63A-16-511. Reporting to the Utah Cyber Center — Assistance to governmental entities — Records.
| (1) |
As used in this section:
Terms Used In Utah Code 63A-16-511
| (a) |
“Governmental entity” means the same as that term is defined in Section 63G-2-103. |
| (b) |
“Utah Cyber Center” means the Utah Cyber Center created in Section 63A-16-510. |
|
| (2) |
A governmental entity shall contact the Utah Cyber Center as soon as practicable when the governmental entity becomes aware of a breach of system security. |
| (3) |
The Utah Cyber Center shall provide the governmental entity with assistance in responding to the breach of system security, which may include:
| (a) |
conducting all or part of the investigation required under Subsection 13-44-202(1)(a); |
| (b) |
assisting law enforcement with the law enforcement investigation if needed; |
| (c) |
determining the scope of the breach of system security; |
| (d) |
assisting the governmental entity in restoring the reasonable integrity of the system; or |
| (e) |
providing any other assistance in response to the reported breach of system security. |
|
| (4) |
| (a) |
A person providing information to the Utah Cyber Center may submit the information required in Section 63G-2-309 to request that the information submitted by the person and information produced by the Utah Cyber Center in the course of the Utah Cyber Center’s investigation be classified as a confidential protected record. |
| (b) |
Information submitted to the Utah Cyber Center under Subsection 13-44-202(1)(c) regarding a breach of system security may include information regarding the type of breach, the attack vector, attacker, indicators of compromise, and other details of the breach that are requested by the Utah Cyber Center. |
| (c) |
A governmental entity that is required to submit information under Section 63A-16-511 shall provide records to the Utah Cyber Center as a shared record in accordance with Section 63G-2-206. |
|
Enacted by Chapter 496, 2023 General Session
