1 / 10

Keeping you Running Part II

This guide outlines the process of developing and implementing cyber security plans for local government entities. It covers working with municipal boards and staff, creating policies and procedures, gathering information, and initiating changes for continuity and security.

charlottejohnson
Download Presentation

Keeping you Running Part II

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Developing Your Own Local Government Cyber Security Plans Stan France & Mary Ball stan@co.schoharie.ny.us Keeping you Running Part II

  2. Outline • Working with municipal boards • Working with municipal staff and officials • Policies and procedures • Gathering information • Turning information into plans • Initiating changes for continuity and security

  3. Working with Municipal BoardsInitial Buy in Talking Points • Continuity • Cases of fire, oil spills, floods • Citizen needs • Cyber security • Information protection • (State Comptroller, E-Ticket) • Personal identity information disclosure law • Public embarrassment • Loss of work time • Cost to repair

  4. Working with Municipal BoardsNeed for Policy and Procedures • Establish roles when a response is needed • Identify impact of changes on operations • Different personnel • Different operations • Make clear government resource usage

  5. Working With Municipal Staff and Officials • Establish what needs to be accomplished • Continuity • Cyber security • Establish roles for the process • Utilize existing strengths • Coordination • Information gathering

  6. Policies and Procedures • Model Continuity of Operations Policy • Model Continuity of Operations Plan • Model Cyber Security Policy • Model Acceptable Use Policy

  7. Gathering Information • Basic information gathering form • Remote operations requirements form • Continuity of Operations by Function form

  8. Turning Information IntoContinuity Policy and Plans • Model continuity of operations policy • Purpose • Scope • Policy • Model Continuity of operations Plan • Overall responsibility • Priorities • Plans and procedures by function

  9. Model Cyber Security Policy • Responsible person • Physical protection • Access control • Information protection • Incident reporting • Training • Media Disposal • Acceptable use policy • Policy review

  10. Initiating Changes • Information Security Officer (ISO) role • Regular security software updates • Regular back-up and offsite storage • Annual review

More Related