The Queensland Government Chief Information Office introduced revised Information Security Policies (IS18) effective October 1, 2018. The changes move from a compliance focus to a risk-based approach based on ISO 27001. Key changes include requiring agencies to implement an Information Security Management System, apply systematic risk management, meet minimum security requirements, obtain assurance for systems, and have accountable officers attest to security posture annually. The goal is to establish effective governance, improve risk management, and design systems with assurance in mind.
This Partners in Technology briefing provided an opportunity for local ICT industry representatives to hear from Shaun Nesbitt, Chief Information Officer, Seqwater
PiT briefing - Darrin Bond - Chief Information Officer, DCCSDS - Feb 14 2014Digital Queensland
This briefing provided an update on Queensland Government ICT procurement and what this meant for industry when tendering and providing services to state government. The One-Stop Shop plan and opportunities for industry participation was discussed in-line with the October 2013 release of the plan, committing the Queensland Government to deliver simpler, clearer and faster services for all Queenslanders. Lastly, an overview of the Department of Communities, Child Safety and Disability Services significant business reforms, major and operational business systems, the ICT enabled forward program of work and the future directions and challenges that face the department was presented.
Presenter: Darrin Bond - Chief Information Officer, Department of Communities, Child Safety and Disability Services
Summary and Q&As from Chris Fechner, Queensland Government Chief Customer and Digital Officer and presentation by Dr Sarah Pearson, Deputy Director-General Department of Innovation and Tourism Industry Development to the Queensland Digital Industry at the COVID-19 Partners in Technology briefing.
This Partners in Technology briefing provided an opportunity for local ICT industry representatives to hear from Shaun Nesbitt, Chief Information Officer, Seqwater
PiT briefing - Darrin Bond - Chief Information Officer, DCCSDS - Feb 14 2014Digital Queensland
This briefing provided an update on Queensland Government ICT procurement and what this meant for industry when tendering and providing services to state government. The One-Stop Shop plan and opportunities for industry participation was discussed in-line with the October 2013 release of the plan, committing the Queensland Government to deliver simpler, clearer and faster services for all Queenslanders. Lastly, an overview of the Department of Communities, Child Safety and Disability Services significant business reforms, major and operational business systems, the ICT enabled forward program of work and the future directions and challenges that face the department was presented.
Presenter: Darrin Bond - Chief Information Officer, Department of Communities, Child Safety and Disability Services
Summary and Q&As from Chris Fechner, Queensland Government Chief Customer and Digital Officer and presentation by Dr Sarah Pearson, Deputy Director-General Department of Innovation and Tourism Industry Development to the Queensland Digital Industry at the COVID-19 Partners in Technology briefing.
Partners in Technology (PiT) - Public Safety Business Agency - 23 October 2015Digital Queensland
Partners in Technology briefs Queensland's ICT industry about the Frontline & Digital Services, operations and priorities for the coming 12 months for the Public Safety Business Agency.
Partners in Technology (PiT) - Queensland Digital Industry Survey 2014 - 21 J...Digital Queensland
Partners in Technology briefs Queensland's ICT industry about the outcomes of the Queensland Digital Industry Survey undertaken in 2014 - highlighting key statistics about the digital industry in Queensland.
"Improving Decision Making in Health & Social Care Through Quality Information & Technology": Dr. Mark Davies (Director of Clinical and Public Assurance) of the Health and Social Care Information Centre (HSCIC) discusses this at the Healthcare Efficiency Through Technology Expo 2013.
Presentation by Dr Masood Nazir, GP and Associate CCIO for Primary Care Digital Transformation Programes, NHSX at ECO 19: Care closer to home on Tuesday 9 July at Deepdale Stadium.
Andy Williams (Chief Executive - HSCIC) discussed how the HSCIC are improving wellbeing through information and technology at the recent "Healthcare Efficiency Through Technology Expo (HETT 2014)".
Areas covered include:
- Taking action and sustain public trust
- Building capability on firm foundations
- Emerging strategic imperatives
We work with many large and small organizations to ensure that information is managed through a risk based approach. Management systems can ensure that information resilience and risk mitigation is a focal point of corporate strategy as well as becoming a part of everyday business practice.
Read about risk assurance in our brochure now!
Partners in Technology (PiT) - Public Safety Business Agency - 23 October 2015Digital Queensland
Partners in Technology briefs Queensland's ICT industry about the Frontline & Digital Services, operations and priorities for the coming 12 months for the Public Safety Business Agency.
Partners in Technology (PiT) - Queensland Digital Industry Survey 2014 - 21 J...Digital Queensland
Partners in Technology briefs Queensland's ICT industry about the outcomes of the Queensland Digital Industry Survey undertaken in 2014 - highlighting key statistics about the digital industry in Queensland.
"Improving Decision Making in Health & Social Care Through Quality Information & Technology": Dr. Mark Davies (Director of Clinical and Public Assurance) of the Health and Social Care Information Centre (HSCIC) discusses this at the Healthcare Efficiency Through Technology Expo 2013.
Presentation by Dr Masood Nazir, GP and Associate CCIO for Primary Care Digital Transformation Programes, NHSX at ECO 19: Care closer to home on Tuesday 9 July at Deepdale Stadium.
Andy Williams (Chief Executive - HSCIC) discussed how the HSCIC are improving wellbeing through information and technology at the recent "Healthcare Efficiency Through Technology Expo (HETT 2014)".
Areas covered include:
- Taking action and sustain public trust
- Building capability on firm foundations
- Emerging strategic imperatives
We work with many large and small organizations to ensure that information is managed through a risk based approach. Management systems can ensure that information resilience and risk mitigation is a focal point of corporate strategy as well as becoming a part of everyday business practice.
Read about risk assurance in our brochure now!
NY State's cybersecurity legislation requirements for risk management, securi...IT Governance Ltd
This webinar illustrates:
- The responsibility to appoint a CISO
- Application security program (internal and external) and review by the CISO
- Overview of the risk assessment policy and procedures
- Setting up a program specific to your organization's information systems and business operations
- Identifying cyber threats and how to incorporate controls
- Maintaining an audit trail to include detection and responses to cybersecurity events
- How ISO 27001 and vsRisk can provide the right tools to help you implement a successful program that meets compliance requirements
A recording of the webinar can be found here:
https://www.youtube.com/watch?v=URfAd2E37Eo
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
Cloud Security Alliance EMEA Congress
Using cloud services: Compliance with the Security Requirements of the Spanish Public Sector
Text of the presentation by Miguel A. Amutio
Singapore's National Cyber Security StrategyBenjamin Ang
Singapore's National Cyber Security Strategy was launched by the Singapore government at the inaugural Singapore International Cyber Week 2016. This presentation gives an overview of the 4 pillars of the Strategy and some of its implementation steps so far, including the upcoming new Cybersecurity Act, and the SGD 10 million fund for capacity building in ASEAN. You can download the full Strategy at www.csa.gov.sg
PiT briefing at State Library of Queensland
Chris McLaren - Queensland Government Chief Customer and Digital Officer
Building a thriving Queensland digital economy
Rob Champion - Queensland Government Chief Information Security Officer
Cyber Security
Presentation and contacts for 10 February Partners in Technology briefing hosted by Chris McLaren, Queensland Government Chief Customer and Digital Officer with Michael O’Leary, Chief Information Officer and Assistant Director-General (IT), Department of Education and Lea Diffey, Deputy Director-General Innovation, Department of Tourism, Innovation and Sport
Presentation and contacts for 1 July Partners in Technology webinar hosted by Chris Fechner, Queensland Government Chief Customer and Digital Officer with Michael O’Leary, Chief Information Officer and Assistant Director-General (IT), Department of Education.
Presentation, summary and Q&A by Chris Fechner, Queensland Government Chief Customer and Digital Officer and presentation by Prof. Marek Kowalkiewicz, Founding Director, Centre for the Digital Economy, QUT at the COVID-19 Partners in Technology briefing.
Presentation and Q&A by Chris Fechner, Queensland Government Chief Customer and Digital Officer and presentation by Prof. Marek Kowalkiewicz, Founding Director, Centre for the Digital Economy, QUT at the COVID-19 Partners in Technology briefing.
Presentations by Dallas Stower, Deputy Director-General, Transformation and Enabling Technologies, Department of Housing and Public Works and Damian Green
Deputy Director-General, eHealth Queensland
Chief Information Officer, Queensland Health
at the COVID-19 Partners in Technology briefing.
Presentation, summary and Q&A by Chris Fechner, Queensland Government Chief Customer and Digital Officer and presentation by Michael Nikolic, Chief Digital Officer, Queensland Correctional Services at the COVID-19 Partners in Technology briefing.
Presentations by Chris Fechner, Queensland Government Chief Customer and Digital Officer and presentation by Michael Nikolic, Chief Digital Officer, Queensland Correctional Services at the COVID-19 Partners in Technology briefing.
Presentations by Chris Fechner, Queensland Government Chief Customer and Digital Officer and presentation by Dr Sarah Pearson, Deputy Director-General Department of Innovation and Tourism Industry Development to the Queensland Digital Industry at the COVID-19 Partners in Technology briefing.
Summary and Q&As from Chris Fechner, Queensland Government Chief Customer and Digital Officer's presentation to the Queensland Digital Industry at the COVID-19 Partners in Technology briefing.
Summary and Q&As from Chris Fechner, Queensland Government Chief Customer and Digital Officer's presentation to the Queensland Digital Industry at the COVID-19 Partners in Technology briefing.
Summary and Q&As from Chris Fechner, Queensland Government Chief Customer and Digital Officer's presentation to the Queensland Digital Industry at the COVID-19 Partners in Technology briefing.
The digital future of DES
Department of Environment and Science
Tim Barker, Chief Digital Officer, Digital and Information Services Branch, Science and Technology Division
Partners in Technology - future of customer and digital delivery in Queenslan...Digital Queensland
Future of customer and digital delivery in Queensland Government
Department of Housing and Public Works
Andrew Mills, Queensland Government Chief Information Officer
Partners in Technology - Establish and prove foundational ICT capabilityDigital Queensland
Partners in Technology Briefing 2 August 2019
Ashley Hill
Chief Information Officer and Executive Director
Department of Justice and Attorney-General (DJAG)
Partners in Technology - Opportunities for delivering better ICT services Digital Queensland
Partners in Technology Briefing 2 August 2019
Michael O’Leary
Assistant Director-General, Information and Technologies and Chief Information Officer
Department of Education
Partners in Technology (PiT) - Be a Responsive GovernmentDigital Queensland
Irene Violet
Assistant Director-General
Responsive Government
Department of Housing and Public Works
Presentation on Responsive government for Partners in Technology 2 November 2018
ZGB - The Role of Generative AI in Government transformation.pdfSaeed Al Dhaheri
This keynote was presented during the the 7th edition of the UAE Hackathon 2024. It highlights the role of AI and Generative AI in addressing government transformation to achieve zero government bureaucracy
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Many ways to support street children.pptxSERUDS INDIA
By raising awareness, providing support, advocating for change, and offering assistance to children in need, individuals can play a crucial role in improving the lives of street children and helping them realize their full potential
Donate Us
https://serudsindia.org/how-individuals-can-support-street-children-in-india/
#donatefororphan, #donateforhomelesschildren, #childeducation, #ngochildeducation, #donateforeducation, #donationforchildeducation, #sponsorforpoorchild, #sponsororphanage #sponsororphanchild, #donation, #education, #charity, #educationforchild, #seruds, #kurnool, #joyhome
A process server is a authorized person for delivering legal documents, such as summons, complaints, subpoenas, and other court papers, to peoples involved in legal proceedings.
Russian anarchist and anti-war movement in the third year of full-scale warAntti Rautiainen
Anarchist group ANA Regensburg hosted my online-presentation on 16th of May 2024, in which I discussed tactics of anti-war activism in Russia, and reasons why the anti-war movement has not been able to make an impact to change the course of events yet. Cases of anarchists repressed for anti-war activities are presented, as well as strategies of support for political prisoners, and modest successes in supporting their struggles.
Thumbnail picture is by MediaZona, you may read their report on anti-war arson attacks in Russia here: https://en.zona.media/article/2022/10/13/burn-map
Links:
Autonomous Action
http://Avtonom.org
Anarchist Black Cross Moscow
http://Avtonom.org/abc
Solidarity Zone
https://t.me/solidarity_zone
Memorial
https://memopzk.org/, https://t.me/pzk_memorial
OVD-Info
https://en.ovdinfo.org/antiwar-ovd-info-guide
RosUznik
https://rosuznik.org/
Uznik Online
http://uznikonline.tilda.ws/
Russian Reader
https://therussianreader.com/
ABC Irkutsk
https://abc38.noblogs.org/
Send mail to prisoners from abroad:
http://Prisonmail.online
YouTube: https://youtu.be/c5nSOdU48O8
Spotify: https://podcasters.spotify.com/pod/show/libertarianlifecoach/episodes/Russian-anarchist-and-anti-war-movement-in-the-third-year-of-full-scale-war-e2k8ai4
Presentation by Jared Jageler, David Adler, Noelia Duchovny, and Evan Herrnstadt, analysts in CBO’s Microeconomic Studies and Health Analysis Divisions, at the Association of Environmental and Resource Economists Summer Conference.
3. Queensland Government Chief Information Office
IS18 - Security Policy Changes
From October 1st 2018 a revised Information Security Policies (IS18) came into
effect for Queensland Government.
What are these changes, what do they mean, and what does the information
security need to look like for Queensland Government in the future.
4. Queensland Government Chief Information Office
Cyber security is now a strategic risk to all organisations
- No one wants to be front page news for a cyber incident
- Everyone is a potential target
- Increasingly seeing attackers exploiting weakest points in security
Never underestimate a criminal’s ability to turn
your stuff
into their money
or the damage to your reputation when that happens.
5. Queensland Government Chief Information Office
We have be “doing” Information Security for decades.
So what’s changed?
•Digitization
•Complexity
Expectations of the
community and
stakeholders
Sophistication & motivation
of attackers
6. Queensland Government Chief Information Office
IS18 History
Part of the QGEA
First established in 1993
Last major refresh of IS18 in 2009 - (5th version)
Based around
ISO/IEC 17799:2000 and ISO/IEC 27001:2006
7. Queensland Government Chief Information Office
Drivers for change
Not aligned to the current of the ISO 27001 standard.
Needed refreshing to match agency requirements in managing increasingly
complex ICT and business environments.
Hadn’t been particularly well adopted
Focused on controls, not the processes and outcomes
Lacked guidance on governance and assurance
8. Queensland Government Chief Information Office
Information Security Policy (IS18:2018)
This new policy came into effect from 1 October 2018.
Represents a move from a compliance focus
to a risk based approach
9. Queensland Government Chief Information Office
Policy wording
Purpose
The Queensland Government is responsible for a significant amount of
information. To ensure trust and deliver business value it is critical that
this information is protected appropriately.
This policy seeks to ensure all agencies apply a consistent, risk-based
approach, to the implementation of information security to maintain
confidentiality, integrity and availability.
Policy statement
The Queensland Government will identify and manage risks to
information, applications and technologies, through their life cycle,
using Information Security Management Systems (ISMS).
Purpose
The Queensland Government is responsible for a significant amount of
information. To ensure trust and deliver business value it is critical that
this information is protected appropriately.
This policy seeks to ensure all agencies apply a consistent, risk-based
approach, to the implementation of information security to maintain
confidentiality, integrity and availability.
Policy statement
The Queensland Government will identify and manage risks to
information, applications and technologies, through their life cycle,
using Information Security Management Systems (ISMS).
10. Queensland Government Chief Information Office
Policy requirement 1:
Agencies must implement an ISMS based on ISO 27001
Agencies must implement and operate an ISMS based
on the current version of ISO 27001 Information
technology - Security techniques - Information
security management systems – Requirements. The
scope of the ISMS will include the protection of all
information, application and technology assets.
11. Queensland Government Chief Information Office
Policy requirement 2:
Agencies must apply a systematic and repeatable
approach to risk management
Risk management is an integral part of operating an ISMS where risks must
be considered at a business level. Agencies must adopt a risk management
framework by integrating their ISMS into their corporate risk management
processes.
12. Queensland Government Chief Information Office
Policy requirement 3:
Agencies must meet minimum security requirements
To ensure a consistent security posture, the ISMS must meet the following requirements:
• all ICT assets that create, store, process or transmit information are assigned appropriate
controls in accordance with the Queensland Government Information Security
Classification Framework (QGISCF).
• all information transmitted over data communications networks must be secured in line
with the Network transmission security assurance framework (NTSAF)*.
• all services requiring user authentication must meet the requirements of the Queensland
Government Authentication Framework (QGAF)*.
• agencies must implement the Australian Signals Directorate (ASD) “Essential
Eight” Strategies to Mitigate Cyber Security Incidents.
* Being reviewed
13. Queensland Government Chief Information Office
Policy requirement 4:
Agency accountable officers must obtain assurance for systems
Every system is unique and assurance should be applied sensibly
and appropriately. Accountable officers must obtain assurance to
establish an understanding of information security protections
and adherence to information security policy.
The level of assurance applied to systems must be based on the
criticality/significance of the system, using the business impact
levels determination methodology outlined in the QGISCF.
14. Queensland Government Chief Information Office
Policy requirement 5:
Accountable officers must attest to the appropriateness
of agency information security
Agency accountable officers must:
• endorse the Information Security Checklist.
• certify that it is an accurate report of the agency’s information
security posture.
• endorsement must be obtained from the agency's
accountable officer through corporate audit and risk
committee.
15. Queensland Government Chief Information Office
Reporting requirements:
• Agencies must submit an endorsed Information Security
Compliance Checklist annually by 30 October every year to
the Queensland Government Chief Information Office.
• Endorsement must be obtained from the agency's
accountable officer through corporate audit and risk
committee.
• Communicate incident response activities and threat
intelligence to the Queensland Government Chief Information
Office.
16. Queensland Government Chief Information Office
Information Security Classification Framework (QGISCF)
Consistent classification of
information helps Queensland
government agencies make more
informed and timely decisions about
how they should capture, store,
maintain, transmit, process, use and
share information to best deliver
services to Queenslanders.
17. Queensland Government Chief Information Office
Benefits of stronger adoption of ISO 27001
• Stronger focus on the elements of governance & accountability
• Move from a compliance to a risk management based approach
• Establish sustainable process improvement
• Common language assists in aligning requirements when using cloud and
managed ICT services
• Leverage the capabilities in the market
18. Queensland Government Chief Information Office
Approach
Focus on establishing effective governance & accountability
Improve risk management capability
The control objectives haven’t changed significantly
Certification is not required, but may be used.
19. Queensland Government Chief Information Office
What does information security need to look like
Cyber Security is a Business Risk not just an IT Problem.
Integrated into enterprise risk management
Business engagement essential
Considering information security risk in all operations
Design with assurance in mind
20. Queensland Government Chief Information Office
Further Details
QGCIO Website
https://www.qgcio.qld.gov.au/information-on/information-security/
QGCIO email
qgcio@qgcio.qld.gov.au
21. Testing Within Government
Showcase
7 December 2018
QUT Gardens Point
Gardens Theatre
9am – 11am
4 Government agencies – 4 SME’s collaborating to make a difference