Office of the State Chief Information Officer

State Technology Update - November 12, 2009

OIS Logo

California Releases First-Ever Information Security Strategic Plan

The California Office of Information Security (OIS) today announced the release of California's first-ever Information Security Strategic Plan. The five-year plan provides a statewide vision for how California will address and implement cyber security controls to provide the critically-needed protections to better secure California government's sensitive assets and information.

"It is critical that California modernizes its information security program throughout our various state agencies. As our state's first enterprise Chief Information Security Officer, I am pleased to take these important steps, to outline a direction toward better training, best practices and an overall improved security infrastructure," said Mark Weatherford, Chief Information Security Officer. “The challenges of cyber security have been referred to as a ‘Perpetual Arms Race, between hackers and criminals on one side and enterprises and governments on the other side.' In California, we are confronting the challenges in a coordinated and efficient fashion that will increase protections for the citizens and businesses of this state."

"The strategies set forth in this plan are fundamental to California's overall vision of how information technology will be used in the future. They provide the strategic framework for the protection of state technology assets, and they will engender trust from citizens looking to interact with their government online," said Teri Takai, California's Chief Information Officer. "All of us, from California's executive leadership to every state employee, citizen, business, and state government partner, play a role in securing our state's systems and protecting the personally identifiable information entrusted to us daily."

The strategic plan is both aspirational and enabling; projecting California's Information Security future through five broad strategic concepts:

  • A digital infrastructure that is resilient, secure and trustworthy,
  • Making Internet use a safer experience for Californians,
  • A secure, trustworthy digital identity for every California citizen,
  • Security as an enabler of more efficient technology; and
  • Effective security that enhances collaboration and delivery of services.

These strategic concepts constitute the California Information Security Strategic Plan and were produced through a collaborative methodology. That collaboration included interviewing and conducting workshops with more than 200 state Chief Information Officers, Chief Information Security Officers, and IT professionals from numerous state agencies. The collaboration also included significant market research and extensive peer review that validated both the process and the results.

A division of the Office of the Chief Information Officer, the OIS is the primary state government authority in ensuring the confidentiality, integrity, and availability of state systems and applications, and ensuring the protection of state information. The office represents the State to other government entities, higher education, private industry, and others on cyber security-related matters.

Media Contact: Bill Maile (916) 549-2845

####

OCIO Home | Subscribe | Unsubscribe