Kicking things off with an update on a story, courtesy of StateScoop. Long-time listeners remember our coverage in 2020 of Louisiana adopting a law to require MSPs to register if they do business with the public sector in the state and the interview with Secretary of State Kyle Ardoin on this show.
In an interview Friday, Ardoin’s chief information officer, Brad Manuel, updated on the progress. “We saw a need for knowing who the players are in the MSP field in relation to our government entities,” Manuel said in an interview Friday at the National Association of Secretaries of State conference in Baton Rouge. “Now we know who is providing services, and we utilize that.”
Manuel declined to say how many MSPs have registered but noted they range in size from multinational corporations to mom-and-pop businesses. He said service providers have been responsive to the new rules, including the requirement to report a breach within 24 hours.
On the state level, Virginia had a new law take effect recently that has a similar clause – it requires the commonwealth’s agencies and local governments to report cybersecurity incidents within 24 hours of detection.
Why do we care?
A press tour for the law among other Secretaries of State. This is a victory lap, but more importantly, the promotion of the policy to other states. The lawmakers believe they accomplished their goal, and now they are promoting their success. You should expect more of these types of laws.