Cyber Security Services

Our Services

The Cyber Security Office (CSO) participates in below functions to help promote the overall mission. For more detailed information and rates, please visit the WVOT Service Rates Catalog

  • Security Policy Development

  • Privacy Partnership

  • Risk Management

  • Disaster Recovery Plans

  • Security Operations Center (SOC)

  • Training and Culture

  • Information Security Management Emphasis

  • Audit Program

  • Certification and Accreditation

  • Incident Management, Computer Forensics, and Investigations

  • Information Security Metrics

  • Office of Technology Partnerships

  • West Virginia Information Security Principles

Technology Audits

Audit efforts are focused on areas presenting the highest degree of risk, and where risk mitigation will provide the greatest potential benefit to the Executive Branch. The Audit Program also reviews internal controls within the WVOT operations, and will conduct audits of selected 3rd party providers at their off-site locations. More information is here.

Technology Policies

The WVOT has created a general security policy, and other security-related policies and procedures, for the Executive Branch of West Virginia government. Agencies may establish more stringent policy supplements, but duplication of content should be avoided. Each agency developing a security policy supplement must submit it to the WVOT for review/approval.

Information Security Training

The State of West Virginia utilizes a learning management system to deploy required, security and privacy training to all employees of the Executive Branch. Electronic security tips and awareness videos are released on a regular basis.

Security Operations Center (SOC)

  • Traffic analysis, event correlation

  • Threat analysis and alerts

  • Vulnerability scanning of state network

  • Web activity monitoring and site blocking

  • Network violation management

  • Support OISC Audit program

Computer Security Incident Response Team (CSIRT)

Maintains policies and procedures for incidents, maintain central point of contact for reporting incidents, and complete professional digital forensic investigations.