Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management...
-
Upload
tracey-may-quinn -
Category
Documents
-
view
216 -
download
1
Transcript of Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management...
Agenda
1. Aims: CIAN 2. Common Business Attacks3. Information Security & Risk Management 4. Access Control5. Cryptography 6. Physical Security 7. Security Architecture & Design
Agenda Continued
7. Business Continuity & Disaster Recovery Planning8. Telecommunications & Network Security 9. Application Security 10.Operations Security11.Legal, Regulations, Compliance & Investigations 12.Summary
Aims: CIAN
To be able to protect information assets ensuring: • Confidentiality• Integrity • Availability• Non – repudiation
Information Security & Risk Management • Security Baselines• Audit Frameworks • Reporting • Risk Management
Access Control
• Information & User Classification • Access Control Categories and Types • Threats to Access Control • Access Control Assurance
Cryptography
• Confidentiality, Integrity & Authenticity • Data Storage• Data Transmission
• Symmetric vs Asymmetric • Digital Signatures & Envelopes • End to End Encryption
Physical Security
Additional layers of security which work in conjunction with the technical layers to provide a greater defence in depth
Business Continuity & Disaster Recovery Planning• Failure to prepare is preparing to fail • Revenue Loss• Additional Expenses • Damaged Reputation
Operations Security
• Misuse prevention • Continuity of operations • Fault tolerance • Data protection • Configuration management • Patch management
Legal, Regulations, Compliance & Investigations • Privacy • Liability • Computer Crime • Incident Handling & Response Capability