Our Mission
With rapid and continuing technology advances, the Information Security Officer (ISO) is continually faced with new threats against our security and privacy. To ensure confidentiality, integrity, availability of Virginia State Police (VSP) Information Technology (IT) systems and data with sensitive and confidential information, we realize that the Information Security (IS) Program is a shared strategic responsibility across the organization with alignment to strategic goals. We are committed to applying the information security framework and best practices, managing risks, protecting data and privacy, protecting the information technology infrastructure, and providing a sustainable consistent approach to information security safeguards and measures that can be replicated across paper and electronic files, systems, and transactions.
Our Vision
We strive to be VSP’s trusted partner and business enabler where the VSP community comes for Information Security solutions.
Guiding Principles
- Lead with Innovation.
- Empower Others to Succeed.
- Expand Collaborations and Relationships.
- Act with Integrity and Trust.
- Be Adaptable and Strategic.
- Maintain risk-based and cost-effective solutions.
What qualifies as a cybersecurity incident?
Effective July 1, 2022, Virginia Code § 2.2-5514 requires all state and local public bodies to report all
(i) known incidents that
– threaten the security of the Commonwealth’s data or communications
or
– result in exposure of data protected by federal or state laws
and
(ii) other incidents compromising the security of the public body’s information technology systems with the potential to cause major disruption to normal activities of the public body or other public bodies.
Examples are unauthorized access, disclosing sensitive personally identifiable information (PII), cyber extortion, ransomware, slow running computer, and identify theft or fraud.