Presentation is loading. Please wait.

Presentation is loading. Please wait.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004."— Presentation transcript:

1 Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004

2 Know the Client Own the Problem Share the Solution From an executive perspective … What are the latest Information Security Issues?

3 Know the Client Own the Problem Share the Solution

4

5

6

7

8

9

10

11

12

13

14 Is there really an active threat to Michigan government? 30,000 virus attacks stopped daily 100,000 hacking attempts stopped monthly 800 worker hours of productivity lost due to attacks in an average month 600 DIT staff hours used to restore service due to attacks in an average month

15 Know the Client Own the Problem Share the Solution Homeland Security Grant Projects Critical IT Infrastructure Protection Program

16 Know the Client Own the Problem Share the Solution Program Overview Program encompasses 12 separate but related projects that focus on prevention, detection, and response to cyber threats and incidents against critical State of Michigan IT infrastructure All projects meet the goals and objectives required by Statewide Homeland Security Strategy Funded by grant dollars from Department of Homeland Security

17 Know the Client Own the Problem Share the Solution Critical Infrastructure IT Protection Projects What: Fixed Generators for State’s Data Centers What: Security events correlation collected by isolated systems (IDS, firewalls, SMTP anti-virus scanner, etc) What: Firewall technologies for the internal State network placed at each of the hosting centers to provide protection for internal zones What: Intrusion detection devices and systems for internal protected zones and the extranet made visible to the IDS systems What: Network portal system that provides encryption to user data without the need for client side applications. Commonly referred to as SSL VPN What: Permanent, dedicated and secure, remote-controlled network monitor/analyzer shared between the connections to the Public Internet and server farm infrastructure at the Tier III hosting centers

18 Know the Client Own the Problem Share the Solution Critical Infrastructure IT Protection Projects What: Decoy Server using honeypot technology provides early detection of internal, external, and unknown attacks What: Network penetration tests to identify vulnerabilities What: GIS information system for DIT Emergency Coordination Center What: Software to reduce spam email entering the State’s email systems What: Software preventing access to web sites that are deemed risks to the State's network and systems; spyware filter What: Implement documented formal methods for the application of forensic risk analysis and risk management of information systems

19 Know the Client Own the Problem Share the Solution

20 Michigan Cyber Security Success Stories --- 2003 NASCIO Award for The Secure Michigan Initiative (Enterprise Risk Assessment) --- 2004 NASCIO Award for Michigan Critical Incident Management System --- Cyber Terrorism Exercise in July 2004

21 Know the Client Own the Problem Share the Solution Contact Information: Dan Lohrmann Michigan CISO e-mail: Lohrmannd@mi.gov phone: (517) 241-4090

Download ppt "Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004."

Similar presentations

Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2010 Qwest. All Rights Reserved. Government Services TIC from an Industry.

Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2010 Qwest. All Rights Reserved. Government Services TIC from an Industry.
Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.

Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Controls for Information Security

Controls for Information Security
Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.

Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Building a Campus Dshield Randy Marchany IT Security Lab VA Tech Blacksburg, VA 24060

Building a Campus Dshield Randy Marchany IT Security Lab VA Tech Blacksburg, VA 24060
Network security policy: best practices

Network security policy: best practices
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.

IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.

Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.

Similar presentations

Ads by Google