1 / 26

Information Security

Information Security. The CIA Triad. Confidentiality. The state of being secret. Security. Integrity. Availability. Present and ready for use. The state or quality of being entire or complete. The Job. http://technet.microsoft.com/en-us/library/cc723507.aspx. Agenda. Some Threats

jean
Download Presentation

Information Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security

  2. The CIA Triad Confidentiality The state of being secret Security Integrity Availability Present and ready for use The state or quality of being entire or complete

  3. The Job http://technet.microsoft.com/en-us/library/cc723507.aspx

  4. Agenda • Some Threats • Some Controls

  5. San Francisco – Terry Childs http://articles.sfgate.com/2008-12-27/bay-area/17133065_1_computer-network-mr-childs-passwords

  6. UBS – Roger Duronio http://www.cbsnews.com/stories/2002/12/18/tech/main533450.shtml

  7. Certegy Check Services

  8. Lost Backup Tapes

  9. Australia – Vitek Boden This file is licensed under the Creative Commons Attribution-Share Alike 2.5 Generic license “…marine life died, the creek water turned black and the stench was unbearable for residents…” - Australian EPA

  10. California – Mario Azar

  11. Google and China

  12. Waheed Mahmood http://news.bbc.co.uk/

  13. Lost Laptop

  14. Scottish Council Loses Pay Details

  15. Customer Information in Bins

  16. The Biggie …

  17. SMART

  18. Where is Security? • IT Security? • Information Security? • Physical Security? • Business Security? Business Assurance?

  19. Some Problems • IT Vendors • People – IT, employees, others … • Complexity • Technology • Control Systems • Anyone who thinks that I am responsible for Information Security

  20. Agenda • Some Problems • Some Solutions

  21. Security Golden Rules • Accept Challenges • Display Your Badge • Assess Risks • Protect Your Identity • Thirty Minute Rule - 22 -

  22. Security Program • Risk Management • Policy … Standards • Business Engagement • Culture / Behaviour Change • Security Architecture • Metrics and Measurements • Management System • Money / Staff • Controls

  23. Further Reading • Bruce Schneier • SANS Internet Storm Centre / Newsbites • SecurityFocus • Titan Rain • Advanced Persistent Threat • Jericho Forum

  24. Questions ?

  25. Reading List • Ross Anderson: Security Engineering • Bruce Schneier: Secrets & Lies

More Related