Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · Delaware · Title 29 — State Government · Subchapter I. General Provisions

§ 9011C. State information security requirements

266 words·~1 min read·/de/title-29/subchapter-i-general-provisions/9011c

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

The Department of Technology and Information shall have the power to:
(1)Develop and implement a comprehensive information security program that applies personnel, process, and technology controls to protect the State’s data, systems, and infrastructure, within the State’s computing environment and on partner systems. All systems that connect to the State network shall comply with the State Information Security Program;
(2)Identify and address information security risks to each state agency, to third-party providers, and to key supply chain partners, including an assessment of the extent to which information resources, processes, or technologies are vulnerable to unauthorized access or harm, including the extent to which the entity’s electronically stored information is vulnerable to unauthorized access, use, disclosure, disruption, modification, or destruction, and direct risk mitigation strategies, methods, and procedures to reduce those risks;
(3)Establish a central Security Operations Center
(SOC)to direct statewide cyber defense and cyber threat mitigation. The SOC responsibilities shall include generating, collecting and analyzing security activity information to effectively identify and respond to cyber-attacks against the State;
(4)Implement technical compliance to state-owned technology as required by law. The Department may also implement technical compliance to state-owned technology that is recommended by private industry standards. The Department shall have the full cooperation of state agencies in identifying compliance requirements or industry standards; and
(5)Temporarily disrupt the exposure of an information system or information technology infrastructure that is owned, leased, outsourced, or shared by one or more state agencies in order to isolate the source of, or stop the spread of, an information security breach or other similar information security incident.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.