Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 April 12, 2010 Information Security Officer Meeting.

Published byMaura Simkin Modified over 9 years ago

Similar presentations

Presentation on theme: "1 April 12, 2010 Information Security Officer Meeting."— Presentation transcript:

1 1 April 12, 2010 Information Security Officer Meeting

2 2 Welcome

3 Meeting Agenda

4 4 Chris Cruz E-Mail Directory and Collaboration Services

5 5 OCIO Technical Architecture Baseline (T.A.B.) Collect detailed inventory data for 93% of the state- owned hardware and software Two methods of collection: onsite or remote collection Scans will not touch customer data Phase I is a discovery only scan (ICMP Ping) Phase II is a more detailed scan requiring access credentials (WMI, SSH, SNMP) Access to the department’s detailed inventory data will be provided For more information, you may contact P.J. Bajwa with the OCIO

6 6 Governor’s Executive Order S-03-10

7 7 Agency and Department Compliance Reporting Status

8 8 U.S. Department of Homeland Security (DHS) Federal Grants Awarded and Proposed

9 9 DHS Federal Grants Awarded Statewide Information Security Awareness Training Incident Reporting Automation Effort Enterprise Risk Management Program Secure DNS

10 10 Coming in August 2010 Basic Information Security Awareness Training Will be available for a nominal fee to any state agency and local county and city government entities, for the widest spectrum of technical environments. Satisfies the annual security and privacy training requirement for employees and contractors; it is appropriate for the audience, and is user friendly.

11 11 Enterprise Risk Management Program FSR Development Proposed Solution

12 12 Risk Management Grant Cyber Security Risk Assessment –Business Problem: There is no standardized process for implementation or review of risk management or assessment programs within departments or agencies –Solution: Develop and implement a standardized risk assessment framework with the instructions, tools, methods and roll out.

13 13 Secure ca.gov Domain Name System – Grant E Thirty three (33) month project to begin ASAP … align the State of California with the Federal.gov domain security objectives and provide a trail of authentication and data integrity throughout the city/agency.ca.gov domain zones for trustworthy and reliable e-government communications and operations. All entities that have been issued a “ca.gov” TLD will play a role in this project. A request will be sent to each CIO to identify their DNS administrator.

14 14 DHS Federal Grant Proposals California Computer Incident Response Team CA-CIRT California information Sharing and Assurance Center CA-ISAC

15 15 Social Media ITPL and Standard State Information Management Manual Section 85 A. Conduct a formal risk assessment Formally document management’s acceptance, mitigation, and handling of the risks involved Disable Internet access to Social Media websites … until authorized by agency management … Users shall connect to, and exchange information with, only those Social Media websites that have been authorized by agency management …

16 16 Tele-work Media ITPL and Standard Connection/ Application Two-Factor Authentication Use of State- Owned Equipment Use of Personally- Owned Equipment Network-level (e.g., IPSec VPN) Required Only Allowed Under Exception Process Web-based connections for email only (e.g., OWA, Novell, Lotus Notes) Not Required Allowed Web-based connections for other applications (e.g., Citrix) RequiredNot RequiredAllowed

17 17 Tele-work Media ITPL and Standard

18 18 Cyber Exercises State and Federal CIAS Tabletop Exercise 2, Sacramento Community; April 15, 2010 CIAS Tabletop Exercise 2, Palo Alto Community; May 5, 2010 CIAS State Cyber Exercise; August 12, 2010 GH Cyber Cabinet Level Executive Tabletop Exercise; September 15, 2010 Cyberstorm III (International DHS/FEMA sponsored); September 2010

19 19 Questions

Download ppt "1 April 12, 2010 Information Security Officer Meeting."

Similar presentations

1 www.vita.virginia.gov IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1, 2013 www.vita.virginia.gov.

1 IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1,
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.

Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.
Daylight Savings Time (DST) Summit EXECUTIVE BRIEFING – 8 to 9 A.M. 8:00 - 8:15 – Welcome / Expectations - Ben Berry, CIOC Chair & ODOT CIO 8:15 - 8:30.

Daylight Savings Time (DST) Summit EXECUTIVE BRIEFING – 8 to 9 A.M. 8:00 - 8:15 – Welcome / Expectations - Ben Berry, CIOC Chair & ODOT CIO 8:15 - 8:30.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
U.S. Department of Agriculture eGovernment Program February 2004 eAuthentication Integration Status eGovernment Program.

U.S. Department of Agriculture eGovernment Program February 2004 eAuthentication Integration Status eGovernment Program.
Alabama Geospatial Office Established May 2007 Mike Vanhook State GIS Coordinator.

Alabama Geospatial Office Established May 2007 Mike Vanhook State GIS Coordinator.
© 2003 IBM Corporation Privacy 12 th CACR Workshop Yim Y. Chan Chief Privacy Officer & CIO IBM Canada Ltd. w3.ibm.com/Privacy.

© 2003 IBM Corporation Privacy 12 th CACR Workshop Yim Y. Chan Chief Privacy Officer & CIO IBM Canada Ltd. w3.ibm.com/Privacy.
Keystone Technology Plan Presentation to Chesapeake Bay Program Information Management Subcommittee May 19, 2004 Nancie L. Imler Chief Information Officer.

Keystone Technology Plan Presentation to Chesapeake Bay Program Information Management Subcommittee May 19, 2004 Nancie L. Imler Chief Information Officer.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
An integrated system for handling restricted use data Felicia LeClere, Ph.D. IASSIST 2009 Tampere, Finland.

An integrated system for handling restricted use data Felicia LeClere, Ph.D. IASSIST 2009 Tampere, Finland.
1 July 08, 2010 Information Security Officer Meeting.

1 July 08, 2010 Information Security Officer Meeting.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.

Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.
April 2011 NC Division of Child Development1. April 2011 NC Division of Child Development2 SEEK Awareness Subsidized Early Education for Kids.

April 2011 NC Division of Child Development1. April 2011 NC Division of Child Development2 SEEK Awareness Subsidized Early Education for Kids.
Complying With The Federal Information Security Act (FISMA)

Complying With The Federal Information Security Act (FISMA)
Security Guide for Interconnecting Information Technology Systems

Security Guide for Interconnecting Information Technology Systems
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
HSGP Funding for Security Efforts Presented by Michele Robinson.

HSGP Funding for Security Efforts Presented by Michele Robinson.

Similar presentations

Ads by Google