Ohio Attorney General Mike DeWine created CyberOhio to help Ohio businesses and consumers fight data security threats. One of the group’s primary objectives is to draft legislation that improves the cybersecurity legal environment in Ohio.
The first legislative proposal is Senate Bill 220, the so-called “Safe Harbor” bill. The bill helps businesses defend against a lawsuit alleging that a data breach was caused by the business’s failure to implement reasonable information security controls.
In order to be protected under the proposed Safe Harbor legislation, a business must proactively implement and maintain a cybersecurity program that complies with one of eight different industry-recognized cybersecurity frameworks.