Bill Text: CA AB2748 | 2017-2018 | Regular Session | Introduced
NOTE: There are more recent revisions of this legislation. Read Latest Draft
Bill Title: Election infrastructure: independent security assessments.
Spectrum: Partisan Bill (Democrat 2-0)
Status: (Engrossed - Dead) 2018-08-20 - Ordered to inactive file at the request of Senator Stern. [AB2748 Detail]
Download: California-2017-AB2748-Introduced.html
Bill Title: Election infrastructure: independent security assessments.
Spectrum: Partisan Bill (Democrat 2-0)
Status: (Engrossed - Dead) 2018-08-20 - Ordered to inactive file at the request of Senator Stern. [AB2748 Detail]
Download: California-2017-AB2748-Introduced.html
CALIFORNIA LEGISLATURE—
2017–2018 REGULAR SESSION
| Assembly Bill | No. 2748 |
| Introduced by Assembly Member Chau |
February 16, 2018 |
An act to amend Section 8592.35 of the Government Code, relating to technology.
LEGISLATIVE COUNSEL'S DIGEST
AB 2748, as introduced, Chau.
Information technology.
Existing law requires the Department of Technology, on or before July 1, 2018, to update the Technology Recovery Plan element of the State Administrative Manual to ensure the inclusion of cybersecurity strategy incident response standards for each state agency, as specified.
This bill would make a nonsubstantive change to that provision.
Digest Key
Vote: MAJORITY Appropriation: NO Fiscal Committee: NO Local Program: NOBill Text
The people of the State of California do enact as follows:
SECTION 1.
Section 8592.35 of the Government Code is amended to read:8592.35.
(a) (1) On or before July 1, 2018, the department shall, in consultation with the office and compliance with Section 11549.3, update the Technology Recovery Plan element of the State Administrative Manual to ensure the inclusion of cybersecurity strategy incident response standards for each state agency to secure its critical infrastructure controls and critical infrastructure information.(2) In updating the standards in paragraph (1), the department shall consider, but not be limited to considering, all each of the following:
(A) Costs to implement the standards.
(B) Security of critical infrastructure information.
(C) Centralized management of risk.
(D) Industry best practices.
(E) Continuity of operations.
(F) Protection of personal information.
(b) Each state agency shall provide the department with a copy of its updated Technology Recovery Plan.
(c) Each state agency shall, as part of its Technology Recovery Plan, provide the department with an inventory of all critical infrastructure controls, and their associated
assets, in the possession of the agency.
