Date post: | 14-Jan-2016 |
Category: |
Documents |
Upload: | junior-price |
View: | 226 times |
Download: | 3 times |
Information Security
The CIA TriadConfidentialitConfidentialit
yy
IntegritIntegrityy
AvailabiliAvailabilityty
The state of being secret
The state or quality of being
entire or complete
Present and ready for use
SecuritySecurity
The Job
http://technet.microsoft.com/en-us/library/cc723507.aspx
Agenda
Some Threats
Some Controls
San Francisco – Terry Childs
http://articles.sfgate.com/2008-12-27/bay-area/17133065_1_computer-network-mr-childs-passwords
UBS – Roger Duronio
http://www.cbsnews.com/stories/2002/12/18/tech/main533450.shtml
Certegy Check Services
Lost Backup Tapes
Australia – Vitek Boden
“…marine life died, the creek water turned black and the stench was unbearable for residents…”
- Australian EPA
This file is licensed under the Creative Commons Attribution-Share Alike 2.5 Generic license
California – Mario Azar
Google and China
Waheed Mahmood
http://news.bbc.co.uk/
Lost Laptop
Scottish Council Loses Pay Details
Customer Information in Bins
The Biggie …
SMART
Where is Security?
IT Security?
Information Security?
Physical Security?
Business Security? Business Assurance?
Some Problems
IT Vendors
People – IT, employees, others …
Complexity
Technology
Control Systems
Anyone who thinks that I am responsible for Information Security
Agenda
Some Problems
Some Solutions
- 22 -
Security Golden Rules
Accept Challenges
Display Your Badge
Assess Risks
Protect Your Identity
Thirty Minute Rule
Security Program
Risk Management
Policy … Standards
Business Engagement
Culture / Behaviour Change
Security Architecture
Metrics and Measurements
Management System
Money / Staff
Controls
Further Reading
Bruce Schneier
SANS Internet Storm Centre / Newsbites
SecurityFocus
Titan Rain
Advanced Persistent Threat
Jericho Forum
Questions
Reading List
Ross Anderson: Security Engineering
Bruce Schneier: Secrets & Lies