Amends and adds to existing law to require the implementation of cybersecurity best practices and the use of multifactor identification in Idaho state government.

This legislation requires all state agencies to implement and use multifactor authentication to increase cybersecurity on state devices and when accessing state resources. This legislation also clarifies the role of the Office of Information Technology when it relates to issues of information security, risk identification and mitigation, education and training, and state agency cybersecurity best practices.