SlideShare a Scribd company logo

operation security

Download as PPTX, PDF
Kajalsing23
Kajalsing23

OPERAtion security - ISO 27001:2013

Education
1 of 5
PRESENTATION BY- KAJAL SINGH Operations Security – ISO 27001:2013
Operations Security  Operations security involves planning and sustaining the day-to-day processes that are critical for maintaining the security of institutions’ information environments  Members of the IT team with knowledge of and access to networks, data centers and admin accounts, can cause serious damage  Providing the direction, resources, support, and review necessary to ensure that information assets are appropriately protected within their area of responsibility
Risks  Uninformed Employees – Not trained in security best practices, week passwords, unattended systems, visiting unauthorized websites  Solution: Train employees on cyber security best practices and offer ongoing support, password management system  Mobile Devices (BYOD) - Data theft is at high vulnerability when employees are using mobile devices [particularly their own] to share data, access company information, or neglect to change mobile passwords
Risks  Tailgating and Piggybacking Through an Access Controlled Secure –  Tailgating is when another person, whether an employee or not, passes through a secure door without the knowledge of the person  Piggybacking is when another person follows through a door WITH the permission of the person who has received access.  Solution: 3-dimensional machine vision system that can differentiate between humans and objects, CCTV, anti- tailgating systems
Controllable Measures  Review documentation and evaluate guidance in regards to change management, capacity management, and separation of development, test, and production environment  Malware detection and prevention controls - Evaluate their level of effectiveness  Data centre backup strategy - backup procedures and methods (e.g., encryption) are effective both for on- and off-premises backup management  Prepare in advance for IT controls audits to avoid service disruption  Provide intuitive, visual dashboards that reflect your current security status An essential checklist for your security response solution

Recommended

Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Operational Security
Operational SecurityOperational Security
Operational SecuritySplunk
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Physical Security
Physical SecurityPhysical Security
Physical SecurityKriscila Yumul
 
Physical security.ppt
Physical security.pptPhysical security.ppt
Physical security.pptFaheem Ul Hasan
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
8. operations security
8. operations security8. operations security
8. operations security7wounders
 
Physical security
Physical securityPhysical security
Physical securityTariq Mahmood
 

Recommended

Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Operational Security
Operational SecurityOperational Security
Operational SecuritySplunk
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Physical Security
Physical SecurityPhysical Security
Physical SecurityKriscila Yumul
 
Physical security.ppt
Physical security.pptPhysical security.ppt
Physical security.pptFaheem Ul Hasan
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
8. operations security
8. operations security8. operations security
8. operations security7wounders
 
Physical security
Physical securityPhysical security
Physical securityTariq Mahmood
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security ExplainedHappiest Minds Technologies
 
Understanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationUnderstanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationPECB
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security SolutionsThe TNS Group
 
Network Security: Physical security
Network Security: Physical security Network Security: Physical security
Network Security: Physical security lalithambiga kamaraj
 
Data security
Data securityData security
Data securityAbdulBasit938
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...The University of Texas (UTRGV)
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
7. physical sec
7. physical sec7. physical sec
7. physical sec7wounders
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comAravind R
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorJames Krusic
 
Information security-management-system
Information security-management-systemInformation security-management-system
Information security-management-systemintellisenseit
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness SnapComms
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security PresentationWajahat Rajab
 
20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security AwarenessDinesh O Bareja
 
Remote access security services are crucial for several reasons_.pdf
Remote access security services are crucial for several reasons_.pdfRemote access security services are crucial for several reasons_.pdf
Remote access security services are crucial for several reasons_.pdfSomiHan224
 

More Related Content

What's hot

Understanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationUnderstanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationPECB
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security SolutionsThe TNS Group
 
Network Security: Physical security
Network Security: Physical security Network Security: Physical security
Network Security: Physical security lalithambiga kamaraj
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...The University of Texas (UTRGV)
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
7. physical sec
7. physical sec7. physical sec
7. physical sec7wounders
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comAravind R
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorJames Krusic
 
Information security-management-system
Information security-management-systemInformation security-management-system
Information security-management-systemintellisenseit
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness SnapComms
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security PresentationWajahat Rajab
 

What's hot (20)

Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
 
Understanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationUnderstanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for Organization
 
Network Security
Network SecurityNetwork Security
Network Security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security Solutions
 
Network Security: Physical security
Network Security: Physical security Network Security: Physical security
Network Security: Physical security
 
Data security
Data securityData security
Data security
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security Concepts
 
7. physical sec
7. physical sec7. physical sec
7. physical sec
 
Information security management system
Information security management systemInformation security management system
Information security management system
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
 
Information security-management-system
Information security-management-systemInformation security-management-system
Information security-management-system
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security Presentation
 

Similar to operation security

20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security AwarenessDinesh O Bareja
 
Remote access security services are crucial for several reasons_.pdf
Remote access security services are crucial for several reasons_.pdfRemote access security services are crucial for several reasons_.pdf
Remote access security services are crucial for several reasons_.pdfSomiHan224
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
IT8073 INFORMATION SECURITY FOR FINAL YEAR COMPUTER SCIENCE ENGINEERING
IT8073 INFORMATION SECURITY FOR FINAL YEAR COMPUTER SCIENCE ENGINEERINGIT8073 INFORMATION SECURITY FOR FINAL YEAR COMPUTER SCIENCE ENGINEERING
IT8073 INFORMATION SECURITY FOR FINAL YEAR COMPUTER SCIENCE ENGINEERINGThumilvannanSambanda
 
Effective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern ChallengesEffective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern Challengescyberprosocial
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
Importance of Access Control Systems for Business Security.pdf
Importance of Access Control Systems for Business Security.pdfImportance of Access Control Systems for Business Security.pdf
Importance of Access Control Systems for Business Security.pdfLaurajonath
 
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurS.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurvkarthi314
 
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Richard Lawson
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptxBinod Rimal
 
Securing Remote Workforce | Seclore
Securing Remote Workforce | SecloreSecuring Remote Workforce | Seclore
Securing Remote Workforce | SecloreSeclore
 
High Security & Restricted System Access Control Services.pdf
High Security & Restricted System Access Control Services.pdfHigh Security & Restricted System Access Control Services.pdf
High Security & Restricted System Access Control Services.pdfService Pro Smith Lock
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROLshinydey
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxdotco
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxTechnocracy2
 
01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdfRiyaSonawane
 

Similar to operation security (20)

20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness
 
Remote access security services are crucial for several reasons_.pdf
Remote access security services are crucial for several reasons_.pdfRemote access security services are crucial for several reasons_.pdf
Remote access security services are crucial for several reasons_.pdf
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
IT8073 INFORMATION SECURITY FOR FINAL YEAR COMPUTER SCIENCE ENGINEERING
IT8073 INFORMATION SECURITY FOR FINAL YEAR COMPUTER SCIENCE ENGINEERINGIT8073 INFORMATION SECURITY FOR FINAL YEAR COMPUTER SCIENCE ENGINEERING
IT8073 INFORMATION SECURITY FOR FINAL YEAR COMPUTER SCIENCE ENGINEERING
 
Effective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern ChallengesEffective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern Challenges
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
 
Importance of Access Control Systems for Business Security.pdf
Importance of Access Control Systems for Business Security.pdfImportance of Access Control Systems for Business Security.pdf
Importance of Access Control Systems for Business Security.pdf
 
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurS.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
 
DR PANKAJ SIR (1).pptx
DR PANKAJ SIR (1).pptxDR PANKAJ SIR (1).pptx
DR PANKAJ SIR (1).pptx
 
CyberSecurity Study Jam
CyberSecurity Study JamCyberSecurity Study Jam
CyberSecurity Study Jam
 
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
 
Securing Remote Workforce | Seclore
Securing Remote Workforce | SecloreSecuring Remote Workforce | Seclore
Securing Remote Workforce | Seclore
 
IS Unit II.pptx
IS Unit II.pptxIS Unit II.pptx
IS Unit II.pptx
 
Network Security Ch 1
Network Security Ch 1Network Security Ch 1
Network Security Ch 1
 
High Security & Restricted System Access Control Services.pdf
High Security & Restricted System Access Control Services.pdfHigh Security & Restricted System Access Control Services.pdf
High Security & Restricted System Access Control Services.pdf
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROL
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptx
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptx
 
01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf
 

More from Kajalsing23

presentation on Airtel
presentation on Airtelpresentation on Airtel
presentation on AirtelKajalsing23
 
Customer Service Strategy
Customer Service StrategyCustomer Service Strategy
Customer Service StrategyKajalsing23
 
Development communication
Development communicationDevelopment communication
Development communicationKajalsing23
 
COmparision of bpcl and hoec.
COmparision of bpcl and hoec.COmparision of bpcl and hoec.
COmparision of bpcl and hoec.Kajalsing23
 
Bajaj auto ssm project.
Bajaj auto ssm project.Bajaj auto ssm project.
Bajaj auto ssm project.Kajalsing23
 

More from Kajalsing23 (6)

ppt on brexit
ppt on brexitppt on brexit
ppt on brexit
 
presentation on Airtel
presentation on Airtelpresentation on Airtel
presentation on Airtel
 
Customer Service Strategy
Customer Service StrategyCustomer Service Strategy
Customer Service Strategy
 
Development communication
Development communicationDevelopment communication
Development communication
 
COmparision of bpcl and hoec.
COmparision of bpcl and hoec.COmparision of bpcl and hoec.
COmparision of bpcl and hoec.
 
Bajaj auto ssm project.
Bajaj auto ssm project.Bajaj auto ssm project.
Bajaj auto ssm project.
 

Recently uploaded

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........LeaCamillePacle
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationAadityaSharma884161
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 

Recently uploaded (20)

Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint Presentation
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 

operation security

  • 1. PRESENTATION BY- KAJAL SINGH Operations Security – ISO 27001:2013
  • 2. Operations Security  Operations security involves planning and sustaining the day-to-day processes that are critical for maintaining the security of institutions’ information environments  Members of the IT team with knowledge of and access to networks, data centers and admin accounts, can cause serious damage  Providing the direction, resources, support, and review necessary to ensure that information assets are appropriately protected within their area of responsibility
  • 3. Risks  Uninformed Employees – Not trained in security best practices, week passwords, unattended systems, visiting unauthorized websites  Solution: Train employees on cyber security best practices and offer ongoing support, password management system  Mobile Devices (BYOD) - Data theft is at high vulnerability when employees are using mobile devices [particularly their own] to share data, access company information, or neglect to change mobile passwords
  • 4. Risks  Tailgating and Piggybacking Through an Access Controlled Secure –  Tailgating is when another person, whether an employee or not, passes through a secure door without the knowledge of the person  Piggybacking is when another person follows through a door WITH the permission of the person who has received access.  Solution: 3-dimensional machine vision system that can differentiate between humans and objects, CCTV, anti- tailgating systems
  • 5. Controllable Measures  Review documentation and evaluate guidance in regards to change management, capacity management, and separation of development, test, and production environment  Malware detection and prevention controls - Evaluate their level of effectiveness  Data centre backup strategy - backup procedures and methods (e.g., encryption) are effective both for on- and off-premises backup management  Prepare in advance for IT controls audits to avoid service disruption  Provide intuitive, visual dashboards that reflect your current security status An essential checklist for your security response solution

Editor's Notes

  1. The objective of ‘A.12.Operations Security’ domain is to help the organizations to put in place appropriate controls to ensure that day to day operations of an organization are carried out in a controlled and a secure manner, which includes documenting operating procedures, ensuring changes to information assets are carried out efficiently, the information assets are protected from malware and other threats & vulnerabilities, controls to ensure backup is performed effectively to ensure timely availability of information, logging and monitoring of user activities and ensuring continuous improvement through Information systems audit & mitigations.