Wednesday, December 13, 2017

Information Security Office (ISO)

The Information Security Office's (ISO) mission is to protect and maintain the confidentiality, integrity, and availability of information and IT assets within Riverside County. The goal of the ISO is to implement effective security controls and security operations to prevent cyber intrusions into the County's networks.

ISO Responsibilities:
  • Promote the awareness of information security to all County employees;
  • Prevent/minimize data leakage and disruptions to application and network services;
  • Perform incident management and response to cyber security threats;
  • Manage the risk of security exposure, compromise, and intellectual property;
  • Monitor systems for anomalies such as asset misuse, loss, or unauthorized disclosure;
  • Ensure countywide compliance with State & Federal statutes and regulations
ISO Core Services:
  • Governance
    • Develop Information Security Policies, Standards, Guidelines, & Training
  • Risk Management
    • Risk Analysis, Vulnerability Assessment, and Penetration Testing
  • Compliance
    • HIPAA, HITECH, CJIS/CLETS, PCI DSS, CA Information Protection Act
  • Cyber Security Operations
    • 24/7 Security Monitoring, Breach Detection, Incident Management, Cyber Intelligence Situational Awareness, and Security Advisory Notifications
  • Digital Forensics & eDiscovery
    • HR Investigations, Public Records Requests, Legal Holds, eDiscovery Requests, Digital Forensics Incident Response (DFIR)