Security Awareness Training Is Now Mandatory for Florida Government Employees

Security awareness is no longer optional for Florida government employees. Effective July 1, 2022, Governor Ron DeSantis approved House Bill 7055, requiring state agencies and local governments to offer employee security awareness training, report cybersecurity and ransomware incidents, and draft detailed reports of actions taken after cyber-attacks.  

The new bill specifically states that all local government employees who will have access to the state’s network must successfully complete basic cybersecurity awareness training. In addition to this action, there is now a deadline requiring these new employees to finish the assigned lessons within 30 days of their start date.   

The HB 7055 Mandates

HB 7055 is also calling for local governments to adopt cybersecurity standards that safeguard their data. These guidelines must be consistent with the accepted best practices for cybersecurity — and since human error continues to be the top threat, employee training must be offered and updated annually.  

This critical legislation establishes the importance of cybersecurity readiness, the requirements to maintain and improve reporting standards, and the need to facilitate the integration of these new mandates for local government agencies.  

Florida Spends Little on Training

The goal of increasing training is to lower the risk of growing cyber-attacks. But how much is being invested in education to prevent these prevalent attacks? According to the Cyber Florida report on local government’s cyber readiness, less than 5% of local government entities have cybersecurity as a line item in their budget. 

The mandates in this legislation will create a shift. Florida’s local governments are now under pressure to boost their cyber preparedness and set aside adequate funding for these educational efforts.  

How ERMProtect Can Help

Learn about ERMProtect's customizable Cybersecurity Awareness Training. Contact Silka Gonzalez at [email protected]   


Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

NIST Cybersecurity Framework

Complete Guide to the NIST Cybersecurity Framework 2.0

In this comprehensive guide, we explain in simple terms every aspect of complying with the NIST Cybersecurity Framework 2.0 …
Musings From a Pen Tester’s Diary

Musings From a Penetration Tester’s Diary – Part 2

We asked Akash to take a trip down memory lane and discuss some of his more interesting intrusion cases. This is Part 2 of “Musings from Pen Tester’s Diary.” …
Musings From a Pen Tester’s Diary

Musings From a Penetration Tester’s Diary – Part 1

Ever want to peek inside the mind of an ethical hacker? Akash Desai, our Director of IT Consulting for 18 years, is sharing his diary of experiences “hacking” banks, factories, fire departments, airports, etc …