Defending North Carolina's IT Assets
In the digital world, we are continuously vulnerable to cybercrime and security threats that harm citizens, institutions, businesses and the economy.
Mission
The state chief information officer is responsible for securing North Carolina’s information assets, including data and the supporting infrastructure.
The N.C. Department of Information Technology’s Enterprise Security and Risk Management Office, or ESRMO, supports the state CIO by providing leadership in the development, delivery and maintenance of a cybersecurity program that safeguards the North Carolina’s information and supporting infrastructure against unauthorized use, disclosure, modification, damage or loss.
This comprehensive statewide cybersecurity program encompasses:
- Information security implementation
- Monitoring
- Threat and vulnerability management
- Cyber incident management
- Enterprise business continuity management
ESRMO works with executive branch agencies to help them comply with requirements that include:
- Legal and regulatory requirements
- Statewide technical architecture
- Industry best practices
It also works with state agencies, federal and local governments, citizens and private-sector businesses to help manage risk to support secure and sustainable information technology services to meet the needs of North Carolina’s citizens.
Objectives
Objective | Description |
---|---|
Protect the confidentiality, integrity and availability of North Carolina residents’ data. |
|
Promote a safe and secure information technology operations environment. |
|
Coordinate information sharing and communication. |
|
Identify and provide guidance on business continuity planning. |
|