Security The mission of the DoIT Enterprise Security Team is to make information security programmatic and cultural throughout the enterprise. Our comprehensive posture increases security and reduces risk while securely enabling access to information for those who need it. Focus Areas Set strategy to build secure access protocols and network architecture Set policy, procedures, and guidelines that align with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) Mitigate security risk through outreach, awareness, assessment, policy, and best practices Participate in the monitoring of networks, systems, and services to protect against and detect malicious activity and ensure regulatory compliance Respond to security breaches to contain the incident and improve protocols Vision The ENTSEC program is a collaborative effort between the DoIT security team, the Agency Information Technology Managers, Technical Support Managers, DoIT staff, and users working together for the purpose of ensuring the security, integrity, and confidentiality of State information and protecting against unauthorized access or use of the information. The program operates within the framework of DoIT’s policies and procedures, which align with the NIST Cybersecurity Framework. The Chief Information Security Officer (CISO), who heads the ENTSEC team, is responsible for coordinating and overseeing the program. The purpose of the program is to develop, coordinate, drive, and maintain the cross-functional efforts necessary for the State of Rhode Island to effectively manage security exposures, critical vulnerabilities, or cybersecurity incidents that span the State’s various technology platforms. The program aims to maintain capabilities in several procedural areas, including security awareness, readiness, detection, communication, remediation, incident root cause analysis, education, and process improvement. It also addresses the proactive management of security exposures or vulnerabilities, and reactive handling of cybersecurity incidents that may arise in the State’s computing environment. The program, therefore, is truly a collection of State-wide competencies, bringing together the arrays of expertise necessary to effectively manage security exposures, technology vulnerabilities, threats, suspicious activity, and computer incidents that threaten its environment.