Password:
RECIPIENT: Michigan Security 2.0: Next Generation Security Program
The Internet has changed everything, including government opportunities to serve the public in new, innovative ways. Not only have Michigan citizens come to expect secure e-government transactions and ease of use, the public is now calling for a new generation of Web 2.0 transactions with a new level of collaboration. Two essential keys to success are ensuring that the state moves forward in a secure manner that addresses the serious challenges that come with these new technologies, while at the same time addressing traditional cyber threats posed by the internet and other security risks. “I don’t think there’s a CIO in the country that hasn’t lost sleep over security and privacy. We feel honored to be recognized for our work in information security and privacy. In times of increasing threats to security and diminishing budgets, I am proud of the measures we have been able to put in place to protect Michigan and of our success in defending our information from daily attacks.” Teri Takai, CIO, State of Michigan
A recent study by a local consulting firm showed that Michigan citizens feared identity theft more than they feared the loss of a job, home foreclosure or a terrorist attack. Security 2.0 addresses these fears by placing cyber protection at the top of the priority list as Michigan moves forward with infrastructure enhancements for Web 2.0 applications.
One of the goals in forming the Michigan’s Department of Information Technology in 2002 was strengthening the central policymaking and direction-setting in the area of security and data protection. The initial (1.0) Secure Michigan Initiative Program improved the availability, confidentiality and integrity of Michigan systems while ensured that newly added e-government services were also protected.
Michigan’s Security 2.0: Next Generation Security Program was started to deal with the changing internet threat profile. Through a defense-in-depth architecture, the program mitigated a number of the major internet risks associated with offering services over the internet. The program encompassed 15 projects that were planned in 2004 and implemented between 2005 and 2007. It supported the following initiatives: Enterprise Filtering initiatives, Vulnerability Assessment initiatives and Security and Readiness Response initiatives.
This program has had many positive benefits to both government operations and the public. It protected the network from over 91 million viruses last year; reduced the amount of hardware and software necessary to operate the e-mail system; protected the network bandwidth available for state operations; reduced IT costs by reducing the number of field service calls made to remove malware from workstations; preserved the state’s reputation by preventing 11.4 million attempts to deface public websites; and kept critical programs operational by eliminating over 3.2 million internet browser based compromises.
Whether an organization is small or large, a local or a state government, or a K-12 school or university, there are elements in the Security 2.0: Next Generation Security Program that can be applied to address internet challenges.
Security 2.0 has not only had a positive impact on securing Michigan’s technology infrastructure, this program has yielded an annual return on investment of over $10.7 million. Even more importantly, legislators and senior executive leaders in the state have praised this program as being innovative and timely.
RECIPIENT: Pennsylvania Pennsylvania Information Security Architecture
The Commonwealth of Pennsylvania is a trusted steward of citizen information. To ensure the confidentiality, integrity and availability of data and services, the commonwealth recognizes the need to have enterprise policies, standards and views of the state of security within the government. "The Commonwealth of Pennsylvania is honored to accept this award. In the rapidly evolving security landscape, the Commonwealth continues it’s commitment to securing our IT resources, protecting our citizens, and ensuring best security practices through a multi-layered approach utilizing a multitude of Information Security technologies. We remain vigilant and will continue to build upon our strong foundation supporting our current commitments well into the future." Kristen Miller, CIO, Commonwealth of Pennsylvania
In the past several years, the commonwealth has implemented many solutions and technologies to improve connectivity and sharing between commonwealth entities, with external business partners, and with citizens. These solutions have resulted in increased productivity and reduced costs, but have also led to greater information technology security risks related to increased connectivity.
The Office of Administration, Office for Information Technology (OA/OIT), is an executive agency responsible for leading and coordinating information technology services in the commonwealth. In the past two years, OA/OIT has initiated several information security initiatives which together, make up the Information Security Architecture.
The Pennsylvania Information Security Architecture consists of the following initiatives and frameworks:
The enterprise patch management solution allows easy identification of vulnerable systems and saves an estimated $6 million per year in time savings from its automation capabilities. Additionally, the commonwealth estimates it has saved over $33 million in avoidance of lost productivity caused by virus and worm outbreaks.
NOMINATIONS: Click on the link to download program submission.
Alabama Alabama’s Comprehensive Information Security Program
Colorado Colorado Cyber Security Program
Delaware digiKNOW Cyber Security Awareness Campaign
Indiana Personal Information Identified & Protected. Period.
Kentucky Real Time Digital Surveillance
Missouri Missouri IT Consolidation
Utah Utah Security Awareness Program
Return to 2007 Awards Main Page
