AB 2720, as introduced, Chau. State government: Office of Information Security: cybersecurity vulnerability reporting.
Existing law establishes the Office of Information Security in the Department of Technology, the purpose of which is to ensure the confidentiality, integrity, and availability of state systems and applications.
This bill would authorize the office to establish a Cybersecurity Vulnerability Reporting Reward Program for the purpose of soliciting eligible individuals to identify and report previously unknown vulnerabilities in state computer networks and making a monetary award for an eligible report, subject to appropriation of sufficient funds by the Legislature.
Vote: majority. Appropriation: no. Fiscal committee: yes. State-mandated local program: no.
The people of the State of California do enact as follows:
Section 11549.41 is added to the Government
2Code, to read:
The office, subject to appropriation of sufficient
4funds by the Legislature, is authorized to establish a Cybersecurity
P2 1Vulnerability Reporting Reward Program for the purpose of
2soliciting eligible individuals to identify and report previously
3unknown vulnerabilities in state computer networks and making
4a monetary award for an eligible report.
O
99