The Office of the Chief Information Security Officer (OCISO) protects the confidentiality, integrity, and availability of the vast amounts of data maintained by state agencies to serve our citizens. The OCISO is tasked with two very different but equally important missions which are carried out by the Government Governance Risk Compliance (GRC) team and the Cybersecurity Operations team.
The GRC team provides an invaluable service by continually evaluating policy, measuring risk, and auditing compliance with cybersecurity best practices. Currently, the GRC team is engaged in an audit of Federal Tax Information (FTI) with four of the state’s largest agencies.
The Cybersecurity Operations team is focused on protecting the data resources and infrastructure of the state of Alabama, while also providing incident response, security awareness, and testing security technologies. The Cybersecurity team recently implemented the new Splunk security tool, which correlates data from multiple sources and compares it to other events in the past. The automatic correlation of events takes a lot of guess work out of security and helps bring to light events that would otherwise go unnoticed.
Please reach out to any of the OCISO leadership team if we can answer any questions or be of service!
Ryan Allen, Chief Information Security Officer – firstname.lastname@example.org
Joel Cook, Governance, Risk and Compliance – email@example.com
Michael Pruett, Cybersecurity Operations – firstname.lastname@example.org