Amends Chapter 143 of the General Statutes (executive Organization Act of 1973 – establishing and regulating state agencies) by adding Article 84 prohibiting state agencies and local government entities from making payments to or communicating with an entity attacking the agency or local government’s IT system with ransomware, directing agencies or local governments experiencing a ransom request associated with a cyber security attack to consult with the Department of Information Technology (DIT), and defining “local government entity” and “state agency.” Amends GS 143B-1320 (definitions related to DIT) to define “ransomware attack” as a cybersecurity incident where a malicious actor introduces software into an information system that encrypts data and renders the systems that rely on that data unusable, followed by a demand for a ransom payment in exchange for decryption of the affected data. Amends GS 143B-1379(c) (county and municipal government cyber security incident reporting) to make conforming changes. Amends GS 143B-1322(c) to include ransomware attacks in the incidents the Chief Information Officer has the power and duty to coordinate responses to.