Presentation is loading. Please wait.

Presentation is loading. Please wait.

Evolving the Cyber Security Program

Published byJeffery Hart Modified over 6 years ago

Similar presentations

Presentation on theme: "Evolving the Cyber Security Program"— Presentation transcript:

1 Evolving the Cyber Security Program
Michael Watson Chief Information Security Officer ISACA 3/12/2015 1

2 Overview Program Overview Existing Structure
Information Security Challenges New Concepts

3 CoVA IT Infrastructure
Computers 59,374 PCs 3,356 servers Mailboxes 58,948 accounts Data storage 1.5 petabytes Mainframes (2) IBM Unisys Communications 55,000 desk phones 6,100 handhelds (PDAs) 11,000 cell phones Networks 2,039 circuits Data Centers (2) CESC SWESC Printers 5,311 network 22,000 desktop 2,247 Locations

4 Information Security in the Commonwealth
VITA is tasked with security governance of all three branches of Commonwealth Government. VITA controls the infrastructure of the executive branch agencies. Agencies remain responsible for application management.

5 COV Information Security Program
IT Security Audit Program Sensitive systems audited every 3 years Sensitive systems list provided by the auditor Risk Management Program Business impact analysis Risk assessment Vulnerability and intrusion detection data Assessment and audit analysis

6 Our Current Posture How well have we reviewed our environment?
What are the consistent issues in our environment?

7 2014 Information Security Audit Program

8 Sensitive System Review Status

9 2014 Findings by Control Family

10 Challenges

11 Evolution

12 Risk and Executive Support

13 Culture and Funding

14 Future Program Changes
Threat Management Incorporate vulnerability and intrusion detection information Automate information sharing

15 Future Posture What are we doing to mitigate our most significant risks? How does a new threat impact our landscape? Are we monitoring the business’s current areas of concern? Are we dedicating the resources to maintain our risk posture and address identified risks?

16 Questions? 16

Download ppt "Evolving the Cyber Security Program"

Similar presentations

1 www.vita.virginia.gov IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1, 2013 www.vita.virginia.gov.

1 IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1,
1 IT Security in the Commonwealth A high-level review Sam A. Nixon Jr. Chief Information Officer of the Commonwealth Governors Secure Commonwealth Panel.

1 IT Security in the Commonwealth A high-level review Sam A. Nixon Jr. Chief Information Officer of the Commonwealth Governors Secure Commonwealth Panel.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Rate Day June 10, 2014. Consolidated Technology Services Established by SB 5931 2011 First Special Session, RCW 43.105.006 “To ensure maximum benefit.

Rate Day June 10, Consolidated Technology Services Established by SB First Special Session, RCW “To ensure maximum benefit.
1 www.vita.virginia.gov Evolving the Cyber Security Program Michael Watson Chief Information Security Officer ISACA 3/12/2015 www.vita.virginia.gov 1.

1 Evolving the Cyber Security Program Michael Watson Chief Information Security Officer ISACA 3/12/
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.

© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.
NOT FOR PUBLIC DISTRIBUTION State of Minnesota Technology Summary February 24, 2011.

NOT FOR PUBLIC DISTRIBUTION State of Minnesota Technology Summary February 24, 2011.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
Www.mariamwiki.wikispaces.com Types of Computers and Computer Systems.

Types of Computers and Computer Systems.
Desktop in the Clouds Using Virtualization to Extend Client Outreach and Protect Data.

Desktop in the Clouds Using Virtualization to Extend Client Outreach and Protect Data.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Data Center Migration Update 0 IT Infrastructure Transformation Agency Coordination with RPB Mainframe and Server Migration December 6, 2007.

Data Center Migration Update 0 IT Infrastructure Transformation Agency Coordination with RPB Mainframe and Server Migration December 6, 2007.
Information Technology Audit

Information Technology Audit
1 expect the best www.vita.virginia.gov Finance Officers Briefing July 14, 2006 VITA – Northrop Grumman Transition/Transformation.

1 expect the best Finance Officers Briefing July 14, 2006 VITA – Northrop Grumman Transition/Transformation.
1 VEIAA – The VITA story... Sam A. Nixon Jr. Chief Information Officer of the Commonwealth August 8, 2012 www.vita.virginia.gov 1.

1 VEIAA – The VITA story... Sam A. Nixon Jr. Chief Information Officer of the Commonwealth August 8,
1 expect the best www.vita.virginia.gov Tuesday October 25, 2005 Service Management Organization Overview.

1 expect the best Tuesday October 25, 2005 Service Management Organization Overview.
New Facilities & Disaster Recovery Solutions 0 February 20, 2007 Agency IT Resources Communications Exchange Meeting Facilities and Disaster Recovery Solutions.

New Facilities & Disaster Recovery Solutions 0 February 20, 2007 Agency IT Resources Communications Exchange Meeting Facilities and Disaster Recovery Solutions.
Federal Cyber Policy and Assurance Issues Dwayne Ramsey Computer Protection Program Manager Berkeley Lab Cyber Security Summit September 27, 2004.

Federal Cyber Policy and Assurance Issues Dwayne Ramsey Computer Protection Program Manager Berkeley Lab Cyber Security Summit September 27, 2004.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.

1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.

Similar presentations

Ads by Google