AXA is the world’s largest financial services company and offers a wide spectrum of financial services and perspectives.
The views expressed in this presentation are that of the presenter and are not necessarily the views of AXA, its directors or affiliates. Nor does AXA make any representation or accept any liability for its accuracy or completeness.
AXA is not liable for any losses or damages arising from the use of the content from this presentation.
Ensure the privacy, security and confidentiality of the petabytes of corporate employee and client data
Ensure regulatory compliance
Universal Goals of Information Security Confidentiality Integrity Authentication Interception Modification Fabrication Are my communications private? Has my communication been altered? Who am I dealing with?
Today’s security threats include Lost backup tapes Hackers Risk matrix Software Patches Power grid Data center Poor token management Political Malicious end-users Angry Customers Regulatory compliance Contractors Telco Poor revocation processes Terrorists Legal liability Unions External Environmental DR/BCP Internal External Unhappy customers Physical security Disgruntled employees Consultants Third-party Clients Operational Audit Lack of budget Vendor bankruptcy Software vulnerabilities Forensics Crypto keys Lack of staff Fraud Poor risk assessment Hactivists Spyware Blogs Insecure software Wireless Google No documentation Organized crime China India Illegal downloads Web-scripting Viruses Worms Malicious software Laptop stolen Phishing Identity theft DoS BlackBerry Social engineering Competition Information leakage E-mail
Security awareness refers to those practices, technologies and services used to promote user awareness, user training, and user responsibility with regard to security risks, vulnerabilities, methods, and procedures related to information technology resources.
An initiative that sets the stage for training by changing organizational attitudes to realize the importance of information security and the adverse consequences of security failures .