Section 4. The secretary shall, notwithstanding section 45 of chapter 30 and chapter 31, appoint a qualified individual to serve as an enterprise chief information security officer (CISO) for the commonwealth who shall serve at the pleasure of the secretary. The CISO shall advise the secretary and the CIO on preventing data loss and fraud and protecting privacy. The CISO shall ensure all existing IT policies applicable to executive offices and agencies reflect best practices related to security and privacy.
Structure Massachusetts General Laws
Part I - Administration of the Government
Title II - Executive and Administrative Officers of the Commonwealth
Chapter 7d - Massachusetts Office of Information Technology
Section 4 - Enterprise Chief Information Security Officer (Ciso)
Section 4a - Chief Data Officer
Section 4b - Chief Privacy Officer
Section 4c - Chief Digital Officer
Section 5 - Bureau of Geographic Information