On November 8, 2021, the California Senate Select Committee on Cyber Security and Identity Theft Prevention held an informational hearing titled: Exploring Data Breaches: What State, Local, and Private Institutions Can Do to Protect Themselves and the Public.
Witnesses at the hearing included:
- Bruce R. Byrd, Executive Vice President and General Counsel, Palo Alto Networks
- Michael McNerney, Chief Operations Officer, Resilience
- John M. Gilligan, President and Chief Executive Officer, Center for Internet Security
- Leeann Habte, Partner, Best Best and Krieger Attorneys at Law
Best Best and Krieger, a CSDA Business Affiliate, sought input from CSDA in advance of the hearing. CSDA’s advocacy team engaged in prompt research to support Ms. Habte’s testimony at the hearing, and to ensure that local government perspectives were adequately addressed.
CSDA Legislative Representative, Aaron Avery, attended the informational hearing. Topics covered at the hearing included:
- Recent cyber-attacks, including on critical infrastructure.
- Emerging threats, including ransomware attacks, attacks on industrial controls, attacks on supply chains, and software vulnerability exploitation.
- Federal efforts to address the problem, including a grant program contained in the recently passed Infrastructure Investment and Jobs Act, aimed at supporting state and local governments.
- Increases in costs and limits on availability of cyber insurance, including ransomware coverage.
- Phishing scams and possible responses.
- Possible establishment of one or more stand-alone state agencies to address cybersecurity issues.
- Possible roles for state government to incentivize or mandate cyber hygiene best practices among public agencies, fill resource gaps, elevate and integrate responses to the problem across all levels of government, provide data to support affordability of cyber insurance, increase penalties for attacks on designated critical infrastructure, and potentially outlaw payment of ransoms.
Mr. Avery provided public comment at the hearing, thanking the committee for seeking local government perspectives, and conveying the importance of cybersecurity and cybercrime to independent special districts. CSDA engaged with committee staff prior to the hearing, and will continue to offer itself as a resource on cybercrime’s impacts on special districts and local government.
The following resources are available from the hearing at the links below:
For additional information, please contact Aaron Avery at aarona@csda.net.
#Broadband#EnvironmentandDisasterPreparedness#Insurance#PublicWorksandFacilities