Department Of Information Technology Cybersecurity

Legal Requirements for Locals

​Maryland Senate Bill 754

The Local Cybersecurity Support Act of 2022 (SB754) was enacted to establish specific obligations for units of local governments and introduce support programs to assist them. The bill enacted several programs designed to provide resources and assistance to local governments as well as created several requirements for Local Units of Government: 

  1. Incident Reporting 
    Each local government shall report a cybersecurity incident via the Incident Reporting Form, including an attack on a state system being used by the local government, to the appropriate local emergency manager and the state security operations center in the department of information technology to the Maryland joint operations center in the department. Local governments are required to adhere to the Cybersecurity Incident Reporting Requirements for Local Governments

  1. Network Maryland 
    By June 30, 2024, and annually thereafter, each unit of local government must certify their compliance with the State’s minimum cybersecurity standards for connecting to network Maryland.

  1. Each county government, local school system, and local health department shall, in consultation with the local emergency manager, create or update a cybersecurity preparedness and response plan and complete a cybersecurity preparedness assessment.

  1. On or before June 30, 2023, each unit of local government shall certify to the Office of Security Management compliance with State Minimum Cybersecurity Standards established by the Department of Information Technology, in accordance with the Guidance for Locals

  1. By December 1, 2023, a public or private water or wastewater system in Maryland that: A. has 10,000 or more users, and B. receives financial assistance from the state must: (1) assess its vulnerability to a cyberattack; (2) if appropriate, develop a cybersecurity plan; and (3) submit a report to the General Assembly on the findings of the assessment and any recommendations for statutory changes needed for the system to appropriately address its cybersecurity. Guidance regarding the Modernize Maryland Act can be found at
    https://mde.maryland.gov/programs/water/water_supply/Documents/Modernize%20Maryland%20Act%20of%202022%20Guidance.pdf

  1. Public disclosure of a cybersecurity incident will be posted on the Maryland Department of Information Technology website and will follow the guidelines for the public disclosure of cybersecurity incidents


1.​ https://mgaleg.maryland.gov/2022RS/bills/sb/sb0754E.pdf

Maryland Governor and Lieutenant Governor

Human Trafficking GET HELP

National Human Trafficking Hotline - 24/7 Confidential

1-888-373-7888 233733 More Information
on human trafficking in Maryland

Customer Service Promise

The State of Maryland pledges to provide constituents, businesses, customers, and stakeholders with friendly and courteous, timely and responsive, accurate and consistent, accessible and convenient, and truthful and transparent services.

Take Our Survey

Help Stop Fraud in State Government

The Maryland General Assembly’s Office of Legislative Audits operates a toll-free fraud hotline to receive allegations of fraud and/or abuse of State government resources. Information reported to the hotline in the past has helped to eliminate certain fraudulent activities and protect State resources.

More Information

© Copyright Maryland.gov. All rights reserved.

100 Community Place, Crownsville, MD 21032
300-301 West Preston Street, Baltimore MD 21201
410-697-9700 or Dial 7-1-1 to place a call through Maryland Relay