A pair of new cybersecurity laws took effect in Virginia last Friday. One measure requires state and local public agencies to report all incidents that threaten data security, expose data or compromise the security of the public entity or agency’s IT systems. The other law changes the Information Technology Advisory Council into a panel with members from the private sector as well as legislators. It also increases the number of council members and adds cybersecurity to the Council’s advisory area.