The Information Systems Security Office (ISSO) is a part of the Department of Administration State Information Technology Services Division (SITSD) under the direction of Lynne Pizzini, Chief Information Security Officer and Deputy Chief Information Officer. The ISSO has two areas: the Information Security Bureau (ISB) and the Enterprise Security Program (ESP).
The ISB provides cyber security solutions and services to protect the confidentiality, integrity, and availability of SITSD systems and data. The ISB is led by Sean Rivera, Bureau Chief. The Digital Forensics and Incident Response (DFIR) section is supervised by James Zito. The Disaster Recovery program is managed by Kaye Davis.
The ESP is led by Joe Frohlich, Enterprise Security Manager. The ESP works with all state agencies to develop policies, assist with security programs, provide security training, and complete risk assessments. The ESP also facilitates the Montana Information Security Advisory Council.
The SITSD Information Systems Security Office provides solutions and service with a thorough understanding of the confidentiality, integrity, and availability of information systems utilizing a flexible strategy, collaborative approach, and a strong customer focus.
The State of Montana uses technology for all aspects of business. Security is a key piece of information technology because the data, as well as the infrastructure, needs to be protected from all threatening elements. The Information Systems Security Office (ISSO) will enforce the baseline National Institute of Standards and Technology (NIST) security requirements to protect and defend against hostile elements. The ISSO, through a commitment to excellence, will protect and preserve the confidentiality, integrity, and availability (CIA) of the state’s information technology resources. The ISSO will lead by example and build trust relationships within SITSD and with external entities.
Goals and Objectives:
Provide standardization and security common controls for enterprise information system programs.
Provide policies, procedures, and guidelines that promote a security culture, collaboration, and efficiencies for information systems in the State of Montana.
Assist in the standardization and protection of information systems for the State of Montana.
Review information systems and make recommendations for security controls.
Audit implementation of policies and procedures within SITSD.
Develop security and other compliance recommendations for the State of Montana.
Facilitation of risk and gap analysis to determine security vulnerabilities and the mechanisms to mitigate risks to enable fact based decisions.
Remain current with security tools, trends, and vulnerabilities through continuing education.
Lynne Pizzini, CISSP, CISM, CIPP - Chief Information Security Officer and Deputy Chief Information Officer: 406-444-9127
DOA Information Security Bureau
ISB Risk Management
ISB Digital Forensics and Incident Response
Enterprise Security Program (ESP)
Montana Information Security Webmaster