Cyber Security in New Jersey State Government

Slides:



Advertisements
Similar presentations
1 1 State of Oregon Identity and Access Management John Radford, State Controller Department of Administrative Services State Controllers Division.
Advertisements

Information Security The Responsibility of Security Lies on The Shoulders of Each and Every User……. R. LaRocca 1997 Robert LaRocca - Director Information.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
1 July 08, 2010 Information Security Officer Meeting.
Network security policy: best practices
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
INTRODUCTION Coined in 1996 by computer hackers. Hackers use to fish the internet hoping to hook users into supplying them the logins, passwords.
A First Course in Information Security
SEC835 Database and Web application security Information Security Architecture.
General Awareness Training
Federal Cyber Policy and Assurance Issues Dwayne Ramsey Computer Protection Program Manager Berkeley Lab Cyber Security Summit September 27, 2004.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
10/14/2015 Introducing Worry-Free SecureSite. Copyright Trend Micro Inc. Agenda Problem –SQL injection –XSS Solution Market opportunity Target.
Information Systems Ethics (Cyberethics) Dr. Robert Chi Department of Information Systems California State University, Long Beach.
PAGE Intelligence Meets Vulnerability Management NYC ISSA January 24, 2013.
Educational Computing David Goldschmidt, Ph.D. Computer Science The College of Saint Rose CIS 204 Spring 2009.
AGENDA NCSIP Mandate IT Security Threats Specific Action Items Additional Initiatives.
Developing a Security Program. Exercise Plan Develop/Update Plan Review/Revisit Plan.
HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.
RESPONSIBLE CARE ® SECURITY CODE Daniel Roczniak Senior Director, Responsible Care American Chemistry Council June 2010.
Security Awareness – Essential Part of Security Management Ilze Murane.
Strategic Agenda We want to be connected to the internet……… We may even want to host our own web site……… We must have a secure network! What are the.
CIP Prevention, detection, response and mitigation of the combination of physical and cyber threats to the transport infrastructure of Europe Dr.
IS3220 Information Technology Infrastructure Security
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
© Cloud Security Alliance, 2015 March 2, Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates.
© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.
Information Security in Laurier Grant Li Wilfrid Laurier University.
Physical Security at Data Center: A survey. Objective of the Survey  1. To identify the current physical security in data centre.  2.To analyse the.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
Information Security Officer Meeting
Law Firm Data Security: What In-house Counsel Need to Know
Securing Information Systems
OIT Security Operations
Deployment Planning Services
Trend Micro Consumer 2010 Easy. Fast. Smart.
3 Do you monitor for unauthorized intrusion activity?
AT&T Premises-Based Firewall Enhanced SBS Solution
Agenda Control systems defined
Backdoor Attacks.
Capabilities Matrix Access and Authentication
Compliance with hardening standards
Microsoft 365 Get help with regulatory compliance
Security Insights: How Microsoft Secures IT
Securing Information Systems
8 Building Blocks of National Cyber Strategies
By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union
PBA.
IS4680 Security Auditing for Compliance
Philip Nichilo Vincent Carestia
Implementing Client Security on Windows 2000 and Windows XP Level 150
Unit 4 IT Security Kerris Davies.
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Information Protection
Networking for Home and Small Businesses – Chapter 8
XX XX $ $ Dark Web Scans Simulated Phishing
<offer name> with Microsoft 365 Business Secure Deployment
Part 1 Security Action Plan Template.
In the attack index…what number is your Company?
Information Protection
Presentation transcript:

Cyber Security in New Jersey State Government Alfonsina Comune, COS/CISO, OIT

Agenda Cyber Security Business Problems OIT Solutions Planning Technology

Business Problems With >1000 daily suspicious events being detected, ongoing concern over hacking & other cyber crimes More frequent and potentially damaging virus attacks For enterprise (Statewide) e-mail, >15,000/day, 99%+ cleaned automatically For OIT desktop Web, >50/month, 99% cleaned automatically Currently over 60% of e-mail to OIT is Spam Spyware is another significant, though unquantified threat

OIT Solutions – Planning Vulnerabilities Acceptable Risk Information Add Controls Operate, Maintain, Monitor, and Train Risk Assessment Threats Technical Controls Non-Technical Controls Unacceptable Risk Information Security Program Commitment Oversight Documented Policies Lifecycle security view Risk Management Establish Requirements Build to Design Design to Requirements Test to Requirements Operate & Maintain

OIT Solutions – Technology Vulnerability Assessment and Management Intrusion Detection and Prevention Virus Scanning Spam Filtering Web Filtering Agency Isolation Identity Management

OIT Solutions – Technology Virus Scanning Enterprise (State e-mail gateway) Inter-departmental OIT internal Spam Filtering Enterprise Website Filtering Public Tier Internet User Browser Based Secure Tier Core Tier

OIT Solutions – Technology Partnerships Intra-state with Department of Law and Public Safety Inter-state with nine states, three cities, the U.S. Army, and Monmouth University

Summary Through a combination of planning and technology, OIT and the State of New Jersey are addressing cyber security threats today, and with the help of partners in government, industry, and academia, will improve our effectiveness in the future.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.