(a) There is hereby established a Delaware Cyber Security Advisory Council hereinafter referred to as the “DCSAC.” The DCSAC shall consist of 17 members to include the following:
(1) State Chief Information Officer, who shall serve as chair;
(2) State Chief Security Officer;
(3) Secretary of the Delaware Department of Safety and Homeland Security;
(4) Director of the Delaware Emergency Management Agency;
(5) Adjutant General of the Delaware National Guard;
(6) President of the League of Local Governments;
(7) President of the Delaware State Chamber of Commerce;
(8) President of the Delaware Association of School Administrators;
(9) Director of Consumer Protection of the Department of Justice;
(10) Chief Justice of the Supreme Court;
(11) President of the Delaware Healthcare Association;
(12) Four private sector representatives appointed by the Governor; and
(13) Two representatives of Higher Education appointed by the Governor.
(b) Members serving by virtue of position may appoint a designee to serve.
(c) Members appointed by the Governor shall serve at the pleasure of the Governor.
(d) The duties of the DCSAC are to do all of the following:
(1) Facilitate cross-industry collaboration to share best practices and mitigate cyber security risks related to critical infrastructure and protected systems;
(2) Develop recommendations for improving the overall cyber security posture across all sectors in Delaware;
(3) Develop recommendations for increasing information sharing between all sectors in Delaware;
(4) Recommend resources and possible methods to accomplish the recommendations identified in paragraph (d)(3) of this section;
(5) Provide recommendations to the Office of the Governor regarding the interoperability of equipment, technologies, and software infrastructure related to the cyberattacks and cybersecurity;
(6) Identify and participate in appropriate federal, multistate, or private sector programs and efforts that support or complement its cybersecurity mission;
(7) Liaise with the National Cybersecurity and Communications Integration Center within the United States Department of Homeland Security, other state and federal agencies, and other public and private sector entities on issues relating to cybersecurity.
(e) The DCSAC may establish a subcommittee.
(1) The purpose and scope of the subcommittee will be the exchange of information about cybersecurity vulnerabilities and response plans with entities who do not wish to be publicly identified.
(2) The Chair of the DCSAC will chair the subcommittee.
(3) The subcommittee will include at least 3 members of the DCSAC.
(4) The subcommittee will provide updates to the DCSAC as determined by DCSAC.
(5) The records of the subcommittee, including its summary information, findings, and recommendations, are not public records or subject to public inspection, except if shared with DCSAC.
(6) This subcommittee is not a public body subject to Chapter 100 of this title.
(f) The Delaware Department of Technology and Information shall provide staff and fiscal support to the DCSAC as part of the Department's ongoing responsibility.