Your SlideShare is downloading. ×
Information Security Professional
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Information Security Professional

1,738
views

Published on

ITSec Pro - UIN JAKARTA IT Security Seminar

ITSec Pro - UIN JAKARTA IT Security Seminar

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,738
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
73
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Information Security Professional UIN - 16 Nov 2011 - @y3dipsWednesday, November 16, 11
  • 2. y3dips • Freelance IT Security Consultant • More than 9 years in IT Security • Founder of “ECHO” one of Indonesian Hacker Community, established 2003 • Founder of IDSECCONF - Indonesia Security Conference @y3dipsWednesday, November 16, 11
  • 3. InfoSec Means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction [1] [1]  h&p://wikipedia.orgWednesday, November 16, 11
  • 4. Information Security • Information : Set or collection of data that has meaning • Level [2] • Non-Classified • Public Information • Personal Information • Routine Business Information • Classified • Confidential • Secret • Top Secret [2]  h&p://wikipedia.orgWednesday, November 16, 11
  • 5. InfoSec Pro People Working in Information securityWednesday, November 16, 11
  • 6. InfoSec Pro Background • Natural Born Hacker • Formal EducationWednesday, November 16, 11
  • 7. Hackers Natural Born Hacker, Gain their InfoSec Knowledge by Hacking; Hack to Learn notWednesday, November 16, 11
  • 8. Hacker • Newbie • Script Kiddie • Develop Kiddie • Hacker • 1337Wednesday, November 16, 11
  • 9. Newbie A wanna be hackerWednesday, November 16, 11
  • 10. Script Kiddies Know the Tools, Able to use the tools; But, Not how the tool “really” worksWednesday, November 16, 11
  • 11. Develop Kiddies Able to Create a Tools, Know how the tool “really” works But Still lack with attitudeWednesday, November 16, 11
  • 12. Hacker Know Exactly What they’re Doin and How to Do itWednesday, November 16, 11
  • 13. 1337 Nobody Know what They are DoingWednesday, November 16, 11
  • 14. Hacker [+] • Proven Skill and Exprerience • Able to do a proof of concept [-] • Lack of Metodhologies • Lack or Organizations/ManagerialWednesday, November 16, 11
  • 15. !Professional • Bug Hunter • OS/App Developer • Botnet owner (DDOSer) • FraudsterWednesday, November 16, 11
  • 16. Wednesday, November 16, 11
  • 17. Wednesday, November 16, 11
  • 18. InfoSec Student Gain Information Security Knowledge from formal Education, Course, CertificationWednesday, November 16, 11
  • 19. InfoSec Student [+] • Strong in Concept and Metodhologies [-] • Lack of Skill and Experience • Unable to do Proof Of conceptWednesday, November 16, 11
  • 20. InfoSec Pro • IT Security Officer • IT Security Analyst • IT Security Auditor • IT Security EngineerWednesday, November 16, 11
  • 21. Security Officer • Security Contact Point for Organization • Principle Advisor for IT Security • Ensure Security Program Running ( Security Awareness course, etc) • Creating Security Policy, Procedures, Hardening guideWednesday, November 16, 11
  • 22. Security Analyst • Monitor all type of access to protect confidentiality and integrity • Provides Direct Support and Advise to the IT Security Manager • System Security Analyst, Network Security AnalystWednesday, November 16, 11
  • 23. Security Auditor • Auditing an Organizations Technology processess and security. • IT General Controls Reviews • Application Controls Reviews • Security Auditor, Penetration TesterWednesday, November 16, 11
  • 24. Security Engineer • Maintenance Computer Hardware and Software that comprises a computer Network • Doing a Security hardening and Configuration • System Security Engineer, Network Security EngineerWednesday, November 16, 11
  • 25. Requirements • Skill • Experience • Attitude • Able to work independent/group • Certification?Wednesday, November 16, 11
  • 26. Skill • In depth knowledge of Operating System • In depth knowledge of Networking • In depth knowledge of Application • In defpth knowledge of Programming • Much more :)Wednesday, November 16, 11
  • 27. Experience • How long you’ve been in that field • + the Security afterward.Wednesday, November 16, 11
  • 28. Attitude With Great Power Comes Great ResponsibilitiesWednesday, November 16, 11
  • 29. Work • Able to work Alone (individualist), • or a Team PlayerWednesday, November 16, 11
  • 30. Certification • In someway, its a [+] • Is it badly needed?Wednesday, November 16, 11
  • 31. Limitation • Government Rule : UU ITE • Organization/company Rule: NDAWednesday, November 16, 11
  • 32. Failed • Always Take not Give • Lack of Attitude • Kiddies Minded • Lazy to ImproveWednesday, November 16, 11
  • 33. Wednesday, November 16, 11
  • 34. Information Security Professional UIN - 16 Nov 2011 - @y3dipsWednesday, November 16, 11