State CIO's Security Message September 2007

"We need to maintain a broad focus on information security and privacy. It's not just about securing digital information from digital attack. That's only one small piece. It's really about protecting people by securing information from unauthorized disclosure or improper use, information in whatever form it takes, digital or non-digital. It's also about ensuring the confidentiality, integrity and availability of information. And, it's much more about training and educating our workforce in good security and privacy habits than it is in acquiring cyber-security tools. Information security and privacy needs to be ubiquitous in our thinking, planning and day-to-day handling of information."

This message is the State CIO reply to the following inquiry from NASCIO:
What is the one, most critical security-related message or concern that you would like for your state leadership, including Governors, legislators, and budget officers, to know?

This year, the California Legislature appropriated funds to establish the Office of Information Security and Privacy Protection. For more information visit the Office of Information Security and Privacy Protection in Senate Bill 90 (Statutes of 2007) (PDF, 106 KB) in Chapter 5.7, section 11549.

(a) There is in state government, in the State and Consumer Services Agency, the Office of Information Security and Privacy Protection. The purpose of the office is to ensure the confidentiality, integrity, and availability of state systems and applications, and to promote and protect consumer privacy to ensure the trust of the residents of this state...