The Enterprise Security Office (ESO) brings together enterprise security capabilities into a single organization. The ESO is responsible for enterprise security policy, security monitoring of the state network, enterprise incident response, and enterprise security architecture, as well as dissemination of security training, policy, and best practices across state government. ESO works collaboratively with Enterprise Technology Services and agencies to support information security functions and ensure the security of the state network and information technology infrastructure. 

While all agencies are collectively responsible for information security, the work of ESO supports and increases the collective impact and resilience of state agencies. Moving forward, ESO is focused on the seamless integration of information security, solutions, and personnel into a coordinated multi-sector approach that recognizes cybersecurity as a public good.

For information on standards, please refer to the statewide Information Security Standards.

Oregon's Information Security Plan outlines long-term goals for the Security Office.