[Newly enacted section not yet numbered]

(a) A state entity shall not submit payment with an entity that has engaged in a cybersecurity incident on an information technology system by encrypting data and then subsequently offering to decrypt that data in exchange for a ransom payment.

Terms Used In Tennessee Code 4-1-NEW v2

  • Contract: A legal written agreement that becomes binding when signed.
  • Oversight: Committee review of the activities of a Federal agency or program.
  • State: when applied to the different parts of the United States, includes the District of Columbia and the several territories of the United States. See Tennessee Code 1-3-105
(b) A state entity experiencing a ransom request in connection with a cybersecurity incident shall immediately notify and consult with the technology and innovation division of the Tennessee bureau of investigation.
(c) As used in this section, “state entity”:

(1) Means an agency, department, institution, board, commission, committee, division, bureau, officer, official, or other entity of the executive, judicial, or legislative branches of state government, including a public institution of higher education and all other entities for which this state has oversight responsibility; and
(2) Does not mean a vendor, contractor, insurance company, law firm, or other third party that has a contract, or does other business, with a state entity.
  Previous section
Next section  
 Part 4 Contents