Update on the Key Initiatives Recommended by NTT Data regarding the Agency Cyber Security Framework

Similar documents
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

K12 Cybersecurity Roadmap

Incident Response Plans: The Emergency Shutoff Control for Cyber Risk. Tabitha Greiner, Acumera Chris Lietz, Coalfire

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

You ve been breached: Now What? Minnesota s Data Breach Preparation and Notification for Electronic Data

Cybersecurity in Higher Ed

METHODOLOGY AND CRITERIA FOR THE CYBERSECURITY REPORTS

NW NATURAL CYBER SECURITY 2016.JUNE.16

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

External Supplier Control Obligations. Cyber Security

University of Pittsburgh Security Assessment Questionnaire (v1.7)

RFQ OIT-1 Q&A. Questions and Answers, in the order received.

Computer Security Incident Response Plan. Date of Approval: 23-FEB-2014

RFQ OIT-1 Q&A. Questions and Answers, in the order received.

Department of Management Services REQUEST FOR INFORMATION

The Common Controls Framework BY ADOBE

Data Privacy Breach Policy and Procedure

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

CYBERSECURITY MATURITY ASSESSMENT

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

TACOMA PUBLIC UTILITIES CYBERSECURITY PROGRAM NIAC WORKSHOP JUNE 2017

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

10/18/2016. Preparing Your Organization for a HHS OIG Information Security Audit. Models for Risk Assessment

Using ITIL to Measure Your BCP

MNsure Privacy Program Strategic Plan FY

Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments

Information Security Controls Policy

Google Cloud & the General Data Protection Regulation (GDPR)

PTLGateway Data Breach Policy

STAFF REPORT. January 26, Audit Committee. Information Security Framework. Purpose:

EU General Data Protection Regulation (GDPR) Achieving compliance

Information Technology Branch Organization of Cyber Security Technical Standard

NEN The Education Network

Defensible Security DefSec 101

PA TechCon. Cyber Wargaming: You ve been breached: Now what? April 26, 2016

Cyber Security Program

Manchester Metropolitan University Information Security Strategy

Cybersecurity Overview

Heavy Vehicle Cyber Security Bulletin

ISE North America Leadership Summit and Awards

Incident Response Lessons From the Front Lines. Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles

How to Align with the NIST Cybersecurity Framework

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Sirius Security Overview

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

112 th Annual Conference May 6-9, 2018 St. Louis, Missouri

Defining cybersecurity.

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Take Risks in Life, Not with Your Security

Welcome to Tomorrow... Today

Why you should adopt the NIST Cybersecurity Framework

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

Altius IT Policy Collection

NYDFS Cybersecurity Regulations

Jeff Wilbur VP Marketing Iconix

Level Access Information Security Policy

The importance of STANDARDS to ensure ACCOUNTABILITY and GOVERNANCE in ehealth-ict security processes

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

Cybersecurity Auditing in an Unsecure World

Cybersecurity: Incident Response Short

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

From the Trenches: Lessons learned from using the NIST Cybersecurity Framework

Master Information Security Policy & Procedures [Organization / Project Name]

Practical IT Research that Drives Measurable Results OptimizeIT Strategic Planning Bundle

Avanade s Approach to Client Data Protection

WHITE PAPER- Managed Services Security Practices

Designing and Building a Cybersecurity Program

Developing a Model for Cyber Security Maturity Assessment

Carbon Black PCI Compliance Mapping Checklist

No IT Audit Staff? How to Hack an IT Audit. Presenters. Mark Bednarz, Partner-In-Charge, Risk Advisory PKF O Connor Davies, LLP

It s Not If But When: How to Build Your Cyber Incident Response Plan

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak

ForeScout Extended Module for Splunk

The Role of the Data Protection Officer

Florida State University

Network Security Policy

Overview of Key E.U. and U.S. Privacy and Cybersecurity Laws. Brett Lockwood Smith, Gambrell & Russell, LLP May 15, 2018

Appendix 3 Disaster Recovery Plan

Information Security Incident Response Plan

NCSF Foundation Certification

The CERT Top 10 List for Winning the Battle Against Insider Threats

Management s Response to the Auditor General s Review of Management and Oversight of the Integrated Business Management System (IBMS)

A Risk Management Platform

IT Modernization In Brief

FISMA Cybersecurity Performance Metrics and Scoring

existing customer base (commercial and guidance and directives and all Federal regulations as federal)

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

The GDPR toolkit. How to guide for Executive Committees. Version March 2018

Incident Response Table Tops

Incident Response Services

Data Security and Privacy at Handshake

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

10 FOCUS AREAS FOR BREACH PREVENTION

locuz.com SOC Services

Internet of Things Toolkit for Small and Medium Businesses

Transcription:

Update on the Key Initiatives Recommended by NTT Data regarding the Agency Cyber Security Framework Texas Higher Education Coordinating Board Zhenzhen Sun Assistant Commissioner Information Solutions and Services John House Information Security Officer Information Solutions and Services AOC January 24 th, 2018

Implementation Strategy and Approach The assessment report produced by NTT Data described the agency s current cybersecurity posture. The recommendations provided by the vendor laid out a Target State vision for our cybersecurity infrastructure. Our implementation strategy was established by focusing on the five key functions in cybersecurity risks management as outlined in the TX Cybersecurity Framework: Identify Detect Respond Recover We assess progress toward the Target State on a quarterly basis and make adjustments when necessary. 2

Cybersecurity Risks Management Framework Identify People Recover Cybersecurity Risks Management Process Respond Detect Technology 3

Security Key Initiatives Implementation Roadmap 4

Initiative Completed Planned FERPA Sensitive PII Training 75% CJIS Training Data Owner Responsibilities Computer Incident First Responder Role Based Training Identify Risk Assessment Identify Asset Inventory Policy & Procedure / Framework Development 90% 100% 60% Application & Data Inventory Department Review sessions Data Owner Training Risk Assessment Data Inventory USB Survey Procedures Updated ITSC Charter Updated IT Policy Review System Security Plan Template Configuration Hardening Standards 25% Application Security Training USB Encryption Training Information Security Training Library Formal presentation to management Additional USB Inventory Removable Media technical controls Additional Security and Application Development Procedure Updates Complete System Security Plans based on Risk Assessment priorities 5

Initiative Completed Planned Respond Incident Detection & Response 75% Software Development Lifecycle Security 25% Detect Centralized Logging Strategy (SIEM) Detect Data Loss Prevention 50% 20% Established Incident Response Team Response Plan updates Quarterly meetings Incident response training Web Application Firewall implementation Installed Open Source Security Incident & Event Monitoring (SIEM) Removable device survey USB Inventory Privacy incident policy and procedures Response Plan exercises Updated testing tools Updated coding standards & frameworks Security training for developers Commercial SIEM / Managed Security Services Additional technical survey and controls for removable devices 6

Identify Established a formal Information Security Program Security Governance Structure Information Security Charter Established a formal agency Security Risk Assessment Tool Risk assessment results documented and reviewed with management Agency Application and Data Owners reviewed and verified the risk profile and identified data relationships Collected an agency-wide data and systems inventory Currently developing additional removable media device controls and inventory process Draft 2017 Agency Risk Assessment and Management Plan pending for review and approval 7

Completed updates to 9 security-related policies and procedures Using results gathered from the risk assessment to prioritize documenting and the implementation of configuration hardening for agency critical assets Currently reviewing and completing system security plans for critical systems identified by the risk assessment Provided training to agency staff pertaining to protection of Personally Identifiable Information Provided training to Application and Data Owners on owner roles and responsibilities according to the Texas Administrative Code (TAC) 202 Staff completed Criminal Justice Information Services (CJIS) training Updating Application Security Framework documentation Currently developing training for the application developers Conducted annual review of the agency IT policies and made sure policies and procedures are kept up to date 8

Detect Formally established the ISS Computer Incident Response Team The team completed first responder training in order to strengthen our agency s ability in response to security events and incidents Implemented a leading open source Security Incident & Event Management product to provide event monitoring prior to managed services offerings Evaluating application security scanning tools offered under DIR Managed Security Service Contract DIR Managed Security Services offerings will be evaluated for Security Incident & Event Monitoring offerings 9

Respond and Recover Formally established the ISS Computer Incident Response Team Implemented the THECB Security Incident Response Plan The Incident Response Team will have quarterly meetings and conduct tabletop exercises starting January, 2018 Working with General Counsel on drafting the Agency Data Breach Policy Assess, contain and recover data Assess risk and incident scope Notification and incident communications Post mortem evaluation and response 10

Texas Higher Education Coordinating Board 11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback