70 likes | 267 Views
Cyber Security at Organizational Level: Intro. Raul Rikk. Is it a project or a process ?. Cyber Security. Capability Development. Organization structure. Information Security Board – takes formal responsibility for the organisation of information security.
E N D
Is it a project or a process? Cyber Security
Organization structure Information Security Board – takes formal responsibility for the organisation of information security. Head of Information Security – is well informed about information security. Is interested in systematisation of information security within the organisation and organisation’s compliance with standards. Coordinator– acts as a contact person between different parties. Has the required project management skills. Owner of data– the owner of data is a department who is responsible for data during their life cycle. “Owner does not mean property rights regarding the assets. Is capable of assessing the importance of data and determines security classes for data.
Organization structure Top management – the involvement of top management is an important pre-requisite for successful implementation of information security projects. Employees, officials, users – all the other participants of institution’s work processes, users of data IT-specialist (IT department) – is involved with information technology aspects of databases, responsible for information security of IT systems Foreign partner – has the know-how and experiences for the implementation of information security projects Auditors and trainers
Expenses on security measures Risks Optimum Optimisation of costs