Ohio's New Cybersecurity Law Needs Partners, Not Vendors
Municipalities Don't Need More Invoices. They Need Real Technology Partners.
2 min read
Dom Rozzo
:
Updated on July 7, 2026
Municipalities Don't Need More Invoices. They Need Real Technology Partners.
Ohio local governments and public safety agencies are under a new kind of technology pressure. It's no longer about replacing computers, closing tickets, or keeping the network up. It's about governance, cybersecurity, continuity, compliance, and protecting the services residents depend on.
ORC 9.64 changed the conversation. Ohio political subdivisions must now adopt cybersecurity programs aligned with accepted frameworks like NIST CSF or the CIS Controls, focused on the availability, confidentiality, and integrity of public data and IT resources. Local government technology can no longer be a loose collection of tools and invoices. It has to be treated as an operating environment, and that requires partnership.
The problem usually isn't a lack of tools
Most agencies already have the tools. They're paying for Microsoft 365 or Google Workspace, endpoint protection, backup, records and reporting systems, body cameras, access control, cameras, and fiber. The problem is that those tools are rarely integrated, optimized, secured, documented, or explained.
The result is duplicate licensing, missed security features, incomplete configurations, poor vendor coordination, higher costs, and more risk. Too often the answer is "That doesn't work that way," when it should be "Let's work with the vendor and make it work the right way." One answer closes the conversation. The other starts a partnership.
ORC 9.64 raises the standard
ORC 9.64 isn't a compliance checkbox. It requires a cybersecurity program that is adopted, operating, documented, and defensible. The Auditor of State has been clear that programs should fit each agency's size and risk. A small township doesn't need what a large city needs, but every agency needs a program that matches its operations and public-service responsibilities, and can show evidence that the program is actually active.
Public safety is different
Police, fire, EMS, dispatch, and emergency management rely on technology differently than a typical office. Dispatch, records, EMS reporting, mobile data, body camera evidence, communications, and building access all support real-world response. When everything is normal, those systems need to work. When everything is not normal, they need to work even better. When they aren't integrated, secured, or understood, the impact isn't just technical. It affects response, continuity, cost, and the residents who depend on those services.
Municipalities deserve better than transactional IT
A real partner sits down with leadership and asks what you're trying to accomplish, where your pain points and exposures are, what you're already paying for that could be used better, and what would happen if a critical system failed. That conversation is where progress happens, and where wasted spending gets cut. Many agencies already own the licensing to improve their security; the features simply were never turned on. Public money should be spent in ways that are explainable, defensible, and tied to real value.
Why Pelican3 is different
Our focus isn't another invoice or another stack of tools. It's becoming a practical technology and cybersecurity partner for Ohio public agencies: ORC 9.64 gap assessments, managed IT and cybersecurity, cyber forensics, incident readiness, documentation, and public safety continuity planning.
My background spans more than two decades in technology, municipal IT and public safety leadership, cyber forensics, and active reserve law enforcement with Liberty Township Police Department. This work isn't theoretical to me. I know the people who depend on these systems and what it means when leaders are trying to make responsible decisions with limited resources.
Schedule an ORC 9.64 Readiness Review
If you're unsure whether your cybersecurity program is adopted, operating, documented, and defensible, we can help. We're offering 15-minute ORC 9.64 Readiness Reviews for Ohio municipalities, townships, fire and EMS districts, and other public-sector organizations.
Schedule here: https://www.pelican3.net/meetings/dominic-rozzo
Dominic Rozzo
Director of Cyber Forensics and Public Funded MSP
Pelican3 Consulting · 330-550-3456 · dom.rozzo@pelican3.net · www.pelican3.net
Municipalities Don't Need More Invoices. They Need Real Technology Partners.
Big Tech Is Hiring 1,000 Forward Deployed Engineers. Mid-Market Companies Need a Different Answer. The AI skills gap is real, but for most companies...
How small and mid-sized businesses can capture the upside of AI-built software without the security and operational exposure that comes with skipping...