2020 prioritization of cybersecurity legacy modernization
play

2020 Prioritization of Cybersecurity & Legacy Modernization - PowerPoint PPT Presentation

Mar 20, 2023 •350 likes •827 views

2020 Prioritization of Cybersecurity & Legacy Modernization Projects July 14, 2020 Transforming How Texas Government Serves Texans AGENDA Introductions Background & Purpose Content Overview SPECTRIM Demonstration

  1. 2020 Prioritization of Cybersecurity & Legacy Modernization Projects July 14, 2020 Transforming How Texas Government Serves Texans

  2. AGENDA • Introductions • Background & Purpose • Content Overview • SPECTRIM Demonstration • Process & Submission • Q&A Transforming How Texas Government Serves Texans

  3. INTRODUCTIONS Chief Technology Office • John Hoffman | Interim State CIO, Chief Technology Officer • Krishna Edathil | Director, Enterprise Solution Services • Robert Benejam | Enterprise Architect, Enterprise Solution Services Office of the Chief Information Security Officer • Nancy Rainosek | State Chief Information Security Officer • Matt Kelly | Governance, Risk, & Compliance Program Manager Transforming How Texas Government Serves Texans

  4. Overview & Purpose John Hoffman Nancy Rainosek Transforming How Texas Government Transforming How Serves Texans Texas Government Serves Texans

  5. OVERVIEW Section 2054.069, Government Code entitled Prioritized Cybersecurity and Legacy Systems Projects Report requires the Texas Department of Information Resources (DIR) to report on state agency cybersecurity projects and projects to modernize or replace legacy systems, as defined by Section 2054.571, Government Code to the Legislative Budget Board (LBB) no later than October 1 of each even-numbered year. Transforming How Texas Government Serves Texans

  6. STATUTE Sec. 2054.069. PRIORITIZED CYBERSECURITY AND LEGACY SYSTEM PROJECTS REPORT. (a) Not later than October 1 of each even-numbered year, the department shall submit a report to the Legislative Budget Board that prioritizes, for the purpose of receiving funding, state agency: (1) cybersecurity projects; and (2) projects to modernize or replace legacy systems, as defined by Section 2054.571. (b) Each state agency shall coordinate with the department to implement this section. (c) A state agency shall assert any exception available under state or federal law, including Section 552.139, in response to a request for public disclosure of information contained in or written, produced, collected, assembled, or maintained in connection with the report under Subsection (a). Section 552.007 does not apply to information described by this subsection. Added by Acts 2019, 86th Leg., R.S., Ch. 509 (S.B. 64), Sec. 12, eff. September 1, 2019. Transforming How Texas Government Serves Texans

  7. PURPOSE • The PCLS Project Questionnaire provides agencies with the opportunity to demonstrate the risks and potential impacts of not funding cybersecurity or legacy systems modernization projects. • DIR will use the responses provided in the PCLS Project Questionnaire along with the Application Portfolio Management (APM) assessment responses of the business applications associated with the project in determining the project prioritization that will be sent to the LBB by October 1, 2020. Transforming How Texas Government Serves Texans

  8. BACKGROUND • Legacy Systems Study, HB 1890 (84R) 2014 • 1 st PCLS (Reported for 85R) 2016 • 2 nd PCLS (Reported for 86R) 2018 • APM Assessments w/ IRDR • 3 rd PCLS ( Reporting for 87R) • PCLS Codified 2020 Transforming How Texas Government Serves Texans

  9. QUESTIONNAIRE COMPONENTS • Part 1: General Information • Part 2: Associated Business Applications • Part 3: Cybersecurity Issues and Controls • Part 4: Legacy Issues • Part 5: Probability Determination • Part 6: Impact Determination • Instructions Document Transforming How Texas Government Serves Texans

  10. General Information Part 1 – All Projects Krishna Edathil Transforming How Texas Government Serves Texans

  11. PART 1 – GENERAL INFORMATION • 18-24 questions • Project Narrative • Project Type • LAR/Funding Information • Project Characteristics Transforming How Texas Government Serves Texans

  12. PROJECT TYPE Cybersecurity Projects must possess at least one of the following criteria: ► The project’s primary purpose must be improving the organization’s cybersecurity or enhancing the organization’s capability to identify, detect, protect, respond, or recover from cybersecurity threats and vulnerabilities. ► The project must have clear objectives that will improve the organization’s cyber maturity as measured in the biennial information security plan. Legacy Modernization Projects must possess at least one of the following criteria: ► The project’s primary purpose must be modernizing the agency’s legacy systems as defined in Sec. 2054.571, Government Code. “Legacy system" means a computer system or application program that is operated with obsolete or inefficient hardware or software technology. ► The project must also be intended primarily to support continued systems currency through monitoring the agency’s application portfolio and IT infrastructure. NOTE: Projects for the 87 th legislature are now either one or the other. Transforming How Texas Government Serves Texans

  13. Related Business Applications Part 2 – All Projects Robert Benejam Transforming How Texas Government Serves Texans

  14. PART 2 – RELATED BUSINESS APPLICATIONS A Business Application name is the high-level label used by an agency to easily identify a group of functions provided by one or more systems to accomplish the specific business needs of the agency. A Business Application is typically a combination of integrated hardware and software (including data and applications), internally developed custom systems, commercial off the shelf (COTS) applications, and/or customized third-party systems. Transforming How Texas Government Serves Texans

  15. PART 2 – RELATED BUSINESS APPLICATIONS Information Resources Application Portfolio Prioritization of Cybersecurity and Deployment Review Management Assessments Legacy Systems Projects March 31 Prior to PCLS Submission Agency LAR Due Date IRDR APM PCLS  Inventory applications  Complete application APM  Associate applications to  Determine applications to assessments as determined relevant project questionnaires assess Transforming How Texas Government Serves Texans

  16. PART 2 – RELATED BUSINESS APPLICATIONS All applications associated with a PCLS project must… 1. have an APM assessment completed within the last four years and 2. have the required fields completed in the application record Directly Related • the business applications related to the project are directly impacted by the project (replaced, modernized, consolidated, improved, etc.). Indirectly Related • the business applications that receive a secondary benefit from the project. Transforming How Texas Government Serves Texans

  17. PART 2 – RELATED BUSINESS APPLICATIONS Transforming How Texas Government Serves Texans

  18. Cybersecurity Issues & Controls Part 3 – Cybersecurity Projects Only Matt Kelly Transforming How Texas Government Serves Texans

  19. PART 3 – CYBERSECURITY ISSUES & CONTROLS Cybersecurity Issues • Narrative of the existing issues, challenges, and future considerations concerning cybersecurity as it relates to the project. What’s the problem? Cybersecurity Controls • Narrative of the current safeguards/countermeasures in place that would lower the probability or lessen the impact of security incidents if the project is not funded. How’s it handled now? Transforming How Texas Government Serves Texans

  20. Legacy Issues Part 4 – Legacy Projects Only Krishna Edathil Transforming How Texas Government Serves Texans

  21. PART 4 – LEGACY ISSUES • 14-16 questions • Modernization Benefits • Cost-Benefit Analysis & Methodology • Modernization Scope (servers & software) • System Characteristics Transforming How Texas Government Serves Texans

  22. COST-BENEFIT ANALYSIS – BUSINESS CASE WORKBOOK Transforming How Texas Government Serves Texans

  23. COST-BENEFIT ANALYSIS – BUSINESS CASE WORKBOOK Transforming How Texas Government Serves Texans

  24. Probability & Impact Determination Parts 5 & 6 – Cybersecurity Projects Only Matt Kelly Transforming How Texas Government Serves Texans

  25. PART 5 – PROBABILITY DETERMINATION PART 6 – IMPACT DETERMINATION 7 questions 8 questions • Threat Capability • Reputational Impacts • Incentive • Operational Impacts • Control Effectiveness • Physical Impacts • Control Reliability • Legal Impacts • Threat Event Frequency • Financial Impacts • Asset Exposure Probability Impact Transforming How Texas Government Serves Texans

  26. SPECTRIM PCLS DEMO Collection Tool Matt Kelly Transforming How Texas Government Serves Texans

  27. Logging in

  28. Navigation

  29. Support Request

  30. New PCLS Record

  31. Delegating a Record

  32. Transforming How Texas Government Serves Texans

  33. Looking up Business Applications

  34. Return to Existing Record

  35. Submitting a Record

  36. Exporting a Questionnaire

Recommend

How to Perfect Your Legacy Strategy: A Mainframe Modernization Case Study Galen Silvestri, Senior

How to Perfect Your Legacy Strategy: A Mainframe Modernization Case Study Galen Silvestri, Senior

How to Perfect Your Legacy Strategy: A Mainframe Modernization Case Study Galen Silvestri, Senior Solutions Engineer GigaSpaces October 29 th , 2020 Mainframes Are Here to Stay Assembly of IBM 1401, Circa 1960 COBOL is Still Among Us Reuters

471 views • 19 slides
Predictive Prioritization Focusing On What Matters First Tas Jalali, CISSP, CISM, CEH

Predictive Prioritization Focusing On What Matters First Tas Jalali, CISSP, CISM, CEH

Predictive Prioritization Focusing On What Matters First Tas Jalali, CISSP, CISM, CEH Principal Security Engineer Vulnerability Management In Brief A Assess Legacy and A Modern Assets Remediate Intelligent R Prioritization M R

256 views • 21 slides
MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in Children v. 13-16 Legacy in Eternity v. 17-31 LEGACY IN MARRIAGE 2 Schools of thought 1. Rabbi Sammai- Strict interpretation. Divorce only

775 views • 9 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
HIT MODERNIZATION PROJECT HHS // IHS HIT Modernization Project PROJECT PURPOSE The HHS IHS HIT

HIT MODERNIZATION PROJECT HHS // IHS HIT Modernization Project PROJECT PURPOSE The HHS IHS HIT

HHS // IHS HIT MODERNIZATION PROJECT HHS // IHS HIT Modernization Project PROJECT PURPOSE The HHS IHS HIT Modernization Project is sponsored by the U.S. Department of Health and Human Services Office of the Chief Technology Officer (HHS OCTO)

712 views • 13 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
BOARD March 17, 2015 AGENDA > Call to Order > HR/P Modernization Update > UW-IT Service

BOARD March 17, 2015 AGENDA > Call to Order > HR/P Modernization Update > UW-IT Service

IT SERVICE INVESTMENT BOARD March 17, 2015 AGENDA > Call to Order > HR/P Modernization Update > UW-IT Service Portfolio Expenditures and Strategic Allocation > UW-IT Project Prioritization Approach Teaching & Learning

720 views • 38 slides
Prioritization 6.0 Workgroup Meeting #8 April 29, 2019 Desired Meeting Outcomes Reach

Prioritization 6.0 Workgroup Meeting #8 April 29, 2019 Desired Meeting Outcomes Reach

Wireless Access: RTPguest (May have to open web browser) Prioritization 6.0 Workgroup Meeting #8 April 29, 2019 Desired Meeting Outcomes Reach consensus on Aviation scoring Reach consensus on Highway Modernization Weights

883 views • 59 slides
IT Project Prioritization February 2020 IT Project Requests Overview 23 Project Requests 11

IT Project Prioritization February 2020 IT Project Requests Overview 23 Project Requests 11

IT Project Prioritization February 2020 IT Project Requests Overview 23 Project Requests 11 - IT Recommended Prioritization 4 - Outside Resource Scope 3 - Educational Technology Services 5 - Withdrawn ITS Committee Recommended

212 views • 8 slides
Steps to better cybersecurity in 2020 1. 1. Sele lect correct tools 2. 2. Monitor 3. 3.

Steps to better cybersecurity in 2020 1. 1. Sele lect correct tools 2. 2. Monitor 3. 3.

Steps to better cybersecurity in 2020 1. 1. Sele lect correct tools 2. 2. Monitor 3. 3. Cross analyse Sprawling Cybersecurity Tools Is Issue More tools, more problems. Companies have between 8 to 30 cybersecurity tools

453 views • 17 slides
Predictive Prioritization Focusing On What Matters First Elena Sergeeva Security Engineer

Predictive Prioritization Focusing On What Matters First Elena Sergeeva Security Engineer

Predictive Prioritization Focusing On What Matters First Elena Sergeeva Security Engineer VULNERABILITY MANAGEMENT TODAY Vulnerability Management In Brief A Assess Legacy and A Modern Assets Remediate Intelligent R

840 views • 19 slides
Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy

Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy

Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy and the spirit of Truc Lam Yen Zen Buddhism, the Legacy Yen Tu is an inspiring journey into the past. It offers travelers a stay filled with storied

688 views • 32 slides
TV Rhienland Cybersecurity Trends 2020 And the case for real-time cyber risk management in

TV Rhienland Cybersecurity Trends 2020 And the case for real-time cyber risk management in

TV Rhienland Cybersecurity Trends 2020 And the case for real-time cyber risk management in operational technology Cybersecurity in Aluminium Workshop February 27 th , 2020 McKinsey Global Institute predicts the global workforce will peak by

481 views • 9 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Welcome and Opening Remarks Richard Bailey Assistant Commissioner, DOS March 6, 2020 Agenda

Welcome and Opening Remarks Richard Bailey Assistant Commissioner, DOS March 6, 2020 Agenda

Welcome and Opening Remarks Richard Bailey Assistant Commissioner, DOS March 6, 2020 Agenda Cybersecurity - Foreign Travel - Risk Assessment - Software Cybersecurity Policy - Municipal Cybersecurity Update IT Strategic Planning 2

802 views • 44 slides
Who Gets Hous ho Gets Housing Fir ing First? st? Facilitated Discussion on Prioritization

Who Gets Hous ho Gets Housing Fir ing First? st? Facilitated Discussion on Prioritization

MAY 2019 Who Gets Hous ho Gets Housing Fir ing First? st? Facilitated Discussion on Prioritization following Coordinated Assessment / Validation and Psychometric Testing of the Vulnerability Index Service Prioritization Decision Assistance

538 views • 32 slides
L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The Legacy Residents Association was created for the homeowners of Legacy, with the intent of augmenting the lifestyle in Legacy. The goal is to create

1.18k views • 56 slides
L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G WELCOME The Legacy Residents Association was created for the homeowners of Legacy, with the intent of augmenting the lifestyle in Legacy. The goal

412 views • 40 slides
Considerations for COVID-19 Vaccine Prioritization Sarah Mbaeyi, MD MPH June 24, 2020 For more

Considerations for COVID-19 Vaccine Prioritization Sarah Mbaeyi, MD MPH June 24, 2020 For more

ACIP COVID-19 Vaccines Work Group Considerations for COVID-19 Vaccine Prioritization Sarah Mbaeyi, MD MPH June 24, 2020 For more information: www.cdc.gov/COVID19 Identifying priority groups for COVID-19 vaccination An essential roadmap for

776 views • 24 slides
Demystify Cybersecurity for Small and Medium Sized Manufacturers Webinar Webinar,

Demystify Cybersecurity for Small and Medium Sized Manufacturers Webinar Webinar,

Demystify Cybersecurity for Small and Medium Sized Manufacturers Webinar Webinar, September 17, 2020, 12:00-1:00 pm Webinar Agenda 1.Introductions 2.What is Cybersecurity? Why is it important? Cybersecurity Audit Prepare for

939 views • 61 slides
LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM

LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM

LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM Qubec , is comprised of 163 charitable organizations that support its mission which is to encourage the population of Quebec to make a planned

312 views • 18 slides
Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com Case Study Migrating Legacy.com Jordan Ryan Product Owner Ankur Gupta Lead Developer Bassam Ismail Front-end Lakshmi Narasimhan RESTful

458 views • 45 slides
CYBERSECURITY MATURITY MODEL CERTIFICATION V1.0 PRESENTED TO: DEFENSE ALLIANCE OF NC S&T

CYBERSECURITY MATURITY MODEL CERTIFICATION V1.0 PRESENTED TO: DEFENSE ALLIANCE OF NC S&T

NORTH CAROLINA MILITARY BUSINESS CENTER CYBERSECURITY MATURITY MODEL CERTIFICATION V1.0 PRESENTED TO: DEFENSE ALLIANCE OF NC S&T FORUM 13 FEB 2020 WWW.NCMBC.US What is CMMC? Unified cybersecurity standard for DoD acquisition

390 views • 22 slides
Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT - Research and Innovation of the NIS Platform 8 April 2014 CYBERSECURITY RESEARCH FRAMEWORK

441 views • 8 slides

More recommend