Upload File

it security in the commonwealth

5

Click here to load reader

Upload: nolen

Post on 05-Jan-2016

31 views

Category:

Documents


2 download

Report

DESCRIPTION

IT Security in the Commonwealth. Sam A. Nixon Jr. Chief Information Officer of the Commonwealth Michael Watson Commonwealth Chief Information Security Officer Virginia Cyber Security Commission June 11, 2014. www.vita.virginia.gov. 1. VITA Is Statutorily Responsible for IT Security. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: IT Security in the Commonwealth

1

IT Security in the Commonwealth

Sam A. Nixon Jr.Chief Information Officer of the Commonwealth

Michael WatsonCommonwealth Chief Information Security Officer

Virginia Cyber Security CommissionJune 11, 2014

www.vita.virginia.gov 1

Page 2: IT Security in the Commonwealth

2

VITA Is Statutorily Responsible for IT Security• CIO responsible for security of government

information (§ 2.2-2009 of the Code of Virginia)– Risk management, audits, security measures– Applies to all branches of state government

• VITA performs overall incident response– Share intel & information (FBI, DHS, etc)

• CIO & VITA have limited authority– Direct oversight limited to NG infrastructure– No direct authority over agency applications, agency

infrastructure, & data

www.vita.virginia.gov

Page 3: IT Security in the Commonwealth

3

VITA/NG Provision IT Infrastructure• VITA/NG protect security of IT infrastructure

– 60k PCs, 3k servers, 1.5 petabytes data, 2k circuits– Firewalls, intrusion monitors, encryption,

compartmentalization, antivirus, spam filters, security operations center, authentication

– 95.5 million attack attempts in CY 2013– 86 of 89 executive branch agencies protected by

transformed environment• However, primary attack vector is against

applications not the infrastructure– Agencies remain responsible for applications & data

www.vita.virginia.gov

Page 4: IT Security in the Commonwealth

4

Cyber Security Challenges

• State agency staffing constraints impede security gap correction & limit auditing– Only 33% of agencies meet minimum requirement to

audit their sensitive systems every 3 years– VITA needs cyber intelligence program to analyze

threats & attacks

• Additional security efforts are required– SSL VPN, more frequent password resets, two-

factor authentication, hard drive encryption• Agility needed to support evolving threats

www.vita.virginia.gov

Page 5: IT Security in the Commonwealth

5

Questions?

Samuel A. Nixon [email protected](804) 416-6004

Michael [email protected](804) 416-6030

www.vita.virginia.gov


The National Security Strategy-- 2006 - Commonwealth · PDF file · 2016-02-29I. Overview of America’s National Security Strategy It is the policy of the United States to seek and

2017 Commonwealth of Virginia Information Security Report...This 2017 Commonwealth of Virginia (COV) Information Security Report is the tenth annual report by the chief information

Network and Communications Network Security Department of Computer Science Virginia Commonwealth University

COMMONWEALTH OF VIRGINIA - vita.virginia.gov · Information Security Management Standard ITRM Standard SEC501-09.1 December 8, 2016 Page i . COMMONWEALTH OF VIRGINIA . Information

Review of Information Security In The Commonwealth of

Bees and Pollinators: A Commonwealth Concern · Action for bees and pollinators underpins Commonwealth concerns about resilience, food security, biodiversity and functioning natural

Commonwealth of Pennsylvania Technology/Documents/IT... · The Commonwealth of Pennsylvania has developed this plan to outline ... management and grants management. The commonwealth

The future of the Commonwealth lies with its young people · The future of the Commonwealth lies with its young people You are the future. It is your Commonwealth. ... racism. It

The Role of Private Security in Support of The ... · The Secure Commonwealth Strategic Plan states: “The Commonwealth will provide an orientation on Private Security to Virginia’s

2014 Commonwealth of Virginia Information Security Report · 2 Executive Summary This 2014 Commonwealth of Virginia (COV) Information Security Report is the seventh annual report

1 Commonwealth Information Security Collaborations Peggy Ward, Chief Information Security Officer of the Commonwealth of Virginia

Commonwealth Security Information Resource Center

Telecommunications Manual - commauto.com Manual CHAPTER II - SECURITY ... Telecommunications Manual : : Commonwealth Automobile Reinsurers . Commonwealth Automobile Reinsurers

Managing Information System Security: Principles GP Dhillon Associate Professor Virginia Commonwealth University

Commonwealth Information Security Advisory …...Security Domains 1. SDLC Security 2. Software Change Mgmt 3. Monitoring & Logging 4. Standard Config. 5. Security Awareness Training

Erik Avakian, CISSP, CISA, CISM Chief Information Security Officer Commonwealth of Pennsylvania [email protected] The Core Security Services Taxonomy Commonwealth

IT Infrastructure Map - Virginia Commonwealth …gasaunde/ITInfrastructureMap.pdfIT Infrastructure Map . ... documentation on a corporate level. Ops Management of security relevant

Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting JULY 11, 2007 1

Commonwealth Information Security Officers Advisory Group … › uploadedFiles › Security › ... · 2014-03-20 · II. Security Management in the ITIL framework Adriaan Van De

Information Systems Security Planning Dr. Gurpreet Dhillon Virginia Commonwealth University

IS Security Standards Gurpreet Dhillon Virginia Commonwealth University

Zambia : Democracy on Trial Report.pdf · It is supported by the Commonwealth Journalists Association, the Commonwealth Trade Union Council, the Commonwealth Lawyers Association,

COMMONWEALTH OF VIRGINIA · Figure 1: Commonwealth of Virginia IT Investment Management Framework 3 ... The Commonwealth shall follow Information Technology Investment Management

MEMORANDUM OF UNDERSTANDING BETWEEN COMMONWEALTH · PDF file1 memorandum of understanding between commonwealth of pennsylvania and united government security officers of america (ugsoa)

Commonwealth Security and Risk Management

Fisheries and Food security in the commonwealth · Fisheries and Food Security in the Commonwealth 5 At the 2009 Commonwealth Heads of Government Meeting (CHOGM) in Trinidad and Tobago,

First Annual Commonwealth Information Security Conference

IT-Security - IT-Bestenliste

Commonwealth Information Security Officers Advisory Group … · 2014. 3. 20. · Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting January 8, 2008 . 1

State Safety & Security Oversight - Commonwealth

1 IT Security in the Commonwealth A high-level review Sam A. Nixon Jr. Chief Information Officer of the Commonwealth Governors Secure Commonwealth Panel

Commonwealth IT Project Manager Orientation...Commonwealth IT Project Manager Orientation Instructor: Patty Samuels. ... 2019 Version 2. Class Objectives. 1. Understand Commonwealth

Commonwealth of Pennsylvania Technology/Documents/IT-strategic-plan.pdfInformation Technology (OIT), which oversees investments in, and performance of, IT systems across the commonwealth

The Commonwealth Games · The Commonwealth Games The Commonwealth Games are held by the Commonwealth Games Federation (CGF). It is the third largest, international sporting event

2015 State of Information Security in the Commonwealth of ... Information_Security_in_the... · 2015 state of information security in the commonwealth of virginia for the period july