Article Posted by Mark Weatherford, Director and Chief Information Security Officer, Office of Information Security

Concerned that State and local governments are not prepared to respond to attacks on cyber infrastructure, the U.S. Department of Homeland Security, Committees on Appropriations, has directed $4M for the development, evaluation, and implementation of the Community Cyber Security Maturity Model (CCSMM) training to three States. Following a detailed application process and selected on a competitive basis to improve their cyber security response capabilities, California, Texas and Delaware, were the three states selected to participate.

The CCSMM program, funded by DHS through a cooperative agreement with the University of Texas at San Antonio Center for Infrastructure Assurance and Security (UTSA-CIAS), is part of a DHS outreach effort to reach out to state and local governments and establish a cohesive national program.

Following the National Cyber Security Division’s (NCSD) 2006 and 2008 Cyber Storm I and II exercises (in which California was one of only a handful of states to participate), it became clear that there is a growing need for more practical cyber security training at the State and local level. The growing number of attacks on our IT systems and networks nationally have raised the visibility of cyber security and the threats to our government IT systems.  More importantly, the critical infrastructures upon which California state and local governments rely are almost completely dependent on technology and increasingly vulnerable to cyber attacks upon them. The Community Cyber Security Maturity Model provides a structure with which California State and local governments can use to determine their level of preparedness. The CCSMM will also provide the tools to create plans for improving our security posture and enhance our ability to successfully prevent, detect and respond to cyber attacks.

The Office of Information Security (OIS) will coordinate with local governments and lead the California CCSMM effort as preparations begin for the 2010 Cyber Storm III exercise.