SlideShare a Scribd company logo

Challenges and Benefits of Information Security Management

Conferencias FIST
Conferencias FIST
Technology
1 of 36
Download to read offline
! Information Security ! " "# " " ! $ %" " & &'
" #$ # #% ## & % ' '" ( ) % % * * # +# & $ ) % * , %# - . # # # # !# % #/ . %# # # * / . # $ * # *# # # # # / . # !# # 0 . # # # # #
# 01 # $ An 27001 Certified Lead Auditor Audit Aspectos essenciais BS ISO/IEC 17799 e 27001 Implantação BS ISO/IEC 27001 Auditorias Internas à BS ISO/IEC 27001 Auditor Coordenador BS ISO/IEC 27001 (IRCA) Trainning Consultancy
# 01 # $ " #$ # #% ## & " 2 4 3 . ! . " !# & 1 5 6 " 5(7 (( . ! . " !# & 8 . ! . $% & & # ! # ' # (
# # &,' # &9 %# . " + : 1 # % 0
. # %# ! # !# & # !# " 2 4 3 9 ' &; #! # # $" 2 4 '9( 3 9( . " # #
Natural Disasters Acoustic (Flood, Lightning, Earthquake, ...) Information (Telephone conversations, in public, in meetings, ...) Technical failures Logical Physical 17799 * 27001 17799 * 27001 (Communication, Lack of energy, Information Information Equipment break-down, ...) (Faxs, contracts, BS ISO/IEC BS ISO/IEC (electronic records) reports, manuals, ...) Business Human Failure (Maintenance errors, User errors, Lack of staff, ...) Visual Intelectual Information (Vídeo, fotos, Information environment, ...) (Knowledge) Social Problens (Strikes, Terrorism Attack, politics, legislation...)
'' # 2 < #* A5 Security policy A6 Organization of Information Security A7 Asset management A8 HR A9 Physical and A10 Communications A12 Information security Environmental and operations Systems security management Acquisition, development A11 Access control and maintenance A13 Incident Management A14 Business continuity management A15 Compliance
## = ! "# $ % & $ + ', - ' ( $ . / % ) % % ) * * % " "*
> = # $ & # $ 2 4 ) 3 % 9- ? Communicate and Consult Assess Risks Identify Analyse Evaluate Control Establish the the the the Context Risks Risks Risks Risks Monitor and Review
> = #1 Risk Assessment Asset Identification and Valuation Identification of Vulnerabilities Identification of Evaluation of Impacts Threats Business Risk Rating/ranking of Risks Risk Management Review of Existing Security Controls Identification of new Security Controls Policy and Implementation and Procedures Risk Acceptance Risk Reduction (Residual Risk)
1;
$
@% # A & B$ # # % !% % % ! * # ! %# !% % C$ A ,
$ & %# % # .> # * 1 * # %0 12 3 4 5
$ & = # . ."% # . $ $ . %#
$ & = 8# % # . % # * # % . % % < # % %0 12 3 4 5
$ & % # % #!D > = . # $ % 0 % # # . # $ % % ** . = $ $ # # = #% ## 67
# * * 6 7* - * " * * # 68 # * * *9 : :;
$ & # > = # $ & % #= # * # % $ # # # %#
$ & #* $ ! $ & # # # $ $# 2 . A $ A B$ A E A & # # # .; # # # % 0 %# %
$ & % F" # # G . 2 " H IA & ; * F # # G . 2 ( '$ I & D $ # # % ! & = % % # % ##
9 ' # # <<<;= ; *
$ &) ## # *# +
" #J
" # & * # J . # # & # 3K D # & &>2
" # &"% # %# ! # . I . # $ F $ ! # %#IG ! . # $ F" % # %#!1 G !" # %$ & ' ' # ' <<<; # ; "
" # &2 D # % $" # # JJJ & # # # # # % $ L% #
" # & 1 * # & B # "% # & * # * % L # % ! & %# % $ 3 $ # . > # !JJJJ & D% # # % ! * #
" # & F, G # # $ $ $ # =# # & # $F #& ( #
@% # A & !% # % # # # # % ** # $ 8# # A
You are free: Creative Commons Attribution- •to copy, distribute, display, and perform this work NoDerivs 2.0 •to make commercial use of this work Under the following conditions: Attribution. You must give the original author credit. No Derivative Works. You may not alter, transform, or build upon this work. For any reuse or distribution, you must make clear to others the license terms of this work. Any of these conditions can be waived if you get permission from the author. Your fair use and other rights are in no way affected by the above. This work is licensed under the Creative Commons Attribution-NoDerivs License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nd/2.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
E K M N 2 ->?- @ > ; ' ?@ > ; '

Recommended

Social In(ex)clusion, Dis/ability and Technology
Social In(ex)clusion, Dis/ability and TechnologySocial In(ex)clusion, Dis/ability and Technology
Social In(ex)clusion, Dis/ability and TechnologyAlan Foley
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environmentEvan Francen
 
SOC 2 and You
SOC 2 and YouSOC 2 and You
SOC 2 and YouSchellman & Company
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Top 5 IT challenges for 2017
Top 5 IT challenges for 2017Top 5 IT challenges for 2017
Top 5 IT challenges for 2017ManageEngine, Zoho Corporation
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 

Recommended

Social In(ex)clusion, Dis/ability and Technology
Social In(ex)clusion, Dis/ability and TechnologySocial In(ex)clusion, Dis/ability and Technology
Social In(ex)clusion, Dis/ability and TechnologyAlan Foley
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environmentEvan Francen
 
SOC 2 and You
SOC 2 and YouSOC 2 and You
SOC 2 and YouSchellman & Company
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Top 5 IT challenges for 2017
Top 5 IT challenges for 2017Top 5 IT challenges for 2017
Top 5 IT challenges for 2017ManageEngine, Zoho Corporation
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 
ENVEVE
ENVEVEENVEVE
ENVEVEMobileMonday Switzerland
 
JaanSi Solutions & Services profile (v1.0)
JaanSi Solutions & Services profile (v1.0)JaanSi Solutions & Services profile (v1.0)
JaanSi Solutions & Services profile (v1.0)Siddhartha Shankar
 
201106 WICSA
201106 WICSA201106 WICSA
201106 WICSAJavier Gonzalez-Sanchez
 
Open Cities and Open Data
Open Cities and Open DataOpen Cities and Open Data
Open Cities and Open Dataokfn
 
Apple SMS Presentation
Apple SMS PresentationApple SMS Presentation
Apple SMS PresentationAtul Deshpande
 
Incubators 2005 Israel Chief Scientist
Incubators 2005 Israel Chief ScientistIncubators 2005 Israel Chief Scientist
Incubators 2005 Israel Chief ScientistDmitry Tseitlin
 
Overview Heylife
Overview HeylifeOverview Heylife
Overview Heyliferuimssousa
 
The Project Trap
The Project TrapThe Project Trap
The Project TrapMichael Griffin
 
Mobile Convention Amsterdam, Measure works - Jeroen Tjepkema
Mobile Convention Amsterdam, Measure works - Jeroen TjepkemaMobile Convention Amsterdam, Measure works - Jeroen Tjepkema
Mobile Convention Amsterdam, Measure works - Jeroen TjepkemaMobileConventionAmsterdam
 
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...MeasureWorks
 
Risk management: Social media usage in enterprises
Risk management: Social media usage in enterprisesRisk management: Social media usage in enterprises
Risk management: Social media usage in enterprisesdaenu
 
Cooper Union - SociaLite - Open 2011
Cooper Union - SociaLite - Open 2011Cooper Union - SociaLite - Open 2011
Cooper Union - SociaLite - Open 2011the nciia
 
Global CEO Study 2010
Global CEO Study 2010Global CEO Study 2010
Global CEO Study 2010nicholewright
 
New Age Marketer by Anees Merchant
New Age Marketer by Anees MerchantNew Age Marketer by Anees Merchant
New Age Marketer by Anees MerchantAnees Merchant
 
Bricks and Mobile - State of Retail Mobile
Bricks and Mobile - State of Retail MobileBricks and Mobile - State of Retail Mobile
Bricks and Mobile - State of Retail MobileRemodista
 
How To Trust The Cloud
How To Trust The CloudHow To Trust The Cloud
How To Trust The CloudNeustar, Inc.
 
SANS Log Management 2
SANS Log Management 2SANS Log Management 2
SANS Log Management 2laurenfortune
 
How to Trust the Cloud
How to Trust the CloudHow to Trust the Cloud
How to Trust the CloudLenny Rachitsky
 
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013Preview of “présentation de Mme Barincou” au CCT du 15 février 2013
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013Felipe Molina Civit
 
DO THINK
DO THINKDO THINK
DO THINKArne van Oosterom
 
Seguridad en Open Solaris
Seguridad en Open SolarisSeguridad en Open Solaris
Seguridad en Open SolarisConferencias FIST
 
Seguridad en Entornos Web Open Source
Seguridad en Entornos Web Open SourceSeguridad en Entornos Web Open Source
Seguridad en Entornos Web Open SourceConferencias FIST
 

More Related Content

Similar to Challenges and Benefits of Information Security Management

JaanSi Solutions & Services profile (v1.0)
JaanSi Solutions & Services profile (v1.0)JaanSi Solutions & Services profile (v1.0)
JaanSi Solutions & Services profile (v1.0)Siddhartha Shankar
 
Open Cities and Open Data
Open Cities and Open DataOpen Cities and Open Data
Open Cities and Open Dataokfn
 
Apple SMS Presentation
Apple SMS PresentationApple SMS Presentation
Apple SMS PresentationAtul Deshpande
 
Incubators 2005 Israel Chief Scientist
Incubators 2005 Israel Chief ScientistIncubators 2005 Israel Chief Scientist
Incubators 2005 Israel Chief ScientistDmitry Tseitlin
 
Overview Heylife
Overview HeylifeOverview Heylife
Overview Heyliferuimssousa
 
Mobile Convention Amsterdam, Measure works - Jeroen Tjepkema
Mobile Convention Amsterdam, Measure works - Jeroen TjepkemaMobile Convention Amsterdam, Measure works - Jeroen Tjepkema
Mobile Convention Amsterdam, Measure works - Jeroen TjepkemaMobileConventionAmsterdam
 
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...MeasureWorks
 
Risk management: Social media usage in enterprises
Risk management: Social media usage in enterprisesRisk management: Social media usage in enterprises
Risk management: Social media usage in enterprisesdaenu
 
Cooper Union - SociaLite - Open 2011
Cooper Union - SociaLite - Open 2011Cooper Union - SociaLite - Open 2011
Cooper Union - SociaLite - Open 2011the nciia
 
Global CEO Study 2010
Global CEO Study 2010Global CEO Study 2010
Global CEO Study 2010nicholewright
 
New Age Marketer by Anees Merchant
New Age Marketer by Anees MerchantNew Age Marketer by Anees Merchant
New Age Marketer by Anees MerchantAnees Merchant
 
Bricks and Mobile - State of Retail Mobile
Bricks and Mobile - State of Retail MobileBricks and Mobile - State of Retail Mobile
Bricks and Mobile - State of Retail MobileRemodista
 
How To Trust The Cloud
How To Trust The CloudHow To Trust The Cloud
How To Trust The CloudNeustar, Inc.
 
SANS Log Management 2
SANS Log Management 2SANS Log Management 2
SANS Log Management 2laurenfortune
 
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013Preview of “présentation de Mme Barincou” au CCT du 15 février 2013
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013Felipe Molina Civit
 

Similar to Challenges and Benefits of Information Security Management (20)

ENVEVE
ENVEVEENVEVE
ENVEVE
 
JaanSi Solutions & Services profile (v1.0)
JaanSi Solutions & Services profile (v1.0)JaanSi Solutions & Services profile (v1.0)
JaanSi Solutions & Services profile (v1.0)
 
201106 WICSA
201106 WICSA201106 WICSA
201106 WICSA
 
Open Cities and Open Data
Open Cities and Open DataOpen Cities and Open Data
Open Cities and Open Data
 
Apple SMS Presentation
Apple SMS PresentationApple SMS Presentation
Apple SMS Presentation
 
Incubators 2005 Israel Chief Scientist
Incubators 2005 Israel Chief ScientistIncubators 2005 Israel Chief Scientist
Incubators 2005 Israel Chief Scientist
 
Overview Heylife
Overview HeylifeOverview Heylife
Overview Heylife
 
The Project Trap
The Project TrapThe Project Trap
The Project Trap
 
Mobile Convention Amsterdam, Measure works - Jeroen Tjepkema
Mobile Convention Amsterdam, Measure works - Jeroen TjepkemaMobile Convention Amsterdam, Measure works - Jeroen Tjepkema
Mobile Convention Amsterdam, Measure works - Jeroen Tjepkema
 
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...
Measure works - Mobile Convention Amsterdam - Guidelines for a succesful mobi...
 
Risk management: Social media usage in enterprises
Risk management: Social media usage in enterprisesRisk management: Social media usage in enterprises
Risk management: Social media usage in enterprises
 
Cooper Union - SociaLite - Open 2011
Cooper Union - SociaLite - Open 2011Cooper Union - SociaLite - Open 2011
Cooper Union - SociaLite - Open 2011
 
Global CEO Study 2010
Global CEO Study 2010Global CEO Study 2010
Global CEO Study 2010
 
New Age Marketer by Anees Merchant
New Age Marketer by Anees MerchantNew Age Marketer by Anees Merchant
New Age Marketer by Anees Merchant
 
Bricks and Mobile - State of Retail Mobile
Bricks and Mobile - State of Retail MobileBricks and Mobile - State of Retail Mobile
Bricks and Mobile - State of Retail Mobile
 
How To Trust The Cloud
How To Trust The CloudHow To Trust The Cloud
How To Trust The Cloud
 
SANS Log Management 2
SANS Log Management 2SANS Log Management 2
SANS Log Management 2
 
How to Trust the Cloud
How to Trust the CloudHow to Trust the Cloud
How to Trust the Cloud
 
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013Preview of “présentation de Mme Barincou” au CCT du 15 février 2013
Preview of “présentation de Mme Barincou” au CCT du 15 février 2013
 
DO THINK
DO THINKDO THINK
DO THINK
 

More from Conferencias FIST

Seguridad en Entornos Web Open Source
Seguridad en Entornos Web Open SourceSeguridad en Entornos Web Open Source
Seguridad en Entornos Web Open SourceConferencias FIST
 
Las Evidencias Digitales en la Informática Forense
Las Evidencias Digitales en la Informática ForenseLas Evidencias Digitales en la Informática Forense
Las Evidencias Digitales en la Informática ForenseConferencias FIST
 
Evolución y situación actual de la seguridad en redes WiFi
Evolución y situación actual de la seguridad en redes WiFiEvolución y situación actual de la seguridad en redes WiFi
Evolución y situación actual de la seguridad en redes WiFiConferencias FIST
 
El Information Security Forum
El Information Security ForumEl Information Security Forum
El Information Security ForumConferencias FIST
 
Inseguridad en Redes Wireless
Inseguridad en Redes WirelessInseguridad en Redes Wireless
Inseguridad en Redes WirelessConferencias FIST
 
Mas allá de la Concienciación
Mas allá de la ConcienciaciónMas allá de la Concienciación
Mas allá de la ConcienciaciónConferencias FIST
 
Riesgo y Vulnerabilidades en el Desarrollo
Riesgo y Vulnerabilidades en el DesarrolloRiesgo y Vulnerabilidades en el Desarrollo
Riesgo y Vulnerabilidades en el DesarrolloConferencias FIST
 
Demostracion Hacking Honeypot y Análisis Forense
Demostracion Hacking Honeypot y Análisis ForenseDemostracion Hacking Honeypot y Análisis Forense
Demostracion Hacking Honeypot y Análisis ForenseConferencias FIST
 

More from Conferencias FIST (20)

Seguridad en Open Solaris
Seguridad en Open SolarisSeguridad en Open Solaris
Seguridad en Open Solaris
 
Seguridad en Entornos Web Open Source
Seguridad en Entornos Web Open SourceSeguridad en Entornos Web Open Source
Seguridad en Entornos Web Open Source
 
Spanish Honeynet Project
Spanish Honeynet ProjectSpanish Honeynet Project
Spanish Honeynet Project
 
Seguridad en Windows Mobile
Seguridad en Windows MobileSeguridad en Windows Mobile
Seguridad en Windows Mobile
 
SAP Security
SAP SecuritySAP Security
SAP Security
 
Que es Seguridad
Que es SeguridadQue es Seguridad
Que es Seguridad
 
Network Access Protection
Network Access ProtectionNetwork Access Protection
Network Access Protection
 
Las Evidencias Digitales en la Informática Forense
Las Evidencias Digitales en la Informática ForenseLas Evidencias Digitales en la Informática Forense
Las Evidencias Digitales en la Informática Forense
 
Evolución y situación actual de la seguridad en redes WiFi
Evolución y situación actual de la seguridad en redes WiFiEvolución y situación actual de la seguridad en redes WiFi
Evolución y situación actual de la seguridad en redes WiFi
 
El Information Security Forum
El Information Security ForumEl Information Security Forum
El Information Security Forum
 
Criptografia Cuántica
Criptografia CuánticaCriptografia Cuántica
Criptografia Cuántica
 
Inseguridad en Redes Wireless
Inseguridad en Redes WirelessInseguridad en Redes Wireless
Inseguridad en Redes Wireless
 
Mas allá de la Concienciación
Mas allá de la ConcienciaciónMas allá de la Concienciación
Mas allá de la Concienciación
 
Security Metrics
Security MetricsSecurity Metrics
Security Metrics
 
PKI Interoperability
PKI InteroperabilityPKI Interoperability
PKI Interoperability
 
Wifislax 3.1
Wifislax 3.1Wifislax 3.1
Wifislax 3.1
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 
Riesgo y Vulnerabilidades en el Desarrollo
Riesgo y Vulnerabilidades en el DesarrolloRiesgo y Vulnerabilidades en el Desarrollo
Riesgo y Vulnerabilidades en el Desarrollo
 
Demostracion Hacking Honeypot y Análisis Forense
Demostracion Hacking Honeypot y Análisis ForenseDemostracion Hacking Honeypot y Análisis Forense
Demostracion Hacking Honeypot y Análisis Forense
 
Security Maturity Model
Security Maturity ModelSecurity Maturity Model
Security Maturity Model
 

Recently uploaded

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 

Recently uploaded (20)

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

Challenges and Benefits of Information Security Management

  • 1.
  • 2.
  • 3. ! Information Security ! " "# " " ! $ %" " & &'
  • 4. " #$ # #% ## & % ' '" ( ) % % * * # +# & $ ) % * , %# - . # # # # !# % #/ . %# # # * / . # $ * # *# # # # # / . # !# # 0 . # # # # #
  • 5. # 01 # $ An 27001 Certified Lead Auditor Audit Aspectos essenciais BS ISO/IEC 17799 e 27001 Implantação BS ISO/IEC 27001 Auditorias Internas à BS ISO/IEC 27001 Auditor Coordenador BS ISO/IEC 27001 (IRCA) Trainning Consultancy
  • 6. # 01 # $ " #$ # #% ## & " 2 4 3 . ! . " !# & 1 5 6 " 5(7 (( . ! . " !# & 8 . ! . $% & & # ! # ' # (
  • 7. # # &,' # &9 %# . " + : 1 # % 0
  • 8.
  • 9. . # %# ! # !# & # !# " 2 4 3 9 ' &; #! # # $" 2 4 '9( 3 9( . " # #
  • 10. Natural Disasters Acoustic (Flood, Lightning, Earthquake, ...) Information (Telephone conversations, in public, in meetings, ...) Technical failures Logical Physical 17799 * 27001 17799 * 27001 (Communication, Lack of energy, Information Information Equipment break-down, ...) (Faxs, contracts, BS ISO/IEC BS ISO/IEC (electronic records) reports, manuals, ...) Business Human Failure (Maintenance errors, User errors, Lack of staff, ...) Visual Intelectual Information (Vídeo, fotos, Information environment, ...) (Knowledge) Social Problens (Strikes, Terrorism Attack, politics, legislation...)
  • 11. '' # 2 < #* A5 Security policy A6 Organization of Information Security A7 Asset management A8 HR A9 Physical and A10 Communications A12 Information security Environmental and operations Systems security management Acquisition, development A11 Access control and maintenance A13 Incident Management A14 Business continuity management A15 Compliance
  • 12. ## = ! "# $ % & $ + ', - ' ( $ . / % ) % % ) * * % " "*
  • 13. > = # $ & # $ 2 4 ) 3 % 9- ? Communicate and Consult Assess Risks Identify Analyse Evaluate Control Establish the the the the Context Risks Risks Risks Risks Monitor and Review
  • 14. > = #1 Risk Assessment Asset Identification and Valuation Identification of Vulnerabilities Identification of Evaluation of Impacts Threats Business Risk Rating/ranking of Risks Risk Management Review of Existing Security Controls Identification of new Security Controls Policy and Implementation and Procedures Risk Acceptance Risk Reduction (Residual Risk)
  • 15. 1;
  • 16. $
  • 17. @% # A & B$ # # % !% % % ! * # ! %# !% % C$ A ,
  • 18. $ & %# % # .> # * 1 * # %0 12 3 4 5
  • 19. $ & = # . ."% # . $ $ . %#
  • 20. $ & = 8# % # . % # * # % . % % < # % %0 12 3 4 5
  • 21. $ & % # % #!D > = . # $ % 0 % # # . # $ % % ** . = $ $ # # = #% ## 67
  • 22. # * * 6 7* - * " * * # 68 # * * *9 : :;
  • 23. $ & # > = # $ & % #= # * # % $ # # # %#
  • 24. $ & #* $ ! $ & # # # $ $# 2 . A $ A B$ A E A & # # # .; # # # % 0 %# %
  • 25. $ & % F" # # G . 2 " H IA & ; * F # # G . 2 ( '$ I & D $ # # % ! & = % % # % ##
  • 26. 9 ' # # <<<;= ; *
  • 27. $ &) ## # *# +
  • 28. " #J
  • 29. " # & * # J . # # & # 3K D # & &>2
  • 30. " # &"% # %# ! # . I . # $ F $ ! # %#IG ! . # $ F" % # %#!1 G !" # %$ & ' ' # ' <<<; # ; "
  • 31. " # &2 D # % $" # # JJJ & # # # # # % $ L% #
  • 32. " # & 1 * # & B # "% # & * # * % L # % ! & %# % $ 3 $ # . > # !JJJJ & D% # # % ! * #
  • 33. " # & F, G # # $ $ $ # =# # & # $F #& ( #
  • 34. @% # A & !% # % # # # # % ** # $ 8# # A
  • 35. You are free: Creative Commons Attribution- •to copy, distribute, display, and perform this work NoDerivs 2.0 •to make commercial use of this work Under the following conditions: Attribution. You must give the original author credit. No Derivative Works. You may not alter, transform, or build upon this work. For any reuse or distribution, you must make clear to others the license terms of this work. Any of these conditions can be waived if you get permission from the author. Your fair use and other rights are in no way affected by the above. This work is licensed under the Creative Commons Attribution-NoDerivs License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nd/2.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
  • 36. E K M N 2 ->?- @ > ; ' ?@ > ; '