Authorizes the office of the state chief information officer to test the security of a state agency's information technology systems and infrastructure to identify and mitigate system vulnerabilities.

Authorizes the state military department to conduct independent security testing of the information security of a private entity operating within the state, or unit of local government of the state, involved in the management of critical infrastructure.

Requires the chief information security officer, the utilities and transportation commission, and the state military department to meet regularly to share information, trends, and best practices regarding information technology systems and infrastructure security.

Provides that this act is null and void if appropriations are not approved.