1 IT Security in the Commonwealth Sam A. Nixon Jr. Chief Information Officer of the Commonwealth Michael Watson Commonwealth Chief Information Security.

Slides:



Advertisements
Similar presentations
Cyber-Identity and Authorization in an Uncertain World Ravi Sandhu Laboratory for Information Security Technology Department of Information.
Advertisements

1 IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1,
1 IT Security in the Commonwealth A high-level review Sam A. Nixon Jr. Chief Information Officer of the Commonwealth Governors Secure Commonwealth Panel.
Protection of Information Assets I. Joko Dewanto 1.
Enterprise Data Solutions A Better Network. A Better ROI. Martin Matthews Technical Sales Engineer.
1 Evolving the Cyber Security Program Michael Watson Chief Information Security Officer ISACA 3/12/
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Controls for Information Security
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
Click to add a subtitle 1 expect the best Lemuel C. Stewart, Jr. Chief Information Officer of the Commonwealth Joint Commission on.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
1 VEIAA – The VITA story... Sam A. Nixon Jr. Chief Information Officer of the Commonwealth August 8,
Joseph Ferracin Director IT Security Solutions Managing Security.
BUSINESS B1 Information Security.
1 Figure 1-17: Security Management Security is a Primarily a Management Issue, not a Technology Issue Top-to-Bottom Commitment  Top-management commitment.
Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.
Managing and Securing Endpoints Bruce Hotte Chief Information Officer Jeff Swan Network Supervisor  The definition of “endpoint” used to be simple: a.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.
Chapter 12 by Lisa Reeves Bertin Securing Information in a Network.
1 expect the best Cheryl F. Clark Deputy Chief Information Officer of the Commonwealth McIntire School of Commerce, University of.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Chapter 6 of the Executive Guide manual Technology.
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
Copyright © 2004 Pearson Education, Inc. Slide 5-1 Securing Channels of Communication Secure Sockets Layer (SSL): Most common form of securing channels.
1 expect the best Jeff Deason Chief Information Security Officer Virginia Information Technologies Agency Joint Commission on Technology.
Dodi Smith C.P.A., C.I.S.A Information Security Manager Michigan Office of the Auditor General Information Security & The Auditor.
1 VITA in Review Lemuel C. Stewart Jr. CIO of the Commonwealth Information Technology Investment Board January 15,
Calendar & events 1 Jerry Simonoff, VITA Communications Exchange Meeting June 24, 2008.
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
Chapter 13 Understanding E-Security. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES Security in Cyberspace Conceptualizing Security.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Enterprise Data Solutions A Better Network. A Better ROI. Martin Matthews Technical Sales Engineer.
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.
1 expect the best Lemuel C. Stewart, Jr. Chief Information Officer of the Commonwealth Information Technology Investment Board September.
1 VITA in Review Lemuel C. Stewart Jr. CIO of the Commonwealth Senate Finance Committee General Government/Technology Subcommittee.
1 expect the best Lemuel C. Stewart, Jr. CIO of the Commonwealth Information Technology Investment Board February 9, 2006 CIO Status.
Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.
1 expect the best Lemuel C. Stewart, Jr. Chief Information Officer of the Commonwealth January 20, 2006 Greater Richmond Technology.
Syo-401 Question Answer. QUESTION 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the.
1 1 Advanced Cyber Security Event - Introduction 11 th May 2016 Matt Locker.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Building Our IT Security Lines of Defense Working together to protect Government’s IT systems.
By: Joshua DeLong Computer Security and Privacy.
Protecting Against Cyber Attacks PLEASE TAKE A MINUTE TO LOOK AT THIS IMPORTANT MESSAGE. THIS IS HAPPENING HERE AND NOW! LET US SAVE YOU AND YOUR INFORMATION.
Chapter 13 Network Security Auditing Antivirus Firewalls Authentication Authorization Encryption.
OIT Security Operations
Capabilities Matrix Access and Authentication
Evolving the Cyber Security Program
Secure & Unified Identity
Download Latest CompTIA CAS-002 Exam Dumps PDF Questions - CAS-002 Best Study Material - Realexamdumps.com
Enterprise Services & Integration Directorate
Identity & Access Management
Experience with Implementing IT and Information Security Solutions
IBM GTS Storage Security and Compliance overview.
Session 1 – Introduction to Information Security
Data Breach of United States Office of Personnel Management
Leading financial services provider
Presentation transcript:

1 IT Security in the Commonwealth Sam A. Nixon Jr. Chief Information Officer of the Commonwealth Michael Watson Commonwealth Chief Information Security Officer Virginia Cyber Security Commission June 11,

2 VITA Is Statutorily Responsible for IT Security CIO responsible for security of government information (§ of the Code of Virginia) –Risk management, audits, security measures –Applies to all branches of state government VITA performs overall incident response –Share intel & information (FBI, DHS, etc) CIO & VITA have limited authority –Direct oversight limited to NG infrastructure –No direct authority over agency applications, agency infrastructure, & data

3 VITA/NG Provision IT Infrastructure VITA/NG protect security of IT infrastructure –60k PCs, 3k servers, 1.5 petabytes data, 2k circuits –Firewalls, intrusion monitors, encryption, compartmentalization, antivirus, spam filters, security operations center, authentication –95.5 million attack attempts in CY 2013 –86 of 89 executive branch agencies protected by transformed environment However, primary attack vector is against applications not the infrastructure –Agencies remain responsible for applications & data

4 Cyber Security Challenges State agency staffing constraints impede security gap correction & limit auditing –Only 33% of agencies meet minimum requirement to audit their sensitive systems every 3 years –VITA needs cyber intelligence program to analyze threats & attacks Additional security efforts are required –SSL VPN, more frequent password resets, two- factor authentication, hard drive encryption Agility needed to support evolving threats

5 Questions? Samuel A. Nixon Jr. (804) Michael Watson (804)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.