Information security[277]
-
Upload
timothy-warren -
Category
Technology
-
view
88 -
download
0
Transcript of Information security[277]
Tim WarrenCompany: Neuberger BermanIndustry: Financial Services We manage investments for
people and institutionsLocated: New YorkTitle: Lead Engineer/Vice President
What Is Information Security Information Security is the process of keeping
information secure: maintaining Confidentiality Integrity Availability
The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them.
Information Security Programs Companies build programs to run their Infosec departments Infosec programs are built around the core objectives of the CIA triad:
Confidentiality Integrity Availability of IT systems and business data.
These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality) prevent unauthorized modification of data (integrity) guarantee the data can be accessed by authorized parties (availability).
Information Security Organizations
Large enterprises create a dedicated security group to implement and maintain the organization's InfoSec program.
The security group is generally for conducting risk management, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective controls are decided on and applied.
The goal in part is to protect the organization from
Ransom warePhishing Attacks Identity TheftMalware
Information Security OrganizationsJobs within the information security field vary in their titles, but some common designations include : Chief Information Security Officer (CISO)
$103,071 - $214,236 Chief Security Officer (CSO)
$64,735 - $200,000 Security Engineer
57,254 - $125,073 Information Security Analyst
$49,478 - $102,185 Security Systems Administrator
$41,197 - $97,375 IT Security Consultant
$53,206 - $108,696
Information SecurityIdentity Management(IdM)
In computer security, identity and access management (IdM) is the security and business discipline that "enables the right individuals to access the right resources at the right times and for the right reasons". It addresses the need to ensure appropriate access to resources across increasingly heterogeneous technology environments and to meet increasingly rigorous compliance requirements.[1]
IdM covers issues such as how users: gain an identity the protection of that identity the technologies supporting that protection
(e.g., network protocols, digital certificates, passwords, etc.).
Daily
Ensure that User records where processed in over night batch jobs Communicate to hiring mangers their users status Check application logs for errors Update project status Plan for afterhours and weekend changes New project initiation Engineering for new integrations Level 3 support
Systems Active Directory – For authentication and group membership Virtual Directories for authentication and attribute extension Secure Token – Token for 2nd factor authentication Public Key Infrastructure PKI, SSL/TLS Certificates and encryption Single Sign On(SSO) User Onboarding systems Help Desk management of users Employee Information systems
Additional Questions Education requirements after high school?
A minimum of an Bachelors Degree for entry level positions For advance positions at least 5+ years of additional experience
What should students take to prepare themselves for this career? Mathematics Programming Psychology
Advice The security landscape changes day to day. Ground yourself in the basic concepts you need to
know such as Fundamental computer science or how a computer works. CPU’s, RAM, registers, gates, etc TCP/IP networking and routing
Resources Your Librarian – Yes your library Security Now – Podcast/Webcast
https://twit.tv/shows/security-now How the Internet works https://twit.tv/shows/security-now/episodes/309 How SSL/TLS Works https://twit.tv/shows/security-now/episodes/195
SANS Institute – Information Security Resources https://www.sans.org/security-resources/