US Lawyer Database

843-966-9603

Menu
Claim your profile

For Lawyer-Seekers

YOU DESERVE THE BEST LAWYER

Claim your profile

For Lawyer-Seekers

Menu

843-966-9603

US Law

Home » US Law » 2022 West Virginia Code » Chapter 5A. Department of Administration » Article 6B. Cyber Security Program

US Law

§5A-6B-1. West Virginia Cybersecurity Office; Scope; Exemptions

(a) There is hereby created the West Virginia Cybersecurity Office within the Office of Technology. The office has the authority to set standards for cybersecurity and is charged with managing the cybersecurity framework. (b) The provisions of this article are applicable to all state agencies, excluding higher education institutions, the State Police, state constitutional officers […]

§5A-6B-2. Definitions

As used in this article: “Cybersecurity framework” means computer technology security guidance for organizations to assess and improve their ability to prevent, detect, and respond to cyber incidents. “Cyber incident” means any event that threatens the security, confidentiality, integrity, or availability of information assets, information systems, or the networks that deliver the information. “Cyber risk […]

§5A-6B-3. Powers and Duties of Chief Information Security Officer; Staff; Rule-Making

(a) The West Virginia Cybersecurity Office is under the supervision and control of a Chief Information Security Officer appointed by the Chief Technology Officer and shall be staffed appropriately by the Office of Technology to implement the provisions of this article. (b) The Chief Information Security Officer has the following powers and duties: (1) Develop […]

§5A-6B-4. Responsibilities of Agencies for Cybersecurity

State agencies and other entities subject to the provisions of this article shall: (1) Undergo an appropriate cyber risk assessment as required by the cybersecurity framework or as directed by the Chief Information Security Officer;

§5A-6B-5. Exemption From Disclosure

Any information, including, but not limited to, cyber risk assessments, plans of action and milestones, remediation plans, or information indicating the cyber threat, vulnerability, information or data that may identify or expose potential impacts or risk to agencies or to the state or that could threaten the technology infrastructure critical to government operations and services, […]

§5A-6B-6. Annual Reports

The Chief Information Security Officer shall annually, beginning on December 1, 2019, and on December 1 of each year thereafter, report to the Joint Committee on Government and Finance and to the Governor on the status of the cybersecurity program, including any recommended statutory changes.