715 - Office of cyber security.
§ 715. Office of cyber security. 1. The office of cyber security shall be dedicated to the protection of the state's cyber security infrastructure, including, but not limited to, the identification and mitigation of vulnerabilities, deterring and responding to cyber events, and promoting cyber security awareness within the state. The office shall also be responsible for statewide policies, standards, programs, and services relating to cyber security and geographic information systems, including the statewide coordination of geographically referenced critical infrastructure information. The director of the office shall be the chief cyber security officer of New York state. 2. The director may request and receive from any department, division, board, bureau, commission or other agency of the state or any political subdivision thereof or any public authority such assistance, information and data as will enable the office properly to carry out its functions, powers and duties. 3. The director of the office is authorized to maintain, in electronic or paper formats, maps, geographic images, geographic data and metadata. 4. The director of the office is authorized to promulgate any rules and regulations necessary to implement the provisions of this section. 5. Notwithstanding the provisions of subparagraphs (i) and (ii) of paragraph (a) of subdivision eight of section seventy-three of the public officers law, former officers or employees of the office of cyber security employed by the not-for-profit corporation that operates the multi-state information sharing and analysis center may appear before and render services to any federal, state, local, territorial or tribal government relating to cyber security. 6. Notwithstanding the provisions of section one hundred sixty-three of the state finance law, section one hundred three of the general municipal law, article four-C of the economic development law, or any other provision of law relating to the award of public contracts, any officer, body, or agency of New York state, public corporation, or other public entity subject to such provisions of law shall be authorized to enter individually or collectively into contracts with the not-for-profit corporation that operates the multi-state information sharing and analysis center for the provision of services through September thirtieth, two thousand thirteen related to cyber security including, but not limited to, monitoring, detecting, and responding to cyber incidents, and such contracts may be awarded without compliance with the procedures relating to the procurement of services set forth in such provisions of law. Such contracts shall, however, be subject to the comptroller's existing authority to approve contracts where such approval is required by section one hundred twelve of the state finance law or otherwise. Such officers, bodies, or agencies may pay the fees or other amounts specified in such contracts in consideration of the cyber security services to be rendered pursuant to such contracts.