Embed Size (px)
Citation preview
Know the Client • Own the Problem • Share the Solution
The 2005 Case for Information Technology Security
October 14, 2004
Know the Client • Own the Problem • Share the Solution
From an executive perspective …
What are the latest Information Security Issues?
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Is there really an active threat to Michigan government?
• 30,000 virus attacks stopped daily• 100,000 hacking attempts stopped
monthly• 800 worker hours of productivity lost
due to attacks in an average month• 600 DIT staff hours used to restore
service due to attacks in an average month
Know the Client • Own the Problem • Share the Solution
Homeland Security Grant Projects
Critical IT Infrastructure Protection Program
Know the Client • Own the Problem • Share the Solution
Program Overview
• Program encompasses 12 separate but related projects that focus on prevention, detection, and response to cyber threats and incidents against critical State of Michigan IT infrastructure
• All projects meet the goals and objectives required by Statewide Homeland Security Strategy
• Funded by grant dollars from Department of Homeland Security
Know the Client • Own the Problem • Share the Solution
Critical Infrastructure IT Protection Projects
• What: Fixed Generators for State’s Data Centers
• What: Security events correlation collected by isolated systems (IDS, firewalls, SMTP anti-virus scanner, etc)
• What: Firewall technologies for the internal State network placed at each of the hosting centers to provide protection for internal zones
• What: Intrusion detection devices and systems for internal protected zones and the extranet made visible to the IDS systems
• What: Network portal system that provides encryption to user data without the need for client side applications. Commonly referred to as SSL VPN
• What: Permanent, dedicated and secure, remote-controlled network monitor/analyzer shared between the connections to the Public Internet and server farm infrastructure at the Tier III hosting centers
Know the Client • Own the Problem • Share the Solution
Critical Infrastructure IT Protection Projects
• What: Decoy Server using honeypot technology provides early detection of internal, external, and unknown attacks
• What: Network penetration tests to identify vulnerabilities
• What: GIS information system for DIT Emergency Coordination Center
• What: Software to reduce spam email entering the State’s email systems
• What: Software preventing access to web sites that are deemed risks to the State's network and systems; spyware filter
• What: Implement documented formal methods for the application of forensic risk analysis and risk management of information systems
Know the Client • Own the Problem • Share the Solution
Know the Client • Own the Problem • Share the Solution
Michigan Cyber Security Success Stories
--- 2003 NASCIO Award for The Secure Michigan Initiative (Enterprise Risk Assessment)
--- 2004 NASCIO Award for Michigan Critical Incident Management System
--- Cyber Terrorism Exercise in July 2004
Know the Client • Own the Problem • Share the Solution
Contact Information:
Dan Lohrmann Michigan CISO
e-mail: [email protected]: (517) 241-4090
