The Department of Information Resources (DIR) has released a Security Services Guide to help state agencies with their cybersecurity work.
Made available on the department’s website in July, the guide offers customers a place to learn how, when and where to get assistance and support from the Office of Chief Information Security Officer (OCISO) team, a news release states.
The guide also was an opportunity to ensure that customers know about some expanded services, Hilliard said.
“Senate Bill 475 that passed last session, we were charged with starting up a voluntary incident response team and a regional security operation center,” she said, adding that the guide can “assist us in recruiting volunteers to assist in a major incident response.”
“A couple of parts in the guide that might be really interesting are the reporting requirements … and the eligibility page,” Hilliard said.
The eligibility guide lists the types of services the OCISO offers to which state agencies, and which services are free vs. billed.
Other sections include:
- DIR Cybersecurity Operations at the Network Security Operations Center (NSOC).
- Education and Training.
- Outreach and Growth.
- Technology Services.
- Purchasing IT Services.
- The DIR Resource Library.
- Other Resources and Partner Organizations.
Hilliard described her role in the project as a content reviewer who also “had input into the look and feel of the guide.”
She said that the assigned staff spent about three or four months to complete the guide and that the most challenging part was “how to organize it in a way that makes sense.”
The OCISO sets state information security policies and standards, publishes guidance on best practices and coordinates security services.
