Get Full Government Meeting Transcripts, Videos, & Alerts Forever!

Legislature adopts NIST CSF v2 roadmap; priorities include MFA rollout, asset inventories, incident exercises

Joint Committee on Information Technology (JCIT) · October 29, 2025

AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

Legislative security staff presented a NIST CSF v2 assessment and implementation roadmap. The roadmap prioritizes (1) formal cybersecurity policies and leadership sign‑off, (2) full asset and dependency inventories, (3) 100% adoption of strong multifactor authentication for privileged and remote accounts, (4) annual tabletop incident exercises and

Legislative security staff presented a NIST Cybersecurity Framework (CSF v2) assessment and an implementation roadmap aimed at meeting SB291's tier requirements for the legislative branch.

Bob Murphy, the legislature's security analyst, said current capabilities vary across the six CSF functions (govern, identify, protect, detect, respond, recover). Key near‑term priorities include formalizing enterprise cybersecurity policies and governance, completing a verified asset…

Already have an account? Log in

Subscribe to keep reading

Unlock the rest of this article — and every article on Citizen Portal.

Unlimited articles
AI-powered breakdowns of topics, speakers, decisions, and budgets
Instant alerts when your location has a new meeting
Follow topics and more locations
1,000 AI Insights / month, plus AI Chat

See memberships

30-day money-back on paid plans