1 / 23

Disaster Recovery Coordinators’ Meeting

August 18, 2010. Disaster Recovery Coordinators’ Meeting. Welcome. Meeting Agenda. OIS Management Changes. Disaster Recovery Plan Reviews An Update. California Cyber Incident Response Plan. Cyber Exercises. California Cyber Exercise August 12, 2010. Cyber Exercises. CyberStorm III.

derica
Download Presentation

Disaster Recovery Coordinators’ Meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. August 18, 2010 Disaster Recovery Coordinators’ Meeting

  2. Welcome

  3. Meeting Agenda

  4. OIS Management Changes

  5. Disaster Recovery Plan Reviews An Update

  6. California Cyber Incident Response Plan

  7. Cyber Exercises California Cyber Exercise August 12, 2010

  8. Cyber Exercises CyberStorm III “The last major cybersecurity exercise conducted by DHS was held in 2008. Cyberstorm III is slated to include a number of international computer emergency readiness teams (CERTS), including representatives from Australia, New Zealand, Canada and the United Kingdom. Previous Cyberstorm exercises focused on attacks attempting to take down the Internet or spread malicious software on high priority government systems. Cyberstorm III is expected to test the processes and roles in place while simulating a cyberattack against the underlying control systems of country's critical infrastructure – power grids, dams and systems that protect energy facilities.” -- 15 Jun 2010 | SearchSecurity.com

  9. Legislation

  10. Pending Legislation AB 1899 • Transparency. • State agencies to post specific audit information. • OCIO and DGS to post specific summary information regarding contracts awarded to the state. • Governor's Office to post specific financial information.

  11. Pending Legislation AB 2091 • Public Records Act (PRA) exemption. • Information Security records that would reveal vulnerabilities or would increase the potential for an attack on an information system. • Although AB 2091 does limit the public’s right of access, it is a very limited and targeted exemption.

  12. Pending Legislation AB 2408 • Governor’s Reorganization Plan clean-up bill • Codifies Executive Order S-10-03 • Name change – OCIO to California Technology Agency • Extends the OCIO’s sunset set date from 2013 to 2015

  13. Pending Legislation AB 1055 • State Chief Information Officer - fingerprints and criminal history checks. • OCIO employees and contractors that have access to sensitive or confidential information. • Conviction of crimes related to dishonesty, fraud, or deceit and is substantially related to the duties of the person. • There is an appeals process.

  14. 2010 Federal Grants • OIS Grant Requests • Threat Vulnerability Management Program • Enterprise Vulnerability Assessment Service • Statewide PCI Compliance • CA Information Sharing and Analysis Center • State and Local Government Training • Content Learning Management System

  15. 2010 Federal Grants • Online Incident Management System • Enterprise Certificate Authority • Enterprise Business Impact Analysis: Critical Information Technology Infrastructure • Forensics Lab • Enterprise Security Operations Center • Endorsement Letter for OIS Grant Request and Commitment for Joint Participation on Awarded Projects

  16. Enterprise Information Security Awareness Web Application

  17. Public Scorecard

  18. Public Scorecard http://www.cio.ca.gov/OIS/Government/activities_schedule.asp

  19. Public Scorecard • There will be no surprises. You and your management will be fully aware of the scores before publication. • First Scorecard will be published on our website in late August or early September 2010.

  20. National Preparedness Month September is National Preparedness Month www.Ready.gov

  21. National Preparedness Month FEMA Urges You to Take Part in National Preparedness Month This September, organizations and citizens from across the nation will come together for the seventh annual National Preparedness Month (NPM), designed to encourage Americans to prepare for emergencies in their homes, businesses, and communities.  FEMA’s Ready Campaign is asking organizations to take part by joining the National Preparedness Month Coalition, committing simply to inform members, employees, and customers about the importance of being prepared for emergencies, large and small. Registering for the Coalition is easy – visit http://ready.adcouncil.org/. Coalition members will be listed on the NPM Web site and receive a toolkit with templates, tools and ideas. For more information about NPM, visit: www.Ready.gov. Sample of National Preparedness Month Educational ToolsAvailable ·         Website Widgets http://www.fema.gov/help/widgets o   Ready campaign Widget: inform how to get a kit, make a plan and be informed. o   National Preparedness Month widget. ·         Popular Links & Downloadable Materials o   Ready Campaign: www.ready.gov (English) and www.listo.gov (Español) o   Get an emergency supply kit: http://www.ready.gov/america/getakit/index.html o   Family emergency plan: http://www.ready.gov/america/makeaplan/index.html o   Emergency supply kit list: http://www.ready.gov/america/getakit/kit-print.html ·         Newsletters /Articles o   E-mail for Employees, Members and Stakeholders. o   Newsletter /Web Site Article/ Blog Entry for a General Audience o   Newsletter/ Web site Article/ Blog Entry for Business Owners/ Managers Audience ·         Bill Stuffers ·         Instructional Videos ·         Public Service Announcements ·         Materials ·         Poster

  22. Future Policies • Security Reporting Scorecard Policy Letter • Infrastructure Consolidation Scorecard (Done) • Use of SmartPhones • Cloud Computing • Privacy • Power Management PL (Done) • Accessibility PL (Done)

  23. Questions

More Related