VIRGINIA LAW PORTAL

• Code of Virginia
• Virginia Administrative Code
• Constitution of Virginia
• Charters
• Authorities
• Compacts
• Uncodified Acts
• RIS Users (account required)

SEARCHABLE DATABASES

• Bills & Resolutions
  session legislation
• Bill Summaries
  session summaries
• Reports to the General Assembly
  House and Senate documents
• Legislative Liaisons
  State agency contacts

ACROSS SESSIONS

• Subject Index: Since 1995
• Bills & Resolutions: Since 1994
• Summaries: Since 1994

Developed and maintained by the Division of Legislative Automated Systems.

2017 SESSION

• history | hilite | pdf | print version

17102466D
HOUSE JOINT RESOLUTION NO. 692 Offered January 11, 2017 Prefiled January 10, 2017 Directing the Joint Legislative Audit and Review Commission to study the Commonwealth's cybersecurity standards. Report. ----------
Patrons-- Murphy, Bell, John J., Boysko, Hope, Kory, Krizek, Lindsey, Plum, Rasoul and Simon
---------- Referred to Committee on Rules ----------

WHEREAS, the number of reported information security incidents across the United States has risen substantially over the last five years; and

WHEREAS, the U.S. government reported that it was the subject of more than 77,000 cyber incidents, including data thefts or other security breaches, in 2015, which constituted a 10 percent increase of such incidents from 2014; and

WHEREAS, hundreds of thousands of cyber-attacks occur annually across the United States, costing the national economy millions of dollars; and

WHEREAS, with the recent surge in cybercrime and its potential to cause major disruption in Virginia, it is essential that the Commonwealth adequately protect state government electronic information from unauthorized uses, intrusions, and other security threats through sound cybersecurity policies, procedures, and standards; now, therefore, be it

RESOLVED by the House of Delegates, the Senate concurring, That the Joint Legislative Audit and Review Commission be directed to study the Commonwealth's cybersecurity standards.

In conducting its study, the Joint Legislative Audit and Review Commission (JLARC) shall (i) evaluate the Commonwealth's current policies, procedures, and standards for assessing cybersecurity risks and protecting the electronic information of all branches of state government from unauthorized uses, intrusions, and other security threats and (ii) make recommendations for the improvement of such policies, procedures, and standards, including a recommendation, within 180 days of the enactment of this resolution, as to whether either the General Assembly through legislation or the Governor through executive action should establish a centralized office or agency, other than the Virginia Information Technologies Agency, to have ongoing authority to establish, monitor, and update the Commonwealth's cybersecurity policies, procedures, and standards.

All agencies of the Commonwealth shall provide assistance to the Joint Legislative Audit and Review Commission for this study, upon request.

The Joint Legislative Audit and Review Commission shall complete its meetings by November 30, 2017, and the chairman shall submit to the Division of Legislative Automated Systems an executive summary of its findings and recommendations no later than the first day of the 2018 Regular Session of the General Assembly. The executive summary shall state whether the JLARC intends to submit to the General Assembly and the Governor a report of its findings and recommendations for publication as a House or Senate document. The executive summary and report shall be submitted as provided in the procedures of the Division of Legislative Automated Systems for the processing of legislative documents and reports and shall be posted on the General Assembly's website.