Brown Orders Creation of Security Center To Protect State Databases
On Monday, Gov. Jerry Brown (D) signed an executive order to establish a new security center to help protect state agencies from cyberattacks that put health information and other data at risk, the AP/Sacramento Bee reports (AP/Sacramento Bee, 8/31).
Background
The executive order follows a state audit released last week that found California's databases, which house medical records and other personal information, are "vulnerable to unauthorized use, disclosure or disruption" because of a lack of safeguards.
The audit, which criticized the Department of Technology for poor security oversight, also found that 73 of 77 departments were not in compliance with security standards, most of which "have not planned for interruptions or disasters."
The audit noted, "In some cases, the failure or disruption of information systems would jeopardize public health and safety," particularly among agencies involved with health and safety (California Healthline, 8/26).
Details of Security Center
The executive action orders the governor's Office of Emergency Services to create the California Cybersecurity Integration Center (Office of the Governor release, 8/31). It will act as a hub for the state's online security (AP/Sacramento Bee, 8/31).
The center will be comprised of representatives from several local and national departments, including the:
- California Department of Technology's Chief Information Security Office;
- California Health and Human Services Agency;
- California Office of the Attorney General;
- Federal Bureau of Investigation; and
- U.S. Secret Service.
The center will be tasked with:
- Assembling a multi-agency response team to lead cyberthreat assessments and provide warnings of cyberattacks; and
- Developing a statewide cybersecurity strategy (Office of the Governor release, 8/31).