Item C22 C22
BOARD OF COUNTY COMMISSIONERS
COUNTY of MONROE �� i Mayor Holly Merrill Raschein,District 5
The Florida Keys Mayor Pro Tern James K.Scholl,District 3
Craig Cates,District 1
Michelle Lincoln,District 2
' David Rice,District 4
Board of County Commissioners Meeting
December 13, 2023
Agenda Item Number: C22
2023-1856
BULK ITEM: Yes DEPARTMENT: Information Technology
TIME APPROXIMATE: STAFF CONTACT: Alan MacEachern
AGENDA ITEM WORDING: Approval of Resolution adopting the National Institute of Standards
and Technology's Cybersecurity Framework as the Cybersecurity Standard for Monroe County, Florida
as required by Florida Statute 282.3185.
ITEM BACKGROUND:
The State of Florida passed Statute 282.3185 which provides guidance to local governments on certain
required aspects of their Cybersecurity programs. In particular, it requires that local governments
identify a framework which they commit to use for implementation and continued optimization of their
local Cybersecurity program. The Monroe County Information Technology Department has decided to
use the National Institute of Standards and Technology(NIST) framework as our standard
(https://www.nist.gov/cyberframework).
PREVIOUS RELEVANT BOCC ACTION:
INSURANCE REQUIRED:
No
CONTRACT/AGREEMENT CHANGES:
N/A
STAFF RECOMMENDATION: Approve
DOCUMENTATION:
Monroe County Cybersecurity Standard Resolution.pdf
FINANCIAL IMPACT:
N/A
1466
RESOLUTION NO. -2023
A RESOLUTION BY THE MONROE COUNTY BOARD OF COUNTY
COMMISSIONER ADOPTING THE NATIONAL INSTITUTE OF
STANDARDS AND TECHNOLOGY'S CYBERSECURITY FRAMEWORK
AS THE CYBERSECURITY STANDARD FOR MONROE COUNTY,
FLORIDA AND PROVIDING AN EFFECTIVE DATE.
WHEREAS, Florida Statute 282.3185, the "Local Government Cybersecurity Act,"
establishes cybersecurity requirements for county and municipal governments; and
WHEREAS, Florida Statute 282.3185 (4) states, "Each local government shall adopt
cybersecurity standards that safeguard its data, information technology, and information
technology resources to ensure availability, confidentiality, and integrity. The cybersecurity
standards must be consistent with generally accepted best practices for cybersecurity, including
the National Institute of Standards and Technology Cybersecurity Framework;" and
WHEREAS, Florida Statute 282.3185 (4)requires municipalities with a population of
25,000 or more to adopt a cybersecurity standard by January 1, 2024; and
WHEREAS, the Information Technology Department of the Monroe County, Florida,
has selected the National Institute of Standards and Technology's Cybersecurity Framework as a
baseline cybersecurity standard to which all cybersecurity policies of Monroe County, Florida,
will adhere;
NOW THEREFORE, BE IT RESOLVED BY THE BOARD OF COUNTY
COMMISSIONERS OF MONROE COUNTY, FLORIDA THAT:
SECTION 1: The National Institute of Standards and Technology's Cybersecurity
Framework shall be the guiding cybersecurity standard for all cybersecurity policies adopted by
Monroe County, Florida and the Information Technology Department.
SECTION 2: Monroe County, Florida and the Information Technology Department may
further use any standards, guidelines, and best practices from within any generally accepted
cybersecurity standard to establish cybersecurity policies for Monroe County, Florida providing
all such policies are as stringent or more stringent than those provided by the National Institute
of Standards and Technology's Cybersecurity Framework.
SECTION 3: This Resolution shall become effective on January 1, 2024.
PASSED AND ADOPTED by the Board of County Commissioners of Monroe County, Florida
at a regular meeting held in the 13m day of December 2023.
1
1467
Mayor Holly Merrill Raschein
Mayor Pro Tem James K. Scholl
Commissioner Craig Cates
Commissioner Michelle Lincoln
Commissioner David Rice
(SEAL) BOARD OF COUNTY COMMISSIONERS
Attest: KEVIN MADOK, CLERK OF MONROE COUNTY, FLORIDA
BY: BY:
As Deputy Clerk Mayor
2
1468