SlideShare a Scribd company logo

IT Security and Management - Semi Finals by Mark John Lado

Download as PPTX, PDF
Mark John Lado, MIT
Mark John Lado, MIT

1. Incident Response 2. Operational Security 3. Physical and Environmental Security 4. Supplier Relationships

Education
1 of 128
1. Incident Response 2. Operational Security 3. Physical and Environmental Security 4. Supplier Relationships Semi Finals – Bachelor of Science in information System IT Security and Management
Chapter I Incident Response
Drill •Havoc •Wreak Havoc •Data Breach •Alienate
Drill • Havoc - widespread destruction • Wreak Havoc - to cause great damage • Data Breach - a security incident in which information is accessed without authorization. • Alienate - a withdrawing or separation of a person
Learning Objectives: At the end of this chapter, you will be able to; • Recognize the incident response. • Know how the incident response important. • Engage with the three elements of incident response management. • Familiarize the six steps of incident response plan.
What is Incident Response?
What is Incident Response? A term used to describe the process by which an organization handles a data breach or cyber attack, including the way the organization attempts to manage the consequences of the attack or breach (the “incident”).
What is Incident Response? • Incident response is the methodology an organization uses to respond to and manage a cyber-attack. An attack or data breach can wreak havoc potentially affecting customers, intellectual property company time and resources, and brand value.
What is Incident Response? • An incident response aims to reduce this damage and recover as quickly as possible. Investigation is also a key component in order to learn from the attack and better prepare for the future.
What is Incident Response? • Because many companies today experience a breach at some point in time, a well-developed and repeatable incident response plan is the best way to protect your company.
Why is Incident Response Important?
Why is Incident Response Important? • As the cyber-attacks increase in scale and frequency, incident response plans become more vital to a company’s cyber defenses. Poor incident response can alienate customers.
Who is the Incident Response Team? • The company should look to their “Computer Incident Response Team (CIRT)” to lead incident response efforts.
Who is the Incident Response Team? • This team is comprised of experts from upper-level management, IT, information security, IT auditors when available, as well as any physical security staff that can aid when an incident includes direct contact to company systems. Incident response should also be supported by HR, legal, and PR or communications.
The Responsible for Incident Response Incident Response Manager Who oversees and prioritizes action during the detection, analysis and containment of an incident
The Responsible for Incident Response Security Analyst Who supports the manager and work directly with the affected network to research the time, location and details of an incident.
The Responsible for Incident Response Triage Analyst Filter out false positives and keep an eye out for potential intrusions.
Elements of Incident Response Management 1. Incident Response Plan 2. Incident Response Team 3. Incident Response Tools
Incident Response Plan An incident response plan should prepare your team to deal with threats, indicate how to isolate incidents and identify their severity, how to stop the attack and eradicate the underlying cause, how to recover production systems, and how to conduct a post-mortem analysis to prevent future attacks.
Steps of Incident Response Plan 1. Preparation 2. Identification 3. Containment 4. Eradication 5. Recovery 6. Lessons learned
Steps of Incident Response Plan 1. Preparation Listing all possible threat scenarios. Develop policies to implement in the event of a cyber attack. Develop a communication plan. Outline the roles, responsibilities, and procedures of your team.
Steps of Incident Response Plan 1. Preparation Establish a corporate security policy Recruit and train team members, ensure they have access to relevant systems. Ensure team members have access to relevant technologies and tools.
Steps of Incident Response Plan 2. Identification Identify and assess the incident and gathered evidence. Decide on the severity and type of the incident and escalate if necessary.
Steps of Incident Response Plan 2. Identification Document actions taken, addressing “who, what, where, why, and how.” This information may be used later as evidence if the incident reaches a court of law.
Steps of Incident Response Plan 3. Containment The act of preventing the expansion of harm. Typically involves disconnecting affected computers from the network.
Steps of Incident Response Plan 4. Eradication Finding the root cause of the incident and removing affected systems from the production environment.
Steps of Incident Response Plan 4. Eradication These steps may change the configuration of the organization. The aim is to make changes while minimizing the effect on the operations of the organization. You can achieve this by stopping the bleeding and limiting the amount of data that is exposed.
Steps of Incident Response Plan 5. Recovery Ensure that affected systems are not in danger and can be restored to working condition. The purpose of this phase is to bring affected systems back into the production environment carefully, to ensure they will not lead to another incident.
Steps of Incident Response Plan 5. Recovery Ensure another incident doesn’t occur by restoring systems from clean backups, replacing compromised files with clean versions, rebuilding systems from scratch, installing patches, changing passwords and reinforcing network perimeter security.
Steps of Incident Response Plan 6. Lessons learned Completing incident documentation, performing analysis to learn from incident and potentially improving future response efforts. Complete documentation that couldn’t be prepared during the response process. The team should identify how the incident was managed and eradicated.
The Incident Response Team • To prepare for and attend to incidents, you should form a centralized incident response team, responsible for identifying security breaches and taking responsive actions.
The Incident Response Team The team should include: Incident response manager (team leader) Security analysts Lead investigator Threat researchers Communications lead Documentation and timeline lead Legal representation
Incident Response Tools • Cyber incident response tools are more often used by security industries to test the vulnerabilities and provide an emergency incident response to compromised network and applications and helps to take the appropriate incident response steps.
Summary Incident response is an approach to handling security breaches. The aim of incident response is to identify an attack, contain the damage, and eradicate the root cause of the incident. An incident can be defined as any breach of law, policy or unacceptable act that concerns information assets, such as networks, computers, or smartphones.
Chapter II Operational Security
Learning Objectives At the end of this chapter, you will be able to; • Familiarize of what is operational security. • Engage with the five steps of operational security. • Recognize the best practices for operational security • Apply the confidentiality, integrity, availability, and nonrepudiation in the corporate world.
Learning Outline 1. OPERATIONAL SECURITY 2. THE FIVE STEPS OF OPERATIONAL SECURITY 3. BEST PRACTICES FOR OPERATIONAL SECURITY
OPERATIONAL SECURITY • Operational security (OPSEC), also known as procedural security, is a risk management process that encourages managers to view operations from the perspective of an adversary in order to protect sensitive information from falling into the wrong hands.
OPERATIONAL SECURITY • Though originally used by the military, OPSEC is becoming popular in the private sector as well. Things that fall under the OPSEC umbrella include monitoring behaviors and habits on social media sites as well as discouraging employees from sharing login credentials via email or text message.
OPERATIONAL SECURITY
THE FIVE STEPS OF OPERATIONAL SECURITY The processes involved in operational security can be neatly categorized into five steps: 1. Identify your sensitive data. 2. Identify possible threats. 3. Analyze security holes and other vulnerabilities. 4. Appraise the level of risk associated with each vulnerability. 5. Get countermeasures in place.
THE FIVE STEPS OF OPERATIONAL SECURITY 1. Identify your sensitive data including your product research, intellectual property, financial statements, customer information, and employee information. This will be the data you will need to focus your resources on protecting.
THE FIVE STEPS OF OPERATIONAL SECURITY 2. Identify possible threats. For each category of information that you deem sensitive, you should identify what kinds of threats are present. While you should be wary of third parties trying to steal your information, you should also watch out for insider threats, such as negligent employees and disgruntled workers.
THE FIVE STEPS OF OPERATIONAL SECURITY 3. Analyze security holes and other vulnerabilities. Assess your current safeguards and determine what, if any, loopholes or weaknesses exist that may be exploited to gain access to your sensitive data.
THE FIVE STEPS OF OPERATIONAL SECURITY 4. Appraise the level of risk associated with each vulnerability. Rank your vulnerabilities using factors such as the likelihood of an attack happening, the extent of damage that you would suffer, and the amount of work and time you would need to recover. The more likely and damaging an attack is, the more you should prioritize mitigating the associated risk.
THE FIVE STEPS OF OPERATIONAL SECURITY 5. Get countermeasures in place. The last step of operational security is to create and implement a plan to eliminate threats and mitigate risks. This could include updating your hardware, creating new policies regarding sensitive data, or training employees on sound security practices and company policies.
THE FIVE STEPS OF OPERATIONAL SECURITY 5. Get countermeasures in place. Countermeasures should be straightforward and simple. Employees should be able to implement the measures required on their part with or without additional training.
BEST PRACTICES FOR OPERATIONAL SECURITY Follow these best practices to implement a robust, comprehensive operational security program:
BEST PRACTICES FOR OPERATIONAL SECURITY 1. Implement precise change management processes that your employees should follow when network changes are performed. All changes should be logged and controlled so they can be monitored and audited.
BEST PRACTICES FOR OPERATIONAL SECURITY 2. Restrict access to network devices using AAA authentication. In the military and other government entities, a “need-to-know” basis is often used as a rule of thumb regarding access and sharing of information.
• AAA authentication Authentication, authorization, and accounting (AAA) is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security.
BEST PRACTICES FOR OPERATIONAL SECURITY 3. Give your employees the minimum access necessary to perform their jobs. Practice the principle of least privilege.
BEST PRACTICES FOR OPERATIONAL SECURITY 4. Implement dual control. Make sure that those who work on your network are not the same people in charge of security.
BEST PRACTICES FOR OPERATIONAL SECURITY 5. Automate tasks to reduce the need for human intervention. Humans are the weakest link in any organization’s operational security initiatives because they make mistakes, overlook details, forget things, and bypass processes.
BEST PRACTICES FOR OPERATIONAL SECURITY 6. Incident response and disaster recovery planning are always crucial components of a sound security posture. Even when operational security measures are robust, you must have a plan to identify risks, respond to them, and mitigate potential damages.
Operational Security (OPSEC) • Risk management involves being able to identify threats and vulnerabilities before they become problems. Operational security forces managers to dive deeply into their operations and figure out where their information can be easily breached.
Operational Security (OPSEC) • Looking at operations from a malicious third- party’s perspective allows managers to spot vulnerabilities they may have otherwise missed so that they can implement the proper countermeasures to protect sensitive data.
Chapter III Physical and Environmental Security
Learning Objectives: At the end of this chapter, you will be able to; • Elaborate what is physical and environmental security. • Engage with the objectives of physical and environmental security. • Distinguish the physical security measures. • Recognize the physical controls. • Appreciate the essence of technical controls
Learning Outline • Physical and environmental security • Objectives of Physical and Environmental Security • Physical Security Measures • Physical Controls • Technical Controls
What does physical and environmental security mean?
What does physical and environmental security mean? The protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism.
Objectives of Physical and Environmental Security 1. Prevent unauthorized physical access, damage, and interference to premises and information. 2. Ensure sensitive information and critical information technology are housed in secure areas. 3. Prevent loss, damage, theft, or compromise of assets. 4. Prevent interruption of activities.
Objectives of Physical and Environmental Security 5. protect assets from physical and environmental threats. 6. ensure appropriate equipment location, removal, and disposal. 7. ensure appropriate supporting facilities (e.g., electrical supply, data and voice cabling infrastructure).
PHYSICAL AND ENVIRONMENTAL SECURITY The term physical and environmental security refers to measures taken to protect systems, buildings, and related supporting infrastructure against threats associated with their physical environment.
PHYSICAL AND ENVIRONMENTAL SECURITY Physical and environmental safeguards are often overlooked but are very important in protecting information. Physical security over past decades has become increasingly more difficult for organizations. Technology and computer environments now allow more compromises to occur due to increased vulnerabilities.
PHYSICAL AND ENVIRONMENTAL SECURITY USB hard drives, laptops, tablets and smartphones allow for information to be lost or stolen because of portability and mobile access. In the early days of computers, they were large mainframe computers only used by a few people and were secured in locked rooms.
PHYSICAL AND ENVIRONMENTAL SECURITY Today, desks are filled with desktop computers and mobile laptops that have access to company data from across the enterprise. Protecting data, networks and systems has become difficult to implement with mobile users able to take their computers out of the facilities.
PHYSICAL AND ENVIRONMENTAL SECURITY Fraud, vandalism, sabotage, accidents, and theft are increasing costs for organizations since the environments are becoming more “complex and dynamic”. Physical security becomes tougher to manage as technology increases with complexity, and more vulnerabilities are enabled.
PHYSICAL AND ENVIRONMENTAL SECURITY Buildings and rooms that house information and information technology systems must be afforded appropriate protection to avoid damage or unauthorized access to information and systems. In addition, the equipment housing this information (e.g., filing cabinets, data wiring, laptop computers, and portable disk drives) must be physically protected.
PHYSICAL AND ENVIRONMENTAL SECURITY Equipment theft is of primary concern, but other issues should be considered, such as damage or loss caused by fire, flood, and sensitivity to temperature extra.
PHYSICAL AND ENVIRONMENTAL SECURITY Physical and environmental security programs define the various measures or controls that protect organizations from loss of connectivity and availability of computer processing caused by theft, fire, flood, intentional destruction, unintentional damage, mechanical equipment failure and power failures.
Physical security measures should be sufficient to deal with foreseeable threats and should be tested periodically for their effectiveness and functionality.
Physical Security Measures 1. Determine which managers are responsible for planning, funding, and operations of physical security of the Data Center.
Physical Security Measures 2. Review best practices and standards that can assist with evaluating physical security controls, such as ISO/IEC 27002:2013.
Physical Security Measures 3. Establish a baseline by conducting a physical security controls gap assessment that will include the following as they relate to your campus Data Center:
Physical Security Measures 3.1 Environmental Controls An Environmental Control (EC) system can provide a level of independent control of many devices in the home for people with significant physical disabilities. EC may be suitable if you struggle to control equipment around you because of difficulties with using your arms or hands.
Physical Security Measures 3.2 Environmental Controls
Physical Security Measures 3.3 Natural Disaster Controls
Physical Security Measures 3.4 Supporting Utility Controls
Physical Security Measures 3.5 Physical Protection and Access Controls
Physical Security Measures 3.6 System Reliability Which ensures the system is doing the required job, goes hand in hand with reliability, which ensures the system is doing its job correctly. Although they come from different ways of looking at the same problem, they are both dependent on each other.
Physical Security Measures 3.7 Physical Security Awareness and Training
Physical Security Measures 3.8 Contingency Plans An alternative Information Systems Security (INFOSEC) plan that is implemented when normal business operations are interrupted by emergency, failover or disaster. A contingency plan is also known as a disaster recovery plan (DRP).
Physical Security Measures 4. Determine whether an appropriate investment in physical security equipment (alarms, locks or other physical access controls, identification badges for high-security areas, etc.) has been made and if these controls have been tested and function correctly.
Physical Security Measures 5. Provide responsible managers guidance in handling risks. For example, if the current investment in physical security controls is inadequate, this may allow unauthorized access to servers and network equipment. Inadequate funding for key positions with responsibility for IT physical security may result in poor monitoring, poor compliance with policies and standards, and overall poor physical security.
Physical Security Measures 6. Maintain a secure repository of physical and environmental security controls and policies and establish timelines for their evaluation, update and modification.
Physical Security Measures 7. Create a team of physical and environmental security auditors, outside of the management staff, to periodically assess the effectiveness of the measures taken and provide feedback on their usefulness and functionality.
Physical Controls Facilities need physical access controls in place that control, monitor and manage access. Categorizing building sections should be restricted, private or public. Different access control levels are needed to restrict zones that each employee may enter depending on their role.
Physical Controls Many mechanisms exist that enable control and isolation access privileges at facilities. These mechanisms are intended to discourage and detect access from unauthorized individuals.
Physical Controls 1. Perimeter Security Mantraps, gates, fences and turnstiles are used outside of the facility to create an additional layer of security before accessing the building.
Physical Controls 2. Badges Proof of identity is necessary for verifying if a person is an employee or visitor. These cards come in the forms of name tags, badges and identification (ID) cards. Badges can also be smart cards that integrate with access control systems. Pictures, RFID tags, magnetic strips, computer chips and employee information are frequently included to help security validate.
Physical Controls 3. Motion Detectors Motion detectors offer different technology options depending on necessity. They are used as intrusion detection devices and work in combination with alarm systems. Infrared motion detectors observe changes in infrared light patterns. Heat-based motion detectors sense changes in heat levels. Wave pattern motion detectors use ultrasonic or microwave frequencies that monitor changes in reflected patterns.
Physical Controls 4. Intrusion Alarms Alarms monitor various sensors and detectors. These devices are door and window contacts, glass break detectors, motion detectors, water sensors, and so on. Status changes in the devices trigger the alarm.
Technical Controls The main focus of technical controls is access control because it is one of the most compromised areas of security. Smart cards are a technical control that can allow physical access into a building or secured room and securely log in to company networks and computers.
Technical Controls Multiple layers of defense are needed for overlap to protect from attackers gaining direct access to company resources. Intrusion detection systems are technical controls that are essential because they detect an intrusion.
Technical Controls Detection is a must because it notifies the security event. Awareness of the event allows the organization to respond and contain the incident. Audit trails and access logs must be continually monitored. They enable the organization to locate where breaches are occurring and how often.
Technical Controls This information helps the security team reduce vulnerabilities. 1. Smart Cards 2. Proximity Readers and RFID 3. Intrusion Detection, Guards and CCTV 4. Auditing Physical Access
Technical Controls 1. Smart Cards Token cards have microchips and integrated circuits built into the cards that process data. Microchips and integrated circuits enable the smart card to do two-factor authentication. This authentication control helps keeps unauthorized attackers or employees from accessing rooms they are not permitted to enter.
Technical Controls 1. Smart Cards
Technical Controls 2. Proximity Readers and RFID. Access control systems use proximity readers to scan cards and determines if it has authorized access to enter the facility or area.
Technical Controls 2. Proximity Readers and RFID.
Technical Controls 3. Intrusion Detection, Guards and CCTV If the equipment is relocated without approval, intrusion detection systems (IDSs) can monitor and notify of unauthorized entries. IDSs are essential to security because the systems can send a warning if a specific event occurs or if access was attempted at an unusual time.
Technical Controls 3. Intrusion Detection, Guards and CCTV
Technical Controls 4. Auditing Physical Access Auditing physical access control systems require the use logs and audit trails to surmise where and when a person gained false entry into the facility or attempted to break-in.
Summary Physical protection can be achieved by creating one or more physical barriers around the organization’s premises and information processing facilities. The use of multiple barriers gives additional protection, where the failure of a single barrier does not mean that security is immediately compromised.
Chapter IV Supplier Relationships
Learning Objectives: At the end of this chapter, you will be able to; • Identify the Policy statement. • Engage with the Cope and application of the policy • Elaborate the Definitions of Supplier Relationships • Apprehend about Supplier relationship security policy • Engage with IT division practices • Recognize about Remote access monitoring • Distinguish about the Contract requirements
Learning Outline • POLICY STATEMENT • COPE AND APPLICATION OF THE POLICY • DEFINITIONS • SUPPLIER RELATIONSHIP SECURITY POLICY • IT DIVISION PRACTICES • REMOTE ACCESS MONITORING • CONTRACT REQUIREMENTS
What is Supplier Relationships?
How do you manage supplier relationships?
What do you understand by supplier relations?
POLICY STATEMENT • The security of information processed, transmitted or stored by organizations contracted by Organization to provide those services needs to be insured. This means that the Organization must put in place and manage contracts that protect the confidentiality, integrity and availability of information handled by suppliers of these services.
COPE AND APPLICATION OF THE POLICY • This policy affects all Organization in information technology systems that are supported by suppliers, whether the system or service provided is on-premise or not.
DEFINITIONS A. Suppliers Shall mean vendors, contractors or other third-parties that provide software or IT services to the Organization through a contract or other agreement.
DEFINITIONS B. Soft token Shall mean a software-based security token that generates a single-use login PIN.
DEFINITIONS C. RFP (Request for proposal) Shall mean either a request for proposal or an invitation for bid.
SUPPLIER RELATIONSHIP SECURITY POLICY A. IT Division Practices B. Contract Requirements
IT Division Practices Access Control 1. Supplier Accounts Access must be granted to suppliers only when required for performing work and with the full knowledge and prior approval of the data steward or their designee for the pertinent data
IT Division Practices Access Control 2. Multi-factor authentication a. Suppliers needing access to systems that require multi- factor authentication must do so from an account tied to an individual. b. When an exception to the single individual per supplier account is approved multi-factor authentication to the account must be accomplished by utilizing a soft token mechanism.
Remote Access Monitoring • When required for regulatory compliance supplier access to on-premise systems must be monitored or logged. This may be done using active monitoring by staff or by session logging done with software.
Contract Requirements IT contract requirements • Contracts that relate to services where data is stored off- campus must utilize the standard IT contract addendum, or contract language that sufficiently insures the security of the data.
Contract Requirements IT contract requirements • When purchasing software solutions, either hosted or on-premise, where the Organization has not issued an RFP then the supplier must complete the IT Solution Initial Assessment Tool. Responses to this tool must be analyzed and approved by IT prior to signing a contract.
Be ready for Termly Examination

Recommended

IT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoIT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoMark John Lado, MIT
 
IT Security and Management - Security Policies
IT Security and Management - Security PoliciesIT Security and Management - Security Policies
IT Security and Management - Security PoliciesMark John Lado, MIT
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityDhani Ahmad
 
Information security
Information securityInformation security
Information securityOnkar Sule
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet SecurityAna Meskovska
 
12 security policies
12 security policies12 security policies
12 security policiesSaqib Raza
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingKimberly Hood
 
Computing safety
Computing safetyComputing safety
Computing safetytitoferrus
 

Recommended

IT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoIT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoMark John Lado, MIT
 
IT Security and Management - Security Policies
IT Security and Management - Security PoliciesIT Security and Management - Security Policies
IT Security and Management - Security PoliciesMark John Lado, MIT
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityDhani Ahmad
 
Information security
Information securityInformation security
Information securityOnkar Sule
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet SecurityAna Meskovska
 
12 security policies
12 security policies12 security policies
12 security policiesSaqib Raza
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingKimberly Hood
 
Computing safety
Computing safetyComputing safety
Computing safetytitoferrus
 
Information security
Information securityInformation security
Information securityVijayananda Mohire
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And SecurityConstantine Karbaliotis
 
The red book
The red book The red book
The red book habiba Elmasry
 
Evolution of Security
Evolution of SecurityEvolution of Security
Evolution of SecurityDM_GS
 
Security Awareness
Security AwarenessSecurity Awareness
Security AwarenessDinesh O Bareja
 
IT Security and Risk Mitigation
IT Security and Risk MitigationIT Security and Risk Mitigation
IT Security and Risk MitigationMukalele Rogers
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security ManagementJonathan Coleman
 
I0516064
I0516064I0516064
I0516064IOSR Journals
 
Module 1 (legality)
Module 1 (legality)Module 1 (legality)
Module 1 (legality)Wail Hassan
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET Journal
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a SciencePankaj Rane
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Michael Kaishar, MSIA | CISSP
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Security Awareness and Training
Security Awareness and TrainingSecurity Awareness and Training
Security Awareness and TrainingPriyank Hada
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraIGN MANTRA
 
Hacking the Helpdesk, Craig Clark
Hacking the Helpdesk, Craig ClarkHacking the Helpdesk, Craig Clark
Hacking the Helpdesk, Craig ClarkService Desk Institute
 
It and-cyber-module-2
It and-cyber-module-2It and-cyber-module-2
It and-cyber-module-2Marneil Sanchez
 
Trustwave Cybersecurity Education Catalog
Trustwave Cybersecurity Education CatalogTrustwave Cybersecurity Education Catalog
Trustwave Cybersecurity Education CatalogTrustwave
 
Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfChris Galvan
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...cyberprosocial
 

More Related Content

What's hot

Evolution of Security
Evolution of SecurityEvolution of Security
Evolution of SecurityDM_GS
 
IT Security and Risk Mitigation
IT Security and Risk MitigationIT Security and Risk Mitigation
IT Security and Risk MitigationMukalele Rogers
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security ManagementJonathan Coleman
 
Module 1 (legality)
Module 1 (legality)Module 1 (legality)
Module 1 (legality)Wail Hassan
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET Journal
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a SciencePankaj Rane
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Michael Kaishar, MSIA | CISSP
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Security Awareness and Training
Security Awareness and TrainingSecurity Awareness and Training
Security Awareness and TrainingPriyank Hada
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraIGN MANTRA
 
Trustwave Cybersecurity Education Catalog
Trustwave Cybersecurity Education CatalogTrustwave Cybersecurity Education Catalog
Trustwave Cybersecurity Education CatalogTrustwave
 

What's hot (20)

Information security
Information securityInformation security
Information security
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
 
The red book
The red book The red book
The red book
 
Evolution of Security
Evolution of SecurityEvolution of Security
Evolution of Security
 
Security Awareness
Security AwarenessSecurity Awareness
Security Awareness
 
IT Security and Risk Mitigation
IT Security and Risk MitigationIT Security and Risk Mitigation
IT Security and Risk Mitigation
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
 
I0516064
I0516064I0516064
I0516064
 
Module 1 (legality)
Module 1 (legality)Module 1 (legality)
Module 1 (legality)
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a Science
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
Security Awareness and Training
Security Awareness and TrainingSecurity Awareness and Training
Security Awareness and Training
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
 
Hacking the Helpdesk, Craig Clark
Hacking the Helpdesk, Craig ClarkHacking the Helpdesk, Craig Clark
Hacking the Helpdesk, Craig Clark
 
It and-cyber-module-2
It and-cyber-module-2It and-cyber-module-2
It and-cyber-module-2
 
Trustwave Cybersecurity Education Catalog
Trustwave Cybersecurity Education CatalogTrustwave Cybersecurity Education Catalog
Trustwave Cybersecurity Education Catalog
 

Similar to IT Security and Management - Semi Finals by Mark John Lado

Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfChris Galvan
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...cyberprosocial
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimemuhammad awais
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills
 
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxChapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxchristinemaritza
 
Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016Samuel Loomis
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
Future Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecFuture Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecCheapSSLsecurity
 
Preparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyPreparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyRapidSSLOnline.com
 
10 Tips to Improve Your Security Incident Readiness and Reponse
10 Tips to Improve Your Security Incident Readiness and Reponse10 Tips to Improve Your Security Incident Readiness and Reponse
10 Tips to Improve Your Security Incident Readiness and ReponseEMC
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
Automated Incident Handling Using SIM
Automated Incident Handling Using SIMAutomated Incident Handling Using SIM
Automated Incident Handling Using SIMAnton Chuvakin
 
Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Symantec
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security BackgroundNicholas Davis
 
Information security background
Information security backgroundInformation security background
Information security backgroundNicholas Davis
 
Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docx Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docxMARRY7
 

Similar to IT Security and Management - Semi Finals by Mark John Lado (20)

Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdf
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample Material
 
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxChapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
 
Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise Infilteration
 
Future Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecFuture Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - Symantec
 
Preparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyPreparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategy
 
10 Tips to Improve Your Security Incident Readiness and Reponse
10 Tips to Improve Your Security Incident Readiness and Reponse10 Tips to Improve Your Security Incident Readiness and Reponse
10 Tips to Improve Your Security Incident Readiness and Reponse
 
Incident handling.final
Incident handling.finalIncident handling.final
Incident handling.final
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical Hacking
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Automated Incident Handling Using SIM
Automated Incident Handling Using SIMAutomated Incident Handling Using SIM
Automated Incident Handling Using SIM
 
Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
 
Information security background
Information security backgroundInformation security background
Information security background
 
Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docx Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docx
 
It risk assessment
It risk assessmentIt risk assessment
It risk assessment
 

More from Mark John Lado, MIT

Exploring Parts of Speech, Creating Strong Objectives, and Choosing the Right...
Exploring Parts of Speech, Creating Strong Objectives, and Choosing the Right...Exploring Parts of Speech, Creating Strong Objectives, and Choosing the Right...
Exploring Parts of Speech, Creating Strong Objectives, and Choosing the Right...Mark John Lado, MIT
 
Optimizing Embedded System Device Communication with Network Topology Design
Optimizing Embedded System Device Communication with Network Topology DesignOptimizing Embedded System Device Communication with Network Topology Design
Optimizing Embedded System Device Communication with Network Topology DesignMark John Lado, MIT
 
Embedded Systems IO Peripherals Wireless Communication.pdf
Embedded Systems IO Peripherals Wireless Communication.pdfEmbedded Systems IO Peripherals Wireless Communication.pdf
Embedded Systems IO Peripherals Wireless Communication.pdfMark John Lado, MIT
 
Implementing the 6S Lean Methodology for Streamlined Computer System Maintena...
Implementing the 6S Lean Methodology for Streamlined Computer System Maintena...Implementing the 6S Lean Methodology for Streamlined Computer System Maintena...
Implementing the 6S Lean Methodology for Streamlined Computer System Maintena...Mark John Lado, MIT
 
ISO IEC 25010 2011 Systems and Software Quality Requirements and Evaluation S...
ISO IEC 25010 2011 Systems and Software Quality Requirements and Evaluation S...ISO IEC 25010 2011 Systems and Software Quality Requirements and Evaluation S...
ISO IEC 25010 2011 Systems and Software Quality Requirements and Evaluation S...Mark John Lado, MIT
 
4 Module - Operating Systems Configuration and Use by Mark John Lado
4 Module - Operating Systems Configuration and Use by Mark John Lado4 Module - Operating Systems Configuration and Use by Mark John Lado
4 Module - Operating Systems Configuration and Use by Mark John LadoMark John Lado, MIT
 
3 Module - Operating Systems Configuration and Use by Mark John Lado
3 Module - Operating Systems Configuration and Use by Mark John Lado3 Module - Operating Systems Configuration and Use by Mark John Lado
3 Module - Operating Systems Configuration and Use by Mark John LadoMark John Lado, MIT
 
1 Module - Operating Systems Configuration and Use by Mark John Lado
1 Module - Operating Systems Configuration and Use by Mark John Lado1 Module - Operating Systems Configuration and Use by Mark John Lado
1 Module - Operating Systems Configuration and Use by Mark John LadoMark John Lado, MIT
 
2 Module - Operating Systems Configuration and Use by Mark John Lado
2 Module - Operating Systems Configuration and Use by Mark John Lado2 Module - Operating Systems Configuration and Use by Mark John Lado
2 Module - Operating Systems Configuration and Use by Mark John LadoMark John Lado, MIT
 
PART 1 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 1 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...PART 1 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 1 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...Mark John Lado, MIT
 
PART 2 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 2 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...PART 2 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 2 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...Mark John Lado, MIT
 
PART 3 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 3 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...PART 3 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 3 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...Mark John Lado, MIT
 
Dart Programming Language by Mark John Lado
Dart Programming Language by Mark John LadoDart Programming Language by Mark John Lado
Dart Programming Language by Mark John LadoMark John Lado, MIT
 
Computer hacking and security - Social Responsibility of IT Professional by M...
Computer hacking and security - Social Responsibility of IT Professional by M...Computer hacking and security - Social Responsibility of IT Professional by M...
Computer hacking and security - Social Responsibility of IT Professional by M...Mark John Lado, MIT
 
A WIRELESS DIGITAL PUBLIC ADDRESS WITH VOICE ALARM AND TEXT-TO-SPEECH FEATURE...
A WIRELESS DIGITAL PUBLIC ADDRESS WITH VOICE ALARM AND TEXT-TO-SPEECH FEATURE...A WIRELESS DIGITAL PUBLIC ADDRESS WITH VOICE ALARM AND TEXT-TO-SPEECH FEATURE...
A WIRELESS DIGITAL PUBLIC ADDRESS WITH VOICE ALARM AND TEXT-TO-SPEECH FEATURE...Mark John Lado, MIT
 
Systems Administration - MARK JOHN LADO
Systems Administration - MARK JOHN LADOSystems Administration - MARK JOHN LADO
Systems Administration - MARK JOHN LADOMark John Lado, MIT
 
Introduction to Networks and Programming Language
Introduction to Networks and Programming LanguageIntroduction to Networks and Programming Language
Introduction to Networks and Programming LanguageMark John Lado, MIT
 
IT Infrastructure and Network Technologies - Finals by Mark John Lado
IT Infrastructure and Network Technologies - Finals by Mark John LadoIT Infrastructure and Network Technologies - Finals by Mark John Lado
IT Infrastructure and Network Technologies - Finals by Mark John LadoMark John Lado, MIT
 

More from Mark John Lado, MIT (20)

Exploring Parts of Speech, Creating Strong Objectives, and Choosing the Right...
Exploring Parts of Speech, Creating Strong Objectives, and Choosing the Right...Exploring Parts of Speech, Creating Strong Objectives, and Choosing the Right...
Exploring Parts of Speech, Creating Strong Objectives, and Choosing the Right...
 
Optimizing Embedded System Device Communication with Network Topology Design
Optimizing Embedded System Device Communication with Network Topology DesignOptimizing Embedded System Device Communication with Network Topology Design
Optimizing Embedded System Device Communication with Network Topology Design
 
Embedded Systems IO Peripherals Wireless Communication.pdf
Embedded Systems IO Peripherals Wireless Communication.pdfEmbedded Systems IO Peripherals Wireless Communication.pdf
Embedded Systems IO Peripherals Wireless Communication.pdf
 
Implementing the 6S Lean Methodology for Streamlined Computer System Maintena...
Implementing the 6S Lean Methodology for Streamlined Computer System Maintena...Implementing the 6S Lean Methodology for Streamlined Computer System Maintena...
Implementing the 6S Lean Methodology for Streamlined Computer System Maintena...
 
ISO IEC 25010 2011 Systems and Software Quality Requirements and Evaluation S...
ISO IEC 25010 2011 Systems and Software Quality Requirements and Evaluation S...ISO IEC 25010 2011 Systems and Software Quality Requirements and Evaluation S...
ISO IEC 25010 2011 Systems and Software Quality Requirements and Evaluation S...
 
4 Module - Operating Systems Configuration and Use by Mark John Lado
4 Module - Operating Systems Configuration and Use by Mark John Lado4 Module - Operating Systems Configuration and Use by Mark John Lado
4 Module - Operating Systems Configuration and Use by Mark John Lado
 
3 Module - Operating Systems Configuration and Use by Mark John Lado
3 Module - Operating Systems Configuration and Use by Mark John Lado3 Module - Operating Systems Configuration and Use by Mark John Lado
3 Module - Operating Systems Configuration and Use by Mark John Lado
 
1 Module - Operating Systems Configuration and Use by Mark John Lado
1 Module - Operating Systems Configuration and Use by Mark John Lado1 Module - Operating Systems Configuration and Use by Mark John Lado
1 Module - Operating Systems Configuration and Use by Mark John Lado
 
2 Module - Operating Systems Configuration and Use by Mark John Lado
2 Module - Operating Systems Configuration and Use by Mark John Lado2 Module - Operating Systems Configuration and Use by Mark John Lado
2 Module - Operating Systems Configuration and Use by Mark John Lado
 
PART 1 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 1 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...PART 1 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 1 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
 
PART 2 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 2 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...PART 2 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 2 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
 
PART 3 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 3 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...PART 3 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
PART 3 CT-318-Microprocessor-Systems Lesson 3 - LED Display by Mark John Lado...
 
Dart Programming Language by Mark John Lado
Dart Programming Language by Mark John LadoDart Programming Language by Mark John Lado
Dart Programming Language by Mark John Lado
 
What is CRUD in TPS?
What is CRUD in TPS?What is CRUD in TPS?
What is CRUD in TPS?
 
Computer hacking and security - Social Responsibility of IT Professional by M...
Computer hacking and security - Social Responsibility of IT Professional by M...Computer hacking and security - Social Responsibility of IT Professional by M...
Computer hacking and security - Social Responsibility of IT Professional by M...
 
A WIRELESS DIGITAL PUBLIC ADDRESS WITH VOICE ALARM AND TEXT-TO-SPEECH FEATURE...
A WIRELESS DIGITAL PUBLIC ADDRESS WITH VOICE ALARM AND TEXT-TO-SPEECH FEATURE...A WIRELESS DIGITAL PUBLIC ADDRESS WITH VOICE ALARM AND TEXT-TO-SPEECH FEATURE...
A WIRELESS DIGITAL PUBLIC ADDRESS WITH VOICE ALARM AND TEXT-TO-SPEECH FEATURE...
 
Systems Administration - MARK JOHN LADO
Systems Administration - MARK JOHN LADOSystems Administration - MARK JOHN LADO
Systems Administration - MARK JOHN LADO
 
Introduction to Networks and Programming Language
Introduction to Networks and Programming LanguageIntroduction to Networks and Programming Language
Introduction to Networks and Programming Language
 
MIS Concept Final Term
MIS Concept Final TermMIS Concept Final Term
MIS Concept Final Term
 
IT Infrastructure and Network Technologies - Finals by Mark John Lado
IT Infrastructure and Network Technologies - Finals by Mark John LadoIT Infrastructure and Network Technologies - Finals by Mark John Lado
IT Infrastructure and Network Technologies - Finals by Mark John Lado
 

Recently uploaded

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 

Recently uploaded (20)

Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 

IT Security and Management - Semi Finals by Mark John Lado

  • 1. 1. Incident Response 2. Operational Security 3. Physical and Environmental Security 4. Supplier Relationships Semi Finals – Bachelor of Science in information System IT Security and Management
  • 3.
  • 5. Drill • Havoc - widespread destruction • Wreak Havoc - to cause great damage • Data Breach - a security incident in which information is accessed without authorization. • Alienate - a withdrawing or separation of a person
  • 6. Learning Objectives: At the end of this chapter, you will be able to; • Recognize the incident response. • Know how the incident response important. • Engage with the three elements of incident response management. • Familiarize the six steps of incident response plan.
  • 8. What is Incident Response? A term used to describe the process by which an organization handles a data breach or cyber attack, including the way the organization attempts to manage the consequences of the attack or breach (the “incident”).
  • 9. What is Incident Response? • Incident response is the methodology an organization uses to respond to and manage a cyber-attack. An attack or data breach can wreak havoc potentially affecting customers, intellectual property company time and resources, and brand value.
  • 10. What is Incident Response? • An incident response aims to reduce this damage and recover as quickly as possible. Investigation is also a key component in order to learn from the attack and better prepare for the future.
  • 11. What is Incident Response? • Because many companies today experience a breach at some point in time, a well-developed and repeatable incident response plan is the best way to protect your company.
  • 13. Why is Incident Response Important? • As the cyber-attacks increase in scale and frequency, incident response plans become more vital to a company’s cyber defenses. Poor incident response can alienate customers.
  • 14. Who is the Incident Response Team? • The company should look to their “Computer Incident Response Team (CIRT)” to lead incident response efforts.
  • 15. Who is the Incident Response Team? • This team is comprised of experts from upper-level management, IT, information security, IT auditors when available, as well as any physical security staff that can aid when an incident includes direct contact to company systems. Incident response should also be supported by HR, legal, and PR or communications.
  • 16. The Responsible for Incident Response Incident Response Manager Who oversees and prioritizes action during the detection, analysis and containment of an incident
  • 17. The Responsible for Incident Response Security Analyst Who supports the manager and work directly with the affected network to research the time, location and details of an incident.
  • 18. The Responsible for Incident Response Triage Analyst Filter out false positives and keep an eye out for potential intrusions.
  • 19. Elements of Incident Response Management 1. Incident Response Plan 2. Incident Response Team 3. Incident Response Tools
  • 20. Incident Response Plan An incident response plan should prepare your team to deal with threats, indicate how to isolate incidents and identify their severity, how to stop the attack and eradicate the underlying cause, how to recover production systems, and how to conduct a post-mortem analysis to prevent future attacks.
  • 21. Steps of Incident Response Plan 1. Preparation 2. Identification 3. Containment 4. Eradication 5. Recovery 6. Lessons learned
  • 22. Steps of Incident Response Plan 1. Preparation Listing all possible threat scenarios. Develop policies to implement in the event of a cyber attack. Develop a communication plan. Outline the roles, responsibilities, and procedures of your team.
  • 23. Steps of Incident Response Plan 1. Preparation Establish a corporate security policy Recruit and train team members, ensure they have access to relevant systems. Ensure team members have access to relevant technologies and tools.
  • 24. Steps of Incident Response Plan 2. Identification Identify and assess the incident and gathered evidence. Decide on the severity and type of the incident and escalate if necessary.
  • 25. Steps of Incident Response Plan 2. Identification Document actions taken, addressing “who, what, where, why, and how.” This information may be used later as evidence if the incident reaches a court of law.
  • 26. Steps of Incident Response Plan 3. Containment The act of preventing the expansion of harm. Typically involves disconnecting affected computers from the network.
  • 27. Steps of Incident Response Plan 4. Eradication Finding the root cause of the incident and removing affected systems from the production environment.
  • 28. Steps of Incident Response Plan 4. Eradication These steps may change the configuration of the organization. The aim is to make changes while minimizing the effect on the operations of the organization. You can achieve this by stopping the bleeding and limiting the amount of data that is exposed.
  • 29. Steps of Incident Response Plan 5. Recovery Ensure that affected systems are not in danger and can be restored to working condition. The purpose of this phase is to bring affected systems back into the production environment carefully, to ensure they will not lead to another incident.
  • 30. Steps of Incident Response Plan 5. Recovery Ensure another incident doesn’t occur by restoring systems from clean backups, replacing compromised files with clean versions, rebuilding systems from scratch, installing patches, changing passwords and reinforcing network perimeter security.
  • 31. Steps of Incident Response Plan 6. Lessons learned Completing incident documentation, performing analysis to learn from incident and potentially improving future response efforts. Complete documentation that couldn’t be prepared during the response process. The team should identify how the incident was managed and eradicated.
  • 32. The Incident Response Team • To prepare for and attend to incidents, you should form a centralized incident response team, responsible for identifying security breaches and taking responsive actions.
  • 33. The Incident Response Team The team should include: Incident response manager (team leader) Security analysts Lead investigator Threat researchers Communications lead Documentation and timeline lead Legal representation
  • 34. Incident Response Tools • Cyber incident response tools are more often used by security industries to test the vulnerabilities and provide an emergency incident response to compromised network and applications and helps to take the appropriate incident response steps.
  • 35. Summary Incident response is an approach to handling security breaches. The aim of incident response is to identify an attack, contain the damage, and eradicate the root cause of the incident. An incident can be defined as any breach of law, policy or unacceptable act that concerns information assets, such as networks, computers, or smartphones.
  • 37.
  • 38.
  • 39.
  • 40. Learning Objectives At the end of this chapter, you will be able to; • Familiarize of what is operational security. • Engage with the five steps of operational security. • Recognize the best practices for operational security • Apply the confidentiality, integrity, availability, and nonrepudiation in the corporate world.
  • 41. Learning Outline 1. OPERATIONAL SECURITY 2. THE FIVE STEPS OF OPERATIONAL SECURITY 3. BEST PRACTICES FOR OPERATIONAL SECURITY
  • 42. OPERATIONAL SECURITY • Operational security (OPSEC), also known as procedural security, is a risk management process that encourages managers to view operations from the perspective of an adversary in order to protect sensitive information from falling into the wrong hands.
  • 43. OPERATIONAL SECURITY • Though originally used by the military, OPSEC is becoming popular in the private sector as well. Things that fall under the OPSEC umbrella include monitoring behaviors and habits on social media sites as well as discouraging employees from sharing login credentials via email or text message.
  • 45. THE FIVE STEPS OF OPERATIONAL SECURITY The processes involved in operational security can be neatly categorized into five steps: 1. Identify your sensitive data. 2. Identify possible threats. 3. Analyze security holes and other vulnerabilities. 4. Appraise the level of risk associated with each vulnerability. 5. Get countermeasures in place.
  • 46. THE FIVE STEPS OF OPERATIONAL SECURITY 1. Identify your sensitive data including your product research, intellectual property, financial statements, customer information, and employee information. This will be the data you will need to focus your resources on protecting.
  • 47. THE FIVE STEPS OF OPERATIONAL SECURITY 2. Identify possible threats. For each category of information that you deem sensitive, you should identify what kinds of threats are present. While you should be wary of third parties trying to steal your information, you should also watch out for insider threats, such as negligent employees and disgruntled workers.
  • 48. THE FIVE STEPS OF OPERATIONAL SECURITY 3. Analyze security holes and other vulnerabilities. Assess your current safeguards and determine what, if any, loopholes or weaknesses exist that may be exploited to gain access to your sensitive data.
  • 49. THE FIVE STEPS OF OPERATIONAL SECURITY 4. Appraise the level of risk associated with each vulnerability. Rank your vulnerabilities using factors such as the likelihood of an attack happening, the extent of damage that you would suffer, and the amount of work and time you would need to recover. The more likely and damaging an attack is, the more you should prioritize mitigating the associated risk.
  • 50. THE FIVE STEPS OF OPERATIONAL SECURITY 5. Get countermeasures in place. The last step of operational security is to create and implement a plan to eliminate threats and mitigate risks. This could include updating your hardware, creating new policies regarding sensitive data, or training employees on sound security practices and company policies.
  • 51. THE FIVE STEPS OF OPERATIONAL SECURITY 5. Get countermeasures in place. Countermeasures should be straightforward and simple. Employees should be able to implement the measures required on their part with or without additional training.
  • 52. BEST PRACTICES FOR OPERATIONAL SECURITY Follow these best practices to implement a robust, comprehensive operational security program:
  • 53. BEST PRACTICES FOR OPERATIONAL SECURITY 1. Implement precise change management processes that your employees should follow when network changes are performed. All changes should be logged and controlled so they can be monitored and audited.
  • 54. BEST PRACTICES FOR OPERATIONAL SECURITY 2. Restrict access to network devices using AAA authentication. In the military and other government entities, a “need-to-know” basis is often used as a rule of thumb regarding access and sharing of information.
  • 55. • AAA authentication Authentication, authorization, and accounting (AAA) is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security.
  • 56. BEST PRACTICES FOR OPERATIONAL SECURITY 3. Give your employees the minimum access necessary to perform their jobs. Practice the principle of least privilege.
  • 57. BEST PRACTICES FOR OPERATIONAL SECURITY 4. Implement dual control. Make sure that those who work on your network are not the same people in charge of security.
  • 58. BEST PRACTICES FOR OPERATIONAL SECURITY 5. Automate tasks to reduce the need for human intervention. Humans are the weakest link in any organization’s operational security initiatives because they make mistakes, overlook details, forget things, and bypass processes.
  • 59. BEST PRACTICES FOR OPERATIONAL SECURITY 6. Incident response and disaster recovery planning are always crucial components of a sound security posture. Even when operational security measures are robust, you must have a plan to identify risks, respond to them, and mitigate potential damages.
  • 60. Operational Security (OPSEC) • Risk management involves being able to identify threats and vulnerabilities before they become problems. Operational security forces managers to dive deeply into their operations and figure out where their information can be easily breached.
  • 61. Operational Security (OPSEC) • Looking at operations from a malicious third- party’s perspective allows managers to spot vulnerabilities they may have otherwise missed so that they can implement the proper countermeasures to protect sensitive data.
  • 63. Learning Objectives: At the end of this chapter, you will be able to; • Elaborate what is physical and environmental security. • Engage with the objectives of physical and environmental security. • Distinguish the physical security measures. • Recognize the physical controls. • Appreciate the essence of technical controls
  • 64. Learning Outline • Physical and environmental security • Objectives of Physical and Environmental Security • Physical Security Measures • Physical Controls • Technical Controls
  • 65. What does physical and environmental security mean?
  • 66. What does physical and environmental security mean? The protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism.
  • 67. Objectives of Physical and Environmental Security 1. Prevent unauthorized physical access, damage, and interference to premises and information. 2. Ensure sensitive information and critical information technology are housed in secure areas. 3. Prevent loss, damage, theft, or compromise of assets. 4. Prevent interruption of activities.
  • 68. Objectives of Physical and Environmental Security 5. protect assets from physical and environmental threats. 6. ensure appropriate equipment location, removal, and disposal. 7. ensure appropriate supporting facilities (e.g., electrical supply, data and voice cabling infrastructure).
  • 69. PHYSICAL AND ENVIRONMENTAL SECURITY The term physical and environmental security refers to measures taken to protect systems, buildings, and related supporting infrastructure against threats associated with their physical environment.
  • 70. PHYSICAL AND ENVIRONMENTAL SECURITY Physical and environmental safeguards are often overlooked but are very important in protecting information. Physical security over past decades has become increasingly more difficult for organizations. Technology and computer environments now allow more compromises to occur due to increased vulnerabilities.
  • 71. PHYSICAL AND ENVIRONMENTAL SECURITY USB hard drives, laptops, tablets and smartphones allow for information to be lost or stolen because of portability and mobile access. In the early days of computers, they were large mainframe computers only used by a few people and were secured in locked rooms.
  • 72. PHYSICAL AND ENVIRONMENTAL SECURITY Today, desks are filled with desktop computers and mobile laptops that have access to company data from across the enterprise. Protecting data, networks and systems has become difficult to implement with mobile users able to take their computers out of the facilities.
  • 73. PHYSICAL AND ENVIRONMENTAL SECURITY Fraud, vandalism, sabotage, accidents, and theft are increasing costs for organizations since the environments are becoming more “complex and dynamic”. Physical security becomes tougher to manage as technology increases with complexity, and more vulnerabilities are enabled.
  • 74. PHYSICAL AND ENVIRONMENTAL SECURITY Buildings and rooms that house information and information technology systems must be afforded appropriate protection to avoid damage or unauthorized access to information and systems. In addition, the equipment housing this information (e.g., filing cabinets, data wiring, laptop computers, and portable disk drives) must be physically protected.
  • 75. PHYSICAL AND ENVIRONMENTAL SECURITY Equipment theft is of primary concern, but other issues should be considered, such as damage or loss caused by fire, flood, and sensitivity to temperature extra.
  • 76. PHYSICAL AND ENVIRONMENTAL SECURITY Physical and environmental security programs define the various measures or controls that protect organizations from loss of connectivity and availability of computer processing caused by theft, fire, flood, intentional destruction, unintentional damage, mechanical equipment failure and power failures.
  • 77. Physical security measures should be sufficient to deal with foreseeable threats and should be tested periodically for their effectiveness and functionality.
  • 78. Physical Security Measures 1. Determine which managers are responsible for planning, funding, and operations of physical security of the Data Center.
  • 79. Physical Security Measures 2. Review best practices and standards that can assist with evaluating physical security controls, such as ISO/IEC 27002:2013.
  • 80. Physical Security Measures 3. Establish a baseline by conducting a physical security controls gap assessment that will include the following as they relate to your campus Data Center:
  • 81. Physical Security Measures 3.1 Environmental Controls An Environmental Control (EC) system can provide a level of independent control of many devices in the home for people with significant physical disabilities. EC may be suitable if you struggle to control equipment around you because of difficulties with using your arms or hands.
  • 82. Physical Security Measures 3.2 Environmental Controls
  • 83. Physical Security Measures 3.3 Natural Disaster Controls
  • 84. Physical Security Measures 3.4 Supporting Utility Controls
  • 85. Physical Security Measures 3.5 Physical Protection and Access Controls
  • 86. Physical Security Measures 3.6 System Reliability Which ensures the system is doing the required job, goes hand in hand with reliability, which ensures the system is doing its job correctly. Although they come from different ways of looking at the same problem, they are both dependent on each other.
  • 87. Physical Security Measures 3.7 Physical Security Awareness and Training
  • 88. Physical Security Measures 3.8 Contingency Plans An alternative Information Systems Security (INFOSEC) plan that is implemented when normal business operations are interrupted by emergency, failover or disaster. A contingency plan is also known as a disaster recovery plan (DRP).
  • 89. Physical Security Measures 4. Determine whether an appropriate investment in physical security equipment (alarms, locks or other physical access controls, identification badges for high-security areas, etc.) has been made and if these controls have been tested and function correctly.
  • 90. Physical Security Measures 5. Provide responsible managers guidance in handling risks. For example, if the current investment in physical security controls is inadequate, this may allow unauthorized access to servers and network equipment. Inadequate funding for key positions with responsibility for IT physical security may result in poor monitoring, poor compliance with policies and standards, and overall poor physical security.
  • 91. Physical Security Measures 6. Maintain a secure repository of physical and environmental security controls and policies and establish timelines for their evaluation, update and modification.
  • 92. Physical Security Measures 7. Create a team of physical and environmental security auditors, outside of the management staff, to periodically assess the effectiveness of the measures taken and provide feedback on their usefulness and functionality.
  • 93. Physical Controls Facilities need physical access controls in place that control, monitor and manage access. Categorizing building sections should be restricted, private or public. Different access control levels are needed to restrict zones that each employee may enter depending on their role.
  • 94. Physical Controls Many mechanisms exist that enable control and isolation access privileges at facilities. These mechanisms are intended to discourage and detect access from unauthorized individuals.
  • 95. Physical Controls 1. Perimeter Security Mantraps, gates, fences and turnstiles are used outside of the facility to create an additional layer of security before accessing the building.
  • 96. Physical Controls 2. Badges Proof of identity is necessary for verifying if a person is an employee or visitor. These cards come in the forms of name tags, badges and identification (ID) cards. Badges can also be smart cards that integrate with access control systems. Pictures, RFID tags, magnetic strips, computer chips and employee information are frequently included to help security validate.
  • 97. Physical Controls 3. Motion Detectors Motion detectors offer different technology options depending on necessity. They are used as intrusion detection devices and work in combination with alarm systems. Infrared motion detectors observe changes in infrared light patterns. Heat-based motion detectors sense changes in heat levels. Wave pattern motion detectors use ultrasonic or microwave frequencies that monitor changes in reflected patterns.
  • 98. Physical Controls 4. Intrusion Alarms Alarms monitor various sensors and detectors. These devices are door and window contacts, glass break detectors, motion detectors, water sensors, and so on. Status changes in the devices trigger the alarm.
  • 99. Technical Controls The main focus of technical controls is access control because it is one of the most compromised areas of security. Smart cards are a technical control that can allow physical access into a building or secured room and securely log in to company networks and computers.
  • 100. Technical Controls Multiple layers of defense are needed for overlap to protect from attackers gaining direct access to company resources. Intrusion detection systems are technical controls that are essential because they detect an intrusion.
  • 101. Technical Controls Detection is a must because it notifies the security event. Awareness of the event allows the organization to respond and contain the incident. Audit trails and access logs must be continually monitored. They enable the organization to locate where breaches are occurring and how often.
  • 102. Technical Controls This information helps the security team reduce vulnerabilities. 1. Smart Cards 2. Proximity Readers and RFID 3. Intrusion Detection, Guards and CCTV 4. Auditing Physical Access
  • 103. Technical Controls 1. Smart Cards Token cards have microchips and integrated circuits built into the cards that process data. Microchips and integrated circuits enable the smart card to do two-factor authentication. This authentication control helps keeps unauthorized attackers or employees from accessing rooms they are not permitted to enter.
  • 105. Technical Controls 2. Proximity Readers and RFID. Access control systems use proximity readers to scan cards and determines if it has authorized access to enter the facility or area.
  • 106. Technical Controls 2. Proximity Readers and RFID.
  • 107. Technical Controls 3. Intrusion Detection, Guards and CCTV If the equipment is relocated without approval, intrusion detection systems (IDSs) can monitor and notify of unauthorized entries. IDSs are essential to security because the systems can send a warning if a specific event occurs or if access was attempted at an unusual time.
  • 108. Technical Controls 3. Intrusion Detection, Guards and CCTV
  • 109. Technical Controls 4. Auditing Physical Access Auditing physical access control systems require the use logs and audit trails to surmise where and when a person gained false entry into the facility or attempted to break-in.
  • 110. Summary Physical protection can be achieved by creating one or more physical barriers around the organization’s premises and information processing facilities. The use of multiple barriers gives additional protection, where the failure of a single barrier does not mean that security is immediately compromised.
  • 112. Learning Objectives: At the end of this chapter, you will be able to; • Identify the Policy statement. • Engage with the Cope and application of the policy • Elaborate the Definitions of Supplier Relationships • Apprehend about Supplier relationship security policy • Engage with IT division practices • Recognize about Remote access monitoring • Distinguish about the Contract requirements
  • 113. Learning Outline • POLICY STATEMENT • COPE AND APPLICATION OF THE POLICY • DEFINITIONS • SUPPLIER RELATIONSHIP SECURITY POLICY • IT DIVISION PRACTICES • REMOTE ACCESS MONITORING • CONTRACT REQUIREMENTS
  • 115. How do you manage supplier relationships?
  • 116. What do you understand by supplier relations?
  • 117. POLICY STATEMENT • The security of information processed, transmitted or stored by organizations contracted by Organization to provide those services needs to be insured. This means that the Organization must put in place and manage contracts that protect the confidentiality, integrity and availability of information handled by suppliers of these services.
  • 118. COPE AND APPLICATION OF THE POLICY • This policy affects all Organization in information technology systems that are supported by suppliers, whether the system or service provided is on-premise or not.
  • 119. DEFINITIONS A. Suppliers Shall mean vendors, contractors or other third-parties that provide software or IT services to the Organization through a contract or other agreement.
  • 120. DEFINITIONS B. Soft token Shall mean a software-based security token that generates a single-use login PIN.
  • 121. DEFINITIONS C. RFP (Request for proposal) Shall mean either a request for proposal or an invitation for bid.
  • 122. SUPPLIER RELATIONSHIP SECURITY POLICY A. IT Division Practices B. Contract Requirements
  • 123. IT Division Practices Access Control 1. Supplier Accounts Access must be granted to suppliers only when required for performing work and with the full knowledge and prior approval of the data steward or their designee for the pertinent data
  • 124. IT Division Practices Access Control 2. Multi-factor authentication a. Suppliers needing access to systems that require multi- factor authentication must do so from an account tied to an individual. b. When an exception to the single individual per supplier account is approved multi-factor authentication to the account must be accomplished by utilizing a soft token mechanism.
  • 125. Remote Access Monitoring • When required for regulatory compliance supplier access to on-premise systems must be monitored or logged. This may be done using active monitoring by staff or by session logging done with software.
  • 126. Contract Requirements IT contract requirements • Contracts that relate to services where data is stored off- campus must utilize the standard IT contract addendum, or contract language that sufficiently insures the security of the data.
  • 127. Contract Requirements IT contract requirements • When purchasing software solutions, either hosted or on-premise, where the Organization has not issued an RFP then the supplier must complete the IT Solution Initial Assessment Tool. Responses to this tool must be analyzed and approved by IT prior to signing a contract.
  • 128. Be ready for Termly Examination