NRS 242.116 Security Operations Center: Development of certain policies and procedures.
203 words·~1 min read·
/nv/chapter-242-information-services/242-116A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
NRS 242.116 Security Operations Center: Development of certain policies and procedures.
1. The Security Operations Center shall develop policies and procedures to:
(a)Combat the increasing threats to using agencies posed by cybercriminals;
(b)Protect sensitive data in the possession of a using agency; and
(c)Ensure a coordinated and rapid response to any cybersecurity incident that affects a using agency.
2. The policies and procedures developed pursuant to subsection 1 must include, without limitation:
(a)A requirement that a using agency notify the Security Operations Center of any specific or immediate threat to the cybersecurity of an information system operated or maintained by the using agency;
(b)A requirement that the Security Operations Center notify the appropriate law enforcement agency and prosecuting attorney and any other appropriate public or private entity of any specific threat to the cybersecurity of an information system of which the Security Operations Center has been notified;
(c)A strategy for developing ongoing programs for professional development in cybersecurity for the employees of a using agency; and
(d)The use of security orchestration automation and response systems to automate repetitive tasks, enhance operational efficiency and standardize procedures and responses for the various information technology support of using agencies.