Cybersecurity Awareness Training

KISO offers a comprehensive cybersecurity training solution that fulfills all statutory requirements for annual cybersecurity training. The platform is customizable, allowing organizations to include additional modules tailored to their specific needs. It also features tools for conducting simulated phishing email campaigns to assess staff awareness and provides reporting to identify areas requiring targeted follow-up training.

Firewall Administration

KISO manages the configuration, operation, and monitoring of the state’s perimeter and certain agency firewalls, which serve as a critical first line of defense against unauthorized access. These firewalls are designed to control and filter traffic between state systems and external networks, blocking potentially malicious or unauthorized activity. KISO ensures these security controls are properly maintained to protect state assets and support a secure network environment.

Intrusion Prevention System (IPS)

KISO administers the state’s IPS, which monitors network traffic in real time to detect and prevent malicious activity. The IPS actively analyzes traffic patterns, identifies threats such as exploits, malware, and unauthorized access attempts, and blocks them before they can impact state systems. KISO is responsible for configuring and maintaining the IPS to ensure optimal performance and threat coverage across the enterprise network.

24x7 Security Operations Center (SOC)

KISO operates a 24x7 SOC that provides monitoring, detection, and response for cybersecurity threats across the state network. The SOC uses advanced tools and threat intelligence to identify suspicious activity in real time, investigate potential incidents, and coordinate appropriate response actions.

.

Website Certificates

KISO provides support for the management of digital certificates used to secure public-facing state websites. This includes assisting agencies with the procurement, renewal, and proper configuration of SSL/TLS certificates to ensure secure, encrypted communication between state websites and their users.

Centralized Logging and SIEM

KISO provides a centralized logging and Security Information and Event Management (SIEM) solution that aggregates security-relevant data from systems, applications, and network devices across the enterprise. 

Vulnerability Scanning

KISO provides a centralized vulnerability scanning platform that enables agencies to identify and assess security weaknesses across their IT assets. While KISO manages the underlying tool and ensures it remains operational, each agency is responsible for configuring, scheduling, and operating scans within their environment.

Security Policy Development and Maintenance

This service provides the agency with policies that are industry standard, and compliant with applicable State and Federal requirements.

Risk Assessment

An Information Security Risk Assessment provides an objective evaluation of the organization’s current environment. This analysis provides an estimate of the likelihood that unacceptable impacts to customer information systems, employees, customers, reputation, assets and interests of stakeholders will occur. This service will provide the Customer with reports on risk to information technology assets and information systems.

Compliance Support

This service ensures the customer is informed of information technology assets and information systems that are compliant and non-compliant with State and Federal policies and regulations. This service also identifies what is required to bring noncompliance issues into compliance.

Disaster Recover and Business Continuity Support

 Disaster Recovery (DR) is the process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after an event of either a natural disaster or a disaster caused by humans. Business Continuity Planning (BCP) is the way an organization can prepare for and aid in disaster recovery. BCP is an arrangement agreed upon in advance by management and key personnel for the steps that will be taken to help the organization recover should a disaster occur. The KISO assists in developing and maintaining DR and BCP plans for information technology in support of critical business functions identified by the customer.

Incident Response

Incident management and response identifies and responds to unexpected disruptive events with the objective of controlling impacts within acceptable levels. These events can be technical, such as attacks mounted on the network via viruses, Denial of Service (DoS) or system intrusion, or they can be the result of mistakes, accidents, or system or process failure. Disruptions can also be caused by a variety of physical events such as theft of proprietary information, social engineering, lost or stolen backup tapes or laptops, environmental conditions such as floods, fires, or earthquakes. Any type of incident that can significantly affect the organization’s ability to operate, or that may cause damage, must be considered by the Information Security Officer as part of the incident management and response process. This service facilitates the development and execution of incident response.

Information Security Consulting

Information security consulting is to assist the agency in making informed decisions regarding the confidentiality, integrity, and availability of its data. Information Security Officers can provide consulting services on a variety of topics to include but not limited to procurement process (RFPs), third party and contract management, system and software development lifecycles, security control implementation and guidance, configuration management recommendations, data classification, and data sharing agreements.