The Office of the Chief Information Security Officer (OCISCO) protects the confidentiality, integrity, and availability of the vast amounts of data maintained by State agencies to serve our citizens. The OCISCO is tasked with two very different but equally important missions which are carried out by the GRC (Governance, Risk and Compliance) Team and the Cybersecurity Operations teams.
The GRC Team provides an invaluable service by continually evaluating policy, measuring risk, and auditing compliance with cybersecurity best practices. Currently, the GRC team is engaged in an audit of FTI (Federal Tax Information) information with one of the State’s largest agencies.
The Cybersecurity Operations team is focused on protecting the data resources and infrastructure of the State of Alabama, while also providing incident response, security awareness, and testing of security technologies. The Cybersecurity Team recently implemented a new security tool called Splunk, which correlates data from multiple sources and compares them to other events in the past. The automatic correlation of events takes a lot of guess work out of security and helps bring to light events that would otherwise go unnoticed.
Please reach out to any of the OCISCO leadership team, if we can answer any questions or otherwise be of service!
Ryan Allen, Chief Information Security Officer – email@example.com
Joel Cook, Governance, Risk and Compliance – firstname.lastname@example.org
Michael Pruett, Cybersecurity Operations – email@example.com