Information security is about trust. As public servants and custodians of public data, we have a duty to protect Oregonian's personal information. Regardless of agency mission or size, Oregonians rightfully expect that their government will use technology to improve customer service while ensuring the systems are secure and that personal information receives consistent protections. A unified and collaborative approach is necessary to fulfill the trust given by Oregonians-state agencies can no longer afford to go it alone.
On September 12th, 2016 Governor Brown signed Executive Order (EO) 16-13, "Unifying Cyber Security in Oregon," marking the first steps toward a unified information security posture for the State of Oregon. While working to implement EO 16-13 in partnership with state agencies, the Enterprise Security Office is collaborating with public and private-sector partners to increase cyber resilience across the State of Oregon.
Proposed legislation would permanently unify information security within the executive branch and establish the Cybersecurity Center of Excellence - a public-private state-civilian interface for information sharing, cybersecurity incidence response coordination, best practices identification, service delivery, training and workforce development. Ultimately, we are more resilient when we stand together.
A summary of the work being done for the EO is available here