California lawmakers on Wednesday sent Gov. Jerry Brown cyberlegislation to beef up the protection of the state’s networks, part of an ongoing effort over the years to defend against evolving cyberattacks.
The latest bills would require the California Department of Technology to assess its security technologies and require state entities to submit inventories of their critical infrastructure.
Assemblywoman Jacqui Irwin, D-Thousand Oaks, who sponsored both bills, said the measures would ensure that California’s cybercapabilities are up-to-date and efficient.
“We’ve seen recent large-scale cyberattacks targeting governments and large companies around the world,” Irwin said in a news release. “It is essential that California, as the fifth-largest economy in the world, has the cyberdefenses that match its status as a high-value target for hackers.”
Lawmakers approved the measures without any debate.
The first measure, AB 531, would require the Technology Department to assess the policies, standards and procedures that govern the state’s security technologies and develop a statewide plan for any updates or changes to secure the state’s networks and data.
The bill specifically calls for the protection of sensitive digital data — such as photographs, videos and PDFs — that might be stored inside or outside state agency firewalls.
AB 1022 would require state agencies and departments to submit inventories of the critical infrastructure controls and assets that reside on their networks by July 1, 2019. The idea is that these inventories would give the state chief information officer and other state cybersecurity experts valuable insight into the state’s network.
The bill also encourages local entities, which partner with state departments, to also provide an inventory to the Technology Department, a bid to ensure network-wide security for critical infrastructure around California.
