0
Information Security  Awareness Month Activities Peggy Ward Chief Information Security Officer &  Internal Audit Officer w...
Commonwealth Information Security Awareness Activities <ul><li>Governor Timothy Kaine issued a proclamation designating Oc...
Commonwealth Information Security Awareness Activities <ul><li>Framed & displayed the proclamation in a prominent location...
Commonwealth Information Security Awareness Activities <ul><li>Presentations </li></ul><ul><ul><li>Oct. 17: Commonwealth S...
Commonwealth Information Security Awareness Activities <ul><li>Presentations  </li></ul><ul><ul><li>Oct. 22:Commonwealth I...
Commonwealth Information Security Awareness Activities <ul><li>Internet Activities </li></ul><ul><ul><li>The state portal,...
Commonwealth Information Security Awareness Activities <ul><li>Internet Activities </li></ul><ul><ul><li>New content has b...
Commonwealth Information Security Awareness Activities <ul><li>Security Awareness Video </li></ul><ul><ul><li>Produced by ...
VITA Information Security Awareness Activities <ul><li>VITA Information Security Awareness activities are implemented to p...
Lunch Time Presentations <ul><li>Event 1-Oct.1 </li></ul><ul><ul><li>“ Defending the Castle- How to Secure you Home Networ...
Questions/Discussion
Douglas G. Mack DMV IT Security Director (ISO) [email_address] (804) – 367 - 2221 CIO - CAO Meeting October 28, 2008 Infor...
<ul><li>“ Information security </li></ul><ul><li>is a  people , </li></ul><ul><li>rather than a technical, issue.” </li></...
Three Groups to Address <ul><li>Everyone – DMV classified, wage, contractors </li></ul><ul><li>Executive Staff </li></ul><...
 
<ul><li>MSISAC provided 4 security awareness poster designs. </li></ul><ul><li>DMV’s Senior Graphic Designer branded the p...
<ul><li>One of each design of the poster was sent to DMV’s Customer Service Centers and Weigh Stations at the end of Septe...
<ul><li>Throughout the year, once or twice a month the ISO writes and publishes an IT Security Note. </li></ul><ul><ul><li...
<ul><li>DMV’s intensive security awareness activities for October focus on the Cyber Security Awareness Week. </li></ul><u...
<ul><li>Topics of the Notes for the Week: </li></ul><ul><ul><li>(Monday) Cyber Security Puzzle </li></ul></ul><ul><ul><li>...
<ul><li>MSISAC’s  Information Security Executive Brief  was sent to each member of the Executive Staff on the first day of...
<ul><li>“It’s important to note that information security is not a technology issue, but rather a  management issue  requi...
<ul><li>A PowerPoint Presentation was developed that covered some of the significant changes in SEC501-01, specifically: <...
<ul><li>The Presentation was sent out on October 2 to all ITS staff. </li></ul><ul><li>ITS staff have been given </li></ul...
Final Note
CIO-CAO Meeting October 28, 2008 Rosario Igharas, Information Security Officer Information Security Awareness : First Line...
VCSP:  Who we are <ul><ul><li>An independent state agency </li></ul></ul><ul><ul><li>Operate Virginia’s Section 529 Progra...
Current Savings Programs
Information In Our Custody  <ul><li>Customer Information </li></ul><ul><ul><li>Name, address, birthday  </li></ul></ul><ul...
Investment Managers <ul><li>Capital Guardian Trust </li></ul><ul><li>Century Capital Management </li></ul><ul><li>Chase In...
Information Security is Important to Us <ul><li>We respect our customers’ right to privacy and recognize their trust in us...
Technology Investment
People: KEY to Security <ul><li>“  The security infrastructure is only as good as its weakest link.”  Info ~Tech Research ...
Train the Organization <ul><li>Technical training </li></ul><ul><li>End user awareness training should not fall behind </l...
Thank You, VITA Security Services!
Thank You, DMV!
Bringing it Close to Home <ul><li>Scary Halloween Stories  </li></ul><ul><li>Real-life scary security stories </li></ul><u...
Final Thoughts <ul><li>Information Security Awareness month is just the beginning </li></ul><ul><ul><li>Investment in IT S...
<ul><li>Questions ? </li></ul><ul><li>Virginia College Savings Plan </li></ul><ul><li>Toll free 1-888-567-0540 </li></ul><...
Upcoming SlideShare
Loading in...5
×

Information Security Awareness activities

998

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
998
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
25
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • This shows a list of our investment managers (Dreyfus, Franklin Templeton, Rothschild, Vanguard, etc.) so you know that VCSP invests your funds with a diversified group of managers.
  • Halloween is a time to be scared, Network World’ invited three security experts (David Ting from Imprivata, Mike Paquette from Top Layer Networks and Ed Gaudet from Liquid Machines) to tell us their scariest stories of data security. Hear tales about compromised computers, the CSO who thought his password was secure (it wasn&apos;t), how a USB device with nuclear weapon data ended up in the hands of a crack dealer; and true tales of cyber-stalking. Guaranteed to have any IT manager shaking by the end of the episode (23:19).
  • Our telephone number and Web address are also listed in the handout materials. Crib Notes: TDD 1-804-371-8588
  • Transcript of "Information Security Awareness activities"

    1. 1. Information Security Awareness Month Activities Peggy Ward Chief Information Security Officer & Internal Audit Officer www.vita.virginia.gov
    2. 2. Commonwealth Information Security Awareness Activities <ul><li>Governor Timothy Kaine issued a proclamation designating October as Information Security Awareness Month. </li></ul><ul><ul><li>To encourage citizens to learn about information security and to put the knowledge to practice. </li></ul></ul>
    3. 3. Commonwealth Information Security Awareness Activities <ul><li>Framed & displayed the proclamation in a prominent location in the office & at Information Security Officer Advisory Group (ISOAG) meetings in September & October. </li></ul><ul><li>Provided copies of the proclamation with the seal to agencies & localities. </li></ul>
    4. 4. Commonwealth Information Security Awareness Activities <ul><li>Presentations </li></ul><ul><ul><li>Oct. 17: Commonwealth Security Information Resource Center presentation at the Cyber Security 2008 Conference, hosted jointly by Virginia Commonwealth University & the Federal Bureau of Investigations' InfraGard chapter </li></ul></ul><ul><ul><li>Oct. 21: Commonwealth Information Security Initiatives presentation at the Hampton Roads Cyber Security Awareness Conference </li></ul></ul>
    5. 5. Commonwealth Information Security Awareness Activities <ul><li>Presentations </li></ul><ul><ul><li>Oct. 22:Commonwealth Information Security Collaboration presentation at the Association of Government Accountants Technology & Fraud Conference </li></ul></ul><ul><ul><li>Oct. 24: Chief Information Officer & Chief Information Security Officer remarks at the Chesterfield County Cyber Security Awareness Event </li></ul></ul>
    6. 6. Commonwealth Information Security Awareness Activities <ul><li>Internet Activities </li></ul><ul><ul><li>The state portal, www.virginia.gov , has displayed a prominent graphic banner promoting Information Security in the &quot;focal point&quot; area, which links to the online guide on the VITA site </li></ul></ul><ul><ul><li>Online e-government services on the portal now include the citizens' awareness banner provided by Commonwealth Security </li></ul></ul>
    7. 7. Commonwealth Information Security Awareness Activities <ul><li>Internet Activities </li></ul><ul><ul><li>New content has been added to the Information Security Awareness Toolkit, thanks to COV agencies & MS-ISAC. The printing of materials from the toolkit was coordinated through DMV to leverage resources </li></ul></ul>
    8. 8. Commonwealth Information Security Awareness Activities <ul><li>Security Awareness Video </li></ul><ul><ul><li>Produced by VITA Commonwealth Security & VITA Communications </li></ul></ul><ul><ul><li>Available in early November in the Knowledge Center, the Information Security Resource Center & YouTube </li></ul></ul><ul><ul><li>Available in late November on DVD </li></ul></ul>
    9. 9. VITA Information Security Awareness Activities <ul><li>VITA Information Security Awareness activities are implemented to promote simple changes in behavior that strengthen the security of Commonwealth information. </li></ul><ul><ul><li>Hosted lunch time presentations </li></ul></ul><ul><ul><li>Conducted raffle giveaways for presentation attendees </li></ul></ul><ul><ul><ul><li>Giveaways items were provided by vendors from conferences. </li></ul></ul></ul><ul><ul><li>Provided VITA branded resource materials from MS-ISAC </li></ul></ul><ul><ul><ul><li>Brochures, Booklets, Bookmarks, Calendars, Posters </li></ul></ul></ul><ul><ul><li>Conducted a fill in the blank puzzle contest </li></ul></ul>
    10. 10. Lunch Time Presentations <ul><li>Event 1-Oct.1 </li></ul><ul><ul><li>“ Defending the Castle- How to Secure you Home Network” </li></ul></ul><ul><ul><li>Bob Baskette, Commonwealth Security Incident Engineer </li></ul></ul><ul><ul><li>Virginia Information Technologies Agency </li></ul></ul><ul><li>Event 2-Oct 22 </li></ul><ul><ul><li>“ Protecting Your Money, Our Role and Yours” </li></ul></ul><ul><ul><li>Chris Saneda, Senior Vice President /Chief Information Officer </li></ul></ul><ul><ul><li>Virginia Credit Union </li></ul></ul><ul><ul><li>“ The Tale of Three Hackers” </li></ul></ul><ul><ul><li>Victor “Jake” Olesen, Special Agent, </li></ul></ul><ul><ul><li>Federal Bureau of Investigation </li></ul></ul>
    11. 11. Questions/Discussion
    12. 12. Douglas G. Mack DMV IT Security Director (ISO) [email_address] (804) – 367 - 2221 CIO - CAO Meeting October 28, 2008 Information Security Awareness Month at DMV
    13. 13. <ul><li>“ Information security </li></ul><ul><li>is a people , </li></ul><ul><li>rather than a technical, issue.” </li></ul>Mark B. Desman The Ten Commandments of Information Security Awareness Training
    14. 14. Three Groups to Address <ul><li>Everyone – DMV classified, wage, contractors </li></ul><ul><li>Executive Staff </li></ul><ul><li>Information Technology Services (ITS) Staff </li></ul>
    15. 16. <ul><li>MSISAC provided 4 security awareness poster designs. </li></ul><ul><li>DMV’s Senior Graphic Designer branded the posters and added Mark Desman’s quote to each design. </li></ul><ul><li>DMV Printing Services printed the posters. </li></ul>
    16. 17. <ul><li>One of each design of the poster was sent to DMV’s Customer Service Centers and Weigh Stations at the end of September. </li></ul><ul><li>One of each design of the poster was displayed on each floor of DMV Headquarters. </li></ul>
    17. 18. <ul><li>Throughout the year, once or twice a month the ISO writes and publishes an IT Security Note. </li></ul><ul><ul><li>Single Topic </li></ul></ul><ul><ul><li>Brief </li></ul></ul><ul><ul><li>Diagrams, Screen Prints, Pictures </li></ul></ul>
    18. 19. <ul><li>DMV’s intensive security awareness activities for October focus on the Cyber Security Awareness Week. </li></ul><ul><li>A new IT Security Note was published each day of Cyber Security Awareness Week. </li></ul><ul><li>DMV has a Cyber Security Awareness Week each October. </li></ul>
    19. 20. <ul><li>Topics of the Notes for the Week: </li></ul><ul><ul><li>(Monday) Cyber Security Puzzle </li></ul></ul><ul><ul><li>(Tuesday) Acceptable Use </li></ul></ul><ul><ul><li>(Wednesday) A Bit of Computer Humor </li></ul></ul><ul><ul><li>(Thursday) Protecting Sensitive Data </li></ul></ul><ul><ul><li>(Friday) Recognizing and Avoiding Email Scams at Home </li></ul></ul>
    20. 21. <ul><li>MSISAC’s Information Security Executive Brief was sent to each member of the Executive Staff on the first day of the week. </li></ul>
    21. 22. <ul><li>“It’s important to note that information security is not a technology issue, but rather a management issue requiring leadership, expertise, accountability, </li></ul>due diligence and risk management. Information security needs to be addressed in a coordinated, enterprise approach, and factored into program decisions.”
    22. 23. <ul><li>A PowerPoint Presentation was developed that covered some of the significant changes in SEC501-01, specifically: </li></ul><ul><ul><li>Data Protection </li></ul></ul><ul><ul><li>Application Security </li></ul></ul><ul><li>DMV wanted to provide more IT focused awareness training for Information Technology Services (ITS) staff. </li></ul>
    23. 24. <ul><li>The Presentation was sent out on October 2 to all ITS staff. </li></ul><ul><li>ITS staff have been given </li></ul><ul><li>until November 14 to review the presentation and return the completion certificate to the ISO. </li></ul><ul><li>As of October 22, 44 out of 176 staff members have completed the review. </li></ul>
    24. 25. Final Note
    25. 26. CIO-CAO Meeting October 28, 2008 Rosario Igharas, Information Security Officer Information Security Awareness : First Line of Defense Against Social Engineering
    26. 27. VCSP: Who we are <ul><ul><li>An independent state agency </li></ul></ul><ul><ul><li>Operate Virginia’s Section 529 Programs which provide funds for higher education </li></ul></ul><ul><ul><li>Largest 529 plan in the country </li></ul></ul><ul><ul><ul><li>Over 1.8 million account owners </li></ul></ul></ul><ul><ul><ul><li>About $25 Billion in assets under management </li></ul></ul></ul><ul><ul><li>Recognized by Morningstar, Inc (April 2008) which ranked 2 of VCSP’s programs among the BEST Five college savings plans in the country </li></ul></ul>
    27. 28. Current Savings Programs
    28. 29. Information In Our Custody <ul><li>Customer Information </li></ul><ul><ul><li>Name, address, birthday </li></ul></ul><ul><ul><li>Social Security Number </li></ul></ul><ul><ul><li>Account Numbers </li></ul></ul><ul><ul><li>Student ID </li></ul></ul><ul><li>Employee Information </li></ul><ul><li>Agency Information </li></ul><ul><li>Partner Information </li></ul>
    29. 30. Investment Managers <ul><li>Capital Guardian Trust </li></ul><ul><li>Century Capital Management </li></ul><ul><li>Chase Investment Counsel </li></ul><ul><li>Donald Smith & Co., Inc. </li></ul><ul><li>Dreyfus </li></ul><ul><li>Franklin Templeton </li></ul><ul><li>Invesco </li></ul><ul><li>LSV Investment Management </li></ul><ul><li>NWQ Investment Management Company </li></ul><ul><li>Piedmont Investment Advisors, LLC </li></ul><ul><li>Pier Capital </li></ul><ul><li>Rothschild Asset Management </li></ul><ul><li>Sands Capital </li></ul><ul><li>Tattersall Advisory (Wachovia) </li></ul><ul><li>Thompson, Siegel & Walmsley, Inc. </li></ul><ul><li>Utendahl Capital Management, LP </li></ul><ul><li>Vanguard </li></ul><ul><li>Virginia Dept. of Treasury </li></ul><ul><li>Western Asset (Legg Mason) </li></ul><ul><li>Westfield Capital Management </li></ul>
    30. 31. Information Security is Important to Us <ul><li>We respect our customers’ right to privacy and recognize their trust in us to keep information about them secure and confidential. </li></ul><ul><li>Comply with laws and regulations </li></ul><ul><li>Avoid Embarrassment </li></ul>
    31. 32. Technology Investment
    32. 33. People: KEY to Security <ul><li>“ The security infrastructure is only as good as its weakest link.” Info ~Tech Research Group </li></ul>
    33. 34. Train the Organization <ul><li>Technical training </li></ul><ul><li>End user awareness training should not fall behind </li></ul><ul><li>Awareness training has to be ongoing </li></ul>
    34. 35. Thank You, VITA Security Services!
    35. 36. Thank You, DMV!
    36. 37. Bringing it Close to Home <ul><li>Scary Halloween Stories </li></ul><ul><li>Real-life scary security stories </li></ul><ul><li>Highlight local incidents </li></ul><ul><li>http://www.networkworld.com/podcasts/panorama/2007/102507pan-scary-security.html </li></ul>
    37. 38. Final Thoughts <ul><li>Information Security Awareness month is just the beginning </li></ul><ul><ul><li>Investment in IT Security Technology is not enough </li></ul></ul><ul><ul><li>Train the organization </li></ul></ul><ul><ul><li>Develop a culture of security </li></ul></ul><ul><ul><li>Tone at the top </li></ul></ul>
    38. 39. <ul><li>Questions ? </li></ul><ul><li>Virginia College Savings Plan </li></ul><ul><li>Toll free 1-888-567-0540 </li></ul><ul><li>www.Virginia529.com </li></ul>
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×