Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management...

16
Security Training & Awareness (03) Thomas Levy

TAGS:

Transcript of Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management...

Page 1: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Security Training & Awareness (03)

Thomas Levy

Page 2: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Agenda

1. Aims: CIAN 2. Common Business Attacks3. Information Security & Risk Management 4. Access Control5. Cryptography 6. Physical Security 7. Security Architecture & Design

Page 3: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Agenda Continued

7. Business Continuity & Disaster Recovery Planning8. Telecommunications & Network Security 9. Application Security 10.Operations Security11.Legal, Regulations, Compliance & Investigations 12.Summary

Page 4: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Aims: CIAN

To be able to protect information assets ensuring: • Confidentiality• Integrity • Availability• Non – repudiation

Page 5: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Common Business Attacks

• DNS • BGP• XSS• XSRF• DoS• Injection

Page 6: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Information Security & Risk Management • Security Baselines• Audit Frameworks • Reporting • Risk Management

Page 7: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Access Control

• Information & User Classification • Access Control Categories and Types • Threats to Access Control • Access Control Assurance

Page 8: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Cryptography

• Confidentiality, Integrity & Authenticity • Data Storage• Data Transmission

• Symmetric vs Asymmetric • Digital Signatures & Envelopes • End to End Encryption

Page 9: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Physical Security

Additional layers of security which work in conjunction with the technical layers to provide a greater defence in depth

Page 10: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Security Architecture & Design

• Software• Hardware

Page 11: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Business Continuity & Disaster Recovery Planning• Failure to prepare is preparing to fail • Revenue Loss• Additional Expenses • Damaged Reputation

Page 12: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Telecommunications & Network Security • OSI model• TCP / IP model

Page 13: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Application Security

• Buffer Overflows• Malicious Software• Social Engineering • Trapdoors

Page 14: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Operations Security

• Misuse prevention • Continuity of operations • Fault tolerance • Data protection • Configuration management • Patch management

Page 15: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Legal, Regulations, Compliance & Investigations • Privacy • Liability • Computer Crime • Incident Handling & Response Capability

Page 16: Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Summary

1.Secure the weakest link2.Practise defence in depth 3.Fail securely 4.Follow the principle of least privilege 5.Compartmentalise 6.Keep it simple 7.Promote privacy 8.Remember that hiding secrets is hard9.Be reluctant to trust10.Use your community resources


Module 3 - Attenuation in Optical Fibers - CIAN: Creating

Module 3 - Attenuation in Optical Fibers - CIAN: Creating

Architectural Models - opti500.cian-erc.orgopti500.cian-erc.org/opti500/pdf/sm/CH13 Architectural Models.pdfC HAPTER 1 3 Architectural Models This chapter describes the architectural

Architectural Models - opti500.cian-erc.orgopti500.cian-erc.org/opti500/pdf/sm/CH13 Architectural Models.pdfC HAPTER 1 3 Architectural Models This chapter describes the architectural

48906251-cian HRM

48906251-cian HRM

Cian Healthcare Maharashtra India

Cian Healthcare Maharashtra India

Macbeth Essay Pack One · 2018. 11. 30. · © cian hogan english notes 2012 - 2013 1 © cian hogan 2013 essay pack one macbeth

Macbeth Essay Pack One · 2018. 11. 30. · © cian hogan english notes 2012 - 2013 1 © cian hogan 2013 essay pack one macbeth

Communications-Electronics Security Group. Identifier Based PKC - Potential Applications Dr. Ian Levy CESG.

Communications-Electronics Security Group. Identifier Based PKC - Potential Applications Dr. Ian Levy CESG.

By Cian Martin

By Cian Martin

Cian Healthcare Private Limited, Pune, Analgesics & Antipyretics

Cian Healthcare Private Limited, Pune, Analgesics & Antipyretics

Cian PLC - mlaem.fs.ml.com

Cian PLC - mlaem.fs.ml.com

Cian Hughes

Cian Hughes

CIAN MAGENTA YALLOW BLACK 60 amsaxveli kadrebi …

CIAN MAGENTA YALLOW BLACK 60 amsaxveli kadrebi …

Modeling Financial Security Returns Using Levy …faculty.baruch.cuny.edu/lwu/papers/handbooklevy.pdfModeling Financial Security Returns Using Levy Processes´ Abstract Le´vy processes

Modeling Financial Security Returns Using Levy …faculty.baruch.cuny.edu/lwu/papers/handbooklevy.pdfModeling Financial Security Returns Using Levy Processes´ Abstract Le´vy processes

CIAN, Revista de historia de las universidades

CIAN, Revista de historia de las universidades

L T echni cian s - LISTSERV 16.0

L T echni cian s - LISTSERV 16.0

Spontaneous action potentials and neural coding in …cian/files/ODonnell_vanRossum_NC_2014...Spontaneous action potentials and neural coding in un-myelinated axons Cian O’Donnell1,2

Spontaneous action potentials and neural coding in …cian/files/ODonnell_vanRossum_NC_2014...Spontaneous action potentials and neural coding in un-myelinated axons Cian O’Donnell1,2

by Cian Brennan, Stephen Corrigan and Melissa Morrissey

by Cian Brennan, Stephen Corrigan and Melissa Morrissey

Introduction to Lasers - opti500.cian-erc.orgopti500.cian-erc.org/supercourse/classes/Fall2012/Lecture_4_Intro_to_Lasers.pdfPhotonics, 6th edition Yariv and Yeh 28 Figure 6.1 Schematic

Introduction to Lasers - opti500.cian-erc.orgopti500.cian-erc.org/supercourse/classes/Fall2012/Lecture_4_Intro_to_Lasers.pdfPhotonics, 6th edition Yariv and Yeh 28 Figure 6.1 Schematic

Luca Cian e Sara Cervai - moodle2.units.it

Luca Cian e Sara Cervai - moodle2.units.it

CIAN MAGENTA YALLOW BLACK 1 lari 70 TeTridspace.nplg.gov.ge/bitstream/1234/165090/1/Alia_2014_N31.pdf · CIAN MAGENTA YALLOW BLACK gamodis 1995 wlidan samSabaTioTxSabaTi `Zalaufleba

CIAN MAGENTA YALLOW BLACK 1 lari 70 TeTridspace.nplg.gov.ge/bitstream/1234/165090/1/Alia_2014_N31.pdf · CIAN MAGENTA YALLOW BLACK gamodis 1995 wlidan samSabaTioTxSabaTi `Zalaufleba

ORDER ING PHYS CIAN NAME (Last, First) PLEASE PRINT …

ORDER ING PHYS CIAN NAME (Last, First) PLEASE PRINT …