(a)  The secretary of state shall establish an election systems cybersecurity review board. The review board shall be comprised of the secretary of state, or designee; the executive director of the board of elections, or designee; the executive director of the Rhode Island League of Cities and Towns, or designee; a representative from the Rhode Island national guard; a representative from the Rhode Island state police; and a representative from the Rhode Island division of information technology.

(b)  The secretary of state, or designee, shall serve as chairperson of the review board.

(c)  It shall be the duty of the election systems cybersecurity review board to review the assessments conducted by the board of elections and department of state and also to procure a third-party assessment of the election systems. The review board will provide a security analysis of the election systems and election facilities and shall issue a report based on its assessment with any recommendations to improve the cybersecurity of the election systems and election facilities.

(d)  The secretary of state shall adopt rules defining classes of protected election data and establish best practices for identifying and reducing risk to the electronic use, storage, and transmission of election data and the security of election systems.

(e)  The cybersecurity review board shall issue a report no later than two (2) months prior to a statewide primary election referenced in § 17-15-1.