Authorizes the office of the state chief information officer to test the security of a state agency's information technology systems and infrastructure to identify and mitigate system vulnerabilities.

Authorizes the state military department to conduct independent security testing of the information security of a private entity operating within the state, or unit of local government of the state, involved in the management of critical infrastructure.