(Sacramento, CA) – The series of high-profile cyberattacks on both private and public networks has demonstrated the growing risk to our most important societal systems, our critical infrastructure sectors. In the interests of public safety, Assemblymember Jacqui Irwin (D-Thousand Oaks) convened a hearing that featured two panels: one to examine the actions being taken by State government, and one to weigh input from the private sector. To start off the hearing Chairwoman Irwin made her intention clear, “This issue needs to become a priority so that it is a consideration in all policy discussions and not ignored in future state budgets.”
Panelists included officials from the Office of Emergency Services and the California Military Department; policy experts with federal backgrounds; and representatives from the electric utility and telecommunications sectors. “Currently in cybersecurity there tends to be an emphasis on simply responding to threats after the damage is already done,” said Davis Hake, a former cybersecurity advisor in the Obama Administration.
The hearing focused on recommendations for policy and the appropriate role of state government. Cybersecurity bills currently being considered by the Legislature were discussed throughout the hearing. Specifically, Assembly Bill 670 (Irwin) as a way to promote effective risk management within state government, Assembly Bill 1172 (Chau) as a way to address the complicated regulatory structure by establishing coordinating leadership, and Assembly Bill 739 (Irwin) as a means to incentivize more sharing of preventative threat information.
“It is essential to support prevention practices such as threat information sharing, promote the adoption and leveraging of federal cybersecurity investment, and invest in workforce development and cybersecurity education opportunities at our colleges and universities”, said Irwin. “California needs to take a proactive role to secure our critical infrastructure.”
The Select Committee on Cybersecurity will convene two more hearings this year, one to focus on local implications and one to focus more closely on the benefits of information sharing.