Security Committee Initiatives and Accomplishments

2007-2008

Note Related to Projected 2007-2008 Initaitives:

Italics indicates initiatives added at the July 13, 2007 Forum Planning Session
Numbers in parenthesis indicate votes cast for the initiative at the July 13, 2007 Forum Planning Session.

The objective of the Security committee is to work in collaboration with state and local agencies to develop education and training opportunities and tools that address cyber security issues.

2006-2007 Accomplishments

  • The strong alliance with CSCIC continues, providing six relevant webcasts on security-related issues. The audience has expanded to international participants!! There were over 10,000 simultaneous viewers of the Kids On-line webcast. Webcasts this year included: Instant Messaging, Kids Safe On-line, Cyber Security, What does the Future Hold?, Digital Forensics, Mobile Security and Encryption, and Security Policy Enforcement. Additional sessions coming up include: Botnets, October Kids Conference and Emerging (security) Technologies. Additionally, the IT Corporate Roundtable committee members have agreed to support the Kids Safe On-line conference in October 2007.
  • Continued to offer support to the CIO committees on security and identity access management.
  • Offered a session supporting the NYS mobile security and encryption policy

2007-2008 Projected Initiatives

  • Continue to support CSCIC in providing international webcasts on security and include topics such as: IAM for dummies; ROI of security; Back to Basics.
  • Coordinate with the Web Masters' Guild to provide a session on application security--tentatively scheduled for October (2)
  • Provide support to the CIO committee members addressing IAM. Provide additional resources to the CIO committee for educational presentations on Identity and Access Management.
  • Create a resource directory of Security information, solutions, relevant links, white papers and companies. Development of this repository could include expansion to support other committees.
  • IAM health check audit/assessment corresponding to the guidelines provided by the CIO committee (2)
  • Work with groupings of small agencies to identify and assist with addressing security needs.
  • Revisit return on investment issues for use by agency information security officers (ISOs).
  • Facilitate a session on IAM to educate non-technology oriented staff as to why it is important (1)
  • Engage CTG to present to non-technology oriented policy level leadership on the public value (ROI) of security (6)
  • Assume that NY will participate in Real ID and support DMV with creating awareness (1)