Resolve, Directing the Department of Administrative and Financial Services To Convene a Cybersecurity Commission

Sec. 1. Cybersecurity Commission. Resolved: That the Commissioner of Administrative and Financial Services shall convene a cybersecurity commission, referred to in this resolve as "the commission."

Sec. 2. Membership. Resolved: That the Commissioner of Administrative and Financial Services shall invite the following to participate as members of the commission:

1. The Chief Information Officer of the Department of Administrative and Financial Services;

2. The Chief Information Officer of the University of Maine System;

3. A member of the Maine National Guard who is an expert in information technology security;

4. A public member who is an employee of a large health care provider in the State and who has expertise in health care information technology;

5. Two public members who are experts in information technology;

6. A public member who is an expert in finance, business administration or economics;

7. A public member with expertise in public safety; and

8. A public member with expertise in education; and be it further

Sec. 3. Duties. Resolved: That the commission shall study:

1. High-risk cybersecurity issues facing the State;

2. Securing state networks, systems and data, including interoperability, standardized plans and procedures and evolving threats, and best practices to prevent the unauthorized access, theft, alteration and destruction of the State's data;

3. Strategies to advance private sector cybersecurity economic development opportunities, including innovative technologies, research and development and start-up firms, and maximize public-private partnerships throughout the State;

4. Coordinating the review of and assessing opportunities for cybersecurity private sector growth as it relates to military facilities and defense activities in the State;

5. Promoting awareness of cyber hygiene among the State's citizens, businesses and government entities;

6. Cybersecurity and cybersecurity threats and summarize the data collected; and

7. Changes to laws and rules concerning programs and policies regarding cybersecurity, information and technology and related matters; and be it further

Sec. 4. Existing resources. Resolved: That the duties described in section 3 must be performed within the existing resources of the Department of Administrative and Financial Services; and be it further

Sec. 5. Report. Resolved: That, no later than February 1, 2018, the Commissioner of Administrative and Financial Services shall submit a report that includes the findings and recommendations of the commission, including suggested legislation, to the Joint Standing Committee on Criminal Justice and Public Safety, which may report out a bill based on the report.

summary

This resolve directs the Commissioner of Administrative and Financial Services to convene a cybersecurity commission.