California lawmakers say the state needs to do a better job of protecting data, after a series of reports about flaws at state agencies. Two Assembly committees held a joint hearing Wednesday to examine cybersecurity in California.
A state audit last year found nearly every agency it surveyed wasn’t meeting California cybersecurity standards. At the hearing, state auditor Elaine Howell said the department in charge of training isn’t doing a good job.
"We were disappointed to see they weren’t reaching out to these agencies, weren’t asking, ‘Is this training effective? Are you struggling?’," says Howell.
A state Attorney General’s report found data breaches most frequently occurred when employees misplaced devices containing unencrypted confidential records.
Jacqui Irwin chairs the Assembly cybersecurity committee.
"The governing structure around California’s cybersecurity is disjointed and accountability seems to be falling through the cracks," says Irwin.
The Attorney General, Highway Patrol, and emergency and military staff all have responsibilities for state cybersecurity. Irwin suggested the possibility of creating a new cybersecurity czar.