COT is aware of the great responsibility we have to protect the information we collect and maintain to support our services and those of the agencies we support. Our goal is to instill not only within COT but also within the entire Executive Branch, a culture of cyber-security around the information entrusted to us by the citizens and businesses of the Commonwealth and those with whom we do business.
Security threats change on a continual basis and both COT and agency staff must be aware of the trends in cyber-threats. Ongoing training efforts currently center on achieving a base-level understanding across the enterprise. COT currently offers a series of training sessions for COT staff and managers that include a comprehensive test to pass. Training for other state agency personnel and the public is planned for the future.
To ensure that state email inboxes are not flooded with spam, viruses, malware and other cyber-attacks, security checks are applied to the volumes of email transmitted through the state's network every month. Incoming email is categorized as 'valid' and directed to the correct inbox, or one of a variety of 'spam' categories that can stop the email completely if it's determined to contain a threat or it can be quarantined with a notice sent to the intended recipient that allows them to determine if they want it delivered or deleted. Outgoing email goes through a similar review.:
Daily/Monthly Attack Monitoring
Below are a few additional items to provide a sense of scale to what the Office of the Chief Information Security Officer staff monitor on a regular basis:
- An average of 683,000 packets of network traffic are system analyzed every second.
- An average of 5,200 events daily are system generated that require additional investigation, many of which are related to a common system, user or computer.