To Prohibit Public Entities From Paying A Ransom For A Cyberattack; And To Require Public Entities To Create A Policy To Prohibit Payment Of A Ransom For A Cyberattack.
Impact
If enacted, HB1704 would modify state laws by establishing a clear prohibition on ransom payments made by any public entity, which includes various state departments, public school districts, charter schools, and institutions of higher education. The legislation aims to empower public entities to enhance their cybersecurity protocols and relies on increased emphasis on preventative measures rather than reactive responses. This shift in approach is anticipated to reshape how such entities handle cyber threats going forward.
Summary
House Bill 1704 aims to prohibit public entities in Arkansas from paying ransoms demanded by cybercriminals during ransomware attacks. It obligates these entities to develop a policy that specifically prevents ransom payments. The bill is grounded in the belief that funding adversaries through ransom payments is inappropriate and that adequate backup and recovery processes can obviate the need for such payments. This is particularly relevant considering studies suggesting a high probability of being targeted again for those who pay the ransom.
Sentiment
The sentiment around HB1704 reflects a strong inclination towards bolstering cybersecurity measures and preventing the funding of criminals. Proponents of the bill express optimism about reducing the risk of future attacks and ensuring that taxpayer funds are not used to pay off cybercriminals. On the other hand, there may be concerns from some quarters about the feasibility of recovery solutions and the potential consequences if preventive measures fail, suggesting a divided perspective within certain circles.
Contention
A primary point of contention surrounding HB1704 may revolve around the feasibility of recovery solutions in the event of a cyberattack. Critics may argue that while imposing a ban on ransom payments seems ideal, it may not account for the complexities of every cyber incident faced by public entities. Additionally, there may be skepticism regarding whether public entities can effectively implement backup and recovery systems that would allow them to avoid paying ransoms, thereby adding a layer of concern regarding public service efficacy in times of crisis.
To Amend The Arkansas Data Centers Act Of 2023; To Prohibit Foreign-party-controlled Ownership Of A Digital Asset Mining Business; And To Declare An Emergency.
To Authorize The Introduction Of A Nonappropriation Bill To Amend The Arkansas Data Centers Act Of 2023 And To Prohibit Foreign-party-controlled Ownership Of A Digital Asset Mining Business.
To Authorize The Introduction Of A Nonappropriation Bill To Amend The Arkansas Data Centers Act Of 2023 And To Prohibit Foreign-party-controlled Ownership Of A Digital Asset Mining Business.
To Authorize The Introduction Of A Nonappropriation Bill To Amend The Arkansas Data Centers Act Of 2023 And To Amend The Requirements For A Digital Asset Mining Business Or Business Using A Blockchain Network.
To Authorize The Introduction Of A Nonappropriation Bill To Amend The Arkansas Data Centers Act Of 2023 And To Amend The Requirements For A Digital Asset Mining Business Or Business Using A Blockchain Network.
An Act For The Department Of Education - Division Of Elementary And Secondary Education - Public School Fund Appropriation For The 2024-2025 Fiscal Year.
To Authorize The Introduction Of A Nonappropriation Bill To Amend The Arkansas Data Centers Acts Of 2023, To Regulate Digital Asset Mining Businesses And Businesses Utilizing A Blockchain Network, And To Declare An Emergency.
To Authorize The Introduction Of A Nonappropriation Bill To Amend The Arkansas Data Centers Acts Of 2023, To Regulate Digital Asset Mining Businesses And Businesses Utilizing A Blockchain Network, And To Declare An Emergency.
To Regulate Meetings, Internal Policies And Guidelines, And Reports To Address A Cybersecurity Incident Involving, Or A Cyberattack On, A Public Entity.
Requesting That The Chief Information Officer Review Whether All Departments, Agencies, And Offices Of The State Have Up-to-date Technology To Reduce Cyber Threats And Help Protect The State Against Cyberattacks.
Requesting That The Chief Information Officer Review Whether All Departments, Agencies, And Offices Of The State Have Up-to-date Technology To Reduce Cyber Threats And Help Protect The State Against Cyberattacks.