1 / 11

Important Updates and Information on IT Security Initiatives and Training

We are excited to announce several updates for information security professionals, including the release of new information sheets on secure coding practices, software security checklists, and web application vulnerabilities. Our office has moved to 1325 J Street, Suite 1650, Sacramento, CA. Furthermore, we have upcoming policy releases focused on personal information breach notification and a feasibility study report questionnaire to assist agencies in addressing security needs. Don't miss our online training programs designed for all government employees. Stay informed and enhance your security practices!

zed
Télécharger la présentation

Important Updates and Information on IT Security Initiatives and Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What’s New! www.infosecurity.ca.gov

  2. Updates • We’ve Moved Again! • Information Sheets • MM 08-07 on OCIO’s IT Capital Planning Process • Forthcoming Privacy Policy Releases • Feasibility Study Report (FSR) Questionnaire for Security/Privacy Components • Data Exchange Agreement Workgroup • Information Security Leader Academy • Online Information Security and Privacy Training www.infosecurity.ca.gov

  3. We’ve Moved Again • Effective June 30, 2008, we moved into our permanent office at: 1325 J Street, Suite 1650 IMS Code G7 Sacramento, CA 95814 • Our main phone line remains the same – (916) 445-5239 • Our direct lines have changed www.infosecurity.ca.gov

  4. Information Sheets • OISPP has released four different Information Sheets • Secure Coding Practices • Software Security Checklists • Web Application Vulnerabilities: More Than A Mere Nuisance • Web Service Offerings www.infosecurity.ca.gov

  5. MM 08-07 on OCIO’s Information Technology Capital Planning Process • IT Capital Plan Preparation Instructions (SIMM Section 57) – Appendix B • Requires Designated Information Security Officer (ISO) • ISO Involvement in Projects • Core Business Principles, Policies and Standards Regarding Information Integrity, Confidentiality, and Availability and the Protection of Information Assets • Data Sharing Agreements • Best Practices for Web, Application, and System Development • IT Capital Plan requires ISO signoff www.infosecurity.ca.gov

  6. Forthcoming Policy Releases • Safeguarding Against And Responding To A Breach Of Personal Information • Personal Information Breach Notification:Requirements and Decision Making Criteria For State Agencies (SIMM 65D) • Requests For And Approval To Release Personal Information For Research www.infosecurity.ca.gov

  7. FSR Questionnaire for Security/ Privacy Components • In the works…… • Provides guidance to agencies who are developing project-related documents • Helps to avoid unnecessary questions • Helps to ensure agencies are addressing security up front www.infosecurity.ca.gov

  8. Data Exchange Agreement Workgroup • Charter – develop general approach, recommendations, guidance and tools for the development of agreements between government entities on the use of data • Resulted from GTC’s Partner in Learning Forum • 21 representatives from various government entities participating • Timeline for completion – October 2008 www.infosecurity.ca.gov

  9. Information Security Leader Academy • Program will provide practical business skills and technical skills necessary for information security professionals to be strategic members of their organization’s leadership. • Partnership between OISPP and SacState • Academy Sponsors identified • Establishing Advisory Committee • First class scheduled for first quarter of 2009 • Open to all government employees www.infosecurity.ca.gov

  10. Online Information Security and Privacy Training Purpose: Develop a statewide online training system and make it available to all government entities • Result of Grant Funds • In process of writing internal FSR and RFP • Timeline for completion is FY 09/10 www.infosecurity.ca.gov

  11. Questions? www.infosecurity.ca.gov

More Related