BILL ANALYSIS                                                                                                                                                                                                    Ó



                                                                  AB 2200
                                                                  Page  1

          Date of Hearing:   May 14, 2014

                        ASSEMBLY COMMITTEE ON APPROPRIATIONS
                                  Mike Gatto, Chair

             AB 2200 (John A. Perez) - As Introduced:  February 20, 2014 

          Policy Committee:                              Accountability  
          and Administrative Review                     Vote: 13 - 0

          Urgency:     No                   State Mandated Local Program:  
          No     Reimbursable:               

           SUMMARY  

          This bill creates the California Cyber Security Commission until  
          January 1, 2020, and charges the Commission with improving the  
          state's cyber security and cyber response capabilities.  
          Specifically, this bill:

          1)Specifies the membership of the Commission to include members  
            from the public, private, and academic sectors and outlines  
            the duties of the Commission.

          2)Requires the Commission to issue quarterly reports to the  
            Governor and Legislature detailing the cyber security status  
            and progress of the state, and would include recommendations  
            to improve the state's cyber security. 

           FISCAL EFFECT  

          Unknown, one-time costs to create the Commission and on-going  
          costs in the range of $500,000 to $1 million (GF) to staff the  
          Commission, assuming four to seven positions.

           COMMENTS  

           1)Purpose  . According to the author, this bill "would advance the  
            state's overall cyber security assessment, preparedness, and  
            response systems; promote cyber security information sharing  
            and the use of best practices among the private and public  
            sectors; and identify funding and research opportunities." The  
            author explains that different elements of the state's cyber  
            security are fragmented and the CCSC would help the state form  
            a coordinated strategy.








                                                                  AB 2200
                                                                  Page  2


           2)Background  . The Office of Information Security, within the  
            California Department of Technology, is the primary state  
            office charged with protecting state information and ensuring  
            confidentiality, integrity, and availability of state systems  
            and applications. The OIS is responsible, along with other  
            agencies, for ensuring the state's cyber security.  However,  
            various other programs and agencies have roles related to  
            managing the state's cyber security. 

           Analysis Prepared by  :    Jennifer Swenson / APPR. / (916)  
          319-2081