140 likes | 276 Vues
Better Together – The Road to Responsible Information Management. Presented by Colleen Pedroza, State Information Security Officer. Office of Information Security & Privacy Protection. Coming Soon! SB 90 creates new Office in State & Consumer Services Agency Effective 1/1/08
E N D
Better Together – The Road to Responsible Information Management Presented by Colleen Pedroza, State Information Security Officer
Office of Information Security & Privacy Protection • Coming Soon! • SB 90 creates new Office in State & Consumer Services Agency • Effective 1/1/08 • Government Code 11549 • Mission: Uniting consumer privacy protection with the oversight of government’s responsible management of information to ensure the trust of Californians
Office of Information Security & Privacy Protection Executive Office of Privacy Protection State Information Security Office • Consumer Focused • Consumer Assistance • Information & Education • Best Practice • Recommendations • Government Focused • Policy, Standards, Guidance • Assistance & Advice • Education & Awareness • Compliance Monitoring
Responsible Information Management • Blueprint for comprehensive approach to management of information • Personal, confidential, and sensitive information • Critical infrastructure • Information assets • People, processes, and technology • Physical and cyber security together
The Road Most Traveled • Silos common • Viewed as a tactical function • Old forms never die • ISOs and Privacy Officers not always taken seriously • Misnomer that it applies only to IT • Viewed as “$ecurity = $$$$” and a “bolted on” option • New laws and regulations make compliance difficult • Limited employee and contractor training • Incident numbers growing
The Road to Responsible Information Management • Be an advocate - It must start at the top! • Recognize the information your agency has is a strategic enabler for mission accomplishment • Achieve compliance with laws and regulations • Create a governance structure - Enlist all departmental resources • Collaborate with other agencies • Work with the Office of Information Security and Privacy Protection
What’s In It for You as an Executive? • Increased business success/resilience • Performance improvements • Online (e-government) initiatives can be realized • Security is integrated into your business processes • Decreased risk to operations and business
What’s In It for Californians? • Increased public confidence and trust • They can’t take their business elsewhere • The knowledge that Government is taking this seriously • California Government must be a leader in responsible information management • Californians are counting on you to manage our information responsibly
Nirvana –Better Together! • Be a leader in the paradigm shift • Be proactive vs reactive – embrace responsible information management • Implement concepts as part of the core business principles • Empower your ISO and Privacy Officer! • Make it a department-wide effort! • Start small, lay out a plan, and continuously improve • Be a model for others