Testing 123 Link


Testing 123 Link


Indianapolis (July 1, 2021) ­‑ During the recently concluded Indiana General Assembly, legislators unanimously passed HEA 1169, a law that goes into effect today, which requires all political subdivisions and state agencies to report cybersecurity incidents to the Indiana Office of Technology (IOT).

“Citizen and business data is at risk due to cybercriminals and constant cyberattacks. The level and number of attacks is increasing in the public sector at an alarming rate,” said Indiana Chief Information Officer Tracy Barnes. “This law allows IOT to track the attacks, but most importantly share information across government in Indiana for increased awareness and protection. While this will not stop attacks, it will give us understanding to the types of attacks that are being made. That, in turn, will give us the ability to go on the offense and proactively warn others and to recommend precautions.”

Under the law, only the most severe types of attacks must be reported, including:

  • Ransomware
  • Business Email Compromise
  • Vulnerability Exploitation
  • Zero-day exploitation
  • Distributed Denial of Service
  • Website defacement

Definitions of these are available at https://www.in.gov/cybersecurity/in-isac/cyber-incident-reporting-law/.

More information, including how to report cybersecurity incidents is available at https://on.in.gov/1169.


About the Indiana Office of Technology | http://www.IN.gov/iot  

The Indiana Office of Technology (IOT) provides cost-effective, secure, consistent, reliable enterprise-technology services to state government so that they can better serve our mutual customer, the Hoosier taxpayer. Created in 2005, IOT offers more than 120 technology products maintained and serviced by expert staff with licenses or certifications in 62 technical areas.


Event Details