The facility will monitor for malicious activity around the clock and serve as a platform for new pilot projects and capabilities in the years to come.
California is fortifying its data and digital assets with the launch of the state’s first Security Operations Center (SOC).
The state said in a blog post that the cybersecurity center, which went live in July, will defend California around the clock as it operates out of the California Department of Technology’s (CDT) Office of Information Security.
“CDT is proud of this new and critically beneficial capability as it is believed to be one of the few SOCs of its type in state government within the United States,” reads a CDT announcement.
The center is set to be built and released in phases. The first phase, that began at the start of California’s fiscal year in July, dealt with the initial installation of equipment and software to protect and defend the California Government Enterprise Network (CGEN), a state network that allows agencies to access the Internet, servers and applications hosted by the CDT and other departments.
The next phase will expand the center’s protection and defense services to cover additional systems and IT assets controlled by the CDT, while final phases of the project are expected to see the center partner with a state agency in a cybersecurity pilot that will evolve into an official program that can be offered to any interested California government entities.
The state said the center will be manned by the CDT’s IT employees but will also rely on active staff from the California Military Department — organizations connected to the state’s Army National Guard, Air National Guard and Military Reserve. Officials said that this was done to make sure the center was well staffed.
“As is widely known, acquiring and retaining IT security specialists is difficult due to the vast shortage of individuals with these skills,” the CDT stated. “This innovative model allows for tapping multiple sources for those skills.”
At the National Association of State Information Officers mid-year conference in April, California Deputy Chief Information Officer Chris Cruz told StateScoop the center would be milestone for cybersecurity that would not only protect mission critical systems, but would encrypt data both in transit on the web and at rest on network servers.
“We are going to protect our security endpoints here and protect all mission critical data that comes in and out of the state's firewall through the statewide data center,” Cruz said. “Then [we’re] looking at endpoint encryption, intrusion detection, and putting intrusion prevention services throughout other networks that come in and integrate with our statewide network.”
Cruz said the state is also intended to increase the center's impact through partnerships with California academic institutions including California State University systems, K-12 education systems, and “any peer-to-peer relationships” to provide greater protection. On top of these, the CDT says it's working with the California Cyber Security Integration Center, which delivers curated IT threat intelligence and large-scale IT incident response.