CALIFORNIA CYBERSECURITY TASK FORCE

Transcription

1 CALIFORNIA CYBERSECURITY TASK FORCE Advancing California s cybersecurity priorities through public, private, corporate, and academic sector collaboration.

2 Agenda Task Force Overview California Cybersecurity Strategy Questions and contact information

3 Task Force Overview Strategic Objectives Identify areas where stakeholders can improve statewide collaboration and information sharing to identify potential cyber threats; Assist in the development of threat prevention, remediation, response, and recovery strategies to strengthen California s cyber resilience; Review areas where coordination will enhance security, emergency response, communications, contingency planning, and other areas of mutual responsibility across the State of California; Develop the California Cybersecurity Strategy and identify sources of support for strategy implementation.

4 Task Force Overview (cont.) Representation Federal Government (DHS, FBI, Air Force) State Government (i.e., Cal OES, Cal Tech, Go-Biz, CA Attorney General s Office, California Highway Patrol) Critical Infrastructure (i.e., Verizon, Pacific Gas and Electric, Wells Fargo) Private Sector (i.e., FireEye, Brocade, Hewlett-Packard Company, Dell, Cisco, Intel) Research and Academic Community (i.e., Lawrence Livermore National Laboratory, Naval Post Graduate School, UC State System, Sandia National Laboratories) Subcommittees 1. Cybersecurity Workforce Development and Education 2. Cyber Emergency Preparedness 3. Information Sharing 4. Risk Mitigation 5. High-tech and Digital Forensics 6. Legislation and Funding 7. Economic Development Leadership Co-Chaired by Cal OES and Cal Tech Quarterly Meetings from May 2013 to June Monthly Subcommittee Co-Chair Conference Calls

5 Other Task Force Functions Brief policymakers Serve as an advisory body to the governor Research cybersecurity initiatives, policies, and trends Implement California cybersecurity recommendations Conduct public outreach and increase awareness of cybersecurity as a priority.

6 Subcommittees Cybersecurity Workforce Development and Education Develop education and training pipelines to support job creation and retention for next generation cybersecurity professionals. Cyber Emergency Preparedness Develop and enhance policies, standards, procedures, and guidance to prepare for and respond to cyber attacks or other emergencies affected by cyber events. Information Sharing Identify, review, and recommend vehicles for improving information sharing capability among all sectors. Risk Mitigation Prioritize threats, remediation techniques, and mitigation strategies to establish priority defense strategies.

7 Subcommittees (cont.) High Tech and Digital Forensics Create a state digital evidence forensic laboratory and provide digital evidence training to its staff. Economic Development Access the cybersecurity resources and expertise within California to create economic development opportunities and incentives. Legislation and Funding Identify, review, monitor, and advocate for legislation and funding that can advance cybersecurity efforts.

8 Goals of the Strategy Create a stronger environment for collaboration and awareness among all California public and private stakeholders in response to the threat environment. Position the state of California as a national leader in cybersecurity policies and programs. Reduce California s exposure to cyber risk and improve state infrastructure resilience. Ensure priority response to and recovery from cyber events. Improve cybersecurity education and workforce development.

9 Why is a California cybersecurity strategy needed? The threat environment California is rich in targets California s critical infrastructure and intellectual property Unprecedented period of cyber attacks The threat environment is changing so rapidly that stronger state engagement is needed. California has the opportunity to lead national cybersecurity efforts California s has unique capability in cybersecurity with Silicon Valley, national labs, the state research and education system, as well as critical infrastructure owners and operators. Private Sector role Managing cyber risk more effectively makes good business sense; it is cost effective and can support economic growth.

10 Questions? Point of Contact: Patrick Koeneker