Section 13-115 - Security requirements(a) The Department of Information Technology shall require basic security requirements to be included in a contract: (1) in which a third-party contractor will have access to and use State telecommunication equipment, systems, or services; or(2) for systems or devices that will connect to State telecommunication equipment, systems, or services.(b) The security requirements developed under subsection (a) of this section shall be consistent with a widely recognized security standard, including National Institute of Standards and Technology SP 800-171, ISO27001, or Cybersecurity Maturity Model Certification.Added by 2022 Md. Laws, Ch. 242, Sec. 2, eff. 7/1/2022.