All - Per the request on our Principal Legislative IT Analyst, Sean McSpaden.
Colleagues/OAGITM Members:
The purpose of this message is to make you all aware of a legislative concept
(LC 261) related to Cybersecurity that will be introduced for consideration
during the upcoming 2022 Legislative Session.
Background:
Several meetings of the Joint Legislative Committee on Information Management
and Technology (JLCIMT) have been held since November 2021.
These are the links to the agenda, materials, and recorded content from the
November 16, 2021 and January 11, 2022 JLCIMT meetings. The two meetings
(presentations, content) compliment/support one another.
The November 16, 2021 meeting was focused on "Cybersecurity, Ransomware, and
Cybersecurity Education & Workforce Development: Impacts on public and private
sector organizations" and featured speakers/presenters from Regional (LCOG) and
Local Government (LOC), Special Districts (SDAO), Education Service Districts
(High Desert ESD), the private sector (Summit Security Group, Technology
Association of Oregon) and the Oregon Cybersecurity Advisory Council.
November 16, 2021
* Meeting agenda:
https://olis.oregonlegislature.gov/liz/2021I1/Committees/JLCIMT/2021-11-16-12-45/Agenda
* Meeting materials:
https://olis.oregonlegislature.gov/liz/2021I1/Committees/JLCIMT/2021-11-16-12-45/MeetingMaterials
* Recorded Content:
https://olis.oregonlegislature.gov/liz/mediaplayer/?clientID=4879615486&eventID=2021111025
The January 11, 2022 meeting was focused on "Cybersecurity Programs:
Collaboration between Oregon Public Universities" and featured
speakers/presenters from Portland State University, Oregon State University and
the University of Oregon, and their support for the establishment of a jointly
managed, virtual ... Oregon Cybersecurity Center of Excellence (CCOE) via LC
261.
January 11, 2022
* Meeting agenda:
https://olis.oregonlegislature.gov/liz/2021I1/Committees/JLCIMT/2022-01-11-12-45/Agenda
* Meeting materials:
https://olis.oregonlegislature.gov/liz/2021I1/Committees/JLCIMT/2022-01-11-12-45/MeetingMaterials
* Recorded Content:
https://olis.oregonlegislature.gov/liz/mediaplayer/?clientID=4879615486&eventID=2022011025
* Draft LC 261 -
https://olis.oregonlegislature.gov/liz/2021I1/Downloads/CommitteeMeetingDocument/251093
The JLCIMT committee members voted unanimously to have LC 261 introduced for
consideration during the 2022 Legislative Session at the request of the Joint
Legislative Committee on Information Management and Technology. The first
meeting of the JLCIMT during the 2022 Legislative Session is planned for
February 4, 2022. If passed into law in its present form, LC 261 (Bill # to be
assigned) would:
* Establish an Oregon Cybersecurity Center of Excellence as
independent, nonprofit public corporation charged with overseeing,
coordinating, funding and providing
o cybersecurity workforce development, education, awareness and training for
public, private and nonprofit sector organizations, and
o cybersecurity-related goods and services to Oregon public bodies with a
targeted focus on the unmet needs of regional and local government, special
districts, Education Service Districts, K-12 schools and libraries.
Governance: LC 261 would the change the membership, roles and responsibilities
of the current Oregon Cybersecurity Advisory Council. The newly reconfigured
15-member council, comprised of a geographically diverse set of representatives
from stakeholder organizations, would serve as the Governing body for the
Oregon Cybersecurity Center of Excellence moving forward. State experts, local
and regional governments, schools, and private sector representatives are
included in the Council.
Operations: LC 261 would direct Portland State University, Oregon State
University and University of Oregon to jointly operate the center by an
operating agreement, provide administrative and staff support and facilities
for center operations. It would allow the Center to enter into agreements that
enable the establishment and ongoing support of Center operations and services
Funding: LC 261 would authorize the Center to accept moneys from the federal
government and other sources; and establish several targeted Funds to
accomplish its mission: e.g. a cybersecurity operating fund, workforce
development fund, grant fund for local entities, and public awareness fund.
Operative Date: As currently written, and if passed into law, LC 261 (Bill # to
be assigned) would become operative on July 1, 2022.
LC 261 is attached.
Please let me know if there is any additional information we can provide that
would help inform you and your colleagues about this important legislative
concept.
Regards
Sean
Sean McSpaden, MBA, PMP, CISM
Principal Legislative IT Analyst
Administrator - Joint Legislative Committee on Information Management and
Technology
Administrator - Transparency Oregon Advisory Commission
Oregon Legislative Fiscal Office
900 Court Street NE<x-apple-data-detectors://0/>
H-178 State Capitol
Salem, OR 97301
Phone: 503-986-1835<tel:503-986-1835>
Email:
Sean.L.McSpaden@xxxxxxxxxxxxxxxxxxxxx<mailto:Sean.L.McSpaden@xxxxxxxxxxxxxxxxxxxxx>
Gary Johnson
State Chief Information Security Officer
Enterprise Information Services
Cyber Security Services (CSS)
Cell: (971) 701-1460
[cid:image001.png@01D807A2.47E25020]
"Ensuring user-friendly, reliable and secure state technology systems that
serve Oregonians."