CA AB581

Requires all state agencies to review and implement National Institute of Standards and Technology (NIST) guidelines for reporting, coordinating, and resolving cybersecurity vulnerabilities in information systems by July 1, 2023.

Mandates the Chief of the Office of Information Security to review NIST guidelines and publish applicable standards and procedures in the State Administrative Manual and State Information Management Manual by April 1, 2023.

Allows state agencies to satisfy implementation requirements by adopting the standards and procedures published by the Chief, or by developing their own modified versions appropriate for state entities.

Requires the Office of Information Security and California Cybersecurity Integration Center to provide operational and technical assistance to state agencies and entities that request help implementing the guidelines or reporting cybersecurity vulnerabilities.

Applies the bill's provisions to the University of California only if the Regents adopt them by resolution.