Information Security Threat Management & Incident Response
Service Description
The Enterprise Security and Risk Management Office offers information security threat management and incident response services to help state agencies safeguard the public’s data, to meet the requirements of the security standards legislation and other legal and regulatory requirements.
Services Provided
Service | Details |
---|---|
Threat management |
|
Security consulting |
|
Security training |
|
Benefits
- Integration of the statewide and agency level cybersecurity incident plans
- An informed approach to threat management
- An increased understanding and awareness of information security vulnerabilities that, in turn, improves an agency's overall security posture
Hours of Availability
- The services described are available from 7 a.m. to 6 p.m., Monday through Friday, except for holidays.
- On-call staffing is available for emergencies and after-hours scheduled work.
Customer Responsibilities
- Follow appropriate incident reporting procedures for cyber incidents.
- Identify critical business systems and applications.
- Implement agency data classification and handling measures based on legal and regulatory requirements.
- Provide emergency contact information for key agency personnel who may be needed during a cybersecurity incident.
- Be aware of and comply with the state CIO security standards, policies and procedures as well as NCDIT policies for NCDIT services such as email and network.
- Be available to provide critical information to assist in the resolution of reported incidents.
- Appoint qualified staff to support information security measures.
- Assess and manage agency information security risk.
- Define and implement appropriate agency internal security policies, standards and procedures.
- Provide appropriate security training to agency staff.
- Define and implement agency internal security incident policies, standards and procedures.
- Integrate agency internal information security incident plans with the statewide security incident plan.
- Provide internal agency security incident response oversight.
- Develop and follow agency project plans to implement security in the agency.
How Do We Charge?
The Enterprise Security and Risk Management Office does not currently charge for this service. Basic forensic services for executive branch agencies are included at no charge. Rates for other forensic services are quoted on request.
Request Any Service
Contact the NCDIT Service Desk:
Phone: 919-754-6000 or 1-800-722-3946
NCDIT Service Portal