Bills Aiming to secure California from Cyberattacks Reach Governor’s Desk

Thursday, September 14, 2017

Two Bills passed by the Legislature are designed to bolster California’s Cybersecurity

SACRAMENTO – The California State Legislature passed two bills designed to help further secure California’s valuable network from cybercriminals. Assemblymember Jacqui Irwin, Chair of the Select Committee on Cybersecurity, has authored AB 531 and AB 1022, which provides more tools for California to assess its cyber-readiness and ensure that the state is doing all it can to keep important data secure.

“We’ve seen recent large scale cyber-attacks targeting governments and large companies around the world,” said Assemblymember Jacqui Irwin. “It is essential that California, as the fifth largest economy in the world, has the cyber defenses that match its status as a high value target for hackers. This legislation aims to ensure that California’s cyber capabilities are up-to-date and operating effectively.”

AB 531 would ensure that the state is using the most up-to-date technologies to protect the state network. The bill requires CDT to assess the current security technologies in place and the policies, standards, and procedures that govern their selection and use. It would then require CDT to develop a statewide plan to update policies and technology to implement necessary changes to insure the continued security and privacy of state networks and data.

AB 1022 would provide a valuable tool for the Chief Information Security Officer (CISO) by requiring state agencies and departments to submit inventories of the critical infrastructure controls and assets that reside on their networks. These inventories will give the CISO and other state cybersecurity partners in the California Cybersecurity Integration Center strategic insight into the composition of various parts of the state network. The inventory information will enable targeted threat information sharing and a more efficient allocation of the state’s resources in response to a cyberattack. The bill also recognizes that many local entities partner with state departments to provide critical infrastructure services across the state, therefore the bill allows the California Dept. of Technology (CDT) to request these local partners provide similar information, ensuring network-wide security for critical infrastructure.

The bills now head to the Governor’s desk for approval.