[Newly enacted section not yet numbered]
(a) A state entity shall not submit payment with an entity that has engaged in a cybersecurity incident on an information technology system by encrypting data and then subsequently offering to decrypt that data in exchange for a ransom payment.
Ask a legal question, get an answer ASAP!
Click here to chat with a lawyer about your rights.
Terms Used In Tennessee Code 4-1-NEW v2
- Contract: A legal written agreement that becomes binding when signed.
- Oversight: Committee review of the activities of a Federal agency or program.
- State: when applied to the different parts of the United States, includes the District of Columbia and the several territories of the United States. See Tennessee Code 1-3-105
(b) A state entity experiencing a ransom request in connection with a cybersecurity incident shall immediately notify and consult with the technology and innovation division of the Tennessee bureau of investigation.
(c) As used in this section, “state entity”:
(1) Means an agency, department, institution, board, commission, committee, division, bureau, officer, official, or other entity of the executive, judicial, or legislative branches of state government, including a public institution of higher education and all other entities for which this state has oversight responsibility; and
(2) Does not mean a vendor, contractor, insurance company, law firm, or other third party that has a contract, or does other business, with a state entity.