WaTech adopts SEC-01 Washington State Cybersecurity Program Policy (replacing IT Policy 141 and portions of IT Standard 141.10)

Washington Technology Solutions (WaTech) published the SEC-01 Washington State Cybersecurity Program Policy, adopted by the State CIO and approved by the Technology Services Board on Dec. 10, 2024. The policy replaces legacy statewide security artifacts (IT Policy 141 and specified sections of IT Standard 141.10) and establishes core agency obligations including maintaining an agency cybersecurity program with at least annual review and providing annual agency head/CIO attestation of compliance to WaTech, plus requirements to align vendor/partner contract language with state and agency security requirements.