In many cases, Tong said in lunchtime remarks titled “Working Toward One Digital Government,” state services are delivered in partnership with local entities — and so helping secure local governments can make the public sector more robust at all levels. Among the takeaways:
• It’s not clear why, but during the last three to four months, the state has seen an “exponentially increased” number of cybersecurity-related incidents against state and local governments, in which it has lent a hand. The California Cybersecurity Integration Center already responds to a lot of calls from local governments, Tong told Techwire afterward. Realizing that need, officials are looking at formalizing their strategy.
“We’re not sure if that’s the new trend; we’re hoping that that’s not the new norm. But we do see more and more of these smaller entities at the city level — not so much at the county (level) just yet, knock on wood — are being the target of ransomware, cyberattacks,” Tong, director of the California Department of Technology, told the room, pointing out that criminals sometimes find it easier to gain access by targeting smaller entities.
• The state is in the process of opening up a contract for statewide cloud services that’s “owned” by the California Department of General Services to additional tech vendors, Tong said, noting, “there’s a lot of others that have matured in the last couple of years.” She urged county IT leaders to consider whether their systems might better be hosted in cloud and, where appropriate, to take advantage of the contract’s governmental discount. That “volume discount,” she said, applies to all, regardless of whether an IT department has two or 20 staff — and because the contract is pre-negotiated, counties should be able to avoid a formal procurement.
• California has moved from a “cloud first” to a “cloud smart” stance, Tong said — and in an effort to help county and local governments map out their own journeys into cloud, the state will launch its new cloud adoption playbook online in the very near future. The new website is “probably a week or two away from being published,” the CIO said, indicating the idea is to create a “living document” and “interactive website” where governments can share their cloud stories and gain new insight from other scenarios.
“We hope this will serve as a central hub of information for all of you counties” in making that decision, Tong said.
• The CIO also highlighted several recent pieces of legislation with potential significance to county governments, including Assembly Bill 754, which allows the use of statewide GIS data to support regional notification — with application to residents who must call before excavating, to avoid hitting underground gas, water, sewer and other facilities. AB 1130 revised the definition of personally identifiable information to include tax and military identification numbers, passport numbers and other ID numbers; Tong said that made the issue “more clear.” AB 1699 lets first responders ask that Internet service providers not slow the speed of accounts they use in emergency response. And AB 971 requires state agencies to evaluate IT service contracts of $500,000 or more.
