Information Security

Information Security Office Mission

The Information Security Office (ISO) protects the confidentiality, integrity and availability of all Cook County information by leveraging cybersecurity capabilities across the enterprise and informing system stakeholders on cyber risk. The ISO provides tools, policies, security engineering, training and awareness focused on defeating evolving cybersecurity threats.

In short: Our mission is to help secure yours.

    Information Security Office Vision

    • Mature the County’s implementation of the Information Security Framework; this framework is required by the Cook County Information Security Ordinance.  Use the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) as the model for Cook County.
    • Proactively address threats and enhance the current Network Monitoring and Incident Response capabilities of the Information Security Office while ensuring to document and update procedures and tools as threats to the County’s information evolve; ensure the integration of change, configuration and project management.
    • Integrate early into the System Development Life Cycle (SDLC) so information system security requirements are ‘baked-in’ to system design and not ‘bolted-on’ late in the development phase.
    • Recruit and retain motivated cybersecurity talent that is technically proficient, team-oriented and service-minded.  Leverage contract resources to enhance capabilities where appropriate.

    Agency Head

    Charles Ruehling, Chief Information Security Officer