S1139
An act to amend the State Technology Law — 2025-06-11 · Calendar #1343
The New York State Senate passed legislation to strengthen cybersecurity protections for state government systems, approving S1139 on a 55-4 vote. The bill, sponsored by Sen. Gonzalez, requires multifactor authentication for local and remote network access to state systems. Gonzalez cited a cyberattack last year on the Legislative Bill Drafting Commission that temporarily disabled the body responsible for drafting and printing bills, highlighting vulnerabilities in critical state government infrastructure. She noted that according to the Cybersecurity and Infrastructure Security Agency, entities using multifactor authentication are 99 percent less likely to experience network breaches than those without it. The legislation takes effect one year after enactment. Senators Borrello, Hinchey, C. Ryan, and Walczyk voted against the measure.
PASSED
Ayes: 55
· Nays: 4
Debate Summary
Sen. Gonzalez explained the bill's purpose following a cyberattack on the Legislative Bill Drafting Commission that exposed vulnerabilities in state government cybersecurity. She argued that multifactor authentication for network access is critical to protect sensitive information and state systems, citing CISA data showing entities using MFA are 99 percent less likely to be compromised. The bill requires implementation one year after enactment.
Recorded Votes
Recorded votes are predominantly dissenting (nay) votes captured from roll call records.
| Senator | Vote | Party |
|---|---|---|
| Borrello | nay | Republican |
| C. Ryan | nay | |
| Hinchey | nay | Democrat |
| Walczyk | nay | Republican |