1 / 7

Concept Presentation

Concept Presentation. Information Systems Security Management. Philip Robbins - August 1, 2012 University of Phoenix Hawaii Campus. Who am I?. Information Systems Authorizing Official Representative United States Pacific Command (USPACOM) Risk Management Field

jill
Download Presentation

Concept Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Concept Presentation Information Systems Security Management Philip Robbins - August 1, 2012 University of Phoenix Hawaii Campus

  2. Who am I? • Information Systems Authorizing Official Representative • United States Pacific Command (USPACOM) • Risk Management Field • Assessments to USPACOM Authorizing Official / CIO • Bachelor of Science in Electrical Engineering • Master of Science in Information Systems • Ph.D. Student in Communication & Information Sciences • Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP)

  3. Concept 1: Info Security & Assurance • You leave your job at ACME, Inc. to become the new Information Systems Security Manager (ISSM) for University of University College (UUC). • The CIO of UUC drops by your office to let you know that they have no ISS program at UUC! • A meeting with the Board of Directors is scheduled and you are asked by the CIO to attend. • The Board wants to hear your considerations on how to start the new ISS program spanning all national and international networks. • What are you going to tell them? • As an ISSM, what would you consider first? • What types of questions would you ask the Board and/or to the CIO?

  4. Concept 2: Physical & Logical ISS • First day on the job and you find yourself already meeting with the local Physical Security and IT Services Managers at UUC. • You introduce yourself as the new ISSM and both managers eagerly ask you “what can we do to help?” • What do you tell these Managers? • What types of questions would you ask the Managers? • As an ISSM, what are some IT, computer, and network security issues you consider important to a new ISS program at UUC? • What about your meeting with the Board of Directors earlier? How does it apply here?

  5. Concept 3: Risk • At the end of your first 30-days on the job, as an ISSM, you have been able to sUUCessfully develop and implement an ISS program for UUC. • You decide to update the CIO on the progress of the UUC ISS program via email when all of a sudden the entire internal network goes down! • Your Computer Network Defense Team is able to determine the source of the disruption to an unknown vulnerability that was exploited on a generic perimeter router. • The CIO calls you into his office and indicates to you that he is “concerned about the Risk to the networks at UUC” and ‘wants a risk assessment conducted’ ASAP. • What does the CIO mean by “Risk to the networks at UUC”? • As a ISSM, how would you conduct a risk assessment for the CIO? • How is risk measured and why is it important?

  6. Concept Overview

  7. Thank you! Questions? philiprobbins@email.phoenix.edu

More Related