Information Security Threat Management & Incident Response

Service Description

The Enterprise Security and Risk Management Office offers information security threat management and incident response services to help state agencies safeguard the public’s data, to meet the requirements of the security standards legislation and other legal and regulatory requirements.

Services Provided

Service Details
Threat management
  • Notice provided to appropriate agency staff, security liaisons and members of the security distribution list concerning new viruses, worms and other threats to the health of the state's network
  • Notice provided to agency security liaisons and members of the security distribution list concerning vulnerabilities in widely deployed operating systems and applications
Security consulting
  • Assist agencies with analysis, resolution and maintenance of information technology security risks, threats, vulnerabilities and protection requirements • Provide consultation in response to audit and/or security assessment findings
  • Review agency incident management plans
Security training
  • Train and assist agency with development and maintenance of agency incident management plans
  • Provide incident management plan response training

Benefits

  • Integration of the statewide and agency level cybersecurity incident plans
  • An informed approach to threat management
  • An increased understanding and awareness of information security vulnerabilities that, in turn, improves an agency's overall security posture

Hours of Availability

  • The services described are available from 7 a.m. to 6 p.m., Monday through Friday, except for holidays.
  • On-call staffing is available for emergencies and after-hours scheduled work.

Customer Responsibilities

  • Follow appropriate incident reporting procedures for cyber incidents.
  • Identify critical business systems and applications.
  • Implement agency data classification and handling measures based on legal and regulatory requirements.
  • Provide emergency contact information for key agency personnel who may be needed during a cybersecurity incident.
  • Be aware of and comply with the state CIO security standards, policies and procedures as well as NCDIT policies for NCDIT services such as email and network.
  • Be available to provide critical information to assist in the resolution of reported incidents.
  • Appoint qualified staff to support information security measures.
  • Assess and manage agency information security risk.
  • Define and implement appropriate agency internal security policies, standards and procedures.
  • Provide appropriate security training to agency staff.
  • Define and implement agency internal security incident policies, standards and procedures.
  • Integrate agency internal information security incident plans with the statewide security incident plan.
  • Provide internal agency security incident response oversight.
  • Develop and follow agency project plans to implement security in the agency.

How Do We Charge?

The Enterprise Security and Risk Management Office does not currently charge for this service. Basic forensic services for executive branch agencies are included at no charge. Rates for other forensic services are quoted on request.

Request Any Service

Contact the NCDIT Service Desk:
Phone: 919-754-6000 or 1-800-722-3946
NCDIT Service Portal