Maryland § 3.5-2A-03

Maryland Statutes

§ 3.5-2A-03

Article gsfState Finance and Procurement

This text of Maryland § 3.5-2A-03 is published on Counsel Stack Legal Research, covering Maryland primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.

Bluebook

Md. Code Ann., State Finance and Procurement § 3.5-2A-03 (2026).

Text

(a)The head of the Office is the State Chief Information Security Officer.

(b)The State Chief Information Security Officer shall:

(1)be appointed by the Governor with the advice and consent of the Senate;

(2)serve at the pleasure of the Governor;

(3)be supervised by the Secretary; and

(4)serve as the chief information security officer of the Department.

(c)An individual appointed as the State Chief Information Security Officer under subsection (b) of this section shall:

(1)at a minimum, hold a bachelor’s degree;

(2)hold appropriate information technology or cybersecurity certifications;

(3)have experience:

(i)identifying, implementing, or assessing security cont

Free access — add to your briefcase to read the full text and ask questions with AI

(a) The head of the Office is the State Chief Information Security Officer.

(b) The State Chief Information Security Officer shall:

(1) be appointed by the Governor with the advice and consent of the Senate;

(2) serve at the pleasure of the Governor;

(3) be supervised by the Secretary; and

(4) serve as the chief information security officer of the Department.

(c) An individual appointed as the State Chief Information Security Officer under subsection (b) of this section shall:

(1) at a minimum, hold a bachelor’s degree;

(2) hold appropriate information technology or cybersecurity certifications;

(3) have experience:

(i) identifying, implementing, or assessing security controls;

(ii) in infrastructure, systems engineering, or cybersecurity;

(iii) managing highly technical security, security operations centers, and incident response teams in a complex cloud environment and supporting multiple sites; and

(iv) working with common information security management frameworks;

(4) have extensive knowledge of information technology and cybersecurity field concepts, best practices, and procedures, with an understanding of existing enterprise capabilities and limitations to ensure the secure integration and operation of security networks and systems; and

(5) have knowledge of current security regulations.

(d) The State Chief Information Security Officer shall provide cybersecurity advice and recommendations to the Governor on request.

(e) (1) (i) There is a Director of Local Cybersecurity, who shall be appointed by the State Chief Information Security Officer.

(ii) The Director of Local Cybersecurity shall work in coordination with the Maryland Department of Emergency Management to provide technical assistance, coordinate resources, and improve cybersecurity preparedness for units of local government.

(2) (i) There is a Director of State Cybersecurity, who shall be appointed by the State Chief Information Security Officer.

(ii) The Director of State Cybersecurity is responsible for implementation of this section with respect to units of State government.

(f) The Department shall provide the Office with sufficient staff to perform the functions of this subtitle.

Nearby Sections

15

§ 3.5-101

§ 3.5-201

§ 3.5-202

§ 3.5-203

§ 3.5-204

§ 3.5-205

§ 3.5-2A-01

§ 3.5-2A-02

§ 3.5-2A-03

§ 3.5-2A-04

§ 3.5-2A-05

§ 3.5-2A-06

§ 3.5-301

§ 3.5-302

§ 3.5-303

View on official source ↗

Cite This Page — Counsel Stack

Bluebook (online)

Maryland § 3.5-2A-03, Counsel Stack Legal Research, https://law.counselstack.com/statute/md/gsf/3.5-2A-03.