Volume 14, Number 3
CIO Nelson Moe
Two guest speakers will inspire attendees at the Commonwealth Information Security Council’s sixth annual Information Security Conference for the Commonwealth of Virginia April 11–12 at the Altria Theater in Richmond.
Steve Uzzell will speak on the first day of the conference. Uzzell is an internationally renowned photographer and inspirational speaker whose assignments have taken him to all 50 United States and 30 countries. His photography has been used by corporations such as Boeing and IBM and in more than 100 publications including National Geographic, Smithsonian and Time.
As a speaker, Uzzell has taken his message of creativity and the power of ideas to more than 500 organizations, associations, corporations and colleges. He began his photography career as assistant to the editor of National Geographic and a member of its photographic staff. He struck out on his own in 1975 and today spends six months of the year traveling the world for his photographic clients and the rest as a teacher and inspirational speaker.
Jake Kouns, chief information security officer for Risk Based Security, will speak on day two. His company provides vendor risk ratings, vulnerability and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database and DataLossDB. Kouns is the founder of RVAsec, a Richmond-based security convention that brings top industry speakers to the Mid-Atlantic region.
He has presented at many security conferences, including those sponsored by well-known professional organizations and businesses, and is the co-author of Information Technology Risk Management in Enterprise Environments, Wiley, 2010, and The Chief Information Security Officer, IT Governance, 2011. He is interviewed frequently as an expert in the security industry by Information Week, eWeek, Forbes, PC World, CSO and CIO Magazine and has appeared on CNN.
Registration is still open. Program details are being finalized and will be posted as soon as practicable. Click the button below for registration and event details.
VITA, agencies and suppliers continue efforts to fully implement the multisourced infrastructure environment. Work continues on integration by the multisourcing service integrator of remaining suppliers, IT financial management, configuration management data base, request for solutions, required documentation, and other deliverables and milestones, which were due but not received by March 1. This will have minimal direct impact on agencies since the rollout of enhanced and new services is scheduled later in the year. VITA is working on a plan to resolve issues.
Meanwhile, the platform relationship office (PRO) is fully operational and leading the new era in commonwealth IT. VITA employees who are a part of the PRO were migrated into the new organization. The PRO is the leading force for VITA's transition to the new era of IT in the commonwealth.
Chad Wirz, executive director of the PRO, leads the team. Reporting directly to Chad are:
The PRO will reinforce industry best practices. It is supporting the commonwealth's need and VITA's goal to obtain top quality and comprehensive services from all of its new IT suppliers. It also will provide integrated services to agencies and other customers. The PRO seeks to operate cross-functionally at VITA to lead and improve services and processes. These roles have been mapped and those in the roles are working collaboratively to support service delivery and governance. The ultimate goal is to provide superior customer service.
An important component of the PRO is platform governance. The new governance framework balances both the agency business needs and enterprise needs. Together, the PRO and platform governance model will provide a stable framework that can incorporate change and exemplify agility. The multisourcing service integrator (MSI) will support the PRO leadership in the execution of the platform governance and work to ensure the new service delivery model is successful.
There’s good news to report about VITA’s enterprise cloud oversight service (ECOS). The time for ECOS assessment processing is down significantly, compliance with commonwealth security standards is reducing risks related to use of the cloud and there are potential cost decreases. ECOS provides oversight functions and management of cloud-based services specifically focused on software as a service (SaaS). The service assures compliance and improves security by providing transparency through VITA oversight.
Metrics show the average time for ECOS assessment processing of agency requests is down by approximately 50 percent, from 155 days to 76 days. The ECOS process is helping reduce security risk and alleviating the burden on agencies to ensure suppliers are complying with security standards. As the ECOS-approved suppliers list has grown, agencies can leverage providers whose solutions have already been assessed saving the one-time assessment fee. Additionally, we anticipate a reduction in the cost of ECOS oversight in fiscal year 2020. For more information about ECOS, visit the online VITA service catalog.
The new Cloud-Based Hosting Topic Report is posted on the VITA website at https://www.vita.virginia.
This report provides direction on how the state government will create, govern and utilize cloud-based hosting services. The report adopted or built upon international, federal/national and/or widely adopted IT guidance. It was posted for review and all comments were carefully evaluated and the individual commenters were notified of the action taken.
The Cloud-Based Hosting Topic Report applies to everyone providing and managing the provision of cloud-based hosting services for commonwealth IT solutions, including those not considered part of the VITA enterprise.
Governor Ralph Northam recently announced four appointments to the E-911 Services Board. The E-911 Services Board supports and assists in the provision of 9-1-1 operations and services; plans, promotes and assists in the development, deployment and maintenance of a statewide emergency services IP network; and consults with state and local entities and organizations in other states as needed. VITA is the sponsoring agency.
Joining the board are:
Board members appointed by the governor serve five-year terms.