New law mandating Minnesota agencies to report cyberattacks now in effect
MINNEAPOLIS — A new law requiring public agencies in Minnesota to report cybersecurity incidents to state IT officials is now in effect.
According to Minnesota IT Services (MNIT), the law also applies to government contractors and vendors serving public agencies, county, city and township governments, school districts, charter schools, intermediate districts, cooperative units and public post-secondary institutions.
The reporting form and instructions have been available since Sept. 30.
The Minnesota Bureau of Criminal Apprehension and MNIT will use data from the reports to "identify trends and commonalities to anticipate and prevent future attacks."
Director of Technology at Stillwater Area Public Schools Eric Simmons says this new mandate is important for the safety of schools across the state.
"Minnesota's cybersecurity incident reporting law highlights the critical collaboration between MNIT and school districts to combat growing cyber threats," Simmons said. "Schools are prime attack targets, yet many lack the resources to respond effectively."
The cybersecurity incident reporting law was signed by Gov. Tim Walz in May.
MNIT officials say they will continue to provide updates and guidance to assist entities in completing reports.
Last year, MNIT rolled out the first-ever statewide cybersecurity plan, comprised of nearly $24 million in both state and federal tax dollars. The plan aimed to solidify online defenses at more than 3,000 government entities.
