Security and Privacy At The Human Resources Advisory Meeting Marcos Vieyra Chief Information Security Officer Division of Information Security Sarah Morrow.

Slides:

Advertisements

Similar presentations

Bangladesh European Union Capacity Building for Effective Response Management System Through e-Learning Options A SDC supported project Comprehensive Disaster.

Advertisements

Information Asset Classification Communications Forum Theresa A. Masse, State Chief Information Security Officer Department of Administrative Services.

The Federal Budget Outlook and NSF Presented by Beth Blue National Science Foundation Office of Budget, Finance, and Award Management Budget Division/Program.

THE NSF BUDGET Overview of Agency Funding Processes Presented by Beth Blue National Science Foundation Office of Budget, Finance, and Award Management.

Line Efficiency     Percentage Month Today’s Date

UNCLASSIFIED 1 Enterprise Architecture Career Path Working Group Walt Okon Senior Architect Engineer Architecture & Infrastructure Directorate Office of.

Marie George, Chief Education Liaison Officer, Central Region St Louis Regional Processing Office Update, AVECO July 14 – 18, 2014 SCO Workshop July 14.

Unclassified. Program Management Empowerment and Accountability Mr. David Ahern Director, Portfolio Systems Acquisition AT&L(A&T) 14 April 2009 The Acquisition.

HSGP Funding for Security Efforts Presented by Michele Robinson.

Prepare for Change Ideas for Today and Tomorrow. Change is inevitable: Internal Factors Aging infrastructures Aging workforce Projects vs. programs New.

Arizona Superintendent of Public Instruction John Huppenthal Fixing the ADE Computer System to Improve Student Achievement.

Maureen B. Higgins Assistant Director, Agency Support & Technical Assistance Office of Personnel Management December 8, 2010.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Safety Culture Jim Hutton December 3, Safety Culture at DOE 2 Safety Culture Organizational Culture SCWE Safety Conscious Work Environment Organizational.

1 expect the best Jeff Deason Chief Information Security Officer Virginia Information Technologies Agency Joint Commission on Technology.

DCIPS Implementation Project Plan Update Army G2 Intelligence Personnel Management Office (IPMO) April 6, 2009.

Montgomery County, Maryland DTS CMMI Approach & Implementation Mike Knuppel 03/20/2006.

Emergency Management Training and Education System Protection and National Preparedness National Preparedness Directorate National Training and Education.

Enterprise Service Management (ESM) An Approach for Adopting and Adapting Best Practice Programs to Manage, Secure and Improve an Organizations Information.

Joint Standards Initiative VOICE Members 16 th October 2012.

ProjectImpactResourcesDeadlineResourcesDeadline Forecast Plan Time Resources Risk 001xx 002xx 003xx 004xx 005xx 006xx 007xx TotalXX Example 1: Portfolio.

Interagency Geospatial Preparedness Team Overview Briefing Susan Kalweit - Chief, IGPT.

FROM GAPS TO CAPS Risk Management Capability Based on Gaps Identification in the BSR Project Lead Partner: Fire and Rescue Department under the Ministry.

Leadership Guide for Strategic Information Management Leadership Guide for Strategic Information Management for State DOTs NCHRP Project Information.

Overview of Structure General Data Protection Regulation (GDPR)

Welcome! BI Executive Sponsors April 7, 2016

Individual and Staff Joint Training Working Group

Jan 2016 Solar Lunar Data.

IT Strategy Roadmap Template

Timeline Roadmap Template

FROM GAPS TO CAPS Risk Management Capability Based on Gaps Identification in the Baltic Sea Region (BSR)

ITI Portfolio Plan Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Current Date Visibility of ITI Projects ITI Projects.

Appendix C New Administration General Assembly Session

Average Monthly Temperature and Rainfall

The School Point of View

Information Security Forum to an Information Security Plan

UI Tax Project Department of Workforce Solutions

Student Administration and Support Programme and Project Timelines

Gantt Chart Enter Year Here Activities Jan Feb Mar Apr May Jun Jul Aug

Proposed Strategic Planning Process for FY 2013/14 thru FY 2015/16

Rev. 5 Wireless Local Number Portability and Pooling Phase 2 Implementation Guideline INDUSTRY SERVICE PROVIDER JUN JUL AUG SEP OCT NOV DEC JAN.

Wireless Local Number Portability Timeline - Phase 2

IT Transformation: Strategic Plan & Pilot Public Education Department

Rev. 5 Wireless Local Number Portability and Pooling Phase 2 Implementation Guideline INDUSTRY SERVICE PROVIDER JUN JUL AUG SEP OCT NOV DEC JAN.

Electricity Cost and Use – FY 2016 and FY 2017

SC SC SC WS SC S HIS Background document Seminar document

Text for section 1 1 Text for section 2 2 Text for section 3 3

Text for section 1 1 Text for section 2 2 Text for section 3 3

Ctclink executive leadership committee May 31, 2018

Text for section 1 1 Text for section 2 2 Text for section 3 3

Text for section 1 1 Text for section 2 2 Text for section 3 3

Text for section 1 1 Text for section 2 2 Text for section 3 3

Text for section 1 1 Text for section 2 2 Text for section 3 3

Text for section 1 1 Text for section 2 2 Text for section 3 3

Text for section 1 1 Text for section 2 2 Text for section 3 3

Text for section 1 1 Text for section 2 2 Text for section 3 3

Text for section 1 1 Text for section 2 2 Text for section 3 3

Executive Project Kickoff

Rev. 5 Wireless Local Number Portability and Pooling Phase 2 Implementation Guideline INDUSTRY SERVICE PROVIDER JUN JUL AUG SEP OCT NOV DEC JAN.

Rev. 2 Wireless Local Number Portability and Pooling Phase 2 Implementation Guideline INDUSTRY 2002 SERVICE PROVIDER JAN FEB MAR APR MAY JUN JUL AUG SEP.

2012 Safety Group 1 – 5 Year Program Timeline Guide

Wireless Local Number Portability Timeline - Phase 2

Pilot of revised survey

Milestone 2 Milestone 4 Milestone 1 Milestone 3 Milestone 5

TEL031 ODL Analytics Main Activities

Rev. 2 Wireless Local Number Portability and Pooling Phase 2 Implementation Guideline INDUSTRY 2002 SERVICE PROVIDER JAN FEB MAR APR MAY JUN JUL AUG SEP.

Milestone 2 Milestone 4 Milestone 1 Milestone 3 Milestone 5

Change Management E2E Roadmap

Presentation transcript:

Security and Privacy At The Human Resources Advisory Meeting Marcos Vieyra Chief Information Security Officer Division of Information Security Sarah Morrow Chief Privacy Officer Enterprise Privacy Office South Carolina Budget and Control Board 24Sep14

About Your Presenters

Ask Questions at Any Time

Information Security and Privacy – A Broad Perspective

State of SC – Information Security and Privacy Implementation Timeline ↓ [Sep 2014] Today ↑ [Mar 2013] B & CB Awards Deloitte Contract ↑ [Jul 2013] GA establishes DIS & EPO KEY DeloitteB & CB / DIS / DTO / EPOAgencies Self-Assessments Self-Assessment Life-Cycle [Jul 2015] Agency Self-Assessment, Phase 3 [Jul 2014] Agency Self-Assessment, Phase 2 [Jul 2013] Agency Self-Assessment, Phase 1 Tool Created DIS / EPO Guidance [Mar 2015] Agency Awareness Training, Continuing [Mar 2014] Agency Awareness Training, First Cycle [Feb 2014] Plan, Pilot [Jun 2013] RFP Awareness Training DIS / EPO Revisions & Guidance Professional Training Life-Cycle [Jul 2015] Professional Training Phase 2 [Jun 2014] Professional Training Phase 1 [Nov 2013] Staff Survey, Skills Assessment DIS / EPO Revisions & Guidance Security Professional Development Policy Revision Life-Cycle [Sep 2014] Policy Handbook Published, Agencies Implement [Mar 2014] Agency Policy Workshops [May 2013] Security Policy Devel. DIS / EPO Revisions & Guidance Security Policy & Data Classification FutureFY 2016FY 2015FY 2014FY 2013 ∞ ↑ [May 2013] Deloitte May Report Risk Assessments ↑ [Oct 2013] Interim Report ↑ [Jul 2014] Deloitte Final Report [Jun 2013] Task B 15 Agencies Task A 3 Agcy [Jul 2016] Additional Technologies [Jul 2015] Additional Technologies [Nov 2013] Initial Technologies, Overlapping/Phased Architecting, Planning, Deployment [Jul 2013] Procurem’t Security Technologies

IT Security and Privacy- HR Advisory Meeting – People Professional Development Program – 3 Essential Questions Individual : How do I develop my information security career? Agency : How do I close my agency’s information security skill gaps? State : How do I ensure South Carolina has an adequate information security workforce? Ultimate goal : Adequately protect our State’s information assets.

IT Security and Privacy- HR Advisory Meeting – People Professional Development Program – Another View All Staff : Need Information Security Awareness IT Staff : Need Information Security Training IS Staff : Need Information Security Career Path(s) Ultimate goal : Adequately protect our State’s information assets.

IT Security and Privacy- HR Advisory Meeting Employee Awareness Training – 8 Courses Available Located at:

IT Security and Privacy- HR Advisory Meeting Introductory Training – In the Queue

IT Security and Privacy- HR Advisory Meeting Foundational Security Training for IT Staff – Delivered June

IT Security and Privacy- HR Advisory Meeting Information Privacy Training

IT Security and Privacy- HR Advisory Meeting Professional Development Program – Work in Progress

IT Security and Privacy- HR Advisory Meeting Professional Development Program – Work in Progress

IT Security and Privacy- HR Advisory Meeting Professional Development Program – Work in Progress

IT Security and Privacy- HR Advisory Meeting Professional Development Program – Work in Progress

IT Security and Privacy- HR Advisory Meeting Professional Development Program – Work in Progress

IT Security and Privacy- HR Advisory Meeting Thank you! Marcos Vieyra and Sarah Morrow South Carolina Budget and Control Board Division of Information Security