Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting JULY 11, 2007 1.

Commonwealth Information Security Officers

Advisory Group (ISOAG) Meeting

JULY 11, 2007

www.vita.virginia 1

WELCOME

Peggy Ward, VITA

www.vita.virginia 2

ISOAG July 2007 Agenda I. Welcome Peggy Ward, VITA

II. E-Discovery Julie Whitlock, OAG III. Identity Management Roadmap Tony Shoot, NG

IV. CESC - Security Operations Linda Smith, NG

V. Commonwealth Information Security Council Update!Encryption Committee Steve WerbyMaking Security an Executive Management Priority John KarabaicSmall Agency Outreach Robert JenkinsIdentity and Access Management Patricia Paquette

VI. Keylogging Malware Tripp Sims, VITA

VII. COV IT Security Policies, Standards and Guidelines Update Cathie Brown, VITA

IX. MS-ISAC Peggy Ward, VITA

X. Upcoming Events Peggy Ward, VITA

XI. Other Business Peggy Ward, VITA

An Overview ofE-Discovery

July 11, 2007

Julie Whitlock,Assistant Attorney General

Technology and Procurement Law Section

What is discovery?

Discovery is the process by which parties to a lawsuit exchange information, or request it from third parties

Requests for production of documents Subpoenas Depositions Etc.

What is e-discovery?

Process by which parties request “electronically stored information” = ESI

Includes:Emails Metadata

Voice mails Spreadsheets

Word files Text messages

Calendars Videos

Information on jump drives, PDAs, and Blackberries

Information stored on home or personal computers and devices, and in personal e-mail accounts

What has changed?

Statewide document retention schedules have not changed

Duty to preserve evidence has not changed Federal Rules of Civil Procedure

Amendments became effective December 2006 Specifically address e-discovery Specifically allow for sanctions Require early conference to discuss availability,

cost, and timing of producing data

What is individual agency’s responsibility? Compliance with document retention schedules,

including documentation of destruction Preservation of all evidence in its original electronic

form, so that all information contained within it, whether visible or not, is also available for inspection (e.g. metadata)

Notification to VITA early on, to enable efficient responses and coordinate any necessary litigation holds

Notification to your agency counsel at the AG’s Office when you anticipate litigation, in order to receive advice specific to the situation

Effective Records Management

Ensures compliance with document retention schedules

Provides the foundation for compliance with discovery rules

Enables efficient review of ESI Reduces cost of storage, cost of searching, cost of

retrieval Library of Virginia retention schedules address both

physical records and virtual records

Virginia Code

§ 42.1-86.1. Disposition of public records. — ***

C. Each agency shall ensure that records created after July 1, 2006 and authorized to be destroyed or discarded in accordance with subsection A, are destroyed or discarded in a timely manner in accordance with the provisions of this chapter; provided, however, such records that contain identifying information as defined in clauses (iii) through (ix), or clause (xii) of subsection C of § 18.2-186.3, shall be destroyed within six months of the expiration of the records retention period.

*** (iii) social security number (iv) driver's license number(v) bank account numbers (vi) credit or debit card numbers(vii) PIN numbers (viii) electronic identification codes(ix) automated or electronic signatures (xii) passwords

http://va.casefinder.com/views/view_viewer.php?file=va_cod041734

What can my agency do now?

Review current document retention schedules and practices

Watch for formal advice from the OAG Become familiar with what you have electronically,

where it is stored, in what formats, and who is responsible for it (don’t forget personal devices)

Become familiar with your automatic backup and archiving functions

Begin to understand what would be necessary to perform a search or to retrieve archived documents

What can my agency do now? (con’t)

Begin to identify positions within your agency that are involved in data retention – this includes your document retention/records management officer

Encourage the segregation of personal or proprietary information before data is archived – to reduce the time spent segregating when responding to a request

Things to consider when preparing for e-discovery

Individual privacy of user Prevention of data loss, whether inadvertent

or intentional Minimizing individual disruptions while

searching and responding to discovery requests

Operational efficiencies to ensure timely preservation and processing of data

Consistency of process

Conclusion

Security Operations Center

Identity Management Support

June 11, 2007


Identity Management• Definition:

– Management of the identity life cycle of entities (subjects or objects) during which:

• the identity is established

• the identity is described

• the identity is destroyed

• Transformation Objectives:– User consolidation across multiple directories and e-mail system

• Single domain Active Directory (COV.VIRGINIA.GOV)

– Role-Based Access Control

– Provisioning and de-provisioning

– Self Service Password Management

– Auditing and Reporting


Components

Confidential


Active Directory

• Primary Identity Repository

• Authentication and Access Control

• Single domain Active Directory – COV.VIRGINIA.GOV

• User consolidation from Agency directories and e-mail system


ADAM (Active Directory Application Mode)

Confidential


MIIS (Microsoft Identity Integration Server)

Confidential


Quest Management Tools

Confidential


P-Synch

Confidential


Pegasus / Dogwood

Confidential


Identity Management Transformation Roadmap

Confidential


Enabling Identity Management

2007 20082006 2009

MIIS

Test & Development In Place

Base Core H/W Build Out Complete

CESC Build Out Complete

Directory Service Implementation and Alignment Complete

Directory Sync / MIIS Installed

Global E-Mail Address List Complete

End-User Migrations complete

Active Directory

Quest Tools installed at RPB

Quest Tools installed at CESC

Quest Management Tools

P-Synch Updated at RPB

P-Synch Installed at CESC

P-Synch

Pegasus V2 Installed (Dogwood)

Pegasus / Dogwood

· Identity synchronization with other systems

· Identity Repository· Authentication & Access

Control

· Administration· Roles· Resource Provisioning· Identity AuditingRole-Base Access Control

Delegated Administration

Account Provisioning & De-Provisioning

· Password Management· Self Service Password ResetSelf Service Password Resets

· Automated Account Provisioning

• Central Identity Repository

• Identity Synchronization

• Self-Service– Authorization

– Access

– Passwords

– Profile

• Workflow

• Centralized User Management

• Delegated Administration

• Automated Provisioning and De-Provisioning

• Single Sign On

• Consolidated Auditing



• Central Identity Repository

– Consolidation of user identities into one centralized repository

– Integrate other systems authorization and authentication of users

• External and internal web apps leverage primary identity store

• Internal enterprise apps leverage primary identity store



• Identity Synchronization

– Automatic propagation of changes to other managed systems (Synchronization)

– Collects identity data from other systems

– Enables provisioning across wide range of systems and applications



• Self Service

– Password Resets

– Profile Updates

– Account and Access request



• Centralized User Management

– Role-Based Access Control

– Rule-Based Access Control

– Centralized provisioning and de-provisioning

– Password Management

• Uniform Password Policy

• Password Initialization

• Spans multiple systems



• Delegated Administration

– Non-technical users perform granular administration



• Resource Provisioning

– Automated provisioning and de-provisioning

– Workflow automates approval process



• Single Sign-On (SSO)

– Reduced Sign On

• Authenticate once to gain access to many systems

• A single identity source is used for authentication

– Reduced Credentials

• User credentials gain access to multiple systems (each requiring sign on)

• Password is synchronized between multiple systems



• Identity Auditing and Reporting

– Automatic ticket generation for follow-up and reporting

– Automatic E-Mail for interaction with users, administrators, and authorizers

– Real-time auditing of all AD changes


Questions ?


Security Operations Center toolsLinda Smith

Manager Transformation Security Services

July 11, 2007


Table of Contents

Confidential


Blue Coat

Confidential


Blue Coat default deny policy

Confidential

Confidential


Blue Coat configuration

Confidential


Blue Coat Reporter

Confidential


Internet Security Systems

Confidential


ID Management

Confidential


Antivirus Management

Confidential


Firewall / VPN

Confidential


Questions?

www.vita.virginia.gov 47

Peggy Ward, VITA

47

Commonwealth Information Security Council

Encryption CommitteeEncryption CommitteeJesse Crim (VCU)Jesse Crim (VCU)John Palese (DSS)John Palese (DSS)

Michael McDaniel (VRS)Michael McDaniel (VRS)Tripp Simms (VITA/NG)Tripp Simms (VITA/NG)

Steve Werby (DOC)Steve Werby (DOC)Craig Goeller (DMAS) NEW MEMBER!Craig Goeller (DMAS) NEW MEMBER!

Making Security an Executive Management Priority

Committee MembersShirley Payne, Chair, University of VirginiaJoe Hubbard, Virginia LotteryBeth Nelson, State Board of ElectionsJudy Napier, Office of the GovernorJohn Karabaic, CISSP, Dept. Medical Assistance Services

Deliverables

Plan and develop Executive Security Awareness events, either stand-alone or as riders on other planned executive-level events.

Present effective Executive Security Awareness practices from agencies as models other agencies might follow.

Deliverables

Collect and make available Security Awareness presentations designed for executives.

Form a speakers bureau of ISO and Managers teams to give presentations to executives within Secretariat.

Recommendations

Include Information Security as a part of the agency strategic plan and performance measurement.

Create a Commonwealth of Virginia Information Security Officer (ISO) to lead the Executive Security Awareness from the Governor’s Office.


Small Agency Outreach

Robert Jenkins



Current Members

– Robert Jenkins (DJJ)– Aaron Mathes (OAG)– Goran Gustavsson (APA)– Ross McDonald (DSS)– Bob Auton (DJJ)– Doug Mack (DJJ)


Status Update• Contact & survey small agencies and benchmark

where they are in the process – Identify agencies classified as small– Conduct Needs Analysis (which agencies need assistance)– Offer guidance with the security level process to those

agencies with a documented need (high level)– Perform Gap Analysis of present state versus desired state (if

resources are available)– Recommend strategies and resources to close gaps– Recommend strategies and resources to maintain compliance


Status Update (con’t)• Identify a pool of available talent available to

work in a shared service capacity to provide ISO or Audit functions to Small Agencies – Determine which small agencies have trained personnel

to perform ISO and/or Internal Audit responsibilities– Query larger agencies to determine if they have ISO or

IA resources that may available to assist small agencies– Match needs with skill sets when possible– Provide support to maintain relationships between small

agencies and those who volunteered to support them


Status Update (con’t)• Develop “Canned Solutions” i.e. quick fixes using

best practices from those with success in the areas such as policy, practice or procurement. – Establish repository of completed sample policies,

process, and best practices– Make available Security Awareness training options– Develop distribution list of subject matter experts in the

areas of information security and audit– Investigate tools to increase communications such as a

message board that has shared access and with knowledge base capabilities


Status Update (con’t)• Create network of Subject Matter Experts (SME)

to offer advice and guidance on relevant topics such as – ARMICS and implementation options– Resources to talk with Agency Management who may be

reluctant or unfamiliar with required actions needed for compliance matters

– VITA IT Security Policies and Standards (Business Impact Analysis, Risk Assessment, Breaches/Detections, etc.)

– Other IT Services, such as possible tests/reviews/audits


QUESTIONS

Identity and Access Management and Account Management

Committee Members

Patricia Paquette – DHP, [email protected] Garner – Tax, [email protected] Greenberg – DMV, [email protected] Rappe – ABC, [email protected] Batista, DMV, [email protected] McPherson, DSS, [email protected] Hines, Supreme Court, [email protected]

mailto:[email protected]







Identity and Access Managementand Account Management

Challenges- Up-front task of ensuring there is a single

identity for each person numerous agencies and literally hundreds of

systems which have information about people scattered throughout those systems

Number of instances where data is not readily matched

no easy way to identify whether Bob Smith in one system is or is not the same person as Bob Smith in another


Challenges- ID management ability to scale, compatibility

with existing applications, and ease of use Changing business processes Buy-in from agencies

demonstrating the value of identity management systems.

Effort extended entering initial information about employees and various access rights.


Initial Direction Research COV existing methodologies

Understand what we have Investigate partnership methodology/capability Research market solutions

Understand what’s available Impact Analysis

Cost Capability Expansion Effectiveness

Proposals


Tripp Sims, VITACommonwealth of Virginia Security Architect

July 11, 2007

64

Keylogging Malware• Threats •

• Infection Methods • • Defenses •


Content

• What is Malware?• Keylogging Threats• Common Infection Methods

– Browsers, Network Services, and Users

• Defenses– Desktop & Patch Management, AntiVirus,

Firewall/IDS/IPS, Behavior Based HIDS, and Education and Solutions

• Questions and Answers


What is Malware?The term malware is a fusion of the words “malicious” and “software”. The generally accepted definition is: a piece of software specifically designed and distributed with malicious intent by the author.

• Earliest examples of malware were common computer viruses.

• Today, with virtually every computer being a “network” connected computer running dozens of applications, the threats of malware have expanded significantly.

• Malware has evolved in lockstep with the evolution of information technologies.

In a very real sense the “Arms Race” analogy fits all too well - and we are losing that race. Fortunately, we still own most of the battlefield.


Malware: Keyloggers and Password Stealers

• Keyloggers steal passwords and other personal information

• Infrastructure and tools are readily available that allow for remote control of malware and remote reception of keylog and password data

• COV Citizens have been keylogged when using applications offered by agencies of the Commonwealth

COV IT Security Standard, Section 4.5.2 – “Prohibit all IT system users from intentionally developing or experimenting with malicious programs (e.g., viruses, worms, spyware, keystroke loggers, phishing software, Trojan horses, etc.).”


Keylogging Threats

Confidential


Common Methods of Infection

Web BrowsersOne of the fastest growing developments in malware distribution is the utilization of web-browser exploit packs Secretly inserted into legitimate websites.

• Miami Dolphins Super Bowl Incident


Miami Dolphins Super Bowl IncidentOn or about January 26th, 2007 the Dolphins Stadium & the official Miami Dolphins website were hacked. Dolphins Stadium would be hosting that years Super Bowl in less than 10 days so traffic to both sites were high.

The offending exploit, and malware installed through vulnerable browsers, were not removed from the sites for almost a week.

The malware installed through the exploit was classified as an Agent/PWS, meaning that it was a password stealer with the ability to be updated to a newer version remotely via HTTP.


Network Services

Network ServicesIf you port scan almost any network device, you will discover at least one open port. This is expected because a network asset is one to be directly used (a printer, a server) by a user or directly managed (a router, a laptop) by an administrator via the network.

History has proven:• Even core operating system programmers have difficulty in generating bulletproof network services.• Vendors, while getting better, allow too much lag time between exploit announcement and patch issuance.• Users, and to a lesser extent system administrators, continue to operate insecure systems due to lack of education or willingness.

Likely future:• Zero-day hits will have the potential to be devastating in a targeted attack.


Users • Malicious e-mail attachments

– highly utilized methodology– Vulnerable application formats are variable

• .doc; .zip; .rar; .ppt; .xls; .jpg; .msi; etc…

• Peer-to-Peer File sharing– P2P propagation is viable

• Pirated Software and “Cracks”– Bittorrent, Newsgroups, and other forms of pirated software distribution

are shown to contain a high quantity of malicious code.– Most pirated software cannot be updated for security vulnerabilities.

• Instant Messenger Mal-Links– “Did you see this picture of you on MySpace?”


Malware Defense

• Desktop & Patch Management• AntiVirus• Behavior Based Intrusion Detection• Firewalls/IDS/IPS• Customer Education and Solutions


Malware Defense

• Layered approach to Security (Defense in Depth)

• In situations where it’s not cost effective to support the best possible security posture, keep in mind that every layer of protection utilized is another security hurdle for the “bad guys” to circumvent.

• As security representatives of the citizens of Virginia’s data we are not only required to keep our own resources secure, but we are also bound to educate and offer solutions to the citizens to better protect their own data.


Desktop and Patch Management

• Apply Principle of Least Authority (POLA) to home computers as well as work.– Can your home users install software themselves?– Do you use separate user accounts on your home computers? And

does your primary account have Administrator privileges?• Keep up with OS & application patching.

– Managed enterprise infrastructure has documented plans for testing and deploying security patches.

– Home users should be advised to turn on automated updates and respect the importance of these updates to their computers.

A strong desktop policy and patch management can be one of the easiest and most effective layers of security

IT Security Standard, Section 5.2.2 – “Requires that local administrator rights, or the equivalent on non-Microsoft Windows-based IT systems, be granted only to authorized IT staff.”


Anti-Virus

• Anti-Virus is an essential first line of defense

• Use solutions from well known vendors

• Be aware of malicious offerings that distribute malware posing as Anti-Virus

For enterprise workers consider using the standard Anti-Virus used in the enterprise for your home computer.


Firewalls/IDS/IPS

• Network Firewalls are another layer of defense

• Firewalls features can include Intrusion Detection/Prevention features

• Recommend a ‘default deny’ policy for outbound traffic, then selectively open for user traffic as needed


Firewalls/IDS/IPS• Network Intrusion Detection & Prevention Systems as an additional layer of defense

• Most IDS/IPS solutions are signature based and must be updated and current (same as Anti-Virus)

• There are ‘security center’ solutions for home users that include host-based personal firewalls with IDS/IPS features built in.


Behavior-Based Intrusion DetectionBehavior-based intrusion detection systems exist that rely on the premise that an intrusion can be detected by a deviation from the normal behavior of a system or a user. More typically deployed in the Enterprise today.

Advantages Disadvantages• When properly configured over time, and in a managed environment it can be highly effective• Can detect and defend against zero-day malware for which no signatures exist• Can defend against abuse which might not normally be associated with an “exploit”

• Can produce numerous false positives in an unmanaged environment, such as a home system• Generally requires constant supervision to ensure its knowledge expands as users behavior changes


User Education• Customer Education is the most important line of defense!

• The citizen’s computer is much more likely to be the source of leaking personal information than legitimate websites

• What can you do to help keep citizens’ data secure?

• Banner type notification when citizens visit your site to do business• Offer security resource pages that can help a customer understand what they can do to increase their own security.


User Education

Customer SolutionsThere are practices you can consider for inclusion on your customer facing applications. There are also a number of free resources online that can help a customer understand the security posture of their computer.

• Many AntiVirus vendors offer free web based AntiVirus and security scans which run through the web browser. Point your customers to them as a resource for their personal data security

• There is also a free browser security testing site available @ http://www.scanit.be/browser-security-test.html

• Consider maintaining a black-list of known insecure browser user-agents. Browsers which identify themselves as known insecure to your applications could be warned before gaining entry to your applications.

http://www.scanit.be/browser-security-test.html


The Current State of Malware

Questions


Information Technology Security Policy, Standards and Guidelines

Cathie Brown, CISM, CISSP



Compliance: IT Security Policy & Standard

• Blanket 90 Day Exception – September 28, 2007• Key Steps to Compliance include:

– Designate an ISO– Inventory all systems– Perform Risk Assessment on sensitive systems – Perform Security Audits on sensitive systems– Document and exercise Contingency & DR Plans– Implement IT systems security standards – Document formal account management practices– Define appropriate data protection practices– Establish Security Awareness & Acceptable Use policies– Safeguard physical facilities– Report & Respond to IT Security Incidents– Implement IT Asset Controls


Compliance - Wall of Honor Accountancy, Board of

Accounts, Department of

Aging, Department for the

Agriculture and Consumer Services, Department of

Alcoholic Beverage Control

Aviation, Department of

Blind and Vision Impaired, Department for the

Business Assistance, Virginia Department of

Center for Behavioral Rehab

Center for Innovative Technology

Christopher Newport University

Conservation and Recreation, Department of

Correctional Education, Department of

Corrections, Department of

Criminal Justice Services, Department of

Deaf and Hard of Hearing, Department for the

Department of Charitable Gaming

Department of Forensic Sciences

Economic Development Partnership, Virginia

Education, Department of

Elections, State Board of

Employment Dispute Resolution, Department of

Environmental Quality, Department of

Fire Programs, Department of

Forestry, Department of

Frontier Culture Museum of Virginia

Game and Inland Fisheries, Department of

General Services, Department of

Governor, Office of the

Gunston Hall

Health Professions, Department of

Health, Department of

Historic Resources, Department of

Housing and Community Development, Department of


Wall of Honor – CONTINUED!Human Resource Management, Department of

James Madison University

Juvenile Justice, Department of

Library of Virginia, The

Longwood University

Marine Resources Commission

Mary Washington University

Medical Assistance Services, Department of

Mental Health, Mental Retardation & Substance Abuse Svcs, Dept of

Mines, Minerals and Energy, Department of

Minority Business Enterprise, Department of

Motor Vehicle Dealer Board

Motor Vehicles, Department of

Museum of Fine Arts, Virginia

Museum of Natural History, Virginia

Norfolk State University

Old Dominion University

People With Disabilities, Virginia Board for

Planning and Budget, Department of

Professional & Occupational Regulation, Department of

Racing Commission, Virginia

Rail and Public Transportation, Department of

Rehabilitative Services, Department of

Science Museum of Virginia

Social Services, Department of

State Police, Department of

Taxation, Department of

Tourism Commission, Virginia

Transportation, Department of

Treasury, Department of the

VA School for the Deaf and Blind-Staunton

Virginia Commonwealth University

Virginia Employment Commission

Virginia Information Technologies Agency

Virginia Lottery

Woodrow Wilson Rehabilitation Center


Status Update• Publication Pending ITIB Review/Approval

– IT Security Policy & Standard Revised– IT Standard Use of Non-Commonwealth Computing

Devices to Telework ITRM SEC511-00 NEW!– IT Threat Management Guideline NEW!

• Guidelines in Draft COMING SOON!– IT Security Audit Guideline– IT Systems Security Guideline– Personnel Security Guideline


Revisions - IT Security Policy & Std• Highlights

– Expanded scope to include Legislative, Judicial, Independent and Higher Education

– System Security Plans for sensitive systems– Additional considerations for account management– Additional considerations for protection of data on

mobile storage media including encryption– Additional requirements for specialized IT security

training – Data Breach Notification

• Compliance date – 7/01/2008 CHANGE! (FROM 1/01/2008)

• Exception Form period extended from 6 months to 1 year – CHANGE!


New! IT Std Using Non-COV Devices to Telework• Purpose

– Establish a standard to protect COV data while teleworking with Non-COV Devices

• Acceptable Solutions– Standalone Computer– Internet Access to Web-Based Applications– Internet Access to Remote Desktop Applications

• Requirements– Storing COV data on a non-COV device is prohibited– Network traffic containing sensitive data must be encrypted– Provide training on remote access policies

• Security Incident Response– Non-COV device may be necessary during forensics or

investigation of a Security Incident– Acknowledgement form signed NO LONGER REQUIRED!


QUESTIONS


Peggy Ward, VITA

93

MS-ISAC

Multi-State Information Sharing & Analysis Center (MS-ISAC)

William F. Pelgrin, State of New YorkChair

• Recognizing the need for collaboration and communication between and among the states, the MS-ISAC was established in January 2003.

• The MS-ISAC began with New York and the Northeast states, and quickly expanded. Participation includes representatives from all 50 states and DC.

• The MS-ISAC is recognized by the US Department of Homeland Security as the national ISAC for the states and local government to coordinate cyber readiness and response.

Background

The mission of the MS-ISAC, consistent with the objectives of the National Strategy to Secure Cyberspace, is to provide a common mechanism for raising the level of cyber security readiness & response in each state.

The MS-ISAC provides a central resource for gathering information on cyber threats to critical infrastructure from the states & providing two-way sharing of information between & among the states and with local governments.

Mission

AlabamaAlaska

Arizon

a Arkansas Califo

rnia

ColoradoCon

nect

icut

Delaware

District of

Columbia

Florida Georg

iaHawaii

Idaho

Illinois

Indiana

Iowa

Kansas

Kent

ucky Louisiana

Maine

Maryland

MassachusettsMichigan Minnesota

Mississippi Missouri Mon

tana

Nebraska

Nevada

New Hampshire Ne

w Je

rsey

New Mexico

New York

North Carolina

North Dakota

Ohi

o

Oklah

oma

OregonPennsylvania

Rho

de Is

land

South CarolinaSouth D

akota

TennesseeTexas

Uta

h Vermont

Virgin

ia

Wash

ing

ton

West Virginia

WisconsinWyoming

TransformingThe Culture

Sharing Information…

• Monthly Conference Calls

• 24/7 Cyber Security Analysis Center

• Cyber Security Alerts and Advisories

• Public and Secure MS-ISAC Websites

• Participation in cyber exercises

• Common cyber alert level map

• National Webcast Initiative

• National Cyber Security Awareness Month

• Ensuring collaboration with all necessary parties

Multi-State ISAC

The MS-ISAC provides high-level descriptions of what the issue is and why you should be concerned…

MS-ISAC Public WebsiteMS-ISAC Public Websitewww.msisac.orgwww.msisac.org

The MS-ISAC provides a risk rating based on specific environments…

MS-ISACCollaborating with Others

• While the major focus of MS-ISAC is cyber security, there is also recognition of the relationship between physical and cyber security; membership includes representation from both the physical and cyber arenas.

• Close relationship with federal government

• Other partners

Endorsement by major national entities…

• Cyber Exercise• Metrics & Compliance• Education & Awareness• Legislative• Operations• State and Local Government

Outreach & Marketing• Procurement

MS-ISAC Workgroups

Local Government Local Government GuideGuide

Available at www.msisac.org

http://www.msisac.org/

National Cyber Security Awareness Month

October

Kids Safe Online Webcast

Governors’ Proclamations

Cyber Security Toolkit Calendars

Posters

Brochures

Other materials

• The Multi-State Information Sharing and Analysis Center (MS-ISAC) in cooperation with the Department of Homeland Security's National Cyber Security Division, have launched a partnership to deliver a series of national webcasts which examine critical and timely cyber security issues. Embracing the concept that security is everyone’s responsibility, these webcasts are available to a broad audience to help raise awareness and knowledge levels.

• The webcasts provide practical information and advice that users can apply immediately. Webcasts are conducted every other month.

• Webcasts are free and open to the public.

• Visit www.msisac.org for more information about upcoming sessions.

National Webcast Initiative


Cyber Security Center

7 X 24 OperationsMonitoring for Cyber Attacks

Cyber Alerts, Advisories and Informational Bulletins

Cyber Security CenterAlerts are provided to State designated representatives whenever an apparent attack of a state or local government entity has been detected.

For the Commonwealth of Virginia the two representatives are:

Constance McGeorge, Office of Commonwealth Preparedness

Peggy Ward, Virginia Information Technologies Agency

Working Together to Secure Cyberspace

Multi-State Information Sharing and Analysis Centerwww.msisac.org



UPCOMING EVENTS!

VITA OFFICE MOVE – Friday, July 27

ISOAG - Wednesday, August 89:00 - 12:00 @ CESC

COVITS – September 16 -18 Chantilly, Vahttp://www.covits.org/

www.vita.virginia.gov

113

Any Other Business ?


ADJOURN

THANK YOU FOR YOUR TIME AND

THOUGHTS!!!

Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting JULY 11, 2007 1.

Documents

Transcript of Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting JULY 11, 2007 1.