Bill Text: CA AB2695 | 2021-2022 | Regular Session | Amended

Bill Title: California State University: Cybersecurity Regional Alliances and Multistakeholder Partnerships Pilot Program.

Spectrum: Partisan Bill (Democrat 3-0)

Status: (Introduced - Dead) 2022-05-19 - In committee: Held under submission. [AB2695 Detail]

Download: California-2021-AB2695-Amended.html

Amended  IN  Assembly  April 04, 2022
Amended  IN  Assembly  March 17, 2022

CALIFORNIA LEGISLATURE— 2021–2022 REGULAR SESSION

Assembly Bill
No. 2695

Introduced by Assembly Member Berman
(Principal coauthor: Assembly Member Irwin)

February 18, 2022

An act to amend Section 8586.5 of the Government Code, relating to cybersecurity. An act to add Article 8 (commencing with Section 89270) to Chapter 2 of Part 55 of Division 8 of Title 3 of the Education Code, relating to the California State University.


LEGISLATIVE COUNSEL'S DIGEST


AB 2695, as amended, Berman. Cybersecurity workforce: California Cybersecurity Integration Center: statewide cybersecurity strategy. California State University: Cybersecurity Regional Alliances and Multistakeholder Partnerships Pilot Program.
Existing law establishes the California State University, under the administration of the Trustees of the California State University, as one of the segments of public postsecondary education in this state. The California State University comprises 23 institutions of higher education located throughout the state.
This bill would establish the Cybersecurity Regional Alliances and Multistakeholder Partnerships Pilot Program to address the cybersecurity workforce gap, as specified. The bill would require the office of the Chancellor of the California State University to select any number of California State University campuses to participate in the pilot program through an application process developed by the chancellor’s office on or before March 1, 2023. The bill would require the selected campuses to, among other things, annually share the impact and results of their created pilot program with the chancellor’s office. The bill would require the chancellor’s to annually report the impact and results of the campus’s pilot programs to the Legislature.

Existing law establishes the California Cybersecurity Integration Center within the Office of Emergency Services, the primary mission of which is to reduce the likelihood and severity of cyber incidents that could damage California’s economy, its critical infrastructure, or computer networks in the state. Existing law requires the center to develop a statewide cybersecurity strategy that, among other things, deepens expertise among California’s workforce of cybersecurity professionals.

This bill would also require the statewide cybersecurity strategy to increase opportunities to meet the cybersecurity workforce demand.

Vote: MAJORITY   Appropriation: NO   Fiscal Committee: YES   Local Program: NO  

The people of the State of California do enact as follows:


SECTION 1.

 The Legislature finds and declares all of the following:
(a) The demand for cybersecurity workers is growing far faster than the supply, driven by an increasing number of cyberattacks.
(b) California and the country face a cybersecurity workforce shortage with over 63,000 open positions in the state and over 500,000 cybersecurity openings across the country.
(c) There is a need to develop a pipeline of workers to ensure current and future workforce availability in cybersecurity roles.

SEC. 2.

 Article 8 (commencing with Section 89270) is added to Chapter 2 of Part 55 of Division 8 of Title 3 of the Education Code, to read:
Article  8. Cybersecurity Regional Alliances and Multistakeholder Partnerships Pilot Program

89270.
 (a) The Cybersecurity Regional Alliances and Multistakeholder Partnerships Pilot Program is hereby established in order to address the cybersecurity workforce gap by doing all of the following:
(1) Stimulating cybersecurity education and workforce development by bringing together stakeholders in the cybersecurity ecosystem.
(2) Aligning the cybersecurity workforce needs of employers with the education and training provided by institutions of higher education.
(3) Increasing the pipeline of students pursuing cybersecurity careers.
(4) Developing the cybersecurity workforce to meet industry needs within local or regional economies.
(b) On or before March 1, 2023, the office of the Chancellor of the California State University shall develop an application process, selection process, and criteria for California State University campuses seeking to participate in the pilot program.
(c) The office of the Chancellor of the California State University shall select any number of campuses to participate in the pilot program.
(d) Each selected California State University campus shall do all of the following:
(1) Create a pilot program with goals and metrics.
(2) Develop strategies and tactics for building successful regional alliances and multistakeholder partnerships.
(3) Measure the impact and results of their pilot program and annually share the impact and results with the office of the Chancellor of the California State University.
(e) The office of the Chancellor of the California State University shall annually report the impact and results from each selected campus’s pilot program to the Legislature.

SEC. 2.Section 8586.5 of the Government Code is amended to read:
8586.5.

(a)The Office of Emergency Services shall establish and lead the California Cybersecurity Integration Center. The California Cybersecurity Integration Center’s primary mission is to reduce the likelihood and severity of cyber incidents that could damage California’s economy, its critical infrastructure, or public and private sector computer networks in our state. The California Cybersecurity Integration Center shall serve as the central organizing hub of state government’s cybersecurity activities and coordinate information sharing with local, state, and federal agencies, tribal governments, utilities and other service providers, academic institutions, and nongovernmental organizations. The California Cybersecurity Integration Center shall be comprised of representatives from the following organizations:

(1)The Office of Emergency Services.

(2)The Office of Information Security.

(3)The State Threat Assessment Center.

(4)The Department of the California Highway Patrol.

(5)The Military Department.

(6)The Office of the Attorney General.

(7)The California Health and Human Services Agency.

(8)The California Utilities Emergency Association.

(9)The California State University.

(10)The University of California.

(11)The California Community Colleges.

(12)The United States Department of Homeland Security.

(13)The United States Federal Bureau of Investigation.

(14)The United States Secret Service.

(15)The United States Coast Guard.

(16)Other members as designated by the Director of Emergency Services.

(b)The California Cybersecurity Integration Center shall operate in close coordination with the California State Threat Assessment System and the United States Department of Homeland Security– National Cybersecurity and Communications Integration Center, including sharing cyber threat information that is received from utilities, academic institutions, private companies, and other appropriate sources. The California Cybersecurity Integration Center shall provide warnings of cyberattacks to government agencies and nongovernmental partners, coordinate information sharing among these entities, assess risks to critical infrastructure and information technology networks, prioritize cyber threats and support public and private sector partners in protecting their vulnerable infrastructure and information technology networks, enable cross-sector coordination and sharing of recommended best practices and security measures, and support cybersecurity assessments, audits, and accountability programs that are required by state law to protect the information technology networks of California’s agencies and departments.

(c)The California Cybersecurity Integration Center shall develop a statewide cybersecurity strategy, informed by recommendations from the California Task Force on Cybersecurity and in accordance with state and federal requirements, standards, and best practices. The cybersecurity strategy shall be developed to improve how cyber threats are identified, understood, and shared in order to reduce threats to California government, businesses, and consumers. The strategy shall also strengthen cyber emergency preparedness and response, standardize implementation of data protection measures, enhance digital forensics and cyber investigative capabilities, deepen expertise among California’s workforce of cybersecurity professionals, increase opportunities to meet the cybersecurity workforce demand, and expand cybersecurity awareness and public education.

(d)The California Cybersecurity Integration Center shall establish a Cyber Incident Response Team to serve as California’s primary unit to lead cyber threat detection, reporting, and response in coordination with public and private entities across the state. This team shall also assist law enforcement agencies with primary jurisdiction for cyber-related criminal investigations and agencies responsible for advancing information security within state government. This team shall be comprised of personnel from agencies, departments, and organizations represented in the California Cybersecurity Integration Center.

(e)Information sharing by the California Cybersecurity Integration Center shall be conducted in a manner that protects the privacy and civil liberties of individuals, safeguards sensitive information, preserves business confidentiality, and enables public officials to detect, investigate, respond to, and prevent cyberattacks that threaten public health and safety, economic stability, and national security.

LegiScan Search

View Top 50 Searches

Select area of search.
Find an exact bill number.
Search bill text and data. [help]
Reset

LegiScan Trends

View Top 50 National

PA SB559 Further providing for definitions; and abrogating regulations.
PA HB1783 Providing for substance use overdose awareness, treatment and recovery...
PA HB1716 In entities generally, further providing for requirements for names generally...
PA HB416 In assault, further providing for the offense of stalking.
NH SB417 Relative to out-of-home placements for children.
US HB1240 Winnebago Land Transfer Act of 2023
NY S05916 Exempts a civil claim or cause of action revived pursuant to section two...
US SR746 A resolution commemorating the passage of 3 years since the tragic building...
PA HB1540 In terms and courses of study, further providing for Commission for Agricultural...
NY S09704 Extends limitations on the shift between classes of taxable property in...
feedback