Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presentation to the COIT Architecture Sub-Committee

Published byBrent Arnold Modified over 6 years ago

Similar presentations

Presentation on theme: "Presentation to the COIT Architecture Sub-Committee"— Presentation transcript:

1 Presentation to the COIT Architecture Sub-Committee
Security Update March 2009 Jeana L. Pieralde, CISSP DT Security and Engineering Manager

2 Overall Information Security Plan
Created a draft 5 Year Business Plan New Draft has been submitted for review New plan combines DT Engineering and Security Services Identified key positions for a City-Wide Information Security Group Actively pursuing the hiring new Security Positions Identified Core Services Risk Assessment Completed Penetration and Vulnerability assessments on 4 Departments Created a DT Computer Incident Response Team (CIRT) Network Security Installed Intrusion Prevention capabilities and actively monitoring network perimeter City-Wide Policies Reviewing CCISDA Framework and ISO best practices Create review Policy Review committee

3 Information Security Working Group
Information Security Contact Form 14 Departments responded to initial inquiry Re-canvassing the Departments to get a broader response Next Steps Compiling a list of all departmental contacts Create the Security Working group

4 Risk Assessments City-Wide and for each Department
Current Efforts – 3 Phases Phase 1 -Vulnerability and Penetration testing of DT and Financial departments - Completed Phase 2 - Vulnerability and Penetration testing of Public Safety Departments – Seeking funding Phase 3 – Determining need to test remaining departments Resources required for Risk Mitigation can not be identified until assessments are completed

5 Create City-Wide Security Policies
City-Wide Policies and the Security Working Group Executive Order places policy creation and initial approval with the Security Working Group CCISDA Framework and Best Practices Adopted as a framework in February, 2008

6 CCISDA Framework Current Status
In the process of creating the Info Sec Working Group Waiting to compile complete list of contacts Reviewing the Best Practices and Policies manuals Highlighting Changes that need to be made to reflect the unique operations of the City and County of San Francisco Mapping Policies to existing City Policies Reviewing standard template for Policies

7 Progress Inhibitors Resources Budget Facilities
Unable to fill needed and key Security Positions Existing resources need Security Training Budget Key programs do not have funding Or Out of funding Supplemental funding efforts have been only marginally successful Facilities Lack of Data Center space and power slowing system implementation

Download ppt "Presentation to the COIT Architecture Sub-Committee"

Similar presentations

Department of Information Technology Trusted Network Initiation Certification Request Dave Dikitolia, Andrew Griego 3-25-08.

Department of Information Technology Trusted Network Initiation Certification Request Dave Dikitolia, Andrew Griego
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Prepared: October, 2005 1 Ann Garrett, State Chief Information Security Officer Statewide Security Update October 25, 2005 Information Technology Advisory.

Prepared: October, Ann Garrett, State Chief Information Security Officer Statewide Security Update October 25, 2005 Information Technology Advisory.
Business Continuity Planning State of the Process Report May 12, 2008.

Business Continuity Planning State of the Process Report May 12, 2008.
Controls for Information Security

Controls for Information Security
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Systemic Barriers to IT Security Findings within The University of Texas System Clair Goldsmith, Ph.D., Associate Vice Chancellor and CIO Lewis Watkins,

Systemic Barriers to IT Security Findings within The University of Texas System Clair Goldsmith, Ph.D., Associate Vice Chancellor and CIO Lewis Watkins,
Information Security Training for Management Complying with the HIPAA Security Law.

Information Security Training for Management Complying with the HIPAA Security Law.
Software Engineering Chapter 15 Construction Leads to Initial Operational Capability Fall 2001.

Software Engineering Chapter 15 Construction Leads to Initial Operational Capability Fall 2001.
FNSSP Presentation Sioux Lookout February 3, 2010.

FNSSP Presentation Sioux Lookout February 3, 2010.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.

© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
IIA_Tampa_2-3-2004Beth Breier, City of Tallahassee1 IT Auditing in the Small Audit Shop Beth Breier, CPA, CISA City of Tallahassee

IIA_Tampa_ Beth Breier, City of Tallahassee1 IT Auditing in the Small Audit Shop Beth Breier, CPA, CISA City of Tallahassee
Web Security for Network and System Administrators1 Chapter 2 Security Processes.

Web Security for Network and System Administrators1 Chapter 2 Security Processes.
Homeland Security Grant Program 2015 Process Michelle Hanneken Illinois Emergency Management Agency.

Homeland Security Grant Program 2015 Process Michelle Hanneken Illinois Emergency Management Agency.
August 1999 Mr. Mike Finley, CISSP Senior Security Engineer Computer Science Corporation.

August Mr. Mike Finley, CISSP Senior Security Engineer Computer Science Corporation.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.

Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
FY 2014-2015 Budget Presentation to Board of Finance March 17, 2014 Government Center Kevin Murray, Operations Manager Parks & Facilities.

FY Budget Presentation to Board of Finance March 17, 2014 Government Center Kevin Murray, Operations Manager Parks & Facilities.

Similar presentations

Ads by Google