About the Office of the Chief Information Security Office (OCISO)

 

 Deputy Information Security Officer David J. CarterDavid Carter 
Chief Information
Security Officer

The Office of the Chief Information Security Officer (OCISO) is responsible for IT security functions. The Office works with the entire enterprise to establish the best security practices and risk management processes, and deploys strategies aimed at protecting and securing the Commonwealth's data. The Office also plays a major role in promoting security awareness.


  

 










COMPLIANCE BRANCH

Branch Manager: Elwyn Rainer, II


The Compliance Branch participates in 20+ audits annually that have an IT component. This ranges from the annual audits conducted by the Auditor of Public Accounts to audits conducted by regulatory entities such as the Internal Revenue Service and Social Security Administration. Enterprise level audits and those specific to COT are part of the work effort of this Branch. Agency specific audits are billed to the agency at the security consulting rate. This Branch works with agencies to ensure compliance with the Enterprise Control Framework and conducts assessments to measure effectiveness. This Branch drives the enterprise risk assessment conducted bi-annually to ensure ongoing compliance with the NIST framework and industry best practices to develop an ongoing strategic roadmap for security. Development of Enterprise Security Policy and processes are within the scope of responsibility of the Compliance Branch



DIRECTORY SERVICES BRANCH


The Directory Services Branch is responsible for the establishment  and management of an enterprise directory infrastructure that will provide effective and efficient state-wide authentication for computing resources. This includes the management of enterprise directory system level policies  that  ensure  the  appropriate application of  security controls to protect  enterprise  identities,  as well as identity federation to allow the Commonwealth to conduct business and interact with external entities  and  systems.




FORENSICS INVESTIGATIONS BRANCH

The Forensics Investigations Branch performs analysis of enterprise and agency level security events to determine method of attack and actions taken. This Branch provides feedback to the Security Operations Branch to help develop ongoing protection strategies based on the findings. The Branch gathers information for employee investigations to support personnel actions based on employee acceptable use violations. Investigations with a criminal component are referred to the Kentucky State Police and this Branch coordinates activities with law enforcement. For agencies outside of COT, this is a billable service at the forensic consulting rate. The Branch also conducts activities to pull electronic records for Open Records and Litigation Requests. Information is filtered based on the required criteria and provided to the agency legal counsel for further review and filtering based on sensitivity and applicability. For agencies outside of COT, this is a billable service at the forensic consulting rate.




SECURITY ADMINISTRATION BRANCH

Branch Manager: Melinda Sanford

The Security Administration Branch is responsible for the development and management of an Enterprise Identity Management System, which consists of the implementation of Automated and Manual Processes for Provisioning and De­ Provisioning Enterprise User Identities Including; Active Directory Account, user home folders, Lyne (Instant Messaging and Collaboration), email accounts, organization-based distribution list membership, access to enterprise level applications such as Enterprise Business Intelligence, security forms processing for exemptions, reviews, and assessments, management of multi-factor-authenticators.


 

SECURITY OPERATIONS BRANCH

Branch Manager: Terry Terrell 


The Security Operations Branch is a tactical operations center that provides 24  hour per day monitoring of enterprise sources, to include data center  physical  security and environmental conditions, infrastructure stability monitoring, security incident monitoring, enterprise security incident management, enterprise risk and threat  management,  and security  architecture  and  infrastructure management.



 

 

 

Please visit the "Security Services" web page for additional information.

This page was last modified 2/13/2018 2:47 PM





Report Security Incidents:

Commonwealth Service Desk
(502) 564-7576
 


 

Contact Information:

Office of the Chief Information Security Officer


David J. Carter
Chief Information Security Officer
(502) 564-8734

Elwyn Rainer, II
Branch Manager
Compliance Branch
(502) 782-1225

Melinda Sanford
Branch Manager:
Security Administration Branch
(502) 564-6375


Terry Terrell
Branch Manager:
Security Operations Branch
(502) 782-9122


Forensics Investigations Branch
(502) 564-8734


Directory Services Branch
(502) 564-8734


 - - - - - - - - - -

669 Chamberlin Avenue
Frankfort, KY 40601