Amended IN Assembly March 16, 2023 CALIFORNIA LEGISLATURE 20232024 REGULAR SESSION Assembly Bill No. 1667Introduced by Assembly Member IrwinFebruary 17, 2023 An act to add and repeal Chapter 5.9 (commencing with Section 11549.65) of Part 1 of Division 3 of Title 2 of the Government Code, relating to information security.LEGISLATIVE COUNSEL'S DIGESTAB 1667, as amended, Irwin. State agencies: information security. Department of Technology: California Cybersecurity Awareness and Education Council.Existing law, the California Emergency Services Act, among other things, creates the Office of Emergency Services, which is responsible for the states emergency and disaster response services, as specified. Existing law requires the office to establish the California Cybersecurity Integration Center with the primary mission of reducing the likelihood and severity of cyber incidents that could damage Californias economy, its critical infrastructure, or public and private sector computer networks in the state.Existing law establishes the Department of Technology within the Government Operations Agency, supervised by the Director of Technology, whose duties include advising the Governor on the strategic management and direction of the states information technology resources. Existing law establishes the Office of Information Security within the Department of Technology, with the purpose of ensuring the confidentiality, integrity, and availability of state systems and applications, and promoting and protecting privacy as part of the development and operations of state systems and applications to ensure the trust of the residents of the state.This bill would establish the California Cybersecurity Awareness and Education Council within the Department of Technology. The bill would require the council to be composed of 15 members, to be appointed by February 1, 2024, as specified. The bill would require the council to research ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices, and ways to create a larger and more diverse cybersecurity-trained workforce, and would require the council to propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure, as specified. This bill would require the council to submit a report by July 1, 2024, that includes, among other things, approaches the state can take to raise awareness of and increase education regarding cybersecurity, including in K12 schools, institutions of higher education, and workplaces, and ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity, as specified.This bill would make these provisions inoperative on February 1, 2025, and would repeal them as of January 1, 2026.Existing law, the Information Practices Act of 1977, requires an agency, as defined, that owns or licenses computerized data that includes personal information, as defined, to disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person or whose encrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person and the encryption key or security credential was, or is reasonably believed to have been, acquired by an unauthorized person, as specified.This bill would express the intent of the Legislature to enact legislation that would relate to the security of information maintained by state agencies.Digest Key Vote: MAJORITY Appropriation: NO Fiscal Committee: NOYES Local Program: NO Bill TextThe people of the State of California do enact as follows:SECTION 1. Chapter 5.9 (commencing with Section 11549.65) is added to Part 1 of Division 3 of Title 2 of the Government Code, to read: CHAPTER 5.9. California Cybersecurity Awareness and Education Council11549.65. (a) There is in the state government, within the Department of Technology, the California Cybersecurity Awareness and Education Council.(b) For purposes of this chapter, council means the California Cybersecurity Awareness and Education Council.11549.66. (a) The council shall be composed of 15 members.(b) By February 1, 2024, the President pro Tempore of the Senate, the Speaker of the Assembly, and the Governor shall each appoint five members to the council, and each are encouraged to select members that represent a wide range of stakeholders, including, but not limited to:(1) Teachers or other K12 public school representatives.(2) High school students or other youth leaders.(3) Business owners.(4) Academic cybersecurity experts.(5) Public safety leaders.(6) Nonprofit organization representatives.11549.67. (a) The council shall research both of the following:(1) Ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices.(2) Ways to create a larger and more diverse cybersecurity-trained workforce.(b) The council shall propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure. This strategy shall focus on, but shall not be limited to, both of the following:(1) Basic cybersecurity education for individuals, families, schools, and workplaces.(2) A public awareness campaign and education materials aimed at ensuring that more Californians become aware of the importance of cybersecurity.11549.68. By July 1, 2024, the council shall deliver a report to the President pro Tempore of the Senate, the Speaker of the Assembly, the Governor, the Director of Technology, the Superintendent of Public Instruction, and the Director of Emergency Services that shall include, but not be limited to, all of the following:(a) Approaches the state can take to raise awareness and increase education of cybersecurity, including in K12 schools, institutions of higher education, and workplaces.(b) Ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity.(c) Ways to balance amplifying existing resources and work that is already being done to promote cybersecurity awareness with creating new resources and partnerships.(d) Ways to reach out to underrepresented populations, including, but not limited to, low-income communities and individuals who speak languages other than English.(e) Ways in which Californians can communicate with appropriate government officials about cybersecurity concerns.(f) Other recommendations that the council deems appropriate.11549.69. This chapter shall become inoperative on February 1, 2025, and, as of January 1, 2026, is repealed.SECTION 1.It is the intent of the Legislature to enact legislation that would relate to the security of information maintained by state agencies.
Amended IN Assembly March 16, 2023 CALIFORNIA LEGISLATURE 20232024 REGULAR SESSION Assembly Bill No. 1667Introduced by Assembly Member IrwinFebruary 17, 2023 An act to add and repeal Chapter 5.9 (commencing with Section 11549.65) of Part 1 of Division 3 of Title 2 of the Government Code, relating to information security.LEGISLATIVE COUNSEL'S DIGESTAB 1667, as amended, Irwin. State agencies: information security. Department of Technology: California Cybersecurity Awareness and Education Council.Existing law, the California Emergency Services Act, among other things, creates the Office of Emergency Services, which is responsible for the states emergency and disaster response services, as specified. Existing law requires the office to establish the California Cybersecurity Integration Center with the primary mission of reducing the likelihood and severity of cyber incidents that could damage Californias economy, its critical infrastructure, or public and private sector computer networks in the state.Existing law establishes the Department of Technology within the Government Operations Agency, supervised by the Director of Technology, whose duties include advising the Governor on the strategic management and direction of the states information technology resources. Existing law establishes the Office of Information Security within the Department of Technology, with the purpose of ensuring the confidentiality, integrity, and availability of state systems and applications, and promoting and protecting privacy as part of the development and operations of state systems and applications to ensure the trust of the residents of the state.This bill would establish the California Cybersecurity Awareness and Education Council within the Department of Technology. The bill would require the council to be composed of 15 members, to be appointed by February 1, 2024, as specified. The bill would require the council to research ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices, and ways to create a larger and more diverse cybersecurity-trained workforce, and would require the council to propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure, as specified. This bill would require the council to submit a report by July 1, 2024, that includes, among other things, approaches the state can take to raise awareness of and increase education regarding cybersecurity, including in K12 schools, institutions of higher education, and workplaces, and ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity, as specified.This bill would make these provisions inoperative on February 1, 2025, and would repeal them as of January 1, 2026.Existing law, the Information Practices Act of 1977, requires an agency, as defined, that owns or licenses computerized data that includes personal information, as defined, to disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person or whose encrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person and the encryption key or security credential was, or is reasonably believed to have been, acquired by an unauthorized person, as specified.This bill would express the intent of the Legislature to enact legislation that would relate to the security of information maintained by state agencies.Digest Key Vote: MAJORITY Appropriation: NO Fiscal Committee: NOYES Local Program: NO
Amended IN Assembly March 16, 2023
Amended IN Assembly March 16, 2023
CALIFORNIA LEGISLATURE 20232024 REGULAR SESSION
Assembly Bill
No. 1667
Introduced by Assembly Member IrwinFebruary 17, 2023
Introduced by Assembly Member Irwin
February 17, 2023
An act to add and repeal Chapter 5.9 (commencing with Section 11549.65) of Part 1 of Division 3 of Title 2 of the Government Code, relating to information security.
LEGISLATIVE COUNSEL'S DIGEST
## LEGISLATIVE COUNSEL'S DIGEST
AB 1667, as amended, Irwin. State agencies: information security. Department of Technology: California Cybersecurity Awareness and Education Council.
Existing law, the California Emergency Services Act, among other things, creates the Office of Emergency Services, which is responsible for the states emergency and disaster response services, as specified. Existing law requires the office to establish the California Cybersecurity Integration Center with the primary mission of reducing the likelihood and severity of cyber incidents that could damage Californias economy, its critical infrastructure, or public and private sector computer networks in the state.Existing law establishes the Department of Technology within the Government Operations Agency, supervised by the Director of Technology, whose duties include advising the Governor on the strategic management and direction of the states information technology resources. Existing law establishes the Office of Information Security within the Department of Technology, with the purpose of ensuring the confidentiality, integrity, and availability of state systems and applications, and promoting and protecting privacy as part of the development and operations of state systems and applications to ensure the trust of the residents of the state.This bill would establish the California Cybersecurity Awareness and Education Council within the Department of Technology. The bill would require the council to be composed of 15 members, to be appointed by February 1, 2024, as specified. The bill would require the council to research ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices, and ways to create a larger and more diverse cybersecurity-trained workforce, and would require the council to propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure, as specified. This bill would require the council to submit a report by July 1, 2024, that includes, among other things, approaches the state can take to raise awareness of and increase education regarding cybersecurity, including in K12 schools, institutions of higher education, and workplaces, and ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity, as specified.This bill would make these provisions inoperative on February 1, 2025, and would repeal them as of January 1, 2026.Existing law, the Information Practices Act of 1977, requires an agency, as defined, that owns or licenses computerized data that includes personal information, as defined, to disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person or whose encrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person and the encryption key or security credential was, or is reasonably believed to have been, acquired by an unauthorized person, as specified.This bill would express the intent of the Legislature to enact legislation that would relate to the security of information maintained by state agencies.
Existing law, the California Emergency Services Act, among other things, creates the Office of Emergency Services, which is responsible for the states emergency and disaster response services, as specified. Existing law requires the office to establish the California Cybersecurity Integration Center with the primary mission of reducing the likelihood and severity of cyber incidents that could damage Californias economy, its critical infrastructure, or public and private sector computer networks in the state.
Existing law establishes the Department of Technology within the Government Operations Agency, supervised by the Director of Technology, whose duties include advising the Governor on the strategic management and direction of the states information technology resources. Existing law establishes the Office of Information Security within the Department of Technology, with the purpose of ensuring the confidentiality, integrity, and availability of state systems and applications, and promoting and protecting privacy as part of the development and operations of state systems and applications to ensure the trust of the residents of the state.
This bill would establish the California Cybersecurity Awareness and Education Council within the Department of Technology. The bill would require the council to be composed of 15 members, to be appointed by February 1, 2024, as specified. The bill would require the council to research ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices, and ways to create a larger and more diverse cybersecurity-trained workforce, and would require the council to propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure, as specified.
This bill would require the council to submit a report by July 1, 2024, that includes, among other things, approaches the state can take to raise awareness of and increase education regarding cybersecurity, including in K12 schools, institutions of higher education, and workplaces, and ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity, as specified.
This bill would make these provisions inoperative on February 1, 2025, and would repeal them as of January 1, 2026.
Existing law, the Information Practices Act of 1977, requires an agency, as defined, that owns or licenses computerized data that includes personal information, as defined, to disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person or whose encrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person and the encryption key or security credential was, or is reasonably believed to have been, acquired by an unauthorized person, as specified.
This bill would express the intent of the Legislature to enact legislation that would relate to the security of information maintained by state agencies.
## Digest Key
## Bill Text
The people of the State of California do enact as follows:SECTION 1. Chapter 5.9 (commencing with Section 11549.65) is added to Part 1 of Division 3 of Title 2 of the Government Code, to read: CHAPTER 5.9. California Cybersecurity Awareness and Education Council11549.65. (a) There is in the state government, within the Department of Technology, the California Cybersecurity Awareness and Education Council.(b) For purposes of this chapter, council means the California Cybersecurity Awareness and Education Council.11549.66. (a) The council shall be composed of 15 members.(b) By February 1, 2024, the President pro Tempore of the Senate, the Speaker of the Assembly, and the Governor shall each appoint five members to the council, and each are encouraged to select members that represent a wide range of stakeholders, including, but not limited to:(1) Teachers or other K12 public school representatives.(2) High school students or other youth leaders.(3) Business owners.(4) Academic cybersecurity experts.(5) Public safety leaders.(6) Nonprofit organization representatives.11549.67. (a) The council shall research both of the following:(1) Ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices.(2) Ways to create a larger and more diverse cybersecurity-trained workforce.(b) The council shall propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure. This strategy shall focus on, but shall not be limited to, both of the following:(1) Basic cybersecurity education for individuals, families, schools, and workplaces.(2) A public awareness campaign and education materials aimed at ensuring that more Californians become aware of the importance of cybersecurity.11549.68. By July 1, 2024, the council shall deliver a report to the President pro Tempore of the Senate, the Speaker of the Assembly, the Governor, the Director of Technology, the Superintendent of Public Instruction, and the Director of Emergency Services that shall include, but not be limited to, all of the following:(a) Approaches the state can take to raise awareness and increase education of cybersecurity, including in K12 schools, institutions of higher education, and workplaces.(b) Ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity.(c) Ways to balance amplifying existing resources and work that is already being done to promote cybersecurity awareness with creating new resources and partnerships.(d) Ways to reach out to underrepresented populations, including, but not limited to, low-income communities and individuals who speak languages other than English.(e) Ways in which Californians can communicate with appropriate government officials about cybersecurity concerns.(f) Other recommendations that the council deems appropriate.11549.69. This chapter shall become inoperative on February 1, 2025, and, as of January 1, 2026, is repealed.SECTION 1.It is the intent of the Legislature to enact legislation that would relate to the security of information maintained by state agencies.
The people of the State of California do enact as follows:
## The people of the State of California do enact as follows:
SECTION 1. Chapter 5.9 (commencing with Section 11549.65) is added to Part 1 of Division 3 of Title 2 of the Government Code, to read: CHAPTER 5.9. California Cybersecurity Awareness and Education Council11549.65. (a) There is in the state government, within the Department of Technology, the California Cybersecurity Awareness and Education Council.(b) For purposes of this chapter, council means the California Cybersecurity Awareness and Education Council.11549.66. (a) The council shall be composed of 15 members.(b) By February 1, 2024, the President pro Tempore of the Senate, the Speaker of the Assembly, and the Governor shall each appoint five members to the council, and each are encouraged to select members that represent a wide range of stakeholders, including, but not limited to:(1) Teachers or other K12 public school representatives.(2) High school students or other youth leaders.(3) Business owners.(4) Academic cybersecurity experts.(5) Public safety leaders.(6) Nonprofit organization representatives.11549.67. (a) The council shall research both of the following:(1) Ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices.(2) Ways to create a larger and more diverse cybersecurity-trained workforce.(b) The council shall propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure. This strategy shall focus on, but shall not be limited to, both of the following:(1) Basic cybersecurity education for individuals, families, schools, and workplaces.(2) A public awareness campaign and education materials aimed at ensuring that more Californians become aware of the importance of cybersecurity.11549.68. By July 1, 2024, the council shall deliver a report to the President pro Tempore of the Senate, the Speaker of the Assembly, the Governor, the Director of Technology, the Superintendent of Public Instruction, and the Director of Emergency Services that shall include, but not be limited to, all of the following:(a) Approaches the state can take to raise awareness and increase education of cybersecurity, including in K12 schools, institutions of higher education, and workplaces.(b) Ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity.(c) Ways to balance amplifying existing resources and work that is already being done to promote cybersecurity awareness with creating new resources and partnerships.(d) Ways to reach out to underrepresented populations, including, but not limited to, low-income communities and individuals who speak languages other than English.(e) Ways in which Californians can communicate with appropriate government officials about cybersecurity concerns.(f) Other recommendations that the council deems appropriate.11549.69. This chapter shall become inoperative on February 1, 2025, and, as of January 1, 2026, is repealed.
SECTION 1. Chapter 5.9 (commencing with Section 11549.65) is added to Part 1 of Division 3 of Title 2 of the Government Code, to read:
### SECTION 1.
CHAPTER 5.9. California Cybersecurity Awareness and Education Council11549.65. (a) There is in the state government, within the Department of Technology, the California Cybersecurity Awareness and Education Council.(b) For purposes of this chapter, council means the California Cybersecurity Awareness and Education Council.11549.66. (a) The council shall be composed of 15 members.(b) By February 1, 2024, the President pro Tempore of the Senate, the Speaker of the Assembly, and the Governor shall each appoint five members to the council, and each are encouraged to select members that represent a wide range of stakeholders, including, but not limited to:(1) Teachers or other K12 public school representatives.(2) High school students or other youth leaders.(3) Business owners.(4) Academic cybersecurity experts.(5) Public safety leaders.(6) Nonprofit organization representatives.11549.67. (a) The council shall research both of the following:(1) Ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices.(2) Ways to create a larger and more diverse cybersecurity-trained workforce.(b) The council shall propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure. This strategy shall focus on, but shall not be limited to, both of the following:(1) Basic cybersecurity education for individuals, families, schools, and workplaces.(2) A public awareness campaign and education materials aimed at ensuring that more Californians become aware of the importance of cybersecurity.11549.68. By July 1, 2024, the council shall deliver a report to the President pro Tempore of the Senate, the Speaker of the Assembly, the Governor, the Director of Technology, the Superintendent of Public Instruction, and the Director of Emergency Services that shall include, but not be limited to, all of the following:(a) Approaches the state can take to raise awareness and increase education of cybersecurity, including in K12 schools, institutions of higher education, and workplaces.(b) Ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity.(c) Ways to balance amplifying existing resources and work that is already being done to promote cybersecurity awareness with creating new resources and partnerships.(d) Ways to reach out to underrepresented populations, including, but not limited to, low-income communities and individuals who speak languages other than English.(e) Ways in which Californians can communicate with appropriate government officials about cybersecurity concerns.(f) Other recommendations that the council deems appropriate.11549.69. This chapter shall become inoperative on February 1, 2025, and, as of January 1, 2026, is repealed.
CHAPTER 5.9. California Cybersecurity Awareness and Education Council11549.65. (a) There is in the state government, within the Department of Technology, the California Cybersecurity Awareness and Education Council.(b) For purposes of this chapter, council means the California Cybersecurity Awareness and Education Council.11549.66. (a) The council shall be composed of 15 members.(b) By February 1, 2024, the President pro Tempore of the Senate, the Speaker of the Assembly, and the Governor shall each appoint five members to the council, and each are encouraged to select members that represent a wide range of stakeholders, including, but not limited to:(1) Teachers or other K12 public school representatives.(2) High school students or other youth leaders.(3) Business owners.(4) Academic cybersecurity experts.(5) Public safety leaders.(6) Nonprofit organization representatives.11549.67. (a) The council shall research both of the following:(1) Ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices.(2) Ways to create a larger and more diverse cybersecurity-trained workforce.(b) The council shall propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure. This strategy shall focus on, but shall not be limited to, both of the following:(1) Basic cybersecurity education for individuals, families, schools, and workplaces.(2) A public awareness campaign and education materials aimed at ensuring that more Californians become aware of the importance of cybersecurity.11549.68. By July 1, 2024, the council shall deliver a report to the President pro Tempore of the Senate, the Speaker of the Assembly, the Governor, the Director of Technology, the Superintendent of Public Instruction, and the Director of Emergency Services that shall include, but not be limited to, all of the following:(a) Approaches the state can take to raise awareness and increase education of cybersecurity, including in K12 schools, institutions of higher education, and workplaces.(b) Ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity.(c) Ways to balance amplifying existing resources and work that is already being done to promote cybersecurity awareness with creating new resources and partnerships.(d) Ways to reach out to underrepresented populations, including, but not limited to, low-income communities and individuals who speak languages other than English.(e) Ways in which Californians can communicate with appropriate government officials about cybersecurity concerns.(f) Other recommendations that the council deems appropriate.11549.69. This chapter shall become inoperative on February 1, 2025, and, as of January 1, 2026, is repealed.
CHAPTER 5.9. California Cybersecurity Awareness and Education Council
CHAPTER 5.9. California Cybersecurity Awareness and Education Council
11549.65. (a) There is in the state government, within the Department of Technology, the California Cybersecurity Awareness and Education Council.(b) For purposes of this chapter, council means the California Cybersecurity Awareness and Education Council.
11549.65. (a) There is in the state government, within the Department of Technology, the California Cybersecurity Awareness and Education Council.
(b) For purposes of this chapter, council means the California Cybersecurity Awareness and Education Council.
11549.66. (a) The council shall be composed of 15 members.(b) By February 1, 2024, the President pro Tempore of the Senate, the Speaker of the Assembly, and the Governor shall each appoint five members to the council, and each are encouraged to select members that represent a wide range of stakeholders, including, but not limited to:(1) Teachers or other K12 public school representatives.(2) High school students or other youth leaders.(3) Business owners.(4) Academic cybersecurity experts.(5) Public safety leaders.(6) Nonprofit organization representatives.
11549.66. (a) The council shall be composed of 15 members.
(b) By February 1, 2024, the President pro Tempore of the Senate, the Speaker of the Assembly, and the Governor shall each appoint five members to the council, and each are encouraged to select members that represent a wide range of stakeholders, including, but not limited to:
(1) Teachers or other K12 public school representatives.
(2) High school students or other youth leaders.
(3) Business owners.
(4) Academic cybersecurity experts.
(5) Public safety leaders.
(6) Nonprofit organization representatives.
11549.67. (a) The council shall research both of the following:(1) Ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices.(2) Ways to create a larger and more diverse cybersecurity-trained workforce.(b) The council shall propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure. This strategy shall focus on, but shall not be limited to, both of the following:(1) Basic cybersecurity education for individuals, families, schools, and workplaces.(2) A public awareness campaign and education materials aimed at ensuring that more Californians become aware of the importance of cybersecurity.
11549.67. (a) The council shall research both of the following:
(1) Ways to increase cybersecurity awareness and education of students, families, and other adults, with the goal of helping people learn and use healthy cybersecurity practices.
(2) Ways to create a larger and more diverse cybersecurity-trained workforce.
(b) The council shall propose a strategy to engage Californians in the effort to improve cybersecurity practices and strengthen cyber infrastructure. This strategy shall focus on, but shall not be limited to, both of the following:
(1) Basic cybersecurity education for individuals, families, schools, and workplaces.
(2) A public awareness campaign and education materials aimed at ensuring that more Californians become aware of the importance of cybersecurity.
11549.68. By July 1, 2024, the council shall deliver a report to the President pro Tempore of the Senate, the Speaker of the Assembly, the Governor, the Director of Technology, the Superintendent of Public Instruction, and the Director of Emergency Services that shall include, but not be limited to, all of the following:(a) Approaches the state can take to raise awareness and increase education of cybersecurity, including in K12 schools, institutions of higher education, and workplaces.(b) Ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity.(c) Ways to balance amplifying existing resources and work that is already being done to promote cybersecurity awareness with creating new resources and partnerships.(d) Ways to reach out to underrepresented populations, including, but not limited to, low-income communities and individuals who speak languages other than English.(e) Ways in which Californians can communicate with appropriate government officials about cybersecurity concerns.(f) Other recommendations that the council deems appropriate.
11549.68. By July 1, 2024, the council shall deliver a report to the President pro Tempore of the Senate, the Speaker of the Assembly, the Governor, the Director of Technology, the Superintendent of Public Instruction, and the Director of Emergency Services that shall include, but not be limited to, all of the following:
(a) Approaches the state can take to raise awareness and increase education of cybersecurity, including in K12 schools, institutions of higher education, and workplaces.
(b) Ways to effectively utilize social media, marketing campaigns, and the news media to increase awareness of and distribute materials about cybersecurity.
(c) Ways to balance amplifying existing resources and work that is already being done to promote cybersecurity awareness with creating new resources and partnerships.
(d) Ways to reach out to underrepresented populations, including, but not limited to, low-income communities and individuals who speak languages other than English.
(e) Ways in which Californians can communicate with appropriate government officials about cybersecurity concerns.
(f) Other recommendations that the council deems appropriate.
11549.69. This chapter shall become inoperative on February 1, 2025, and, as of January 1, 2026, is repealed.
11549.69. This chapter shall become inoperative on February 1, 2025, and, as of January 1, 2026, is repealed.
It is the intent of the Legislature to enact legislation that would relate to the security of information maintained by state agencies.