On August 31, 2015, California Governor Edmund G. Brown Jr. signed Executive Order B-34-15. The Order directs the Governor’s Office of Emergency Services to establish the California Cybersecurity Integration Center (Cal-CSIC), which will be responsible for strengthening the state’s cybersecurity strategy and improving inter-agency, cross-sector coordination to reduce the likelihood and severity of cyber-attacks.
According to the press release accompanying the Order, Cal-CSIC “will work closely with the California State Threat Assessment System and the U.S. Department of Homeland Security and will facilitate more integrated information sharing and communication with local, state and federal agencies, tribal governments, utilities and other service providers, academic institutions and non-governmental organizations.” Under the Order, Cal-CSIC will also establish a multi-agency Cyber Incident Response Team, which will be comprised of personnel from agencies, departments, and organizations from Cal-CSIC. The Response Team will serve as California’s “primary unit to lead cyber threat detection, reporting, and response in coordination with public and private entities across the state.”
While Cal-CSIC is intended to facilitate information sharing to improve cybersecurity, the Order also recognizes the need to be cognizant of privacy needs. To that end, information sharing by Cal-CSIC “shall be conducted in a manner that protects the privacy and civil liberties of individuals, safeguards sensitive information, [and] preserves business confidentiality.”