Leadership: James Saunders, Acting State Chief Information Security Officer
About
In today’s modern world, cybersecurity incidents can dramatically damage public safety, privacy, state services, and the ability of first responders to keep Marylanders safe.
The Office of Security Management (OSM) within the Department of Information Technology (DoIT), led by the Acting State Chief Information Security Officer, provides State agencies with a common statewide strategy for secure, effective, and technically sound use of the State's information technology resources. The Office is responsible for the establishment of security policies, security guidance, security awareness, privacy and management of Statewide centralized security services such as the Maryland Security Operations Center (MD-SOC).
OSM helps protect other state agencies through detection, cyber threat, and incident response services and is a source of IT security information for State agencies. OSM also houses the local cyber team, which works directly with local Maryland jurisdictions to help them improve their cybersecurity posture. They provide expert guidance, resources, and support to municipalities, counties, public school systems, and other local entities so they can better safeguard their digital assets.
OSM also houses the State Chief Privacy Officer who helps to oversee how Executive agencies under the Governor’s authority collect, use and protect personal information. The privacy office is responsible for creating and managing the State’s privacy policies, maintaining inventories of systems that store personal information, and guiding agencies on best practices that promote protection of personal information.. This work includes implementing privacy risk management strategies, fair information practice principles, training and awareness programs, and working to reduce the amount of personal information the State collects and retains.
More from OSM