Authorizes the office of the state chief information officer to test the security of a state agency's information technology systems and infrastructure to identify and mitigate system vulnerabilities.

Authorizes the state military department, at the request of the entity involved in the management of critical infrastructure to be tested, to conduct independent security testing of the information security of a private entity operating within this state, or unit of local government of this state, involved in the management of critical infrastructure.

Requires the chief information security officer, the utilities and transportation commission, and the state military department to meet regularly to share information, trends, and best practices regarding information technology systems and infrastructure security.

Provides that this act is null and void if appropriations are not approved.