Compare Versions


Bill PDF |Add To My Favorites | print page

SB-892 Cybersecurity preparedness: food and agriculture sector and water and wastewater systems sector.(2021-2022)



Current Version: 09/29/22 - Chaptered

Compare Versions information image


SB892:v93#DOCUMENT

Senate Bill No. 892
CHAPTER 820

An act to add Section 8592.50 to the Government Code, relating to emergency services.

[ Approved by Governor  September 29, 2022. Filed with Secretary of State  September 29, 2022. ]

LEGISLATIVE COUNSEL'S DIGEST


SB 892, Hurtado. Cybersecurity preparedness: food and agriculture sector and water and wastewater systems sector.
Existing law, the California Emergency Services Act, among other things, creates the Office of Emergency Services (Cal OES), which is responsible for the state’s emergency and disaster response services, as specified. Existing law requires Cal OES to establish the California Cybersecurity Integration Center (Cal-CSIC) with the primary mission of reducing the likelihood and severity of cyber incidents that could damage California’s economy, its critical infrastructure, or public and private sector computer networks in the state. Existing law requires Cal-CSIC to provide warnings of cyberattacks to government agencies and nongovernmental partners, coordinate information sharing among these entities, assess risks to critical infrastructure information networks, enable cross-sector coordination and sharing of best practices and security measures, and support certain cybersecurity assessments, audits, and accountability programs. Existing law also requires Cal-CSIC to develop a statewide cybersecurity strategy to improve how cyber threats are identified, understood, and shared in order to reduce threats to California government, businesses, and consumers, and to strengthen cyber emergency preparedness and response and expand cybersecurity awareness and public education.
This bill would require Cal OES to direct Cal-CSIC to prepare, and Cal OES to submit to the Legislature on or before January 1, 2024, a strategic, multiyear outreach plan to assist the food and agriculture sector and the water and wastewater sector in their efforts to improve cybersecurity and an evaluation of options for providing grants or alternative forms of funding to, and potential voluntary actions that do not require funding and that assist, those sectors in their efforts to improve cybersecurity preparedness. The bill would make related findings and declarations.
Vote: MAJORITY   Appropriation: NO   Fiscal Committee: YES   Local Program: NO  

The people of the State of California do enact as follows:


SECTION 1.

 The Legislature finds and declares all of the following:
(a) Cybersecurity preparedness is a crucial element in the prevention and mitigation of cyberattacks.
(b) The frequency of cyberattacks against both the food and agriculture sector and the water and wastewater systems sector, both of which are critical infrastructure sectors, continues to increase.
(c) A more concerted focus on cybersecurity will help ensure the safety of California’s food and agriculture sector and water and wastewater systems sector.
(d) Those operating within these sectors can help the State of California by reporting when a significant and verified cyber threat is identified or an attack is underway.
(e) Better outreach regarding cybersecurity preparedness can increase awareness regarding the importance of cybersecurity.

SEC. 2.

 Section 8592.50 is added to the Government Code, to read:

8592.50.
 (a) (1) The office shall direct the California Cybersecurity Integration Center to prepare a strategic, multiyear outreach plan that focuses on ways to assist the food and agriculture sector and the water and wastewater sector in their efforts to improve cybersecurity and that includes, but is not limited to, all of the following:
(A) A description of the need for greater cybersecurity outreach and assistance to the food and agriculture sector and the water and wastewater sector.
(B) The goal of the outreach plan.
(C) Methods for coordinating with other state and federal agencies, nonprofit organizations, and associations that provide cybersecurity services or resources for the food and agricultural sector and the water and wastewater sector.
(D) An estimate of the funding needed to execute the outreach plan.
(E) Potential funding sources for the funding needed by the California Cybersecurity Integration Center for the plan.
(F) A plan to evaluate the success of the outreach plan that includes quantifiable measures of success.
(2) The office shall submit the outreach plan prepared pursuant to this subdivision to the Legislature, pursuant to Section 9795, no later than January 1, 2024. The requirement for submitting a report imposed by this paragraph is inoperative on January 1, 2028, pursuant to Section 10231.5.
(b) (1) The office shall direct the California Cybersecurity Integration Center to evaluate options for providing entities in the food and agriculture sector or the water and wastewater sector with grants or alternative forms of funding to improve cybersecurity preparedness. Upon completion of the evaluation, the office shall submit a report to the Legislature, pursuant to Section 9795, no later than January 1, 2024, that includes, but is not limited to, all of the following:
(A) A summary of the evaluation performed by the California Cybersecurity Integration Center.
(B) The specific grants and forms of funding for improved cybersecurity preparedness, including, but not limited to, the following:
(i) Current overall funding level.
(ii) Potential funding sources.
(C) Potential voluntary actions that do not require funding and assist the food and agriculture sector and the water and wastewater sector in their efforts to improve cybersecurity preparedness.
(2) The requirement for submitting a report imposed by this subdivision is inoperative on January 1, 2028, pursuant to Section 10231.5.