Investor Presentaiton
9
Technology
Process / Policy
Organization
Roadmap Recommendations
"
Build Foundation
Governance
Establish organization
COO, CISO, Deputy CISOS
CPO
Awareness, training and talent
End user awareness and training
program
Training and professional
development
Internship and campus recruiting
program
Security framework
Security risk assessments
Security policy
Data classification
Agency risk profile
■
Data protection
Secure network engineering
Threat monitoring and control
Continuous vulnerability assessment
and remediation
Π
Evolve
Job performance expectations
framework for Information Security
workforce
Joint performance reviews of agency
ISOs
Identify talent strategies
Work with universities to evolve
cybersecurity programs
Security policies, procedures and
standards complementing agency
specific policies, procedures, and
standards
Agency security plans
Incident response team - Digital first
responders
Establish ongoing compliance program
Agency security shared services
Continuous threat and vulnerability
management
Expand data protection
Identity and access management
Cyber threat analytics and intelligence
"
Leading in Class
Effective and collaborative governance
Grow and retain talent
Broad professional development
Metrics and monitoring
Mature cybersecurity talent sourcing
program with local universities
Automated security functions allow for
automated identification, prevention and
closure of risks
Secure self-healing Infrastructure
Implement governance, risk, and
compliance tools
Develop agency centers of excellence
This presentation is intended solely for the information and internal use of the State of South Carolina, and is not intended to be and should not be used by any other person or entity. No other
person or entity is entitled to rely, in any manner, or for any purpose, on this draft presentation.View entire presentation