In a budget change proposal released this year after the presentation of Gov. Gavin Newsom’s proposed 2023-2024 Fiscal Year state budget, the California Governor’s Office of Emergency Services (Cal OES), the California Highway Patrol (CHP) and the Technology (CDT) and Military (CMD) departments jointly seek $28.7 million from the General Fund “ongoing” and 17 positions to “continue limited-term resources authorized in 2020-21 ... and enhance resources to support the responsibilities of the California Cybersecurity Integration Center” (Cal-CSIC). This includes 23 previously authorized positions. Among the takeaways:
- The resources, generally, will enable Cal-CSIC to drive state efforts to identify and mitigate “current and ever-evolving cyber threats,” according to the BCP. These include offering enhanced threat detection, assessment and research; gap testing and remediation; and incident analysis and response. Cal-CSIC was codified in statute in 2018 and by law is expected to work with the California State Threat Assessment System and the U.S. Department of Homeland Security to “establish a cyber-incident response team and safeguard the privacy of individuals’ sensitive information.” Its many responsibilities also include establishing a Cyber Incident Response Team as the state’s primary unit on cyber threat detection in coordination with other entities around the state. Cal-CSIC’s primary mission is to “reduce the likelihood and severity of cyber incidents that could damage California’s economy, its critical infrastructure, or public and private sector computer networks in our state” and it works as a central organizing hub of the state’s cybersecurity work. This also includes delivering cyber attack warnings, assessing risk and threats and developing a statewide cybersecurity strategy.
- The state’s initial investment in Cal-CSIC included Cal OES redirecting existing Homeland Security Grant Program (HSGP) and General Fund monies for eight positions but, the BCP says, this “is not sustainable as federal HSGP funding has continued to decline since 2018.” The four partner departments requested 24 positions and ongoing funding in FY 2020-21 and these were approved but with “only three-year limited-term funding” that expires June 30. Briefly, Cal OES got 12 positions and about $8.1 million from the General Fund; the CHP got four positions and $925,000 General Fund; CMD got eight positions and $1.2 million General Fund; and CDT got $1.3 million General Fund, the equivalent of six positions, all with rounding. With that, accomplishments have included onboarding a variety of staff including software engineers, cyber threat analysts, forensics experts and intelligence experts; standing up “three distinct functional areas”: the Cyber Operations, Cyber Threat Intelligence, and Mission Support branches; monthly classified and unclassified threat briefings; and detecting 521 malicious events and notifications before a breach during 2021, its first year of implementation.
- By way of justification, the BCP points out Cal-CSIC is now operating with a three-year funding commitment due to expire at the end of FY 2022-23, and that it has made “tremendous progress in reducing the likelihood and severity of cyber incidents that could damage California’s economy, its critical infrastructure, or public and private sector computer networks.” Significant work remains, the BCP says, indicating funding and resources to match the level of cyber threats observed are “critically necessary to best protect our state networks and our critical infrastructure.” The BCP, it said, will enable Cal-CSIC to expand its reach into underserved communities via technological solutions, opportunities for diverse groups and “organized events to influence state cybersecurity policy and practices.”
“In comparison to other states, California ranks toward the bottom for cybersecurity resources in proportion to our population. In a recent data call through the National Governors Association, most respondents indicate actual or necessary growth in their cyber centers,” the BCP said. Cyber threats to state security are on the rise in “frequency, scale, sophistication, and severity,” including an uptick at the outset of the COVID-19 pandemic in the targeting of health care, and research and development. The war in Ukraine illustrates the tight connections between the geopolitical and cyber worlds, as the ranges of “cyber threat actors, methods of attack, targeted systems and victims” expand.