Cybersecurity

At the heart of the ETSS Enterprise Security team is a commitment to ensure the security, integrity, and confidentiality of the State of Rhode Island's information through policy, processes, and technology. We aim to reduce risk and protect our digital environment while advancing positive constituent outcomes.

Focus Areas

  • Deliver strategy and advance enterprise standards to ensure the delivery of secure, scalable, and sustainable technology products and services.
  • Define policy, procedures, and guidelines that align with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and control sets for efficient and effective technology governance.
  • Mitigate security risk by transforming the ETSS workforce through development and by fostering collaborative partnerships with our agencies.
  • Continuously improve our monitoring and protections of networks, systems, and services to deter and detect malicious activity and ensure regulatory compliance.
  • Bolster our ability to effectively respond to major incidents with alignment of our enterprise support partners, public safety, National Guard, local municipality, and federal counterparts.
  • Advance the ‘whole of State’ security posture with funding initiatives like the State and Local Cyber Security Grant Program to serve in the best interest of our constituents.

Vision

Our vision is a collaborative effort to advance our cybersecurity security posture across Rhode Island, bringing together the ETSS security team, IT managers, technical support, and users under the guidance of the Chief Information Security Officer (CISO). Aligned with the NIST Cybersecurity Framework and ETSS policies, we strive to secure state technology against threats and mitigate risks effectively. Our outlook through to 2030 is on enhancing key capabilities like security awareness, threat detection, communication, incident response, and continuous improvement in processes. This involves both proactive management of potential security issues and reactive strategies to address immediate cybersecurity challenges.

In FY2024, we are prioritizing the advancement of our security technologies, the optimizing of our governance, risk, and compliance (GRC), and fostering a skilled workforce. A cornerstone of this effort is the Zero Trust Center of Excellence, reinforcing our commitment to secure our data and ensure entities access to only authorized resources and assets. Our involvement in the State and Local Cybersecurity Grant Program demonstrates our commitment to enhancing cybersecurity capabilities at all levels of government, with a special emphasis on supporting rural communities.

​​​​​​​ETSS Security organization will continually evolve to meet the challenges of the cybersecurity landscape, ensuring Rhode Island’s digital environment remains secure for all its citizens and stakeholders.