Florida passed a statute that allows state agencies to exclude cybersecurity information from public records – do you know if there are any other state/local governments (or US gov't agencies) that omit this kind of information when it comes to procurement for cybersecurity products/services?

1.7k views2 Upvotes7 Comments

Senior Director of Engineering in Software, 501 - 1,000 employees
The state of California has been pretty active in this area (example: CCPA) so I wouldn't be surprised if they would do something similar to what the state of Florida is doing.
VP of IT in Software, 5,001 - 10,000 employees
It's not uncommon for governments, both at the state and federal levels, to consider cybersecurity information sensitive and therefore exempt from public 
disclosure. It would not surprise me if other states follow Florida's lead.
VP of IT in Education, 501 - 1,000 employees
I do understand why they would want to keep some of that information disclosed from the public, but I think common information, such as the amount of funds, and categories that are a little more specific (rather than just "cyber Security") such as EDR, or SIEM would be preferred.  I do not know of any other agencies that do this other than the federal government, using different forms of classifications.  I suspect other states, such as California and Texas will follow them pretty soon. 
Director of IT in Finance (non-banking), 51 - 200 employees
There are some but governments keep it vague due to their lack of understanding of what they actually are looking for.  So many laws, particularly in my state, are extremely outdated and cyber information was not considered at the time and have not been amended to include such.  This leads for so many confusing and sticky situations, particularly for those seeking guidance.
Director of IT in Education, 1,001 - 5,000 employees
While I am not aware of any other agencies that restrict or limit access to K-12 cybersecurity information, I am not opposed to limits being countrywide; accessible only on an as-needed basis, as determined by the courts or law enforcement.   This could be likened to protecting student information from public record.
CTO in Transportation, 11 - 50 employees
Very common in Canada
Director of IT in Healthcare and Biotech, 11 - 50 employees
We try to monitor what California is up to, but haven't seen anything yet.  I can understand why the government would want to keep this sensitive, but also would like a check and balance to insure they are at least moving on things.

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
40.8k views131 Upvotes319 Comments

Strongly agree5%




Strongly disagree0%

Other (please specify)0%