission a written summary of the part of the hospital's diversion plan that addresses diversions from the hospital's emergency department in the event that the hospital experiences a cyberattack or an electrical power outage.
Texas	S 859	Reimbursement for Examination Fee Subsidies	Pending	Relates to authorization and reimbursement for certain examination fee subsidies paid for public school teachers and students. Prior reimbursements were authorized for cybersecurity certifications and has been changed to certifications related to career and technology education.
Texas	S 1034	Cybersecurity for Retail Public Utilities	Pending	Relates to cybersecurity for retail public utilities that provide water or sewer service.
Texas	S 1063	Foreign-Owned Company Contract Prohibition	Pending	Relates to prohibiting contracts or other agreements with foreign-owned companies in connection with critical infrastructure, including a cybersecurity system, on agricultural land.
Texas	S 1348	State Advisory Committee on Pacific Conflict	Pending	Relates to the establishment and powers and duties of the State Advisory Committee on Pacific Conflict. The committee must conduct a report to identify specific risks posed to each critical infrastructure facility or other asset identified under subdivision (1) in the event of a Pacific conflict, including known vectors of attack such as cyberattack and physical sabotage.
Texas	S 1686	Cybersecurity of School Districts Study	Pending	Relates to requiring the cybersecurity council to conduct a study concerning the cybersecurity of school districts.
Texas	S 1740	Protection of Critical Components of the Electric Grid	Pending	Relates to the protection of critical components of the electric grid from damage from electromagnetic threats. Creates a grant program for upgrades to critical components.
Texas	S 1826	Career and Technology Education Programs in Schools	Pending	Relates to career and technology education programs in public schools and the Rural Pathway Excellence Partnership program; includes funding for those programs under the Foundation School Program, and to the new instructional facility allotment and the permissible uses of funding under the Foundation School Program. To be eligible for funding a partnership under the Rural Pathway Excellence Partnership (R-PEP) program under Section 29.912 must offer at least one of the following programs of study through in-person instruction, remote instruction, or a hybrid of in-person and remote instruction: computer programming and software development or cybersecurity or specialized skilled trade.
Texas	S 1847	Prohibiting Contracts With Foreign-Owned Companies	Pending	Prohibits contracts or other agreements with certain foreign-owned companies in connection with critical infrastructure in this state and the use of certain technology purchased or leased from those companies.
Texas	S 2080	Records Management and Taxation of Navigation Districts	Pending	Relates to the records, management, and taxation of navigation districts and certain port and harbor facilities. A port commission is not required to make a recording of the proceedings of a closed meeting to deliberate security measures, including cybersecurity measures, related to the navigation district or port authority.
Texas	S 2097	Tuition and Fee Exemptions	Pending	Relates to tuition and fee exemptions at public institutions of higher education for certain peace officers. A law enforcement-related degree program includes a program in computer science, data science, and cybersecurity.
Texas	S 2117	Committee on Foreign Investment Creation	Pending	Relates to the establishment of the State Committee on Foreign Investment to review certain transactions involving certain foreign entities; creates a civil penalty. A member must include the Department of Information Resources, or its successor in functions relating to cybersecurity.
Texas	S 2132	Rural Pathway Excellence Partnership Program	Pending	Relates to the Rural Pathway Excellence Partnership (R-PEP) program, including funding for that program under the Foundation School Program. To be eligible for funding a partnership under the Rural Pathway Excellence Partnership (R-PEP) program under Section 29.912 must offer at least one of the following programs of study through in-person instruction, remote instruction, or a hybrid of in-person and remote instruction: computer programming and software development or cybersecurity or specialized skilled trade.
Texas	S 2176	Establishment of the Texas Cyber Command	Pending	Relates to the establishment of the State Cyber Command as a component institution of The University of Texas System and the transfer to it of certain Powers and duties of the Department of Information Resources.
Texas	S 2194	Early Childhood Integrated Data System	Pending	Relates to an early childhood integrated data system. Requires the initial report an interagency data governance plan that includes documentation of relevant state and federal privacy, cybersecurity, and data collection laws.
Texas	S 2312	Advisory Committee on Geopolitical Conflict	Pending	Relates to the establishment and powers and duties of the State Advisory Committee on Geopolitical Conflict. The Texas Advisory Committee on Geopolitical Conflict is established to develop state security strategies and policies before a geopolitical conflict occurs. Requires the initial report to identify all critical infrastructure and other assets within this state that could reasonably be targeted in a malicious act by a foreign adversary in the event of a geopolitical conflict and would result in a significant negative impact on the public health, safety, economic security, or physical security of this state's citizens.
Texas	S 2404	Department of Information Resources	Pending	Relates to the continuation and functions of the Department of Information Resources; includes the composition of the governing body of the department.
Texas	S 2420	Regulation of Platforms for the Sale of Software	Pending	Relates to the regulation of platforms for the sale and distribution of software applications for mobile devices. Nothing in this subchapter may be construed to protect the security of an app store or software application.
Texas	S 2429	Genetic Information Security	Pending	Relates to genetic information security for residents of this state; provides a civil penalty; provides a private cause of action.
Texas	S 2610	Civil Liability of Business Entities	Pending	Relates to civil liability of business entities in connection with a breach of system security.
Texas	S 2704	State Employees Conduct Business in Office	Pending	Relates to the requirement that certain state employees conduct agency business only at the employee's regular place of employment.
Texas	S 2748	Motor Vehicles Diagnosis Maintenance and Repair	Pending	Relates to the diagnosis, maintenance, and repair of certain motor vehicles; provides a civil penalty. The department shall adopt rules to administer and enforce this section, including rules relating to the types of data that constitute vehicle-generated data, unrestricted by whether the type of data is related to motor vehicle repair, taking into consideration cybersecurity and privacy.
Texas	S 2825	Curriculum for Public School Students	Pending	Relates to the essential knowledge and skills of the technology application curriculum for public school students.
Texas	S 2828	Creation and Operation of a Science Park District	Pending	Relates to the creation and operation of a science park district in certain counties that may impose assessments, fees, and taxes. The district shall adopt guidelines for district projects to balance the effective functioning of businesses in the district and national security concerns associated with any district project that requires security from threats of terrorism, cyberattacks, and natural disasters.
Texas	SCR 24	Strengthening of Our Partnership With Israel	Pending	Expresses support for the strengthening of our partnership with Israel and for the creation of a state Trade and Investment Office in Israel. Acknowledges Israel is a leader in technological innovation, cybersecurity, energy, agriculture, and water conservation, which are all areas that align closely with Texas' economic strengths; those shared interests help to foster collaborative opportunities for businesses, universities, and research institutions in both regions.
Texas	SR 232	Recognition Resolution	Adopted	Recognizes March 12, 2025, as State Tech University System Day at the State Capitol. Angelo State University joined the Texas Tech University System in 2007, and under the guidance of President Ronnie D. Hawkins Jr., it currently enrolls over 11,500 students across more than 100 majors and concentrations; the university was one of the first in Texas to offer a degree in cyber defense certified by the National Security Agency; its award-winning Regional Security Operations Center, the first in the state, has become a nationwide model for public-private collaborative cybersecurity programs.
Texas	SR 247	Recognition Resolution	Adopted	Recognizes March 13, 2025, as Collin College Day. Collin College offers over 200 degrees and certificate programs, including baccalaureate degrees in clinical operations management, construction management, cybersecurity, and nursing, as well as workforce programs designed to prepare students for high-wage, high-demand careers.
Utah	H 5	General Government Base Budget	Enacted	Supplements or reduces appropriations otherwise provided for the support and operation of state government for the specified fiscal year. Includes cybersecurity approaches such as Cybersecurity Grant Program to implement the AI Pilot Program.
Utah	H 332	Voter Registration Data Amendments	Failed	Requires certain reporting to the Government Operations Interim Committee; clarifies reporting requirements for the lieutenant governor and county clerks; modifies the lieutenant governors authority to cooperate or enter into an agreement with another state or third party to share voter registration information. A memorandum of understanding shall mandate that the recipient protect the data using information security standards that meet or exceed industry best practices.
Utah	H 492	Security at Drinking Water Facilities	Failed	Requires a community water system to complete a security plan and security breach; requires the Division of Drinking Water to report annually to two legislative committees on security at community water systems; classifies a community water system's security plan as a protected record.
Utah	H 548	Genetic Information	Failed	Addresses the use of genetic sequencing tools and the storage of genetic sequencing data; defines terms; prohibits the use of certain genetic sequencers and genetic sequencing software; prohibits genetic sequencing data from being stored within the boundaries of a foreign adversary; requires relevant entities to certify compliance with genetic sequencing requirements and imposes security requirements for the storage of genetic data.
Utah	S 8	Agency Fees and Internal Service Fund Rate	Enacted	Supplements or reduces appropriations otherwise provided for the support and operation of state government for the specified fiscal year. Includes cybersecurity appropriations such as cyber liability insurance.
Utah	S 142	App Store Accountability Act	Enacted	Requires app store providers to verify a users’ age category, obtain parental consent, notify users and parents of significant changes, share certain data with developers, and protect age verification data; prohibits app store providers from, among other things, enforcing contracts against minors without parental consent; designates violations as deceptive trade practices; requires the Division of Consumer Protection to establish standards for age verification methods; creates a private right of action. Nothing in this chapter shall be construed to prevent an app store provider or developer from taking reasonable measures to protect app store or app security.
U.S. Virgin Islands	None
Vermont	H 340	Automated Decision Systems	Pending	Relates to regulating developers and deployers of certain automated decision systems. Prohibits developers or deployers to use an auditor has already been commissioned to provide any auditing or non-auditing service, including financial auditing, cybersecurity auditing, or consulting services of any type, to the commissioning company in the past 12 months.
Vermont	H 341	Artificial Intelligence Systems	Pending	Relates to creating oversight and safety standards for developers and deployers of inherently dangerous artificial intelligence systems. Defines “dual-use foundational model,” which means an artificial intelligence system that enabling powerful offensive cyber operations through automated vulnerability discovery and exploitation against a wide range of potential targets of cyberattacks.
Vermont	HR 4	Standing Committees	Adopted	Relates to standing committees. Creates the Energy and Digital Infrastructure Energy with duties such utilities, telecommunications, and broadband; , information technology, cybersecurity, and other similar policies.
Virginia	H 1600	Budget Bill	Pending	Relates to budget bill; amends items of and adds items to a specified chapter of the Acts of Assembly of 2024, Special Session I. Includes cybersecurity appropriations, such as funding for training curriculum for state employees on best practices for cyber security. Requires the Virginia Information Technologies Agency (VITA) and the Virginia Fusion Center, in consultation with the Secretaries of Administration, Finance, and Public Safety & Homeland Security, shall provide a semi-annual confidential briefing to the Joint Subcommittee on Cyber Risk regarding current and emerging cybersecurity risks to the Commonwealth and recommended risk reduction initiatives. Members of the Joint Subcommittee on Cyber Risk shall be designated by the chairs of the House Appropriations Committee and the Senate Finance and Appropriations Committee.
Virginia	H 1999	Energy Innovation Pilot Program	Failed	Relates to Energy Innovation Pilot Program established; establishes the Energy Innovation Pilot Program; fosters the development of innovative energy projects; allows program participants to provide grid services or other beneficial energy measures; provides that under the program, a participant, after obtaining State Corporation Commission approval, is not required to comply with specific state statutes and regulations pertaining to the generation, transmission, or distribution of electric energy.
Virginia	H 2017	Public Schools	Failed	Relates to public schools; relates to student support services; relates to student personal information and data security. Requires the Department of Education to develop and make available to each school board and each student support program upon registration guidelines on recommended information and data security programs, systems, and protocols and best practices relating to information and data security.
Virginia	H 2035	High Energy Facilities	Failed	Relates to high-energy facilities; relates to water and energy usage information reports, which includes resources used information technology, security, power, and environment; relates to statewide clearinghouse established; requires any owner or operator of a high-energy facility, as defined in the bill; submits to the Department of Environmental Quality no later than specified date, and on a quarterly basis thereafter, a report that contains certain information; relates to water and energy usage for each such facility; requires the Department, no later than specified date.
Virginia	H 2038	Uncrewed Aircraft Systems Prohibition	Failed	Relates to prohibition on procurement and use of insecure uncrewed aircraft systems; relates to report; prohibits, beginning on specified date, any public body from purchasing, leasing, or otherwise procuring an insecure uncrewed aircraft system. The Joint Commission on Technology and Science (JCOTS) shall review cybersecurity standards and make recommendations every two years to ensure alignment with emerging UAS technologies, evolving cybersecurity threats, the operational and safety needs of public bodies, and public safety priorities within the Commonwealth.
Virginia	H 2268	Department of Law	Failed	Relates to department of Law; relates to Division of Emerging Technologies, Cybersecurity, and Data Privacy established; establishes within the Department of Law a Division of Emerging Technologies, Cybersecurity, and Data Privacy to oversee and enforce laws governing cybersecurity, data privacy, and the use of artificial intelligence (AI) and other emerging technologies; requires the Division to submit an annual report to the Joint Commission on Technology and Science (JCOTS) by November 1 of each year.
Virginia	H 2276	Voter Registration	Vetoed	Relates to voter registration; relates to list maintenance activities; relates to cancellation procedures; relates to record matches; relates to required identification information; relates to data standards. Public bodies may hold closed meetings only for the following purpose discussion of plans to protect public safety as it relates to terrorist activity or specific cybersecurity threats or vulnerabilities and briefings by staff members, legal counsel, or law-enforcement or emergency service officials concerning actions taken to respond to such matters or a related threat to public safety.
Virginia	H 2413	Electric Utilities	Vetoed	Relates to electric utilities; relates to integrated resource plans which ensures grid reliability and safeguards the cybersecurity and physical security; provides that each integrated resource plan shall identify a single preferred portfolio of generation, transmission, and distribution infrastructure and energy efficiency programs and measures needed to ensure a reliable, affordable, and carbon-free electric grid and consider options for maintaining and enhancing rate stability, energy independence, economic development including retention and expansion of energy-intensive industries.
Virginia	H 2564	State Police	Failed	Relates to Virginia State Police; establishes the Bureau of Homeland Security; relates to Powers and duties; relates to work group; relates to report; establishes the Bureau of Homeland Security within the Virginia State Police to coordinate efforts in the ongoing assessment of the Commonwealth's vulnerability ability to detect, prevent, prepare for, respond to, and recover from acts of terrorism or potential threats to the security of the Commonwealth.
Virginia	H 2749	Waterworks Mandatory Reporting	Pending	Provides that the owner of a waterworks shall report any critical equipment failure or malfunction or contaminant release, including a cyberattack, to the office as soon as practicable but no more than six hours after discovery; provides that any owner of a waterworks that is required to submit a monthly operating report to the Office shall include any noncritical equipment failure or malfunction that could adversely affect water quality, public health, or service continuity that occurred during the applicable reporting month.
Virginia	HR 758	Commendatory Resolution	Adopted	Commends the Information Technology Information Sharing & Analysis Center.
Virginia	S 222	Commonwealth Information Security Requirements	Enacted	Relates to Commonwealth Information Security Requirements; provides that no public body may use, whether directly or through work with or on behalf of another public body, any hardware, software, or services that have been prohibited by the U.S. Department of Homeland Security for use on federal systems; requires every public body to report all known incidents that threaten the security of the Commonwealth's data or communications or result in exposure of data protected by federal or state laws.
Virginia	S 442	Computer Trespass	Failed - Adjourned	Relates to computer trespass; relates to elementary and secondary schools; relates to school board; relates to penalty; makes it a Class 6 felony for the offense of computer trespass when such offense is committed against any elementary or secondary school or school board.
Virginia	S 800	Budget Bill	Failed	Relates to Budge Bill; amends items of and adds items to Chapter 2 of the Acts of Assembly of 2024, Special Session I. Includes cybersecurity appropriations. Requires the Virginia Information Technologies Agency (VITA) and the Virginia Fusion Center, in consultation with the Secretaries of Administration, Finance, and Public Safety & Homeland Security, to provide a semi-annual confidential briefing to the Joint Subcommittee on Cyber Risk regarding current and emerging cybersecurity risks to the Commonwealth and recommended risk reduction initiatives.
Virginia	S 1021	Electric Utility Integrated Resource Plan	Vetoed	Relates to electric utilities; relates to integrated resource plans which ensures grid reliability and safeguards the cybersecurity and physical security; provides that any petition for such a permit filed by an electric utility that is required to file an integrated resource plan shall, among other things, reference the utility's most recently approved integrated resource plan that identified the utility's intent to construct and operate such generating facilities.
Virginia	S 1111	Student Support Services	Failed	Relates to public schools; relates to student support services; relates to student personal information and data security; relates to registration; relates to requirements; relates to grants; relates to report; requires any student support agency to register with the Department of Education in order to provide any student support programs to students enrolled in any public elementary or secondary school in the Commonwealth.
Virginia	S 1239	Cybersecurity	Enacted	Convenes a work group to evaluate cybersecurity as it relates to the provision of electric service by investor-owned electric utilities and electric cooperatives.
Virginia	S 1373	Energy Innovation Pilot Program	Failed	Establishes the Energy Innovation Pilot Program to foster the development of innovative energy projects by allowing program participants to provide grid services or other beneficial energy measures. The Commission may apply conditions, including denial of grid interconnection, to a project approval order that it deems necessary to ensure that an approved project does not pose an undue risk to the reliability or security of energy service in the Commonwealth, including measures to address cybersecurity threats.
Virginia	S 1408	Waterworks Report	Pending	Relates to department of health; relates to waterworks; relates to mandatory reporting of anomalies; relates to negligence; requires owners of waterworks; reports any operational anomaly; affects water quality, public health, or service continuity to the Department of Health's Office of Drinking Water within 24 hours of discovery. Requires the owner of a waterworks to report any critical equipment failure or malfunction or contaminant release, including a cyberattack, to the office as soon as practicable but no more than two hours after discovery.
Virginia	S 1486	Student Personal Information	Enacted	Relates to public schools; relates to student records and personal information; relates to school-issued devices and school technology providers; relates to protection of student personal information; relates to policies and procedures; establishes several requirements and restrictions for the purpose of ensuring the protection of student personal information and educational records in the procurement, provision and use of school-issued devices.
Virginia	S 1487	Critical Infrastructures	Failed	Relates to governor; relates to protecting the resiliency of the Commonwealth's critical infrastructure; directs the governor to establish two committees, the Critical Infrastructure Committee and the Resilient Energy Committee, consisting of security professionals, energy experts, utility representatives, and scientists, for the purpose of assessing state critical infrastructure and making recommendations for the protection of such infrastructure from all hazards.
Washington	H 1198	Fiscal Biennium Operating Appropriations	Pending	Makes operating appropriations for the specified fiscal biennium. Includes cybersecurity appropriations such as cyber and physical security of election operations and cybersecurity curriculum to postsecondary institutions.
Washington	H 1517	Digital Equity Programs	Pending	Provides a revenue stream to fund digital equity programs. The legislature recognizes the need to support Washington's statewide cybersecurity strategy to protect data and privacy of individuals.
Washington	HR 4610	Honorary Resolution	Adopted	Honors Dr. Kathi H. Hiyane-Brown. Under Dr. Hiyane-Brown's guidance, the Washington State Board of Community and Technical Colleges and the State Legislature designated WCC as the Washington State Cybersecurity Center of Excellence.
Washington	S 5014	Election Security	Pending	Concerns election security; provides that prior to use in conducting any primary or election, the secretary of state must approve systems used in the conduct of elections, including voting systems, voting devices, or vote tallying systems.
Washington	S 5167	Fiscal Biennium Operating Appropriations	Pending	Makes fiscal biennium operating appropriations. Includes cybersecurity appropriations such as cyber and physical security of election operations and cybersecurity curriculum to postsecondary institutions.
Washington	S 5512	House Banked Card Rooms	Pending	Allows for the use of centralized surveillance systems by house-banked card rooms. The legislature finds that centralized surveillance systems for entities operating multiple locations offer significant benefits. These systems streamline operations, reduce redundancies, and ensure the consistent application of security protocols across all sites. Prior to offering centralized surveillance and every license year thereafter, the licensee must have an independent technical expert, who is a licensed service supplier, perform a system integrity and security assessment of the surveillance system.
Washington	S 5582	Critical Energy Infrastructure Information	Pending	Concerns the disclosure of critical energy infrastructure information such as records containing actual, potential, or threatened interference with, attacks on, compromise of, or incapacitation of critical energy infrastructure or protected systems by either physical or computer-based attacks, or other similar conduct that violates federal, state, or local law, harms interstate commerce of Washington state or the U.S., or threatens to disrupt or diminish the supply of energy to the extent that the public health, safety, and general welfare may be jeopardized.
Washington	SR 8621	Women in Cloud and Inspiring Girls	Adopted	Recognizes Women in Cloud and Inspiring Girls now in Technology Evolution Worldwide. Women in Cloud, in 2024 awarded 5,600 AI and cybersecurity certification scholarships, contributing to the professional development of leaders, from historically underrepresented communities, supporting a membership of 120,000 individuals across more than 80 countries.
West Virginia	H 2026	Budget Bill	Pending	Relates to the Budget Bill. Includes appropriations such as to the Marshall Cybersecurity Program and the Cybersecurity Fund.
West Virginia	H 2489	Election Reform and Protections	Pending	Provides for election reform and protections. Prohibits potential election fraud such as ballot harvesting, ballot trafficking, algorithmic manipulation of votes or vote tabulations, cyber-attack or manipulation, inaccurate voter registration rolls have caused manipulated electronic tabulation of votes, or that the electronic tabulation of votes by any electronic voting system has been compromised or corrupted in any manner which has caused an inaccurate or fraudulent tabulation of votes cast in an election.
West Virginia	H 2814	Plans to Protect State from Major Crises	Pending	Creates plans to protect state from major crises. Prioritizes major disruptions of the energy grid in West Virginia, including disruptions resulting from high altitude electromagnetic pulse (HEMP) attacks, cyber-attacks, or physical attacks on key grid systems and major cyber-attacks creating long term disruptions to West Virginia's communications systems.
West Virginia	H 3187	Task Force on Artificial Intelligence	Pending	Relates to the state Task Force on Artificial Intelligence. Requires one member to be one member representing the cybersecurity industry with experience relevant to the work of the task force, appointed by the governor.
West Virginia	H 3504	Protecting Critical Infrastructure	Pending	Relates to protecting critical infrastructure; defines terms. Any person who willfully damages, destroys, vandalizes, defaces, or tampers with the physical or digital equipment in a critical infrastructure facility causing damage, including damage inflicted by cyber-attack or digital interference in excess of $2,500 is guilty of a felony and, upon conviction thereof, shall be fined not less than $3,000 nor more than $10,000, or imprisoned in a state correctional facility for a term of not less than one year nor more than five years, or both fined and imprisoned.
West Virginia	HCR 57	Illegal Asymmetric War	Pending	Identifies that the People's Republic of China is conducting an illegal asymmetric war against the U.S. and State, including cyberattacks on government.
West Virginia	HCR 94	Artificial Intelligence Elective Course	Pending	Requests a study regarding the creating of an artificial intelligence elective course to be offered in high schools. the Artificial Intelligence Education Program shall be designed to providing practical instruction on the use of artificial intelligence in fields such as business (e.g., marketing, supply chain management), defense (e.g., cybersecurity, logistics), and finance (e.g., fraud detection, algorithmic trading).
West Virginia	S 300	Budget Bill	Pending	Relates to the Budget Bill. Includes appropriations to the Marshall Cybersecurity Program.
West Virginia	S 694	Foreign Entities	Pending	Protects state and local government systems and data from foreign entities.
West Virginia	S 818	Power Generation and Consumption Act	Pending	Relates to the Power Generation and Consumption Act of 2025. Creates an Electronic Grid Stabilization and Security Fund. Creates special rules for tax distribution of high-impact data centers. The bill notes the highest concentration of high-level computational power and data centers in the world is located in Loudoun County, Virginia. This severe concentration of data centers in one location is a national security vulnerability because it invites the potential for cyberattacks and espionage against the Nation’s critical data infrastructure.
Wisconsin	A 263	Governmental Use of Certain Mobile Software Application	Failed	Concerns state and local governmental use of certain mobile or online software applications and electronic devices.
Wisconsin	A 50	State Finances and Appropriations	Pending	Concerns state finances and appropriations; constitutes the executive budget act of the legislature for specified year. Includes cybersecurity appropriations such as: grants to American Indian tribes or bands in this state to support strategic planning concerning cybersecurity. Requires planning and preparation to have a cybersecurity insurance program for executive branch agencies.
Wisconsin	A 135	Right to Repair Motor Vehicles	Pending	Concerns the right to repair motor vehicles; provides a penalty. Nothing in this section shall be construed to preclude a manufacturer from employing a cryptographic or technological protection necessary to secure motor vehicles, vehicle-generated data, or safety-critical vehicle systems from an unintended audience.
Wisconsin	S 45	State Finances and Appropriations	Pending	Concerns state finances and appropriations; constitutes the executive budget act of the 2025 legislature. Includes cybersecurity appropriations such as: grants to American Indian tribes or bands in this state to support strategic planning concerning cybersecurity. Requires planning and preparation to have a cybersecurity insurance program for executive branch agencies.
Wisconsin	S 129	Right to Repair Motor Vehicles	Pending	Concerns the right to repair motor vehicles; provides a penalty. Nothing in this section shall be construed to preclude a manufacturer from employing a cryptographic or technological protection necessary to secure motor vehicles, vehicle-generated data, or safety-critical vehicle systems from an unintended audience.
Wyoming	None

Contact NCSL
Use this form to reach NCSL staff.
Email
Full Name
What is your role?
Is this a press or media inquiry?
Message
Captcha
Admin Email

Related Resources

Updated July 10, 2025

Artificial Intelligence Policy Toolkit

This AI Toolkit provides a wide variety of AI resources for policymakers on the state policy landscape and considerations for different sectors and specific uses, including primers, legislative tracking, issue briefs and podcasts. AI resources in the toolkit span across many topic areas like elections, healthcare, workforce, criminal justice and more.

Technology

Updated July 02, 2025

Wired, Wireless, or in Orbit: Broadband Technology Modes Explained

This brief discusses the advantages, disadvantages, and deployment examples for different types of broadband technologies.

Technology

Updated July 02, 2025

BEAD Rewired: What the Changes to the Broadband Program Mean for States

This brief briefly contextualizes the BEAD program before discussing the various changes made by the Department of Commerce's review.

Technology

Summary Cybersecurity 2025 Legislation

Contact NCSL

Related Resources

Artificial Intelligence Policy Toolkit

Wired, Wireless, or in Orbit: Broadband Technology Modes Explained

BEAD Rewired: What the Changes to the Broadband Program Mean for States

Contact Us

Denver

Washington, D.C.