BILL ANALYSIS                                                                                                                                                                                                    

                                                                      AB 1172

                                                                      Page  1


          1172 (Chau)

          As Introduced  February 27, 2015

          Majority vote

          |Committee       |Votes |Ayes                |Noes                  |
          |                |      |                    |                      |
          |                |      |                    |                      |
          |Privacy         |11-0  |Gatto, Wilk, Baker, |                      |
          |                |      |Calderon, Chang,    |                      |
          |                |      |Chau, Cooper,       |                      |
          |                |      |Dababneh, Dahle,    |                      |
          |                |      |Gordon, Low         |                      |
          |                |      |                    |                      |
          |Appropriations  |17-0  |Gomez, Bigelow,     |                      |
          |                |      |Bonta, Calderon,    |                      |
          |                |      |Chang, Daly,        |                      |
          |                |      |Eggman, Gallagher,  |                      |
          |                |      |                    |                      |
          |                |      |                    |                      |
          |                |      |Eduardo Garcia,     |                      |
          |                |      |Gordon, Holden,     |                      |
          |                |      |Jones, Quirk,       |                      |
          |                |      |Rendon, Wagner,     |                      |
          |                |      |Weber, Wood         |                      |
          |                |      |                    |                      |
          |                |      |                    |                      |


                                                                      AB 1172

                                                                      Page  2

          SUMMARY:  Creates a California Cyber Security Task Force (Task  
          Force) within the Governor's Office of Emergency Services (OES) to  
          act in an advisory capacity and make policy recommendations on  
          cyber security for the State of California.  Specifically, this  

          1)Codifies the existence of the Task Force within OES.
          2)Specifies the nine members of the Task Force.

          3)Authorizes the Task Force to convene public and private  
            stakeholders to act in an advisory capacity and compile policy  
            recommendations on cyber security for the State of California. 

          4)Requires the Task Force to complete and issue a report of policy  
            recommendations to the Governor's office and the Legislature on  
            an annual basis, as specified.

          5)Requires the Task Force to meet quarterly, or more often as  
            necessitated by emergency circumstances, to ensure that the  
            policy recommendations from the report are implemented and any  
            necessary modifications that may arise are addressed in a timely  

          6)Authorizes OES and California Institute of Technology (CalTech)  
            to conduct the strategic direction of risk assessments performed  
            by the Military Department's Computer Network Defense Team.

          7)Creates within OES the position of a State Director of Cyber  


                                                                      AB 1172

                                                                      Page  3

          8)Requires the Task Force to perform certain functions, as  

          1)Requires the Task Force to take all necessary steps to protect  
            personal information and privacy, public and private sector  
            data, and the constitutional rights and liberties of  
            individuals, when implementing its duties.

          2)Authorizes the Task Force to issue reports to the Governor's  
            office and the Legislature detailing the Task Force's  

          9)Authorizes the Task Force to engage or accept the services of  
            agency or department personnel, accept the services of  
            stakeholder organizations, and accept federal, private, or other  
            non-state funding, to operate, manage, or conduct the business  
            of the Task Force.

          3)Requires each state department and agency to cooperate with the  
            Task Force and furnish it with information and assistance that  
            is necessary or useful.

          10)Declares the provisions enacted by this bill to be inoperative  
            and repealed as of January 1, 2020.

          FISCAL EFFECT:  According to the Assembly Appropriations  
          Committee, given the numerous functions and responsibilities of  
          the task force, there would be need for two analysts, in addition  
          to the executive director, at an ongoing General Fund cost of  
          around $500,000.


                                                                      AB 1172

                                                                      Page  4

          To the extent the result of the task force's work minimizes the  
          state's exposure from cyber attacks and related technology  
          security issues, the state will avoid the costs of such  
          disruptions, which could otherwise be significant.


          1)Purpose of this bill.  This bill is intended to set forth in  
            statute a formal structure and responsibilities for the Task  
            Force, which is currently functioning as an ad hoc advisory body  
            under OES.  This bill is author-sponsored. 

          2)The work of the existing Task Force.  OES and CalTech, acting at  
            the direction of Governor Brown, created the Task Force to be "a  
            statewide partnership comprised of key stakeholders, subject  
            matter experts, [federal agencies], and cyber security  
            professionals from California's public sector, private industry,  
            academia, and law enforcement.  The Task Force serves as an  
            advisory body to the State of California Senior Administration  
            Officials in matters related to Cybersecurity."  The Task Force  
            holds public meetings once per quarter.  Its express mission is  
            to "enhance the security of California digital infrastructure  
            and to create a culture of cybersecurity through collaboration,  
            information sharing, and education and awareness."

            The Task Force operates as an advisory body only - it has no  
            formal authority, it takes no votes, it has no budget, and its  
            membership is open and voluntary.  It is currently comprised of  
            seven subcommittees:  risk mitigation; information sharing;  
            workforce development and education; economic development;  
            emergency preparedness; legislation and funding; and high tech  
            and digital forensics. 


                                                                      AB 1172

                                                                      Page  5

          Analysis Prepared by:                                               
                          Hank Dempsey / P. & C.P. / (916) 319-2200  FN: