1 / 21

The 2005 Case for Information Technology Security

The 2005 Case for Information Technology Security. October 14, 2004. From an executive perspective … What are the latest Information Security Issues?. Is there really an active threat to Michigan government?. 30,000 virus attacks stopped daily 100,000 hacking attempts stopped monthly

tallulah-ross
Download Presentation

The 2005 Case for Information Technology Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The 2005 Case for Information Technology Security October 14, 2004

  2. From an executive perspective …What are the latest Information Security Issues?

  3. Is there really an active threat to Michigan government? • 30,000 virus attacks stopped daily • 100,000 hacking attempts stopped monthly • 800 worker hours of productivity lost due to attacks in an average month • 600 DIT staff hours used to restore service due to attacks in an average month

  4. Homeland Security Grant Projects Critical IT Infrastructure Protection Program

  5. Program Overview • Program encompasses 12 separate but related projects that focus on prevention, detection, and response to cyber threats and incidents against critical State of Michigan IT infrastructure • All projects meet the goals and objectives required by Statewide Homeland Security Strategy • Funded by grant dollars from Department of Homeland Security

  6. Critical Infrastructure IT Protection Projects • What: Fixed Generators for State’s Data Centers • What: Security events correlation collected by isolated systems (IDS, firewalls, SMTP anti-virus scanner, etc) • What: Firewall technologies for the internal State network placed at each of the hosting centers to provide protection for internal zones • What: Intrusion detection devices and systems for internal protected zones and the extranet made visible to the IDS systems • What: Network portal system that provides encryption to user data without the need for client side applications. Commonly referred to as SSL VPN • What: Permanent, dedicated and secure, remote-controlled network monitor/analyzer shared between the connections to the Public Internet and server farm infrastructure at the Tier III hosting centers

  7. Critical Infrastructure IT Protection Projects • What: Decoy Server using honeypot technology provides early detection of internal, external, and unknown attacks • What: Network penetration tests to identify vulnerabilities • What: GIS information system for DIT Emergency Coordination Center • What: Software to reduce spam email entering the State’s email systems • What: Software preventing access to web sites that are deemed risks to the State's network and systems; spyware filter • What: Implement documented formal methods for the application of forensic risk analysis and risk management of information systems

  8. Michigan Cyber Security Success Stories--- 2003 NASCIO Award for The Secure Michigan Initiative (Enterprise Risk Assessment) --- 2004 NASCIO Award for Michigan Critical Incident Management System --- Cyber Terrorism Exercise in July 2004

  9. Contact Information:Dan Lohrmann Michigan CISOe-mail: Lohrmannd@mi.govphone: (517) 241-4090

More Related