The Senate Budget and Fiscal Review Subcommittee No. 4 on State Administration and General Government convened on May 1, 2025, to discuss critical funding allocations aimed at enhancing cybersecurity measures within the California Department of Food and Agriculture (CDFA).

The proposed budget includes an increase of approximately $2.48 million in the general fund for the fiscal year 2025-2026, along with the addition of five permanent positions dedicated to managing and implementing remediation efforts for security vulnerabilities. This funding is part of a broader strategy to ensure ongoing monitoring and management of critical security services.

A significant portion of the budget—$4.1 million for fiscal year 2026-2027 and $3.6 million for 2027-2028—addresses the aftermath of a cybersecurity incident in March 2024, where a breach on one of CDFA's public websites exposed private data. In response, CDFA has worked with the California Department of Technology to identify the breach's root cause and develop a temporary solution. However, officials emphasized that this solution is not permanent, necessitating the requested funding to implement a more robust and lasting fix.

The proposed measures include upgrading CDFA's applications to newer platforms, conducting thorough security assessments, and evaluating the criticality of applications to prevent potential exploitation by attackers. Without this funding, CDFA risks significant vulnerabilities that could hinder its ability to fulfill its core mission.

The Department of Finance expressed no additional concerns regarding the proposal, and the Legislative Analyst's Office indicated their support. Subcommittee members acknowledged the importance of these cybersecurity enhancements, recognizing their implications beyond just the department itself.