“It was nice to see that we were really starting to take an approach in California, not just with state organizations but overall in California,” CSIC Commander Keith Tresh told vendors gathered at Techwire’s Briefing on Tuesday. “We’re supposed to be helping the entire state reduce the likelihood and severity of cyberincidents to the economy.”
While the California Department of Technology and Office of Cybersecurity focuses on prevention and policies for state entities, Cal-CSIC works “on everything other than state entities.” That includes tribal governments, counties, utility groups, banking, health care and infrastructure.
Examples of such incidents are the Kaspersky ban issued by the center last year, assessing risk profiles of counties and their election technology and identifying a vulnerability in Web-enabled syringes.
The center is focusing on the higher education system especially, getting colleges back online after botnet activity. Next, Tresh said, the center will begin working with K-12 systems and private industry.
The center has also been moving beyond its borders to assist other states. Some of the agencies that work with Cal-CSIC are the FBI and the Department of Homeland Security. Cal-CSIC was one of the only out-of-state entities to respond when Colorado’s Department of Transportation was hacked.
The center is also building out response guides for local and tribal jurisdictions that are helpful but flexible enough to fit many kinds of situations.
The center is looking for vendor feedback on:
- Response services, probably under a CMAS solicitation
- An endpoint protection RFP
- A contract updating Emergency Support Function 18, which would include a response plan for a state of emergency in cybersecurity
