Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enterprise Cybersecurity Upgrade Initiation Department of Information Technology Maria Sanchez, Acting State CIO November 13, 2018.

Published byLydia Chandler Modified over 6 years ago

Similar presentations

Presentation on theme: "Enterprise Cybersecurity Upgrade Initiation Department of Information Technology Maria Sanchez, Acting State CIO November 13, 2018."— Presentation transcript:

1 Enterprise Cybersecurity Upgrade Initiation Department of Information Technology Maria Sanchez, Acting State CIO November 13, 2018

2 Project Overview Agency Mission Business Need Project Purpose
DoIT provides IT leadership for the State, performs oversight for IT projects and procurements, and delivers enterprise IT services to the State’s executive agencies Business Need While, cybersecurity must underlie everything that IT does in the state, dedicated resources, time and money are hard to come by. Cybersecurity threats are more frequent, more complex, and have greater potential to deliver damage than ever before. Cybersecurity incidents currently are identified and remediated on a case-by- case basis, often at the individual agency level. Project Purpose Strengthen the state’s cybersecurity posture and support the effort to operationalize security policies, procedures, and activities across the State’s enterprise.

3 Project Objectives Objectives
Strengthen the state’s security workforce by retaining new talent and growing the pipeline of cybersecurity professionals; Create a robust CISO office by leveraging multiple vendor contracts; Create an enterprise library of security policies; Mature the state’s incident response abilities in partnership with vendors and state agencies; and, Utilize enterprise solutions across the state, with strong executive support for all-agency participation.

4 PRODUCTS and DELIVERABLES
Approach PHASE WORK TO BE PERFORMED PRODUCTS and DELIVERABLES PHASE I Initiation and planning Charter Project Management Plan Risk Assessment Contract Requirements CISO Plan PHASE II Planning for foundational cybersecurity framework for the enterprise Current State Assessment Stakeholder/Partner Approach Define Governance Structure Outline Policy Library PHASE III Implementation for initial enterprise concept of operations; policy library; operationalize governance structure and partnership plan Enterprise Cybersecurity Governance Policies and Procedures Library Security Operations Center Threat/Monitoring Tools PHASE IV Standardization and stabilization Fully operationalized cybersecurity enterprise framework

5 Approach (cont’d) Initial focus on current state assessment and planning to build robust enterprise framework, including external communities (Higher Education, other partners) Contractor support coupled with in-house involvement Project management State CISO search, supported by multi-vendor Virtual CISO (VCISO) while CISO is recruited Incident Response team Schedule to be developed during Initiation phase

6 Funding and Certification
Requested $3 million for project; $1 million appropriated Requesting initiation certification and approval for $80,500 Project management support (initiation phase) Virtual CISO resources Develop schedule and initiation documents FUNDING FISCAL YEAR FUNDING SOURCE AMOUNT 2018 Laws of 2018, Chapter 73, Section 7 (11) $1,000,000 TOTAL

7 Enterprise Cybersecurity Initiative
DoIT requests initiation certification for the Enterprise Cybersecurity Initiative

Download ppt "Enterprise Cybersecurity Upgrade Initiation Department of Information Technology Maria Sanchez, Acting State CIO November 13, 2018."

Similar presentations

1 General Services Department State Purchasing Division ePROCUREMENT PHASE II Project Certification – Initiation/Planning Phase October 28, 2009.

1 General Services Department State Purchasing Division ePROCUREMENT PHASE II Project Certification – Initiation/Planning Phase October 28, 2009.
1 Presented to Department of Information Technology November 17, 2010 Project Certification – Closeout Phase Presenters: Sean Pearson – Acting CIO Jennifer.

1 Presented to Department of Information Technology November 17, 2010 Project Certification – Closeout Phase Presenters: Sean Pearson – Acting CIO Jennifer.
Data Warehouse External Data Loads Initiation Certification April 22, 2009 Project Certification Committee April 22, 2009 1.

Data Warehouse External Data Loads Initiation Certification April 22, 2009 Project Certification Committee April 22,
Data Warehouse External Data Loads Implementation Certification May 27, 2009 Project Certification Committee May 27, 2009 1.

Data Warehouse External Data Loads Implementation Certification May 27, 2009 Project Certification Committee May 27,
Department of Information Technology Trusted Network Initiation Certification Request Dave Dikitolia, Andrew Griego 3-25-08.

Department of Information Technology Trusted Network Initiation Certification Request Dave Dikitolia, Andrew Griego
YES New Mexico Enterprise Eligibility System

YES New Mexico Enterprise Eligibility System
Department of Information Technology John F. Simms Bldg. Security Upgrade Implementation Certification Project Sponsor, Andrew Griego Project Manager,

Department of Information Technology John F. Simms Bldg. Security Upgrade Implementation Certification Project Sponsor, Andrew Griego Project Manager,
House Economic Affairs Committee Wednesday, September 21, 2011.

House Economic Affairs Committee Wednesday, September 21, 2011.
Making Sense of the WIC EBT IAPD IAPD Session of the 2014 WIC EBT User Group Meeting July 23, 2014 11:00 AM to 12:00 PM Presented by Cheryl Owens, MAXIMUS.

Making Sense of the WIC EBT IAPD IAPD Session of the 2014 WIC EBT User Group Meeting July 23, :00 AM to 12:00 PM Presented by Cheryl Owens, MAXIMUS.
Center for Health Care Quality Licensing & Certification Program Evaluation 1 August 2014 rev.

Center for Health Care Quality Licensing & Certification Program Evaluation 1 August 2014 rev.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
Strategic Objectives 2011 January 14, 2011. Growth of Aligned Programs ObjectiveAccountabilityProcessOutput/ Outcome Status Report Enhance and expand.

Strategic Objectives 2011 January 14, Growth of Aligned Programs ObjectiveAccountabilityProcessOutput/ Outcome Status Report Enhance and expand.
Module 2.1 Finance and Administration Cabinet Organizational Changes and Agency Impact March 16-18.

Module 2.1 Finance and Administration Cabinet Organizational Changes and Agency Impact March
OHT 25.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The quality assurance organizational framework Top management’s quality.

OHT 25.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The quality assurance organizational framework Top management’s quality.
Module N° 8 – SSP implementation plan. SSP – A structured approach Module 2 Basic safety management concepts Module 2 Basic safety management concepts.

Module N° 8 – SSP implementation plan. SSP – A structured approach Module 2 Basic safety management concepts Module 2 Basic safety management concepts.
10/20/2015 1 The ISMS Compliance in 2009 GRC-ISMS Module for ISO 27001 Certification.

10/20/ The ISMS Compliance in 2009 GRC-ISMS Module for ISO Certification.
Welcome Georgia Infrastructure Transformation 2010 Kick-off Meeting January 30, 2008.

Welcome Georgia Infrastructure Transformation 2010 Kick-off Meeting January 30, 2008.
Information Security IBK3IBV01 College 3 Paul J. Cornelisse.

Information Security IBK3IBV01 College 3 Paul J. Cornelisse.
1 1 Cybersecurity : Optimal Approach for PSAPs FCC Task Force on Optimal PSAP Architecture Working Group 1 Final Report December 10 th, 2015.

1 1 Cybersecurity : Optimal Approach for PSAPs FCC Task Force on Optimal PSAP Architecture Working Group 1 Final Report December 10 th, 2015.
RECOMMENDATIONS OF THE GOVERNOR ’ S TASK FORCE ON CONTRACTING AND PROCUREMENT REVIEW Report Overview PD Customer Forum September 2002.

RECOMMENDATIONS OF THE GOVERNOR ’ S TASK FORCE ON CONTRACTING AND PROCUREMENT REVIEW Report Overview PD Customer Forum September 2002.

Similar presentations

Ads by Google