ORS § 276A.560

Current through 2024 Regular Session legislation
Section 276A.560 - Oregon Cybersecurity Advisory Council
(1) The Oregon Cybersecurity Advisory Council is established within the Oregon Cybersecurity Center of Excellence. The council consists of 21 members appointed as follows:
(a) The Governor, after consultation with the State Chief Information Officer and the director of the Oregon Cybersecurity Center of Excellence or the director's designee, shall appoint 15 voting members.
(b) The Speaker of the House of Representatives shall appoint one nonvoting member who is a member of the House of Representatives.
(c) The President of the Senate shall appoint one nonvoting member who is a member of the Senate.
(d) The Secretary of State shall appoint one ex officio, nonvoting member to represent the Secretary of State.
(e) The State Treasurer shall appoint one ex officio, nonvoting member to represent the State Treasurer.
(f) The Attorney General shall appoint one ex officio, nonvoting member to represent the Attorney General.
(g) The Director of the Oregon Department of Emergency Management shall appoint one ex officio, nonvoting member to represent the Oregon Department of Emergency Management.
(2)
(a) The voting members of the council shall consist of:
(A) One member who represents Indian tribes, as defined in ORS 97.740;
(B) One member who represents the Association of Oregon Counties;
(C) One member who represents the League of Oregon Cities;
(D) One member who represents the Special Districts Association of Oregon;
(E) One member who represents regional governments;
(F) One member who represents the Oregon Association of Education Service Districts;
(G) One member who represents the Oregon School Boards Association;
(H) One member who represents the Coalition of Oregon School Administrators;
(I) One member who represents public universities listed in ORS 352.002;
(J) One member who represents community colleges;
(K) One member who represents the office of Enterprise Information Services;
(L) One member who represents a critical infrastructure sector in Oregon as defined by the Cybersecurity and Infrastructure Security Agency of the United States Department of Homeland Security;
(M) One member who represents cyber-related industries in Oregon;
(N) One member who represents a public sector information technology association in Oregon; and
(O) One member who represents a private sector information technology or telecommunications association in Oregon.
(b) A majority of the council's voting members must be geographically diverse representatives of public universities listed in ORS 352.002, local governments, regional governments, special districts, education service districts, school districts or libraries.
(3) The council shall elect one voting member of the council to serve as chairperson and one voting member of the council to serve as vice chairperson.
(4)
(a) A majority of the voting members of the council constitutes a quorum for the transaction of business.
(b) Official action by the council requires the approval of a majority of the voting members of the council.
(5)
(a) The term of office of each voting member of the council is four years, but a member serves at the pleasure of the Governor.
(b) Before the expiration of the term of a voting member, the Governor, after consultation with the State Chief Information Officer and the director of Oregon Cybersecurity Center of Excellence or the director's designee, shall appoint a successor whose term begins on July 1 following the appointment. A voting member is eligible for reappointment.
(c) If there is a vacancy for any cause, the Governor, after consultation with the State Chief Information Officer and the director of Oregon Cybersecurity Center of Excellence or the director's designee, shall make an appointment to become immediately effective for the unexpired term.
(6) The nonvoting legislative members of the council shall serve two-year terms and are eligible for reappointment.
(7) The council shall meet at times and places specified by the call of the chairperson or a majority of the voting members of the council.
(8) Members of the council who are not members of the Legislative Assembly are not entitled to compensation, but the Oregon Cybersecurity Center of Excellence may reimburse a member of the council who is not a member of the Legislative Assembly for actual and necessary travel and other expenses incurred in performing the member's official duties, in the manner and amounts provided for in ORS 292.495, from funds appropriated to the Higher Education Coordinating Commission for purposes of the council.
(9) Members of the council who are members of the Legislative Assembly are entitled to compensation and expense reimbursement as provided in ORS 171.072.
(10) The council may:
(a) Adopt rules, policies and procedures necessary for the operation of the council.
(b) Establish subcommittees, advisory committees or other work groups necessary to assist the council in performing its duties.
(c) Appoint additional nonvoting members to the council.
(11) All agencies of state government, as defined in ORS 174.111, are directed to assist the council in the performance of the council's duties and, to the extent permitted by laws relating to confidentiality, shall furnish information and advice the council considers necessary to perform the council's duties.

ORS 276A.560

2023 c. 489, § 3 (enacted in lieu of 276A.326)

Section 4, chapter 489, Oregon Laws 2023, provides:

Sec. 4. Notwithstanding the term of office specified in section 3 of this 2023 Act [276A.560], of the voting members appointed to the Oregon Cybersecurity Advisory Council under section 3 of this 2023 Act:

(1) One-third shall serve for a term ending July 1, 2025.

(2) One-third shall serve for a term ending July 1, 2026.

(3) The remaining voting members shall serve for a term ending July 1, 2027. [2023 c. 489, § 4]