Security Awareness Training Is Now Mandatory for Florida Government Employees

Security awareness is no longer optional for Florida government employees. Effective July 1, 2022, Governor Ron DeSantis approved House Bill 7055, requiring state agencies and local governments to offer employee security awareness training, report cybersecurity and ransomware incidents, and draft detailed reports of actions taken after cyber-attacks.  

The new bill specifically states that all local government employees who will have access to the state’s network must successfully complete basic cybersecurity awareness training. In addition to this action, there is now a deadline requiring these new employees to finish the assigned lessons within 30 days of their start date.   

The HB 7055 Mandates

HB 7055 is also calling for local governments to adopt cybersecurity standards that safeguard their data. These guidelines must be consistent with the accepted best practices for cybersecurity — and since human error continues to be the top threat, employee training must be offered and updated annually.  

This critical legislation establishes the importance of cybersecurity readiness, the requirements to maintain and improve reporting standards, and the need to facilitate the integration of these new mandates for local government agencies.  

Florida Spends Little on Training

The goal of increasing training is to lower the risk of growing cyber-attacks. But how much is being invested in education to prevent these prevalent attacks? According to the Cyber Florida report on local government’s cyber readiness, less than 5% of local government entities have cybersecurity as a line item in their budget. 

The mandates in this legislation will create a shift. Florida’s local governments are now under pressure to boost their cyber preparedness and set aside adequate funding for these educational efforts.  

How ERMProtect Can Help

Learn about ERMProtect's customizable Cybersecurity Awareness Training. Contact Silka Gonzalez at [email protected]   

 

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

pci dss compliance

Why PCI Standards Are Just the Starting Point for Securing Payment Data

While PCI DSS compliance offers a solid baseline, it is not an all-encompassing solution to build a proactive and resilient data security framework …
pci dss in the cloud

How to Achieve PCI Compliance in the Cloud as Security Controls Evolve

The integration of cloud services with PCI DSS compliance is particularly crucial for enterprises that handle sensitive payment card information …
Digital Forensics Investigation

What Are the 5 Stages of a Digital Forensics Investigation?

In this article, we delve deeply into the five stages of a digital forensics investigation and provide tips on how to select the right digital forensics company …