Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 expect the best www.vita.virginia.gov Jeff Deason Chief Information Security Officer Virginia Information Technologies Agency Joint Commission on Technology.

Published byEthel Shields Modified over 9 years ago

Similar presentations

Presentation on theme: "1 expect the best www.vita.virginia.gov Jeff Deason Chief Information Security Officer Virginia Information Technologies Agency Joint Commission on Technology."— Presentation transcript:

1 1 expect the best www.vita.virginia.gov Jeff Deason Chief Information Security Officer Virginia Information Technologies Agency Joint Commission on Technology and Science Advisory Committee on Privacy June 23, 2005 State Agency Database Security in the Commonwealth

2 2 expect the best www.vita.virginia.gov Today’s Topics Security Services Mission VITA’s Security Transition to Governance Mature Enterprise Security Program Where are we today? What are we doing? State Database Audits Senate Bill 1252 Questions

3 3 expect the best www.vita.virginia.gov Mission Provide comprehensive information security services that allow state agencies to accomplish their respective missions in a safe and secure technology environment.

4 4 expect the best www.vita.virginia.gov Transition from Operations to Governance FY04 Operations FY05 Operations/ Governance FY06 Governance VITA Enterprise VITA / Enterprise

5 5 expect the best www.vita.virginia.gov Mature Enterprise Security Program Incident Management Secure Infrastructure VITA Critical Infrastructure and Business Continuity Incident Management Secure Infrastructure VITA Critical Infrastructure and Business Continuity Security Policies, Standards and Procedures Risk Management Information Security Training and Awareness

6 6 expect the best www.vita.virginia.gov Where are we today? As noted by the APA, current Commonwealth information security and protection is inadequate. Inconsistent security tools and programs. The enterprise information security program which we are now implementing will address these inadequacies.

7 7 expect the best www.vita.virginia.gov What are we doing? Constructing a new internal service fund: –$1.53 million for incident management. –$1.74 million for database risk assessments. Pursuing state homeland security grants: –$950,000 for incident management. Developing database audit standards. Will leverage this large, necessary investment through public-private partnerships.

8 8 expect the best www.vita.virginia.gov State Database Audits Current Code language provides needed flexibility for database audits based on: –Sensitivity and Criticality of information. –Exposure to risk. There are approximately 1685 applications in VITA customer agencies. –These applications access an unknown number of databases. –Determining the number of databases is a major challenge.

9 9 expect the best www.vita.virginia.gov Senate Bill 1252 As introduced: –Would have required semi-annual database audits. It is difficult to justify the cost of auditing every database twice each year. As amended: –Would have required annual database audits and increased reporting. Annual audits are more easily cost-justified than semi- annual audits. Reporting requirements are a positive step as they increase the visibility of the audits. Including incident reports in annual audit reports provides a fuller view of actual risks.

10 10 expect the best www.vita.virginia.gov Questions

Download ppt "1 expect the best www.vita.virginia.gov Jeff Deason Chief Information Security Officer Virginia Information Technologies Agency Joint Commission on Technology."

Similar presentations

1 www.vita.virginia.gov IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1, 2013 www.vita.virginia.gov.

1 IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1,
UCSB Audit and Advisory Services Internal Audit Plan 2012-13 – Highlights Contracts and Grants Liaison Meeting May 16, 2012.

UCSB Audit and Advisory Services Internal Audit Plan – Highlights Contracts and Grants Liaison Meeting May 16, 2012.
Transit Security: An Overview of Activities Since 9/11 Eva Lerner-Lam President Palisades Consulting Group, Inc. ITE 2003 Annual Meeting August 24-27,

Transit Security: An Overview of Activities Since 9/11 Eva Lerner-Lam President Palisades Consulting Group, Inc. ITE 2003 Annual Meeting August 24-27,
Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.

Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.
Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.

Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
1 www.vita.virginia.gov Evolving the Cyber Security Program Michael Watson Chief Information Security Officer ISACA 3/12/2015 www.vita.virginia.gov 1.

1 Evolving the Cyber Security Program Michael Watson Chief Information Security Officer ISACA 3/12/
Click to add a subtitle 1 expect the best www.vita.virginia.gov VITA Integration & Transformation Highlights Lemuel C. Stewart, Jr. CIO of the Commonwealth.

Click to add a subtitle 1 expect the best VITA Integration & Transformation Highlights Lemuel C. Stewart, Jr. CIO of the Commonwealth.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.

© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.
Keystone Technology Plan Presentation to Chesapeake Bay Program Information Management Subcommittee May 19, 2004 Nancie L. Imler Chief Information Officer.

Keystone Technology Plan Presentation to Chesapeake Bay Program Information Management Subcommittee May 19, 2004 Nancie L. Imler Chief Information Officer.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
1 July 08, 2010 Information Security Officer Meeting.

1 July 08, 2010 Information Security Officer Meeting.
Federal Transit Administration Office of Safety and Security FTA BUS SAFETY & SECURITY PROGRAM 18 th NATIONAL CONFERENCE ON RURAL PUBLIC AND INTERCITY.

Federal Transit Administration Office of Safety and Security FTA BUS SAFETY & SECURITY PROGRAM 18 th NATIONAL CONFERENCE ON RURAL PUBLIC AND INTERCITY.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
Information Assurance and Higher Education Clifton Poole National Defense University Carl Landwehr National Science Foundation Tiffany Olson Jones Symantec.

Information Assurance and Higher Education Clifton Poole National Defense University Carl Landwehr National Science Foundation Tiffany Olson Jones Symantec.
0 United States Environmental Protection Agency Office of Environmental Information Enterprise Architecture Program December 2007 EA Working Group Session.

0 United States Environmental Protection Agency Office of Environmental Information Enterprise Architecture Program December 2007 EA Working Group Session.
1 Operational Plan to Address IT Governance Lem Stewart / Peggy Feldmann CIO, VEAP Director April 17, 2008 1 Lem Stewart (CIO) Peggy Feldmann (CAO) April.

1 Operational Plan to Address IT Governance Lem Stewart / Peggy Feldmann CIO, VEAP Director April 17, Lem Stewart (CIO) Peggy Feldmann (CAO) April.
Click to add a subtitle 1 expect the best www.vita.virginia.gov Lemuel C. Stewart, Jr. Chief Information Officer of the Commonwealth Joint Commission on.

Click to add a subtitle 1 expect the best Lemuel C. Stewart, Jr. Chief Information Officer of the Commonwealth Joint Commission on.
Food and Agriculture Sector Coordinating Councils John L. Williams, DVM U.S. Department of Agriculture AFDO Annual Conference Kansas City, MO June 7, 2005.

Food and Agriculture Sector Coordinating Councils John L. Williams, DVM U.S. Department of Agriculture AFDO Annual Conference Kansas City, MO June 7, 2005.

Similar presentations

Ads by Google