Before the federal government's ban Wednesday on the use of a Russian brand of cybersecurity software, due to alleged cyberespionage activity, California's state government experts were already in the loop and wasted no time reacting.
California’s Cybersecurity Integration Center at the Governor’s Office of Emergency Services, Cal-CSIC, was providing public information about Kaspersky Lab’s change of status as early as Tuesday.
“We start picking up very quickly that there was some reason the federal government decided that they were going to pull Kaspersky from their authorized product list or from their procurement list,” Mario Garcia, deputy commander of Cal-CSIC, said Tuesday at the California Tech Forum.
A directive was issued by Elaine Duke, acting homeland security secretary, removing the company’s software from all federal civilian agencies within 90 days, unless otherwise noted.
“Quite frankly, some of those that have been around the federal government for many years never witnessed anything like that,” Garcia said.
Once Cal-CSIC had the information, it “started reaching out to our FBI, DHS partners” in order to access the risk to state and local governments in order to put out an unclassified advisory.
“It ultimately arrived at a DGS and Department of Technology communication that went out that directed all state agencies to pull Kaspersky products off of their networks and to cease and desist on any future or any current procurements towards them,” Garcia said.
The department could reassess to determine if there is a threat in the future, Garcia said.
