(2) The State Chief Information Officer may appoint nonvoting members to the council from:

(a) The Department of Justice;

(b) The office of the Secretary of State;

(c) The Office of Emergency Management;

(d) The Department of Consumer and Business Services;

(e) The Higher Education Coordinating Commission;

(f) The State Workforce and Talent Development Board;

(g) The Employment Department;

(h) The Oregon Business Development Department; or

(i) Any local, county, state, regional, tribal or federal government partner.

(3) The State Chief Information Officer shall provide administrative and staff support and facilities as necessary for the council to carry out the purposes set forth in this section.

(4) The purposes of the council are to:

(a) Serve as the statewide advisory body to the State Chief Information Officer on cybersecurity.

(b) Provide a statewide forum for discussing and resolving cybersecurity issues.

(c) Provide information and recommend best practices concerning cybersecurity and resilience measures to public and private entities.

(d) Coordinate cybersecurity information sharing and promote shared and real-time situational awareness between the public and private sectors in this state.

(e) Encourage the development of the cybersecurity workforce through measures including, but not limited to, competitions aimed at building workforce skills, disseminating best practices, facilitating cybersecurity research and encouraging industry investment and partnership with post-secondary institutions of education and other career readiness programs.

(5) The council may adopt rules necessary for the operation of the council.

(6)(a) A majority of the voting members of the council constitutes a quorum for the transaction of business.

(b) Official action by the council requires the approval of a majority of the voting members of the council.

(7) The State Chief Information Officer shall appoint one member of the council to serve as chairperson and one member of the council to serve as vice chairperson.

(8)(a) The term of office of each voting member of the council is four years, but a member serves at the pleasure of the State Chief Information Officer.

(b) Before the expiration of the term of a voting member, the State Chief Information Officer, in consultation with the Governor, shall appoint a successor whose term begins on July 1 following the appointment. A voting member is eligible for reappointment.

(c) A nonvoting member’s term of office is two years. A nonvoting member is eligible for reappointment.

(d) If there is a vacancy for any cause, the State Chief Information Officer, in consultation with the Governor, shall make an appointment to become immediately effective for the unexpired term.

(9) The council shall meet at times and places specified by the call of the chairperson or a majority of the voting members of the council.

(10) Members of the council who are not members of the Legislative Assembly are not entitled to compensation, but the State Chief Information Officer may reimburse a member of the council for actual and necessary travel and other expenses incurred in performing the member’s official duties, in the manner and amounts provided for in ORS 292.495, from funds appropriated to the State Chief Information Officer for purposes of the council.

(11) All agencies of state government, as defined in ORS 174.111, are directed to assist the council in the performance of the council’s duties and, to the extent permitted by laws relating to confidentiality, shall furnish information and advice the council considers necessary to perform the council’s duties. [2017 c.513 §3]