California Cybersecurity Integration Center

Law Enforcement


The California Cybersecurity Integration Center’s primary mission is to reduce the likelihood and severity of cyber incidents that could damage California’s economy, its critical infrastructure, or public and private sector computer networks in our state.

CLICK HERE to sign up to receive
Cal-CSIC alerts, advisories, and product distribution.


On 31 August 2015, the Governor of California signed Executive Order B-34-15, creating the California Cybersecurity Integration Center (Cal-CSIC).

On 26 September 2018, the Governor of California approved Assembly Bill 2813, in support of California's statewide cybersecurity strategy.

The passing of AB2813 added Section 8586.5 to the California Government Code which further defines the structure and the mission of the Cal-CSIC:

The California Cybersecurity Integration Center shall serve as the central organizing hub of state government’s cybersecurity activities and coordinate information sharing with local, state, and federal agencies, tribal governments, utilities and other service providers, academic institutions, and nongovernmental organizations.

The California Cybersecurity Integration Center shall operate in close coordination with the California State Threat Assessment System and the United States Department of Homeland Security — National Cybersecurity and Communications Integration Center, including sharing cyber threat information that is received from utilities, academic institutions, private companies, and other appropriate sources.

The California Cybersecurity Integration Center shall develop a statewide cybersecurity strategy, informed by recommendations from the California Task Force on Cybersecurity and in accordance with state and federal requirements, standards, and best practices. The cybersecurity strategy shall be developed to improve how cyber threats are identified, understood, and shared in order to reduce threats to the California government, businesses, and consumers. The strategy shall also strengthen cyber emergency preparedness and response, standardize implementation of data protection measures, enhance digital forensics and cyber investigative capabilities, deepen expertise among California’s workforce of cybersecurity professionals, and expand cybersecurity awareness and public education.

The Cal-CSIC is comprised of several strategic partners, the California Governor’s Office of Emergency Services, the California Department of Technology, the California Military Department, and the California Highway Patrol.
Additional partners include other Federal, State, and private sector partners including the Federal Bureau of Investigation (FBI) and the United States Department of Homeland Security (DHS). Each partner provides experts to the Cal-CSIC, which serves as the central organizing hub of the State’s cybersecurity activities.

The Cal-CSIC is co-located with the California State Threat Assessment Center (STAC), which serves as the State’s primary fusion center with the responsibility to protect the State from terrorist and other physical threats. With its core partners, the Cal-CSIC has established multiple capabilities to accomplish its mission:

Cyber Incident Response Coordination

The California Cybersecurity Integration Center shall establish a Cyber Incident Response Team to serve as California’s primary unit to lead cyber threat detection, reporting, and response in coordination with public and private entities across the state. 

  • This team shall also assist law enforcement agencies with primary jurisdiction for cyber-related criminal investigations and agencies responsible for advancing information security within state government. 

  • This team shall be comprised of personnel from agencies, departments, and organizations represented in the California Cybersecurity Integration Center.

Information Sharing

Information sharing by the California Cybersecurity Integration Center shall be conducted in a manner that protects the privacy and civil liberties of individuals, safeguards sensitive information, preserves business confidentiality, and enables public officials to detect, investigate, respond to, and prevent cyber attacks that threaten public health and safety, economic stability, and national security. 

  • Cyber Threat Alerts and Advisories

Enables the Cal-CSIC to serve as a conduit for cybersecurity threat information between Federal, State, Local, and Tribal government entities. Advisories and Alerts are also shared with Private sector partners.

  • California Automated Indicator Exchange

Provides the exchange of intelligence-driven cyber threat indicators between the Cal-CSIC cyber threat feeds and partner entities at machine speed, resulting in the distribution of relevant and timely cyber threat and trend information.


Phishing Email/Malware Analysis

Cal-CSIC Analysts collect and analyze phishing emails to extrapolate relevant information about the attacker and their respective tactics, called Indicators of Compromise. These IOCs are added to the California Automated Indicator Exchange to ensure timely distribution to partner entities.


HOW YOU CAN HELP PROTECT CALIFORNIA

State, local, and tribal governments, non-governmental organizations and the private sector can partner with the Cal-CSIC by registering to receive Alerts and Advisories, sharing IOCs and cyber incident reports, and connecting to the California Automated Indicator Exchange.

  • Email the Cal-CSIC to learn more about sharing of IOCs and connecting to the California Automated Indicator Exchange at calcsic@caloes.ca.gov.

  • Report cyber incidents to the Cal-CSIC at (833) REPORT-1 or calcsic@caloes.ca.gov.







 

 

California-Joint CICE Framework Appendix Ahttps://www.caloes.ca.gov/LawEnforcementSite/Documents/California-Joint CICE Framework (Appendix A).pdfCalifornia-Joint CICE Framework Appendix AAppendix A - Roles and ResponsibilitesCyber Guidance6/17/2019 7:34:31 PM
California Joint Cyber Incident Communications and Escalation Frameworkhttps://www.caloes.ca.gov/LawEnforcementSite/Documents/California-Joint CICE Framework 2020.pdfCalifornia Joint Cyber Incident Communications and Escalation FrameworkThis document provides high level procedural guidance for paths of escalation and coordinated communications during and after a cyber-incident occurs.Cyber Guidance5/13/2021 4:14:19 PM
California-Joint Cyber Incident Response Guidehttps://www.caloes.ca.gov/LawEnforcementSite/Documents/California-Joint Cyber Incident Response Guide.pdfCalifornia-Joint Cyber Incident Response GuideCyber Incident Response Guide for the State of CaliforniaCyber Guidance8/2/2021 10:33:29 PM
Cal-CSIC Advisory Teleworking Guidancehttps://www.caloes.ca.gov/LawEnforcementSite/Documents/Cal-CSIC_Advisory_Teleworking Guidance.pdfCal-CSIC Advisory Teleworking GuidanceTeleworking3/14/2020 12:12:15 AM

 
Supporting Page