CA SB265

Expands California Cybersecurity Integration Center (Cal-CSIC) mandate to assist all critical infrastructure sectors (16 sectors including chemical, energy, financial services, healthcare, transportation, water/wastewater) in improving cybersecurity, not just food and agriculture and wastewater sectors.

Requires Cal-CSIC to prepare a strategic, multiyear outreach plan due to Legislature by January 1, 2025, including workforce gap analysis, coordination methods with state and federal agencies, funding estimates, and evaluation metrics for success.

Requires Cal-CSIC to evaluate grant and alternative funding options for critical infrastructure entities to improve cybersecurity preparedness and submit report by January 1, 2025, including current funding levels and potential voluntary unfunded actions.

Adds requirement for Cal-CSIC to provide evaluation plan on risk identification, risk analysis, documentation, and recordkeeping methods for cyber threats and attacks.

Specifies that reporting requirements become inoperative on January 1, 2029 per Section 10231.5.