1. Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting JULY 11, 2007 www.vita.virginia 1

2. WELCOME Peggy Ward, VITA www.vita.virginia 2

3. ISOAG July 2007 Agenda I. WelcomePeggy Ward, VITA II. E-DiscoveryJulie Whitlock, OAG III. Identity Management RoadmapTony Shoot, NG IV. CESC - Security Operations Linda Smith, NG V. Commonwealth Information Security Council Update! Encryption CommitteeSteve Werby Making Security an Executive Management PriorityJohn Karabaic Small Agency OutreachRobert Jenkins Identity and Access ManagementPatricia Paquette VI. Keylogging MalwareTripp Sims, VITA VII. COV IT Security Policies, Standards and Guidelines Update Cathie Brown, VITA IX. MS-ISACPeggy Ward, VITA X. Upcoming EventsPeggy Ward, VITA XI. Other Business Peggy Ward, VITA

4. An Overview of E-Discovery July 11, 2007 Julie Whitlock, Assistant Attorney General Technology and Procurement Law Section

5. What is discovery? Discovery is the process by which parties to a lawsuit exchange information, or request it from third parties Requests for production of documents Subpoenas Depositions Etc.

6. What is e-discovery? Process by which parties request “electronically stored information” = ESI Includes: EmailsMetadata Voice mailsSpreadsheets Word filesText messages CalendarsVideos Information on jump drives, PDAs, and Blackberries Information stored on home or personal computers and devices, and in personal e-mail accounts

7. What has changed? Statewide document retention schedules have not changed Duty to preserve evidence has not changed Federal Rules of Civil Procedure Amendments became effective December 2006 Specifically address e-discovery Specifically allow for sanctions Require early conference to discuss availability, cost, and timing of producing data

8. What is individual agency’s responsibility? Compliance with document retention schedules, including documentation of destruction Preservation of all evidence in its original electronic form, so that all information contained within it, whether visible or not, is also available for inspection (e.g. metadata) Notification to VITA early on, to enable efficient responses and coordinate any necessary litigation holds Notification to your agency counsel at the AG’s Office when you anticipate litigation, in order to receive advice specific to the situation

9. Effective Records Management Ensures compliance with document retention schedules Provides the foundation for compliance with discovery rules Enables efficient review of ESI Reduces cost of storage, cost of searching, cost of retrieval Library of Virginia retention schedules address both physical records and virtual records

10. Virginia Code § 42.1-86.1. Disposition of public records. — *** C. Each agency shall ensure that records created after July 1, 2006 and authorized to be destroyed or discarded in accordance with subsection A, are destroyed or discarded in a timely manner in accordance with the provisions of this chapter; provided, however, such records that contain identifying information as defined in clauses (iii) through (ix), or clause (xii) of subsection C of § 18.2-186.3, shall be destroyed within six months of the expiration of the records retention period.18.2-186.3 *** (iii) social security number (iv) driver's license number (v) bank account numbers (vi) credit or debit card numbers (vii) PIN numbers(viii) electronic identification codes (ix) automated or electronic signatures(xii) passwords

11. What can my agency do now? Review current document retention schedules and practices Watch for formal advice from the OAG Become familiar with what you have electronically, where it is stored, in what formats, and who is responsible for it (don’t forget personal devices) Become familiar with your automatic backup and archiving functions Begin to understand what would be necessary to perform a search or to retrieve archived documents

12. What can my agency do now? (con’t) Begin to identify positions within your agency that are involved in data retention – this includes your document retention/records management officer Encourage the segregation of personal or proprietary information before data is archived – to reduce the time spent segregating when responding to a request

13. Things to consider when preparing for e-discovery Individual privacy of user Prevention of data loss, whether inadvertent or intentional Minimizing individual disruptions while searching and responding to discovery requests Operational efficiencies to ensure timely preservation and processing of data Consistency of process

14. Conclusion

15. Security Operations Center Identity Management Support June 11, 2007

16. Security Operations Center Identity Management Definition: –Management of the identity life cycle of entities (subjects or objects) during which: the identity is established the identity is described the identity is destroyed Transformation Objectives: –User consolidation across multiple directories and e-mail system Single domain Active Directory (COV.VIRGINIA.GOV) –Role-Based Access Control –Provisioning and de-provisioning –Self Service Password Management –Auditing and Reporting

17. Security Operations Center Components Confidential

18. Security Operations Center Active Directory Primary Identity Repository Authentication and Access Control Single domain Active Directory – COV.VIRGINIA.GOV User consolidation from Agency directories and e-mail system

19. Security Operations Center ADAM (Active Directory Application Mode) Confidential

20. Security Operations Center MIIS (Microsoft Identity Integration Server) Confidential

21. Security Operations Center Quest Management Tools Confidential

22. Security Operations Center P-Synch Confidential

23. Security Operations Center Pegasus / Dogwood Confidential

24. Security Operations Center Identity Management Transformation Roadmap Confidential

25. Security Operations Center Enabling Identity Management Central Identity Repository Identity Synchronization Self-Service –Authorization –Access –Passwords –Profile Workflow Centralized User Management Delegated Administration Automated Provisioning and De- Provisioning Single Sign On Consolidated Auditing

26. Security Operations Center Enabling Identity Management Central Identity Repository –Consolidation of user identities into one centralized repository –Integrate other systems authorization and authentication of users External and internal web apps leverage primary identity store Internal enterprise apps leverage primary identity store

27. Security Operations Center Enabling Identity Management Identity Synchronization –Automatic propagation of changes to other managed systems (Synchronization) –Collects identity data from other systems –Enables provisioning across wide range of systems and applications

28. Security Operations Center Enabling Identity Management Self Service –Password Resets –Profile Updates –Account and Access request

29. Security Operations Center Enabling Identity Management Centralized User Management –Role-Based Access Control –Rule-Based Access Control –Centralized provisioning and de-provisioning –Password Management Uniform Password Policy Password Initialization Spans multiple systems

30. Security Operations Center Enabling Identity Management Delegated Administration –Non-technical users perform granular administration

31. Security Operations Center Enabling Identity Management Resource Provisioning –Automated provisioning and de-provisioning –Workflow automates approval process

32. Security Operations Center Enabling Identity Management Single Sign-On (SSO) –Reduced Sign On Authenticate once to gain access to many systems A single identity source is used for authentication –Reduced Credentials User credentials gain access to multiple systems (each requiring sign on) Password is synchronized between multiple systems

33. Security Operations Center Enabling Identity Management Identity Auditing and Reporting –Automatic ticket generation for follow-up and reporting –Automatic E-Mail for interaction with users, administrators, and authorizers –Real-time auditing of all AD changes

34. Security Operations Center Questions ?

35. Security Operations Center Security Operations Center tools Linda Smith Manager Transformation Security Services July 11, 2007

36. Security Operations Center Table of Contents Confidential

37. Security Operations Center Blue Coat Confidential

38. Security Operations Center Blue Coat default deny policy ConfidentialConfidential Confidential

39. Security Operations Center Blue Coat configuration Confidential

40. Security Operations Center Blue Coat Reporter Confidential

41. Security Operations Center Internet Security Systems Confidential

42. Security Operations Center ID Management Confidential

43. Security Operations Center Antivirus Management Confidential

44. Security Operations Center Firewall / VPN Confidential

45. Security Operations Center Firewall / VPN Confidential

46. Security Operations Center Questions ?

47. 47 www.vita.virginia.gov Peggy Ward, VITA 47 Commonwealth Information Security Council

48. Encryption Committee Jesse Crim (VCU) John Palese (DSS) Michael McDaniel (VRS) Tripp Simms (VITA/NG) Steve Werby (DOC) Craig Goeller (DMAS) NEW MEMBER!

49. Making Security an Executive Management Priority Committee Members Shirley Payne, Chair, University of Virginia Joe Hubbard, Virginia Lottery Beth Nelson, State Board of Elections Judy Napier, Office of the Governor John Karabaic, CISSP, Dept. Medical Assistance Services

50. Deliverables Plan and develop Executive Security Awareness events, either stand-alone or as riders on other planned executive-level events. Present effective Executive Security Awareness practices from agencies as models other agencies might follow.

51. Deliverables Collect and make available Security Awareness presentations designed for executives. Form a speakers bureau of ISO and Managers teams to give presentations to executives within Secretariat.

52. Recommendations Include Information Security as a part of the agency strategic plan and performance measurement. Create a Commonwealth of Virginia Information Security Officer (ISO) to lead the Executive Security Awareness from the Governor’s Office.

53. 53 www.vita.virginia.gov Small Agency Outreach Robert Jenkins www.vita.virginia.gov 53

54. 54 www.vita.virginia.gov Current Members –Robert Jenkins (DJJ) –Aaron Mathes (OAG) –Goran Gustavsson (APA) –Ross McDonald (DSS) –Bob Auton (DJJ) –Doug Mack (DJJ)

55. 55 www.vita.virginia.gov Status Update Contact & survey small agencies and benchmark where they are in the process –Identify agencies classified as small –Conduct Needs Analysis (which agencies need assistance) –Offer guidance with the security level process to those agencies with a documented need (high level) –Perform Gap Analysis of present state versus desired state (if resources are available) –Recommend strategies and resources to close gaps –Recommend strategies and resources to maintain compliance

56. 56 www.vita.virginia.gov Status Update (con’t) Identify a pool of available talent available to work in a shared service capacity to provide ISO or Audit functions to Small Agencies –Determine which small agencies have trained personnel to perform ISO and/or Internal Audit responsibilities –Query larger agencies to determine if they have ISO or IA resources that may available to assist small agencies –Match needs with skill sets when possible –Provide support to maintain relationships between small agencies and those who volunteered to support them

57. 57 www.vita.virginia.gov Status Update (con’t) Develop “Canned Solutions” i.e. quick fixes using best practices from those with success in the areas such as policy, practice or procurement. –Establish repository of completed sample policies, process, and best practices –Make available Security Awareness training options –Develop distribution list of subject matter experts in the areas of information security and audit –Investigate tools to increase communications such as a message board that has shared access and with knowledge base capabilities

58. 58 www.vita.virginia.gov Status Update (con’t) Create network of Subject Matter Experts (SME) to offer advice and guidance on relevant topics such as –ARMICS and implementation options –Resources to talk with Agency Management who may be reluctant or unfamiliar with required actions needed for compliance matters –VITA IT Security Policies and Standards (Business Impact Analysis, Risk Assessment, Breaches/Detections, etc.) –Other IT Services, such as possible tests/reviews/audits

59. 59 www.vita.virginia.gov QUESTIONS

60. Identity and Access Management and Account Management Committee Members Patricia Paquette – DHP, pat.paquette@dhp.virginia.govpat.paquette@dhp.virginia.gov Mike Garner – Tax, mike.garner@tax.virginia.govmike.garner@tax.virginia.gov Marie Greenberg – DMV, marie.greenberg@dmv.virginia.govmarie.greenberg@dmv.virginia.gov Jim Rappe – ABC, james.rappe@abc.virginia.govjames.rappe@abc.virginia.gov Maria Batista, DMV, maria.batista@dmv.virginia.govmaria.batista@dmv.virginia.gov Joel McPherson, DSS, joel.mcpherson@dss.virginia.govjoel.mcpherson@dss.virginia.gov David Hines, Supreme Court, dhines@courts.state.va.usdhines@courts.state.va.us

61. Identity and Access Management and Account Management Challenges- Up-front task of ensuring there is a single identity for each person  numerous agencies and literally hundreds of systems which have information about people scattered throughout those systems Number of instances where data is not readily matched  no easy way to identify whether Bob Smith in one system is or is not the same person as Bob Smith in another

62. Identity and Access Management and Account Management Challenges- ID management ability to scale, compatibility with existing applications, and ease of use Changing business processes Buy-in from agencies  demonstrating the value of identity management systems. Effort extended entering initial information about employees and various access rights.

63. Identity and Access Management and Account Management Initial Direction Research COV existing methodologies  Understand what we have Investigate partnership methodology/capability Research market solutions  Understand what’s available Impact Analysis  Cost  Capability  Expansion  Effectiveness Proposals

64. 64 www.vita.virginia.gov Tripp Sims, VITA Commonwealth of Virginia Security Architect July 11, 2007 64 Keylogging Malware Threats Infection Methods Defenses

65. 65 www.vita.virginia.gov Content What is Malware? Keylogging Threats Common Infection Methods –Browsers, Network Services, and Users Defenses –Desktop & Patch Management, AntiVirus, Firewall/IDS/IPS, Behavior Based HIDS, and Education and Solutions Questions and Answers

66. 66 www.vita.virginia.gov What is Malware? The term malware is a fusion of the words “malicious” and “software”. The generally accepted definition is: a piece of software specifically designed and distributed with malicious intent by the author. Earliest examples of malware were common computer viruses. Today, with virtually every computer being a “network” connected computer running dozens of applications, the threats of malware have expanded significantly. Malware has evolved in lockstep with the evolution of information technologies. In a very real sense the “Arms Race” analogy fits all too well - and we are losing that race. Fortunately, we still own most of the battlefield.

67. 67 www.vita.virginia.gov Malware: Keyloggers and Password Stealers Keyloggers steal passwords and other personal information Infrastructure and tools are readily available that allow for remote control of malware and remote reception of keylog and password data COV Citizens have been keylogged when using applications offered by agencies of the Commonwealth COV IT Security Standard, Section 4.5.2 – “Prohibit all IT system users from intentionally developing or experimenting with malicious programs (e.g., viruses, worms, spyware, keystroke loggers, phishing software, Trojan horses, etc.).”

68. 68 www.vita.virginia.gov Keylogging Threats Confidential

69. 69 www.vita.virginia.gov Keylogging Threats Confidential

70. 70 www.vita.virginia.gov Keylogging Threats Confidential

71. 71 www.vita.virginia.gov Common Methods of Infection Web Browsers One of the fastest growing developments in malware distribution is the utilization of web-browser exploit packs Secretly inserted into legitimate websites. Miami Dolphins Super Bowl Incident

72. 72 www.vita.virginia.gov Miami Dolphins Super Bowl Incident On or about January 26th, 2007 the Dolphins Stadium & the official Miami Dolphins website were hacked. Dolphins Stadium would be hosting that years Super Bowl in less than 10 days so traffic to both sites were high. The offending exploit, and malware installed through vulnerable browsers, were not removed from the sites for almost a week. The malware installed through the exploit was classified as an Agent/PWS, meaning that it was a password stealer with the ability to be updated to a newer version remotely via HTTP.

73. 73 www.vita.virginia.gov Network Services If you port scan almost any network device, you will discover at least one open port. This is expected because a network asset is one to be directly used (a printer, a server) by a user or directly managed (a router, a laptop) by an administrator via the network. History has proven: Even core operating system programmers have difficulty in generating bulletproof network services. Vendors, while getting better, allow too much lag time between exploit announcement and patch issuance. Users, and to a lesser extent system administrators, continue to operate insecure systems due to lack of education or willingness. Likely future: Zero-day hits will have the potential to be devastating in a targeted attack.

74. 74 www.vita.virginia.gov Users Malicious e-mail attachments –highly utilized methodology –Vulnerable application formats are variable.doc;.zip;.rar;.ppt;.xls;.jpg;.msi; etc… Peer-to-Peer File sharing –P2P propagation is viable Pirated Software and “Cracks” –Bittorrent, Newsgroups, and other forms of pirated software distribution are shown to contain a high quantity of malicious code. –Most pirated software cannot be updated for security vulnerabilities. Instant Messenger Mal-Links –“Did you see this picture of you on MySpace?”

75. 75 www.vita.virginia.gov Malware Defense Desktop & Patch Management AntiVirus Behavior Based Intrusion Detection Firewalls/IDS/IPS Customer Education and Solutions

76. 76 www.vita.virginia.gov Malware Defense Layered approach to Security (Defense in Depth) In situations where it’s not cost effective to support the best possible security posture, keep in mind that every layer of protection utilized is another security hurdle for the “bad guys” to circumvent. As security representatives of the citizens of Virginia’s data we are not only required to keep our own resources secure, but we are also bound to educate and offer solutions to the citizens to better protect their own data.

77. 77 www.vita.virginia.gov Desktop and Patch Management Apply Principle of Least Authority (POLA) to home computers as well as work. –Can your home users install software themselves? –Do you use separate user accounts on your home computers? And does your primary account have Administrator privileges? Keep up with OS & application patching. –Managed enterprise infrastructure has documented plans for testing and deploying security patches. –Home users should be advised to turn on automated updates and respect the importance of these updates to their computers. A strong desktop policy and patch management can be one of the easiest and most effective layers of security IT Security Standard, Section 5.2.2 – “Requires that local administrator rights, or the equivalent on non-Microsoft Windows-based IT systems, be granted only to authorized IT staff.”

78. 78 www.vita.virginia.gov Anti-Virus Anti-Virus is an essential first line of defense Use solutions from well known vendors Be aware of malicious offerings that distribute malware posing as Anti-Virus For enterprise workers consider using the standard Anti-Virus used in the enterprise for your home computer.

79. 79 www.vita.virginia.gov Firewalls/IDS/IPS Network Firewalls are another layer of defense Firewalls features can include Intrusion Detection/Prevention features Recommend a ‘default deny’ policy for outbound traffic, then selectively open for user traffic as needed

80. 80 www.vita.virginia.gov Firewalls/IDS/IPS Network Intrusion Detection & Prevention Systems as an additional layer of defense Most IDS/IPS solutions are signature based and must be updated and current (same as Anti-Virus) There are ‘security center’ solutions for home users that include host-based personal firewalls with IDS/IPS features built in.

81. 81 www.vita.virginia.gov Behavior-Based Intrusion Detection Behavior-based intrusion detection systems exist that rely on the premise that an intrusion can be detected by a deviation from the normal behavior of a system or a user. More typically deployed in the Enterprise today. AdvantagesDisadvantages When properly configured over time, and in a managed environment it can be highly effective Can detect and defend against zero-day malware for which no signatures exist Can defend against abuse which might not normally be associated with an “exploit” Can produce numerous false positives in an unmanaged environment, such as a home system Generally requires constant supervision to ensure its knowledge expands as users behavior changes

82. 82 www.vita.virginia.gov User Education Customer Education is the most important line of defense! The citizen’s computer is much more likely to be the source of leaking personal information than legitimate websites What can you do to help keep citizens’ data secure? Banner type notification when citizens visit your site to do business Offer security resource pages that can help a customer understand what they can do to increase their own security.

83. 83 www.vita.virginia.gov User Education Customer Solutions There are practices you can consider for inclusion on your customer facing applications. There are also a number of free resources online that can help a customer understand the security posture of their computer. Many AntiVirus vendors offer free web based AntiVirus and security scans which run through the web browser. Point your customers to them as a resource for their personal data security There is also a free browser security testing site available @ http://www.scanit.be/browser-security-test.html http://www.scanit.be/browser-security-test.html Consider maintaining a black-list of known insecure browser user- agents. Browsers which identify themselves as known insecure to your applications could be warned before gaining entry to your applications.

84. 84 www.vita.virginia.gov The Current State of Malware Questions

85. 85 www.vita.virginia.gov Information Technology Security Policy, Standards and Guidelines Cathie Brown, CISM, CISSP www.vita.virginia.gov 85

86. 86 www.vita.virginia.gov Compliance: IT Security Policy & Standard Blanket 90 Day Exception – September 28, 2007 Key Steps to Compliance include: –Designate an ISO –Inventory all systems –Perform Risk Assessment on sensitive systems –Perform Security Audits on sensitive systems –Document and exercise Contingency & DR Plans –Implement IT systems security standards –Document formal account management practices –Define appropriate data protection practices –Establish Security Awareness & Acceptable Use policies –Safeguard physical facilities –Report & Respond to IT Security Incidents –Implement IT Asset Controls

87. 87 www.vita.virginia.gov Compliance - Wall of Honor Accountancy, Board of Accounts, Department of Aging, Department for the Agriculture and Consumer Services, Department of Alcoholic Beverage Control Aviation, Department of Blind and Vision Impaired, Department for the Business Assistance, Virginia Department of Center for Behavioral Rehab Center for Innovative Technology Christopher Newport University Conservation and Recreation, Department of Correctional Education, Department of Corrections, Department of Criminal Justice Services, Department of Deaf and Hard of Hearing, Department for the Department of Charitable Gaming Department of Forensic Sciences Economic Development Partnership, Virginia Education, Department of Elections, State Board of Employment Dispute Resolution, Department of Environmental Quality, Department of Fire Programs, Department of Forestry, Department of Frontier Culture Museum of Virginia Game and Inland Fisheries, Department of General Services, Department of Governor, Office of the Gunston Hall Health Professions, Department of Health, Department of Historic Resources, Department of Housing and Community Development, Department of

88. 88 www.vita.virginia.gov Wall of Honor – CONTINUED! Human Resource Management, Department of James Madison University Juvenile Justice, Department of Library of Virginia, The Longwood University Marine Resources Commission Mary Washington University Medical Assistance Services, Department of Mental Health, Mental Retardation & Substance Abuse Svcs, Dept of Mines, Minerals and Energy, Department of Minority Business Enterprise, Department of Motor Vehicle Dealer Board Motor Vehicles, Department of Museum of Fine Arts, Virginia Museum of Natural History, Virginia Norfolk State University Old Dominion University People With Disabilities, Virginia Board for Planning and Budget, Department of Professional & Occupational Regulation, Department of Racing Commission, Virginia Rail and Public Transportation, Department of Rehabilitative Services, Department of Science Museum of Virginia Social Services, Department of State Police, Department of Taxation, Department of Tourism Commission, Virginia Transportation, Department of Treasury, Department of the VA School for the Deaf and Blind-Staunton Virginia Commonwealth University Virginia Employment Commission Virginia Information Technologies Agency Virginia Lottery Woodrow Wilson Rehabilitation Center

89. 89 www.vita.virginia.gov Status Update Publication Pending ITIB Review/Approval –IT Security Policy & Standard Revised –IT Standard Use of Non-Commonwealth Computing Devices to Telework ITRM SEC511-00 NEW! –IT Threat Management Guideline NEW! Guidelines in Draft COMING SOON! –IT Security Audit Guideline –IT Systems Security Guideline –Personnel Security Guideline

90. 90 www.vita.virginia.gov Revisions - IT Security Policy & Std Highlights –Expanded scope to include Legislative, Judicial, Independent and Higher Education –System Security Plans for sensitive systems –Additional considerations for account management –Additional considerations for protection of data on mobile storage media including encryption –Additional requirements for specialized IT security training –Data Breach Notification Compliance date – 7/01/2008 CHANGE! ( FROM 1/01/2008) Exception Form period extended from 6 months to 1 year – CHANGE!

91. 91 www.vita.virginia.gov New! IT Std Using Non-COV Devices to Telework Purpose –Establish a standard to protect COV data while teleworking with Non-COV Devices Acceptable Solutions –Standalone Computer –Internet Access to Web-Based Applications –Internet Access to Remote Desktop Applications Requirements –Storing COV data on a non-COV device is prohibited –Network traffic containing sensitive data must be encrypted –Provide training on remote access policies Security Incident Response –Non-COV device may be necessary during forensics or investigation of a Security Incident –Acknowledgement form signed NO LONGER REQUIRED!

92. 92 www.vita.virginia.gov QUESTIONS

93. 93 www.vita.virginia.gov Peggy Ward, VITA 93 MS-ISAC

94. Multi-State Information Sharing & Analysis Center (MS-ISAC) William F. Pelgrin, State of New York Chair

95. Recognizing the need for collaboration and communication between and among the states, the MS-ISAC was established in January 2003. The MS-ISAC began with New York and the Northeast states, and quickly expanded. Participation includes representatives from all 50 states and DC. The MS-ISAC is recognized by the US Department of Homeland Security as the national ISAC for the states and local government to coordinate cyber readiness and response. Background

96. The mission of the MS-ISAC, consistent with the objectives of the National Strategy to Secure Cyberspace, is to provide a common mechanism for raising the level of cyber security readiness & response in each state. The MS-ISAC provides a central resource for gathering information on cyber threats to critical infrastructure from the states & providing two- way sharing of information between & among the states and with local governments. Mission

97. Alabama Alaska Arizona Arkansas California Colorado Connecticut Delaware District of Columbia Florida Georgia Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississipp i Missouri Montana Nebraska Nevada New Hampshire New Jersey New MexicoNew Mexico New York North Carolina North Dakota Ohio Oklahoma Oregon Pennsylvania Rhode Island South Carolina South Dakota Tennessee Texas Utah Vermont Virginia Washington West Virginia Wisconsin Wyoming

98. Transforming The Culture Sharing Information…

99. Monthly Conference Calls 24/7 Cyber Security Analysis Center Cyber Security Alerts and Advisories Public and Secure MS-ISAC Websites Participation in cyber exercises Common cyber alert level map National Webcast Initiative National Cyber Security Awareness Month Ensuring collaboration with all necessary parties Multi-State ISAC

100. The MS-ISAC provides high-level descriptions of what the issue is and why you should be concerned…

101. MS-ISAC Public Website www.msisac.org

102. The MS-ISAC provides a risk rating based on specific environments…

103. MS-ISAC Collaborating with Others While the major focus of MS-ISAC is cyber security, there is also recognition of the relationship between physical and cyber security; membership includes representation from both the physical and cyber arenas. Close relationship with federal government Other partners

104. Endorsement by major national entities…

105. Cyber Exercise Metrics & Compliance Education & Awareness Legislative Operations State and Local Government Outreach & Marketing Procurement MS-ISAC Workgroups

106. Local Government Guide Available at www.msisac.org www.msisac.org

107. National Cyber Security Awareness Month October  Kids Safe Online Webcast  Governors’ Proclamations  Cyber Security Toolkit  Calendars  Posters  Brochures  Other materials

108. The Multi-State Information Sharing and Analysis Center (MS-ISAC) in cooperation with the Department of Homeland Security's National Cyber Security Division, have launched a partnership to deliver a series of national webcasts which examine critical and timely cyber security issues. Embracing the concept that security is everyone’s responsibility, these webcasts are available to a broad audience to help raise awareness and knowledge levels. The webcasts provide practical information and advice that users can apply immediately. Webcasts are conducted every other month. Webcasts are free and open to the public. Visit www.msisac.org for more information about upcoming sessions.www.msisac.org National Webcast Initiative

109. Cyber Security Center 7 X 24 Operations Monitoring for Cyber Attacks Cyber Alerts, Advisories and Informational Bulletins

110. Cyber Security Center Alerts are provided to State designated representatives whenever an apparent attack of a state or local government entity has been detected. For the Commonwealth of Virginia the two representatives are: Constance McGeorge, Office of Commonwealth Preparedness Peggy Ward, Virginia Information Technologies Agency

111. Working Together to Secure Cyberspace Multi-State Information Sharing and Analysis Center www.msisac.org

112. 112 www.vita.virginia.gov UPCOMING EVENTS ! VITA OFFICE MOVE – Friday, July 27 ISOAG - Wednesday, August 8 9:00 - 12:00 @ CESC COVITS – September 16 -18 Chantilly, Va http://www.covits.org/

113. www.vita.virginia.go v 113 Any Other Business ?

114. 114 www.vita.virginia.gov ADJOURN THANK YOU FOR YOUR TIME AND THOUGHTS !!!