1 / 14

Chief Information Security Officer Teresa Soria

Chief Information Security Officer Teresa Soria. September 26, 2013. Teresa.Soria@State.Ca.Gov. Agenda. Cyber Security Impact Who are the Targets Laws and Regulations What it means to small business. Cyber Security Impact Individual Business Nation (Ca. Local Government).

gage
Download Presentation

Chief Information Security Officer Teresa Soria

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chief Information Security OfficerTeresa Soria September 26, 2013 Teresa.Soria@State.Ca.Gov

  2. Agenda • Cyber Security Impact • Who are the Targets • Laws and Regulations • What it means to small business

  3. Cyber Security Impact • Individual • Business • Nation (Ca. Local Government)

  4. INFORMATION TECHNOLOGY STATISTICS Hispanic business represent the fastest-growing segment among U.S. small businesses

  5. CYBER SECURITY ON THE RISE

  6. Target SKIDDIE

  7. Laws and Regulations • State of Ca. SAM 4800 and 5300 • Federal: Executive Order 13636 Improving Critical Infrastructure Cybersecurity IRS (Federal Tax Information Laws; PII) PCI HIPAA FISMA • Standards / Guidelines NIST 800-53; ISO 27001; OWASP

  8. Cyber Security • Opportunities

  9. Small Business • Opportunities • Security Awareness • Risk Management (risk assessments) • Incident Response and Management (investigation/forensics) • Monitoring and Tracking Tools • Data and Systems Protection Secure Access, Transport, and Storage • Challenges Continuously evolving technology and business environments

  10. Contract Language GENERAL PROVISIONS – INFORMATION TECHNOLOGY GSPD-401IT SAM 5300 SAMPLE

  11. Contract Language • Information Security Plans • Administrative Safeguards • Information Protection • Network Infrastructure Protection • Secure Application Development and Testing • Physical Protection

  12. Wrap up QUESTIONS

  13. RESOURCES California Department of Technology http://www.cio.ca.gov/ Multi State Information Sharing and Analysis Center msisac.cisecurity.org/ Cyber Security Pledge https://msisac.cisecurity.org/cyber-pledge/ State Administrative Manual Table of Contents (SAM 5300) http://sam.dgs.ca.gov/TOC.aspx NIST Computer Security Publications http://csrc.nist.gov/ State Personnel Board http://jobs.ca.gov/ General Provisions http://www.documents.dgs.ca.gov/pd/modellang/GPIT060810.pdf

More Related