Washington Legislature bill SB 6281 proposes cloud-service procurement assessment criteria referencing SEC-01 (including future amendments)

Washington State SB 6281 (2025–26 biennium) includes proposed language that would require an assessment prior to purchase of third-party commercial cloud computing services, including evaluation of cybersecurity and regulatory compliance criteria tied to the 'Washington state cybersecurity program policy' (SEC-01) and any subsequent amendments. This is not an amendment to SEC-01 itself, but it would elevate SEC-01 as a statutory reference point for procurement/compliance assessments if enacted.