8586.5.
(a) There is established within the Governor’s Office of Emergency Services the California Cybersecurity Integration Center (Cal-CSIC), which shall develop a cybersecurity strategy for California in coordination with the Cybersecurity Task Force. That strategy shall be developed in accordance with state and federal requirements, consistent with applicable standards and best practices.(b) The primary mission of the California Cybersecurity Integration Center is to reduce the likelihood and severity of cyber incidents that could damage California’s economy, its critical infrastructure, or public and private sector computer networks in our state.
(c) The California Cybersecurity Integration Center shall include, but not be limited to, representatives from all of the following organizations:
(1) Governor’s Office of Emergency Services.
(2) Department of Technology, Office of Information Security.
(3) State Threat Assessment Center.
(4) California Highway Patrol.
(5) California Military Department.
(6) Office of the Attorney General.
(7) Health and Human Services Agency.
(8) California Utilities Emergency Association.
(9) California State University.
(10) University of California.
(11) California Community Colleges.
(d) (1) The Director of Emergency Services, in consultation with the Office of Information Security of the Department of Technology or the Cybersecurity Task Force, or both, may administer, authorize, and allocate federal homeland security grant funding in accordance with federal grant guidelines and shall prioritize grant funding for prevention measures undertaken by the Office of Information Security of the Department of Technology in furtherance of the provision in the Governor’s Executive order B-34-15 (Aug. 31, 2015) that directs state departments and agencies to “ensure compliance with existing information security and privacy policies, promote awareness of information security standards with their workforce.”
(2) Nothing shall preclude the Director of Emergency Services from administering the grant programs to respond to statewide emergencies requiring immediate attention.
(3) For purposes of this subdivision:
(A) “Prevention measures” include, but are not limited to, risk assessments as prescribed in Section 11549.3 of the Government Code and compliance with the guidelines in Section 5300 and following of the State Administrative Manual and with the Statewide Information Management Manual guidelines.
(B) “Federal homeland security grant funding” refers to the federal Homeland Security Grant Program as authorized by the Federal Emergency Management Agency and the United States Department of Homeland Security.