ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson...
Transcript of ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson...
![Page 1: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/1.jpg)
1
ISOAG Meeting December 7, 2016
Welcome to CESC
www.vita.virginia.gov
![Page 2: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/2.jpg)
2
Welcome and Opening Remarks
Michael Watson
December 7 , 2016
www.vita.virginia.gov 2
![Page 3: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/3.jpg)
3
ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks Mike Watson, VITA
II. Data Governance Zacc Allen, DOC
III. Social Media Records Retention Glenn Smith, LOV
IV. Central ISO IT Security Audit Services Ed Miller, VITA
V. Upcoming Events Mike Watson, VITA VI. Partnership Update Northrop Grumman
![Page 4: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/4.jpg)
4
ISOAG December 7, 2016 Agenda
Presentation for Zaac Allen, DOC Will be posted after today’s meeting.
![Page 5: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/5.jpg)
Social Media Records: What’s There to Manage and Secure??
Glenn Smith
Records Management Analyst
- VITA ISOAG 2016.12.07
![Page 6: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/6.jpg)
What is a public record? . . . documents a
transaction or activity . . .
Regardless of physical form or characteristic . . .
. . . is produced, collected, received or retained in pursuance of law or in connection with the transaction of public business.
COV § 42.1-77
![Page 7: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/7.jpg)
What is an electronic record? A record created, communicated, and/or stored by
automated means and that requires a system to render it comprehensible by humans.
Formats include: Word processing files Databases Spreadsheets PowerPoint presentations E-mail Scanned images Web sites Multimedia files
Storage Media Include: Hard Drives Floppy Disks 8”, 5 ¼, 3 ½ CDs / DVDs Optical Disks Tape: Magnetic / Optical Networked Servers
![Page 8: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/8.jpg)
e-Recs
websites
Databases
PowerPoint
Scanned images
Multimedia files
Digital Pix
![Page 9: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/9.jpg)
Responsibility for electronic records
The agency shall be responsible for ensuring that its public records are preserved, maintained, and accessible throughout their lifecycle, including converting and migrating electronic records as often as necessary so that information is not lost due to hardware, software, or media obsolescence or deterioration. Any public official who converts or migrates an electronic record shall ensure that it is an accurate copy of the original record. The converted or migrated record shall have the force of the original. COV § 42.1-85
![Page 10: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/10.jpg)
~Stephano493
![Page 11: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/11.jpg)
Electronic records challenges • Platform obsolescence (think Myspace)
• Ensuring record integrity
• Maintaining records in a way that will enable
retrieval of all information relevant to an activity/interaction
• Select which record series is appropriate
![Page 12: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/12.jpg)
Metadata
• Data describing context, content, and structure of records and their management through time
• Loss through screen-shotting SM
![Page 13: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/13.jpg)
Discoverability and liability
• SM records subject to the same accessibility requirements as other public records. • Exempt from access by the public only if they fall within the exemptions provided under FOIA.
![Page 14: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/14.jpg)
Questions?
Glenn Smith Records Management Analyst [email protected]
All forms and schedules, as well as additional
resources, available at: www.lva.virginia.gov/agencies/records
![Page 15: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/15.jpg)
15
Central ISO & IT Security Audit Services
Ed Miller Director IT Security Governance
![Page 16: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/16.jpg)
16
Central Services • To date, we have 29 agencies signed up for
services.
• We have hired a Director Centralized IT Security Audit Services.
• The Director for ISO Services was previously posted and we were not able to fill it. It has been re-posted thru Dec 16th. If you previously applied, please apply again if you’re still interested.
![Page 17: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/17.jpg)
17
Central Services • Also posted or soon to be posted:
• 2 Central IT Security Audit staff positions • 2 Central ISO staff positions • 1 IT Security Governance Analyst position • 1 IT Risk Management Analyst position • 1 Incident Response Analyst • 1 Web Vulnerability Scan Analyst
![Page 18: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/18.jpg)
18
Central Services Audits:
• We have signed an SOW with an auditing firm.
• 3 agencies are now in the process of audits for
their sensitive systems thru this SOW.
• The Central IT Audit Director is in the process of scheduling & prioritizing the rest of the audits
![Page 19: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/19.jpg)
19
Central Services ISO Services:
• Centralized ISO Services will complete the NCSR
surveys for all enrolled agencies
• The small-agency analyst has already been working with several of the agencies that have enrolled.
• We have also hired an IT security contractor who will start to work soon.
![Page 20: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/20.jpg)
20
Central Services Summary
• Audits have started
• ISO work has started
• Hiring is underway
• We will be contacting you soon for scheduling
![Page 21: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/21.jpg)
21 www.vita.virginia.gov 21
Upcoming Events
![Page 22: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/22.jpg)
22
SANS Winter Buy Window The SANS Winter Buy Window runs from Dec 1, 2016
through Jan 31, 2017.
During this time, you’ll be able to take advantage of the Center for Internet Security’s (CIS) partnership with
SANS.
SANS training is available during the buy-window at up to 70% off the regular price.
http://www.sans.org/partnership/cis
![Page 23: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/23.jpg)
23
IS Orientation
When: Thursday, December 8, 2016 Time: 9:30 – 11:30 am Where: CESC , Room 1221 Presenter: Bill Freda Register here: http://vita2.virginia.gov/registration/Session.cfm?MeetingID=10
![Page 24: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/24.jpg)
24
Future ISOAG
January 4, 2017 1:00 - 4:00 pm @ CESC
Speakers: John Musgrove, VITA
ISOAG meets the 1st Wednesday of each month in 2016
![Page 25: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/25.jpg)
25
OSIG Training Course: Integrating Cybersecurity in SDLC
Instructor: David Cole / SysAudits Inc. Location: CESC
Dates: Feb 14-15, 2017 CPE: 16.0 hours
Price: $350
https://osig.virginiainteractive.org
![Page 27: ISOAG Meeting December 7, 2016...Welcome to CESC 2 Welcome and Opening Remarks Michael Watson December 7 , 2016 2 3 ISOAG December 7, 2016 Agenda I. Welcome & Opening Remarks II. Data](https://reader033.fdocuments.net/reader033/viewer/2022041912/5e67c15ff660343c622e5672/html5/thumbnails/27.jpg)
27
ADJOURN THANK YOU FOR ATTENDING
Picture courtesy of www.v3.co.uk