Governor Brown of California signed an executive order (Order B-34-15) establishing a California Cybersecurity Integration Center (Cal-CSIC) to align and improve the posture and resilience of the state’s cybersecurity strategy. The CSIS will coordinate across state agencies and include federal government partners. It will create a Cyber Incident Response Team and secure mechanisms to properly share appropriate information.
California is a massive state, with a huge economy, and heavily dependent on technology. Having a centralized capability to align and integrate resources is a fantastic concept. I applaud all the work which had to occur to get this legislation to this point. But the question remains, will the Cal-CSIC be a bureaucratic paper-tiger or will it have the necessary leadership, skills, and resources to forge a meaningful role in aligning a large and diverse team to prioritize and manage the state’s cyber risks?
As a Californian and a cybersecurity professional, I truly hope this organization can become the beacon which forges effective alliances of the security teams across the state. Currently, separate organizations are working independently, without the benefit of strong coordination, to manage their cyber risks. The challenges are immense and put the state at considerable risk. Citizens of the state have high expectations. California, a longtime bastion of technology innovation, has been a leader in securing citizen’s privacy, life-safety practices, and environment protection. Cybersecurity overlays and binds all these aspects and can contribute to the health, prosperity, and safety of every Californian.
This team will need very strong leadership to get all these groups to work together effectively. Otherwise it will become a detriment by adding unnecessary bureaucracy, without tangible benefits, to those groups trying to do the job independently. If California is able to get this right, it will be a huge win. If they get it wrong, it actually adds to the problems and hobbles all the current efforts underway.
Governor Brown, move carefully, but with purpose. I urge you to forego political appointments or service based promotions, instead get the right functional experts in place and make this a reality to protect California. Find leaders with expert cybersecurity strategic insights, superb communication abilities, and practical industry experience necessary to earn the peer respect of the cross-functional team and the private sector partners. This will be a very tough job with ambitious goals, but if done properly, it has the potential to set California apart and showcase the state’s innovation and effectiveness in cybersecurity operations and internal governance as a standard for the nation and world.
Intel Network: All My Previous Blog Posts