Upload
claude-oliver
View
217
Download
1
Tags:
Embed Size (px)
Citation preview
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 1
City of Seattle
Nine Tough Questions Mayors Should Ask Their Geeks
For Mayors’ Technology SummitFox School of Business, Temple University
8 October 2004Bill Schrier, Chief Technology Officer
City of Seattle, [email protected]
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 2
City of Seattle
The CIO
Chief Geek, aka CIOChief Information Officer – The person, reporting to the
CEO, who determines the overall strategicdirection and insures business contribution of the information systems function in a business.
Geek, noun, slanga person who is extremely interested and
knowledgeable about computers, electronics, technology, and gadgets; also called gearhead, propellerhead
Propeller-less
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 3
City of Seattle
Wi Fi
Phish
ing
XML
VoIP
VirusesInterne
t
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 4
City of Seattle
Tough Questions
• Information technology must serve constituents• Information technology and networks:
– an enabler of government– also a dependency, vulnerability– new threats: cyber-attacks, info theft, reputation loss
• How do you know your IT is effective and secure?
• Hard questions to help you - the City’s CEO – insure IT serves you and your constituents
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 5
City of Seattle
1. Priorities
• Increasingly, technology enables every department to deliver faster, better, cheaper
• IT works across the government – interdepartmental cooperation, interoperability
• Technology makes your priorities “real”: 24x7 services, web, 311, community notification
• But there is so much to do! And it is costly! How do you decide where to invest $$$ ?
Tough question number 1: Do your geeks (technology staff) know your priorities?
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 6
City of Seattle
Mayor Nickels’ Priorities
• Get Seattle moving
• Keep our neighborhoods safe
• Jobs, opportunity for All
• Build strong families and healthy communities
• Make a difference in the lives of people!
Greg Nickels Mayor of Seattle
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 7
City of Seattle
2. City Employees
• Effective government depends upon information & communications
• Employees – your greatest asset and vulnerability• Hiring – background checks• Internet, e-mail usage policies• Remote access, security policies, two-factor
authentication
Toughie #2: Are your City’s employees ready and able to secure your information?
• Security awareness – “post-it” note terror• Computer forensics – “personal” computers
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 8
City of Seattle
3. CISO
• THE single “go to” official, responsible for information security policy, awareness, resources and programs
• Advises departments on risk, issues, compliance and the law: HIPPA
• A check on too-rapid deployment of technology – the “idea virus”
• Need help? Call my CISO!
Toughie #3: Do you have Chief Information Security Officer?
Kirk Bailey, CISO Seattle
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 9
City of Seattle
4. IT and EOC
• Communications are critical in both daily emergencies and disasters
• Radio, telephone, computer networks, e-mail, web, GIS (maps), applications
• Multiple redundant communications • Second responders • WTO, Nisqually Earthquake
Toughie #4: Are your IT staff an integral part of your Emergency Operations Center?
Public Safety Radio Tower
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 10
City of Seattle
IT Incident Command
• Worms and viruses and hackers, oh my!
• Sasser, Randex F, MyDoom
• Cyber attacks on utilities, communications
• Alki Vulnerability Exercise
• TOPOFF2 Cyber-Exercise 2003
Toughie #5: Do your geeks know and practice incident command?
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 11
City of Seattle
Cyber Wormslayer
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 12
City of Seattle
Real Life
TOPOFF2 Cyber @ Washington State EOC6-7 May 2003
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 13
City of Seattle
6. Message
• Website• Electronic mail lists, listserv’s• Your TV Channel, emergency messages• Video streaming, library• Broadcasting from your EOC• Backup website, electronic mail
Toughie #6: Is IT ready to broadcast your message?
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 14
City of Seattle
What Scares Schrier
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 15
City of Seattle
7. Disaster Recovery
• Constituents understand an earthquake• But not water leaks or building fires• Data secured off-site• Backup sites and plans• Not just computers: phones, web, e-mail• All departments – business continuity
Toughie #7: Do you have an IT disaster recovery plan?
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 16
City of Seattle
8. Securing Data
• Rigorous policy for new public web applications: hardening, outside review
• Safeguarding names, social security numbers and identity theft
• Privacy policy for your website
• A certain county …
Toughie #8: It is 11PM. Do you know where your constituents’ data are?
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 17
City of Seattle
9. Protect Your Brand
• Impersonating, identity theft of your City’s good name
• Integrity and trust
• Phishing – policy “we don’t”
Toughie #9: Can your CIO protect your City’s branding and good name?
• Protecting the “.gov” domain
• Spoofing and e-mail …
8 October 2004 Nine Tough QuestionsBill Schrier, CTO, City of Seattle
Slide 18
City of Seattle
The Bottom LineCity government is about making a difference in
the lives of people.• Information technology:
– enables better constituent service– allows citizens more access to and better interaction
with their government– but is a two edged sword
• Hard questions, sound policies, make for effective, secure information technology