Information Security Office

Responsible for the assessment, formulation, implementation and maintenance of enterprise-wide IT security policies and procedures.

Page updated on Feb 4, 2021 at 4:22 PM

The information security office is responsible for the assessment, formulation, implementation, and maintenance of enterprise-wide IT risk management through IT security policies and procedures. As organizations around the globe transition to more technology-based practices and processes, the City of Alexandria recognizes the need to keep your data safe and secure and takes steps to be on the forefront of cybersecurity innovation.

What is involved in cybersecurity?

  • People – It always starts with the people. Being part of a well-managed government means that we work to ensure that our City staff members are aware of the latest threats and have the tools and know-how to protect our environment. We provide information and training to staff related to phishing, active threats, and scams, in order to provide them the knowledge they need to be resilient against cyber threats.
  • Processes – All processes involve data and information that is either digital or physical. Our goal is to ensure that the processes surrounding the City’s operations are technologically sound and secure. We strive to make sure processes are safe when interfacing with vendors, collecting information from civilians, or handling and sharing information between departments or other governmental agencies.  Confidentiality, integrity, and availability are the core tenants to ensuring our data and information is protected.
  • Technology – We do our best to protect against cyber threats by leveraging tools, practices, and techniques to best protect the City’s technology environment.

Governments, businesses and individuals are all at risk of becoming victims of cybercrimes.  Dangers can come from “phishing scams” that trick people into providing sensitive information, to viruses and malware that infect computers and devices from any number of sources. While these threats are always present, the best defense against them is information. Some of the easiest safeguards are:

  • Do not share passwords
  • Use complex and long passwords (15 characters)
  • Don’t click on links in the body of an email unless you are positive it is okay
  • Keep your operating systems and antivirus software up to date
  • If you receive an urgent or emergency request via email, phone or by other means, be cautious and verify before you offer any information 

Want to know more?  Below are several resources to help everyone avoid becoming victims of one of these crimes.