Document Type


Publication Date



Computer networks -- Security measures, Cybersecurity


Oregon’s Senate Bill 90 (SB90), signed into law and effective as of July 1, 2017, requires the Oregon Office of the State Chief Information Officer (OSCIO) to draft a proposal for an Oregon Cybersecurity Center of Excellence (CCoE). SB90 specifies that the CCoE must include information sharing and incident response support functions, and liaise and participate in cybersecurity initiatives nationwide; the Center also bears responsibility for drafting both a Cybersecurity Strategy and Cyber Disruption Response Plan. The CCoE has also been identified as the body responsible for carrying out strategic initiatives on behalf of the Oregon Cybersecurity Advisory Council (OCAC). To assist with the process of drafting the proposal for this high-priority initiative that fulfills all these requirements, the OSCIO engaged Portland State University’s Center for Public Service (CPS) to conduct comprehensive research on the state of cybersecurity in Oregon and initiatives in other states that can serve as templates for the CCoE to follow. More specifically, CPS conducted the following research activities:

  • A policy analysis of cybersecurity efforts in other states;
  • An online survey of Oregon organizations regarding their cybersecurity policies, processes, staffing, and needs;
  • Cross-sector focus groups with cybersecurity professionals throughout Oregon;
  • Catalogs of current funding opportunities for potential CCoE activities; and
  • An inventory cybersecurity resources that currently exist in Oregon.


The Executive Summary and Overview are available below in the Additional Files

Persistent Identifier

Executive Summary Cybersecurity Needs Assessment.pdf (490 kB)
Executive Summary and Overview