More details are coming to light about the California Cybersecurity Integration Center (Cal-CSIC) that the Brown administration created through an executive order last year to bolster the state's cybersecurity readiness, response and defense.
The center, which is located alongside the state's main fusion center at the California Governor's Office of Emergency Services, has been operational since mid-April, said Eli Owen, deputy commander of the California State Threat Assessment Center (STAC), during a presentation at the California Technology Forum in Sacramento on Aug. 11.
Owen said Cal-CSIC is the first of its kind and is focused on California. The center's mission is to focus on cyberthreat analysis, assessments, information sharing, and incident response and coordination. In plainer terms, it's capturing malicious events and turning those into actionable intelligence.
"We estimate that we're seeing only about 2 percent of the total threat landscape across the state. We know for a fact thousands of attempts to penetrate state systems are occurring daily — and [in] organizations, locals, municipalities, and so forth. So in our mind, it's a lot of good data that we're missing out on trying to figure out what's happening," Owen said.
Owen asserted that before the creation of Cal-CSIC, nobody was looking at the cyber-intel landscape holistically across California.
"If you start to take back ownership of that, you can create — and I'm going to use a buzzword, synergies — out of that that you haven't seen to date," Owen said.
Core partners of Cal-CSIC include CalOES, the Department of Technology, CHP and the Military Department. Other strategic parters include the California Municipal Utilities Association, and the state's universities.
Cal-CSIC also utilizes federal partnerships, Owen said, with organizations such as the Multi-State Information Sharing & Analysis Center (MS-iSAC), the Department of Homeland Security, and FBI. Eventually the center's services may extend outward to California's private-sector companies and other entities.
But the initial focus is the "state family" first, Owen said. Data generated from dozens of cybersecurity audits of state agencies and departments mandated through AB 670 likely will flow through the Cal-CSIC and enable its analysts to someday send out threat bulletins to state government based on trends identified from the data.
Owen said the center is triaging events on a daily basis, and an intelligence officer from the U.S. Department of Homeland Security is now embedded at Cal-CSIC.
