1 / 16

Security Matters

Security Matters. It’s not about the network. What’s Your Biggest Threat?. http://flickr.com/photos/mikeygottawa/533355476/. The Top 12 Security Threats Reported by CTOs. 12. Extortion 11. Denial of Service (DoS) 10. Vandalism 9. Pharming 8. Phishing 7. Fraudulent Transaction.

oke
Download Presentation

Security Matters

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Matters It’s not about the network

  2. What’s Your Biggest Threat? http://flickr.com/photos/mikeygottawa/533355476/

  3. The Top 12 Security ThreatsReported by CTOs • 12. Extortion • 11. Denial of Service (DoS) • 10. Vandalism • 9. Pharming • 8. Phishing • 7. Fraudulent Transaction

  4. The Top 12 Security ThreatsReported by CTOs • 6. Physical Loss • 5. Unauthorized Access by Outsiders • 4. Malware • 3. Spam • 2. Unauthorized Access by Insiders • 1. Insider Misuse • Source: http://www.computereconomics.com/article.cfm?id=1214

  5. The Top 2 (and #6) Security ThreatsThe Cost of an “Inside Job” • Four in ten IT managers report incidents involving non-compliance while another 27 percent have seen unintentional release of corporate information. • A typical incident requires 22 IT employee hours to remediate.

  6. Security PhilosophyControl What You Can • 0’s and 1’s, not people. • Network, workstations, devices, applications, files.

  7. Control What You CanNetworks • NAT Routers • Integrated VPN • Dynamic IP addresses • Wireless - closed http://flickr.com/photos/abbyladybug/930518276/

  8. Control What You CanWorkstations • Firewalls • Antivirus • Anti-spyware • Spam filtering • Internet filtering (?) • Backups http://flickr.com/photos/53088165@N00/579761138/

  9. Control What You CanIn the Cloud • Enough seats for all users • Independent passwords • Automatic logout • Required password changes http://flickr.com/photos/86778817@N00/88641569/

  10. Control What You CanDevices / Drives • Passwords for all devices and drives • Encryption for files stored on devices and drives http://flickr.com/photos/ian-s/2152798588/

  11. Security PhilosophyIT’s More than Digital • In 2008…each man, woman, and child will use 4,847 sheets of the office paper, 36 sheets fewer than 2007. • Source: http://www.entrepreneur.com/tradejournals/article/184744007.html

  12. Security PhilosophyPlug the Biggest Holes • Prioritize! • Risk = Value of Asset x Severity of Vulnerability x Likelihood of Attack • Source:http://h71028.www7.hp.com/ERC/cache/568165-0-0-0-121.html

  13. Security PhilosophyPlan for Failure • Know how you will respond to security breaches in terms of IT • Plan for notifying important parties - it’s the law!

  14. Security PhilosophyTrain for Success • Ultimately, your success relies on your people • Try Disaster Days trainings (make it fun!) • Make security issues part of your regular communications

  15. Security Resources • HP Security Risk Assessment • http://h71028.www7.hp.com/ERC/cache/568165-0-0-0-121.html • TechSoup Healthy and Secure Computing • http://www.techsoup.org/hsc/ • CERT Octave • http://www.cert.org/octave/ • SANS Reading Room • http://sans.org/ • Security Focus • http://www.securityfocus.com/ • NSA Security Confirguration Guides • http://www.nsa.gov/snac/

  16. As we look ahead into the next century, leaders will be those who empower others.- Bill Gates, founder Microsoft

More Related