California Cybersecurity Integration Center

Law Enforcement
Share This Page

On 31 August 2015, the Governor of California signed Executive Order B-34-15, creating the California Cybersecurity Integration Center (Cal-CSIC) with the responsibility to:

​1. Reduce the likelihood and severity of cyber-attacks;
2. Improve inter-agency and cross-sector information coordination;
3. Prioritize cyber threats and alert potential victim entities; and,
4. Strengthen the state’s cybersecurity strategy.

The Cal-CSIC is made up of four core partners, the California Governor’s Office of Emergency Services, the California Department of Technology, the California Military Department, and the California Highway Patrol.

Additional partners include other Federal, State and private sector partners including the Federal Bureau of Investigation (FBI) and the United States Department of Homeland Security (DHS). Each partner provides experts to the Cal-CSIC, which serves as the central organizing hub of the State’s cybersecurity activities.

The Cal-CSIC is co-located with the California State Threat Assessment Center (STAC), which serves as the State’s primary fusion center with responsibility to protect the State from terrorist and other physical threats. With its core partners, the Cal-CSIC has established multiple capabilities to accomplish its mission:

Cyber Incident Response Coordination
Activities consist of multi-disciplined cyber incident handlers, assessors, and analysts who support the cyber incident management lifecycle by providing expertise, support, oversight, and coordination for cyber incidents.
Cyber Threat Alerts and Advisories
Enables the Cal-CSIC to serve as a conduit for cybersecurity threat information between Federal, State, Local, and Tribal government entities. Advisories and Alerts are also shared with Private sector partners.
California Automated Indicator Exchange
Provides the exchange of intelligence-driven cyber threat indicators between the Cal-CSIC cyber threat feeds and partner entities at machine speed, resulting in distribution of relevant and timely cyber threat and trend information.
Phishing Email/Malware Analysis
Cal-CSIC Analysts collect and analyze phishing emails to extrapolate relevant information about the attacker and their respective tactics, called Indicators of Compromise. These IOCs are added to the California Automated Indicator Exchange to ensure timely distribution to partner entities.



State, local, and tribal governments, non-governmental organizations and the private sector can partner with the Cal-CSIC by registering to receive Alerts and Advisories, sharing IOCs and cyber incident reports, and connecting to the California Automated Indicator Exchange.

  • Register online to receive cybersecurity threat information for your organization at
  • Email the Cal-CSIC to learn more about sharing of IOCs and connecting to the California Automated Indicator Exchange at
  • Report cyber incidents to the Cal-CSIC at (833) REPORT-1 or



California-Joint CICE Framework Appendix A CICE Framework (Appendix A).pdfCalifornia-Joint CICE Framework Appendix AAppendix A - Roles and ResponsibilitesCyber Guidance6/17/2019 7:34:31 PM
California-Joint CICE Framework CICE Framework.pdfCalifornia-Joint CICE FrameworkCalifornia Joint Cyber Incident Communications and Escalation FrameworkCyber Guidance6/17/2019 7:34:31 PM
California-Joint Cyber Incident Response Guide Cyber Incident Response Guide.pdfCalifornia-Joint Cyber Incident Response GuideCyber Incident Response Guide for the State of CaliforniaCyber Guidance6/17/2019 7:34:31 PM


Supporting Page