State IT leaders participated in “Tech Talk with CDT,” a one-hour virtual panel on April 26 to discuss a the evolution of cybersecurity in California and how it mitigates the risk of a cyber attack.
Acting State CIO Russ Nichols moderated the panel and was joined by State Chief Information Office Vitaliy Panych and California Cyber Security Integration Center (Cal-CSIC) Commander Jonathan Nunez.
The panel kicked off with a discussion about the evolution of Cal-CSIC from its integration in 2015 to the present day.
“In 2015 I saw this value of having a Cal-CSIC to [be] the force multiplier or enabler to our operation teams,” Panych said.
Cal-CSIS exchanges threat intelligence and indicators of compromise across agencies, creating a centralized, collaborative spirit within a matrix of organizations including CDT, California Highway Patrol, California Military Department, and FBI, among others.
Despite the maturation of cybersecurity within the state over the last near-decade, the heads of agencies still need to stay on top of cybersecurity issues as a business need.
“The technology folks are the how, but really protecting the business is the goal” Nichols said.
Later in the talk, Nunez spoke about quantifying risk across the state by assessing potential attack surfaces–the setting in which an attacker breaches an entity’s cyber defense.
“It really is a fantastic way to have an attacker’s perspective on your environment,” Nunez said. “We highly, highly encourage utilizing that information as a source of intelligence to feed your overall security program.”
Knowing their own defenses allow Cal-CSIC to patch holes and create budgetary requirements in order to reduce the risk of a cyber threat.
According to Panych, there are two kinds of cyber attacks: opportunistic and targeted.
“A target attack starts with reconnaissance or mapping out their environment–akin to a burglar going up and down the street trying every door that’s locked or unlocked.
Understanding your own attack surface creates a strong security defensive posture that can mitigate the risk of opportunistic and targeted attacks.