SlideShare a Scribd company logo

Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx

Download as DOCX, PDF
B
bobbywlane695641

Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 5 Commonality Cyber Attacks Protecting National Infrastructure, 1st ed. ‹#› ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 1 Certain security attributes must be present in all aspects and areas of national infrastructure to ensure maximum resilience against attack Best practices, standards, and audits establish a low-water mark for all relevant organizations Audits must be both meaningful and measurable Often the most measurable things aren’t all that meaningful Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Introduction ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 2 Common security-related best practice standards Federal Information Security Management Act (FISMA) Health Insurance Portability and Accountability Act (HIPAA) Payment Card Industry Data Security Standard (PCI DSS) ISO/IEC 27000 Standard (ISO27K) Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Introduction ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 3 Fig. 5.1 – Illustrative security audits for two organizations Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.2 – Relationship between meaningful and measurable requirements ‹#› The primary motivation for proper infrastructure protection should be success based and economic Not the audit score Security of critical components relies on Step #1: Standard audit Step #2: World-class focus Sometimes security audit standards and best practices proven through experience are in conflict Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Meaningful Best Practices for Infrastructure Protection ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 6 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.3 – Methodology to achieve world-class infrastructure protection practices ‹#› Four basic security policy considerations are recommended Enforceable: Policies without enforcement are not valuable Small: Keep it simple and current Online: Policy info needs to be online and searchable Inclusive: Good policy requires analysis in order to include computing and networking elements in the local nat’l infrastructure environment Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Locally Relevant and Appropriate Security Policy ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 8 Copyright © 2012, Elsevier Inc. All .

Education
1 of 12
Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 5 Commonality Cyber Attacks Protecting National Infrastructure, 1st ed. ‹#› ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 1 Certain security attributes must be present in all aspects and areas of national infrastructure to ensure maximum resilience against attack Best practices, standards, and audits establish a low-water mark for all relevant organizations Audits must be both meaningful and measurable Often the most measurable things aren’t all that meaningful
Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Introduction ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 2 Common security-related best practice standards Federal Information Security Management Act (FISMA) Health Insurance Portability and Accountability Act (HIPAA) Payment Card Industry Data Security Standard (PCI DSS) ISO/IEC 27000 Standard (ISO27K) Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Introduction ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 3
Fig. 5.1 – Illustrative security audits for two organizations Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.2 – Relationship between meaningful and measurable requirements ‹#› The primary motivation for proper infrastructure protection should be success based and economic Not the audit score Security of critical components relies on Step #1: Standard audit Step #2: World-class focus Sometimes security audit standards and best practices proven through experience are in conflict Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Meaningful Best Practices for Infrastructure Protection
‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 6 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.3 – Methodology to achieve world-class infrastructure protection practices ‹#› Four basic security policy considerations are recommended Enforceable: Policies without enforcement are not valuable Small: Keep it simple and current Online: Policy info needs to be online and searchable Inclusive: Good policy requires analysis in order to include computing and networking elements in the local nat’l infrastructure environment Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Locally Relevant and Appropriate Security Policy
‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 8 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.4 – Decision process for security policy analysis ‹#› Create an organizational culture of security protection Culture of security is one where standard operating procedures provide a secure environment Ideal environment marries creativity and interest in new technologies with caution and a healthy aversion to risk Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Culture of Security Protection ‹#›
The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.5 – Spectrum of organizational culture of security options ‹#› Organizations should be explicitly committed to infrastructure simplification Common problems found in design and operation of national infrastructure Lack of generalization Clouding the obvious Stream-of-consciousness design Nonuniformity Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Infrastructure Simplification ‹#›
The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 12 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.6 – Sample cluttered engineering chart ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.7 – Simplified engineering chart ‹#› How to simplify a national infrastructure environment Reduce its size Generalize concepts Clean interfaces Highlight patterns Reduce clutter
Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Infrastructure Simplification ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 15 Key decision-makers need certification and education programs Hundred percent end-user awareness is impractical; instead focus on improving security competence of decision-makers Senior Managers Designers and developers Administrators Security team members Create low-cost, high-return activities to certify and educate end users Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Certification and Education ‹#› The University of Adelaide, School of Computer Science
2 June 2019 Chapter 2 — Instructions: Language of the Computer 16 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.8 – Return on investment (ROI) trends for security education ‹#› Create and establish career paths and reward structures for security professionals These elements should be present in national infrastructure environments Attractive salaries Career paths Senior managers Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Career Path and Reward Structure ‹#› The University of Adelaide, School of Computer Science 2 June 2019
Chapter 2 — Instructions: Language of the Computer 18 Companies and agencies being considered for national infrastructure work should be required to demonstrate past practice in live security incidents Companies and agencies must do a better job of managing their inventory of live incidents Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Responsible Past Security Practice ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 19 Companies and agencies being considered for national infrastructure work should provide evidence of the following past practices Past damage Past prevention Past response Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Responsible Past Security Practice
‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 20 A national commonality plan involves balancing the following concerns Plethora of existing standards Low-water mark versus world class Existing commissions and boards Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality National Commonality Program ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 21
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx

Recommended

Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx
Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docxWeek 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx
Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docxhelzerpatrina
 
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docxPICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docxstilliegeorgiana
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxherminaprocter
 
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docxCopyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docxbobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxbobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxbobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxdickonsondorris
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docxjesusamckone
 

Recommended

Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx
Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docxWeek 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx
Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docxhelzerpatrina
 
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docxPICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docxstilliegeorgiana
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxherminaprocter
 
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docxCopyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docxbobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxbobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxbobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxdickonsondorris
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docxjesusamckone
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...Synopsys Software Integrity Group
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information securityElkanouni Mohamed
 
Cs207 1
Cs207 1Cs207 1
Cs207 1Gio Wiederhold
 
2012 IBM Tech Trends Report: Fast track to the future
2012 IBM Tech Trends Report: Fast track to the future2012 IBM Tech Trends Report: Fast track to the future
2012 IBM Tech Trends Report: Fast track to the futureSusanne Hupfer, Ph.D.
 
Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoHP Enterprise Italia
 
Software and software engineering basics by ram k paliwal
Software and software engineering basics by ram k paliwalSoftware and software engineering basics by ram k paliwal
Software and software engineering basics by ram k paliwalRam Paliwal
 
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docx
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docxITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docx
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docxvrickens
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityPhil Agcaoili
 
Sogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainableSogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainablePeter Rombouts
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Ahmed Al Enizi
 
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsWebinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsSynopsys Software Integrity Group
 
IRJET- Interactive Smart Mirror
IRJET- Interactive Smart MirrorIRJET- Interactive Smart Mirror
IRJET- Interactive Smart MirrorIRJET Journal
 
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcase analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcowinhelen
 
Securing the IoT Value Chain with AWS
Securing the IoT Value Chain with AWSSecuring the IoT Value Chain with AWS
Securing the IoT Value Chain with AWSGabriel Paredes Loza
 
Introduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxIntroduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxkaushalmunish77
 
Topic11
Topic11Topic11
Topic11Anne Starr
 
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docx
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docxCIS 599 – Student Notes(Prerequisite To be taken last or ne.docx
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docxclarebernice
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docxWeek 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docxhelzerpatrina
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
 
Assignment 2 FederalismThe system of federalism was instituted wi.docx
Assignment 2 FederalismThe system of federalism was instituted wi.docxAssignment 2 FederalismThe system of federalism was instituted wi.docx
Assignment 2 FederalismThe system of federalism was instituted wi.docxbobbywlane695641
 
Assignment 2 FederalismThe system of federalism was instituted .docx
Assignment 2 FederalismThe system of federalism was instituted .docxAssignment 2 FederalismThe system of federalism was instituted .docx
Assignment 2 FederalismThe system of federalism was instituted .docxbobbywlane695641
 

More Related Content

Similar to Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx

RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...Synopsys Software Integrity Group
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information securityElkanouni Mohamed
 
2012 IBM Tech Trends Report: Fast track to the future
2012 IBM Tech Trends Report: Fast track to the future2012 IBM Tech Trends Report: Fast track to the future
2012 IBM Tech Trends Report: Fast track to the futureSusanne Hupfer, Ph.D.
 
Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoHP Enterprise Italia
 
Software and software engineering basics by ram k paliwal
Software and software engineering basics by ram k paliwalSoftware and software engineering basics by ram k paliwal
Software and software engineering basics by ram k paliwalRam Paliwal
 
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docx
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docxITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docx
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docxvrickens
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityPhil Agcaoili
 
Sogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainableSogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainablePeter Rombouts
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Ahmed Al Enizi
 
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsWebinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsSynopsys Software Integrity Group
 
IRJET- Interactive Smart Mirror
IRJET- Interactive Smart MirrorIRJET- Interactive Smart Mirror
IRJET- Interactive Smart MirrorIRJET Journal
 
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcase analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcowinhelen
 
Securing the IoT Value Chain with AWS
Securing the IoT Value Chain with AWSSecuring the IoT Value Chain with AWS
Securing the IoT Value Chain with AWSGabriel Paredes Loza
 
Introduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxIntroduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxkaushalmunish77
 
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docx
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docxCIS 599 – Student Notes(Prerequisite To be taken last or ne.docx
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docxclarebernice
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docxWeek 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docxhelzerpatrina
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
 

Similar to Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx (20)

RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
 
Cs207 1
Cs207 1Cs207 1
Cs207 1
 
2012 IBM Tech Trends Report: Fast track to the future
2012 IBM Tech Trends Report: Fast track to the future2012 IBM Tech Trends Report: Fast track to the future
2012 IBM Tech Trends Report: Fast track to the future
 
Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercato
 
Software and software engineering basics by ram k paliwal
Software and software engineering basics by ram k paliwalSoftware and software engineering basics by ram k paliwal
Software and software engineering basics by ram k paliwal
 
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docx
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docxITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docx
ITS 833 – INFORMATION GOVERNANCEChapter 7Dr. Omar Mohamed.docx
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
 
Sogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainableSogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainable
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
 
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsWebinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
 
IRJET- Interactive Smart Mirror
IRJET- Interactive Smart MirrorIRJET- Interactive Smart Mirror
IRJET- Interactive Smart Mirror
 
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcase analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
 
Securing the IoT Value Chain with AWS
Securing the IoT Value Chain with AWSSecuring the IoT Value Chain with AWS
Securing the IoT Value Chain with AWS
 
Introduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxIntroduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptx
 
Topic11
Topic11Topic11
Topic11
 
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docx
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docxCIS 599 – Student Notes(Prerequisite To be taken last or ne.docx
CIS 599 – Student Notes(Prerequisite To be taken last or ne.docx
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docxWeek 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
 

More from bobbywlane695641

Assignment 2 FederalismThe system of federalism was instituted wi.docx
Assignment 2 FederalismThe system of federalism was instituted wi.docxAssignment 2 FederalismThe system of federalism was instituted wi.docx
Assignment 2 FederalismThe system of federalism was instituted wi.docxbobbywlane695641
 
Assignment 2 FederalismThe system of federalism was instituted .docx
Assignment 2 FederalismThe system of federalism was instituted .docxAssignment 2 FederalismThe system of federalism was instituted .docx
Assignment 2 FederalismThe system of federalism was instituted .docxbobbywlane695641
 
Assignment 2 Evidence Based Practice at Good Seed Drop-InAcco.docx
Assignment 2 Evidence Based Practice at Good Seed Drop-InAcco.docxAssignment 2 Evidence Based Practice at Good Seed Drop-InAcco.docx
Assignment 2 Evidence Based Practice at Good Seed Drop-InAcco.docxbobbywlane695641
 
Assignment 2 Evidence Based PracticeAccording to the Council .docx
Assignment 2 Evidence Based PracticeAccording to the Council .docxAssignment 2 Evidence Based PracticeAccording to the Council .docx
Assignment 2 Evidence Based PracticeAccording to the Council .docxbobbywlane695641
 
Assignment 2 Evidence Based PracticeAccording to the Council on.docx
Assignment 2 Evidence Based PracticeAccording to the Council on.docxAssignment 2 Evidence Based PracticeAccording to the Council on.docx
Assignment 2 Evidence Based PracticeAccording to the Council on.docxbobbywlane695641
 
Assignment 2 Examining DifferencesIn this module, we examined cri.docx
Assignment 2 Examining DifferencesIn this module, we examined cri.docxAssignment 2 Examining DifferencesIn this module, we examined cri.docx
Assignment 2 Examining DifferencesIn this module, we examined cri.docxbobbywlane695641
 
Assignment 2 Ethics and Emerging TechnologiesRead the following.docx
Assignment 2 Ethics and Emerging TechnologiesRead the following.docxAssignment 2 Ethics and Emerging TechnologiesRead the following.docx
Assignment 2 Ethics and Emerging TechnologiesRead the following.docxbobbywlane695641
 
Assignment 2 Ethical Issues and Foreign InvestmentsBy Friday, A.docx
Assignment 2 Ethical Issues and Foreign InvestmentsBy Friday, A.docxAssignment 2 Ethical Issues and Foreign InvestmentsBy Friday, A.docx
Assignment 2 Ethical Issues and Foreign InvestmentsBy Friday, A.docxbobbywlane695641
 
Assignment 2 Ethical BehaviorIdentify a case in the news that y.docx
Assignment 2 Ethical BehaviorIdentify a case in the news that y.docxAssignment 2 Ethical BehaviorIdentify a case in the news that y.docx
Assignment 2 Ethical BehaviorIdentify a case in the news that y.docxbobbywlane695641
 
Assignment 2 Ethical (Moral) RelativismIn America, many are comfo.docx
Assignment 2 Ethical (Moral) RelativismIn America, many are comfo.docxAssignment 2 Ethical (Moral) RelativismIn America, many are comfo.docx
Assignment 2 Ethical (Moral) RelativismIn America, many are comfo.docxbobbywlane695641
 
Assignment 2 Essay Power in Swift and Moliere Both Moliere and S.docx
Assignment 2 Essay Power in Swift and Moliere Both Moliere and S.docxAssignment 2 Essay Power in Swift and Moliere Both Moliere and S.docx
Assignment 2 Essay Power in Swift and Moliere Both Moliere and S.docxbobbywlane695641
 
Assignment 2 E taxonomy· Information TechnologyInformatio.docx
Assignment 2 E taxonomy· Information TechnologyInformatio.docxAssignment 2 E taxonomy· Information TechnologyInformatio.docx
Assignment 2 E taxonomy· Information TechnologyInformatio.docxbobbywlane695641
 
Assignment 2 Dropbox AssignmentCurrent Trends and Issues in Manag.docx
Assignment 2 Dropbox AssignmentCurrent Trends and Issues in Manag.docxAssignment 2 Dropbox AssignmentCurrent Trends and Issues in Manag.docx
Assignment 2 Dropbox AssignmentCurrent Trends and Issues in Manag.docxbobbywlane695641
 
Assignment 2 Discussion—The Impact of CommunicationRemember a tim.docx
Assignment 2 Discussion—The Impact of CommunicationRemember a tim.docxAssignment 2 Discussion—The Impact of CommunicationRemember a tim.docx
Assignment 2 Discussion—The Impact of CommunicationRemember a tim.docxbobbywlane695641
 
Assignment 2 Discussion—Technology and GlobalizationYour Module.docx
Assignment 2 Discussion—Technology and GlobalizationYour Module.docxAssignment 2 Discussion—Technology and GlobalizationYour Module.docx
Assignment 2 Discussion—Technology and GlobalizationYour Module.docxbobbywlane695641
 
Assignment 2 Discussion—Providing GuidanceThe Genesis team has re.docx
Assignment 2 Discussion—Providing GuidanceThe Genesis team has re.docxAssignment 2 Discussion—Providing GuidanceThe Genesis team has re.docx
Assignment 2 Discussion—Providing GuidanceThe Genesis team has re.docxbobbywlane695641
 
Assignment 2 Discussion—Munger’s Mental ModelsIn his article A L.docx
Assignment 2 Discussion—Munger’s Mental ModelsIn his article A L.docxAssignment 2 Discussion—Munger’s Mental ModelsIn his article A L.docx
Assignment 2 Discussion—Munger’s Mental ModelsIn his article A L.docxbobbywlane695641
 
Assignment 2 DiscussionDuring the first year or two of its exis.docx
Assignment 2 DiscussionDuring the first year or two of its exis.docxAssignment 2 DiscussionDuring the first year or two of its exis.docx
Assignment 2 DiscussionDuring the first year or two of its exis.docxbobbywlane695641
 
Assignment 2 Discussion QuestionWorking in teams leads to complex.docx
Assignment 2 Discussion QuestionWorking in teams leads to complex.docxAssignment 2 Discussion QuestionWorking in teams leads to complex.docx
Assignment 2 Discussion QuestionWorking in teams leads to complex.docxbobbywlane695641
 
Assignment 2 Discussion Question Strong corporate cultures have.docx
Assignment 2 Discussion Question Strong corporate cultures have.docxAssignment 2 Discussion Question Strong corporate cultures have.docx
Assignment 2 Discussion Question Strong corporate cultures have.docxbobbywlane695641
 

More from bobbywlane695641 (20)

Assignment 2 FederalismThe system of federalism was instituted wi.docx
Assignment 2 FederalismThe system of federalism was instituted wi.docxAssignment 2 FederalismThe system of federalism was instituted wi.docx
Assignment 2 FederalismThe system of federalism was instituted wi.docx
 
Assignment 2 FederalismThe system of federalism was instituted .docx
Assignment 2 FederalismThe system of federalism was instituted .docxAssignment 2 FederalismThe system of federalism was instituted .docx
Assignment 2 FederalismThe system of federalism was instituted .docx
 
Assignment 2 Evidence Based Practice at Good Seed Drop-InAcco.docx
Assignment 2 Evidence Based Practice at Good Seed Drop-InAcco.docxAssignment 2 Evidence Based Practice at Good Seed Drop-InAcco.docx
Assignment 2 Evidence Based Practice at Good Seed Drop-InAcco.docx
 
Assignment 2 Evidence Based PracticeAccording to the Council .docx
Assignment 2 Evidence Based PracticeAccording to the Council .docxAssignment 2 Evidence Based PracticeAccording to the Council .docx
Assignment 2 Evidence Based PracticeAccording to the Council .docx
 
Assignment 2 Evidence Based PracticeAccording to the Council on.docx
Assignment 2 Evidence Based PracticeAccording to the Council on.docxAssignment 2 Evidence Based PracticeAccording to the Council on.docx
Assignment 2 Evidence Based PracticeAccording to the Council on.docx
 
Assignment 2 Examining DifferencesIn this module, we examined cri.docx
Assignment 2 Examining DifferencesIn this module, we examined cri.docxAssignment 2 Examining DifferencesIn this module, we examined cri.docx
Assignment 2 Examining DifferencesIn this module, we examined cri.docx
 
Assignment 2 Ethics and Emerging TechnologiesRead the following.docx
Assignment 2 Ethics and Emerging TechnologiesRead the following.docxAssignment 2 Ethics and Emerging TechnologiesRead the following.docx
Assignment 2 Ethics and Emerging TechnologiesRead the following.docx
 
Assignment 2 Ethical Issues and Foreign InvestmentsBy Friday, A.docx
Assignment 2 Ethical Issues and Foreign InvestmentsBy Friday, A.docxAssignment 2 Ethical Issues and Foreign InvestmentsBy Friday, A.docx
Assignment 2 Ethical Issues and Foreign InvestmentsBy Friday, A.docx
 
Assignment 2 Ethical BehaviorIdentify a case in the news that y.docx
Assignment 2 Ethical BehaviorIdentify a case in the news that y.docxAssignment 2 Ethical BehaviorIdentify a case in the news that y.docx
Assignment 2 Ethical BehaviorIdentify a case in the news that y.docx
 
Assignment 2 Ethical (Moral) RelativismIn America, many are comfo.docx
Assignment 2 Ethical (Moral) RelativismIn America, many are comfo.docxAssignment 2 Ethical (Moral) RelativismIn America, many are comfo.docx
Assignment 2 Ethical (Moral) RelativismIn America, many are comfo.docx
 
Assignment 2 Essay Power in Swift and Moliere Both Moliere and S.docx
Assignment 2 Essay Power in Swift and Moliere Both Moliere and S.docxAssignment 2 Essay Power in Swift and Moliere Both Moliere and S.docx
Assignment 2 Essay Power in Swift and Moliere Both Moliere and S.docx
 
Assignment 2 E taxonomy· Information TechnologyInformatio.docx
Assignment 2 E taxonomy· Information TechnologyInformatio.docxAssignment 2 E taxonomy· Information TechnologyInformatio.docx
Assignment 2 E taxonomy· Information TechnologyInformatio.docx
 
Assignment 2 Dropbox AssignmentCurrent Trends and Issues in Manag.docx
Assignment 2 Dropbox AssignmentCurrent Trends and Issues in Manag.docxAssignment 2 Dropbox AssignmentCurrent Trends and Issues in Manag.docx
Assignment 2 Dropbox AssignmentCurrent Trends and Issues in Manag.docx
 
Assignment 2 Discussion—The Impact of CommunicationRemember a tim.docx
Assignment 2 Discussion—The Impact of CommunicationRemember a tim.docxAssignment 2 Discussion—The Impact of CommunicationRemember a tim.docx
Assignment 2 Discussion—The Impact of CommunicationRemember a tim.docx
 
Assignment 2 Discussion—Technology and GlobalizationYour Module.docx
Assignment 2 Discussion—Technology and GlobalizationYour Module.docxAssignment 2 Discussion—Technology and GlobalizationYour Module.docx
Assignment 2 Discussion—Technology and GlobalizationYour Module.docx
 
Assignment 2 Discussion—Providing GuidanceThe Genesis team has re.docx
Assignment 2 Discussion—Providing GuidanceThe Genesis team has re.docxAssignment 2 Discussion—Providing GuidanceThe Genesis team has re.docx
Assignment 2 Discussion—Providing GuidanceThe Genesis team has re.docx
 
Assignment 2 Discussion—Munger’s Mental ModelsIn his article A L.docx
Assignment 2 Discussion—Munger’s Mental ModelsIn his article A L.docxAssignment 2 Discussion—Munger’s Mental ModelsIn his article A L.docx
Assignment 2 Discussion—Munger’s Mental ModelsIn his article A L.docx
 
Assignment 2 DiscussionDuring the first year or two of its exis.docx
Assignment 2 DiscussionDuring the first year or two of its exis.docxAssignment 2 DiscussionDuring the first year or two of its exis.docx
Assignment 2 DiscussionDuring the first year or two of its exis.docx
 
Assignment 2 Discussion QuestionWorking in teams leads to complex.docx
Assignment 2 Discussion QuestionWorking in teams leads to complex.docxAssignment 2 Discussion QuestionWorking in teams leads to complex.docx
Assignment 2 Discussion QuestionWorking in teams leads to complex.docx
 
Assignment 2 Discussion Question Strong corporate cultures have.docx
Assignment 2 Discussion Question Strong corporate cultures have.docxAssignment 2 Discussion Question Strong corporate cultures have.docx
Assignment 2 Discussion Question Strong corporate cultures have.docx
 

Recently uploaded

slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxCapitolTechU
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17Celine George
 
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfDanh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfQucHHunhnh
 
Mbaye_Astou.Education Civica_Human Rights.pptx
Mbaye_Astou.Education Civica_Human Rights.pptxMbaye_Astou.Education Civica_Human Rights.pptx
Mbaye_Astou.Education Civica_Human Rights.pptxnuriaiuzzolino1
 
Basic Civil Engineering notes on Transportation Engineering, Modes of Transpo...
Basic Civil Engineering notes on Transportation Engineering, Modes of Transpo...Basic Civil Engineering notes on Transportation Engineering, Modes of Transpo...
Basic Civil Engineering notes on Transportation Engineering, Modes of Transpo...Denish Jangid
 
REPRODUCTIVE TOXICITY STUDIE OF MALE AND FEMALEpptx
REPRODUCTIVE TOXICITY STUDIE OF MALE AND FEMALEpptxREPRODUCTIVE TOXICITY STUDIE OF MALE AND FEMALEpptx
REPRODUCTIVE TOXICITY STUDIE OF MALE AND FEMALEpptxmanishaJyala2
 
Essential Safety precautions during monsoon season
Essential Safety precautions during monsoon seasonEssential Safety precautions during monsoon season
Essential Safety precautions during monsoon seasonMayur Khatri
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptxmansk2
 
Navigating the Misinformation Minefield: The Role of Higher Education in the ...
Navigating the Misinformation Minefield: The Role of Higher Education in the ...Navigating the Misinformation Minefield: The Role of Higher Education in the ...
Navigating the Misinformation Minefield: The Role of Higher Education in the ...Mark Carrigan
 
MichaelStarkes_UncutGemsProjectSummary.pdf
MichaelStarkes_UncutGemsProjectSummary.pdfMichaelStarkes_UncutGemsProjectSummary.pdf
MichaelStarkes_UncutGemsProjectSummary.pdfmstarkes24
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT VẬT LÝ 2024 - TỪ CÁC TRƯỜNG, TRƯ...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT VẬT LÝ 2024 - TỪ CÁC TRƯỜNG, TRƯ...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT VẬT LÝ 2024 - TỪ CÁC TRƯỜNG, TRƯ...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT VẬT LÝ 2024 - TỪ CÁC TRƯỜNG, TRƯ...Nguyen Thanh Tu Collection
 
ppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesashishpaul799
 
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & EngineeringBasic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & EngineeringDenish Jangid
 
Removal Strategy _ FEFO _ Working with Perishable Products in Odoo 17
Removal Strategy _ FEFO _ Working with Perishable Products in Odoo 17Removal Strategy _ FEFO _ Working with Perishable Products in Odoo 17
Removal Strategy _ FEFO _ Working with Perishable Products in Odoo 17Celine George
 
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdfPost Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdfPragya - UEM Kolkata Quiz Club
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfbu07226
 
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45MysoreMuleSoftMeetup
 
BỘ LUYỆN NGHE TIẾNG ANH 8 GLOBAL SUCCESS CẢ NĂM (GỒM 12 UNITS, MỖI UNIT GỒM 3...
BỘ LUYỆN NGHE TIẾNG ANH 8 GLOBAL SUCCESS CẢ NĂM (GỒM 12 UNITS, MỖI UNIT GỒM 3...BỘ LUYỆN NGHE TIẾNG ANH 8 GLOBAL SUCCESS CẢ NĂM (GỒM 12 UNITS, MỖI UNIT GỒM 3...
BỘ LUYỆN NGHE TIẾNG ANH 8 GLOBAL SUCCESS CẢ NĂM (GỒM 12 UNITS, MỖI UNIT GỒM 3...Nguyen Thanh Tu Collection
 
The Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. HenryThe Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. HenryEugene Lysak
 
size separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceuticssize separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceuticspragatimahajan3
 

Recently uploaded (20)

slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17
 
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfDanh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
 
Mbaye_Astou.Education Civica_Human Rights.pptx
Mbaye_Astou.Education Civica_Human Rights.pptxMbaye_Astou.Education Civica_Human Rights.pptx
Mbaye_Astou.Education Civica_Human Rights.pptx
 
Basic Civil Engineering notes on Transportation Engineering, Modes of Transpo...
Basic Civil Engineering notes on Transportation Engineering, Modes of Transpo...Basic Civil Engineering notes on Transportation Engineering, Modes of Transpo...
Basic Civil Engineering notes on Transportation Engineering, Modes of Transpo...
 
REPRODUCTIVE TOXICITY STUDIE OF MALE AND FEMALEpptx
REPRODUCTIVE TOXICITY STUDIE OF MALE AND FEMALEpptxREPRODUCTIVE TOXICITY STUDIE OF MALE AND FEMALEpptx
REPRODUCTIVE TOXICITY STUDIE OF MALE AND FEMALEpptx
 
Essential Safety precautions during monsoon season
Essential Safety precautions during monsoon seasonEssential Safety precautions during monsoon season
Essential Safety precautions during monsoon season
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx
 
Navigating the Misinformation Minefield: The Role of Higher Education in the ...
Navigating the Misinformation Minefield: The Role of Higher Education in the ...Navigating the Misinformation Minefield: The Role of Higher Education in the ...
Navigating the Misinformation Minefield: The Role of Higher Education in the ...
 
MichaelStarkes_UncutGemsProjectSummary.pdf
MichaelStarkes_UncutGemsProjectSummary.pdfMichaelStarkes_UncutGemsProjectSummary.pdf
MichaelStarkes_UncutGemsProjectSummary.pdf
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT VẬT LÝ 2024 - TỪ CÁC TRƯỜNG, TRƯ...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT VẬT LÝ 2024 - TỪ CÁC TRƯỜNG, TRƯ...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT VẬT LÝ 2024 - TỪ CÁC TRƯỜNG, TRƯ...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT VẬT LÝ 2024 - TỪ CÁC TRƯỜNG, TRƯ...
 
ppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyes
 
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & EngineeringBasic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
 
Removal Strategy _ FEFO _ Working with Perishable Products in Odoo 17
Removal Strategy _ FEFO _ Working with Perishable Products in Odoo 17Removal Strategy _ FEFO _ Working with Perishable Products in Odoo 17
Removal Strategy _ FEFO _ Working with Perishable Products in Odoo 17
 
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdfPost Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
 
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
 
BỘ LUYỆN NGHE TIẾNG ANH 8 GLOBAL SUCCESS CẢ NĂM (GỒM 12 UNITS, MỖI UNIT GỒM 3...
BỘ LUYỆN NGHE TIẾNG ANH 8 GLOBAL SUCCESS CẢ NĂM (GỒM 12 UNITS, MỖI UNIT GỒM 3...BỘ LUYỆN NGHE TIẾNG ANH 8 GLOBAL SUCCESS CẢ NĂM (GỒM 12 UNITS, MỖI UNIT GỒM 3...
BỘ LUYỆN NGHE TIẾNG ANH 8 GLOBAL SUCCESS CẢ NĂM (GỒM 12 UNITS, MỖI UNIT GỒM 3...
 
The Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. HenryThe Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. Henry
 
size separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceuticssize separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceutics
 

Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx

  • 1. Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 5 Commonality Cyber Attacks Protecting National Infrastructure, 1st ed. ‹#› ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 1 Certain security attributes must be present in all aspects and areas of national infrastructure to ensure maximum resilience against attack Best practices, standards, and audits establish a low-water mark for all relevant organizations Audits must be both meaningful and measurable Often the most measurable things aren’t all that meaningful
  • 2. Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Introduction ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 2 Common security-related best practice standards Federal Information Security Management Act (FISMA) Health Insurance Portability and Accountability Act (HIPAA) Payment Card Industry Data Security Standard (PCI DSS) ISO/IEC 27000 Standard (ISO27K) Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Introduction ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 3
  • 3. Fig. 5.1 – Illustrative security audits for two organizations Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.2 – Relationship between meaningful and measurable requirements ‹#› The primary motivation for proper infrastructure protection should be success based and economic Not the audit score Security of critical components relies on Step #1: Standard audit Step #2: World-class focus Sometimes security audit standards and best practices proven through experience are in conflict Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Meaningful Best Practices for Infrastructure Protection
  • 4. ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 6 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.3 – Methodology to achieve world-class infrastructure protection practices ‹#› Four basic security policy considerations are recommended Enforceable: Policies without enforcement are not valuable Small: Keep it simple and current Online: Policy info needs to be online and searchable Inclusive: Good policy requires analysis in order to include computing and networking elements in the local nat’l infrastructure environment Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Locally Relevant and Appropriate Security Policy
  • 5. ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 8 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.4 – Decision process for security policy analysis ‹#› Create an organizational culture of security protection Culture of security is one where standard operating procedures provide a secure environment Ideal environment marries creativity and interest in new technologies with caution and a healthy aversion to risk Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Culture of Security Protection ‹#›
  • 6. The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.5 – Spectrum of organizational culture of security options ‹#› Organizations should be explicitly committed to infrastructure simplification Common problems found in design and operation of national infrastructure Lack of generalization Clouding the obvious Stream-of-consciousness design Nonuniformity Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Infrastructure Simplification ‹#›
  • 7. The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 12 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.6 – Sample cluttered engineering chart ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.7 – Simplified engineering chart ‹#› How to simplify a national infrastructure environment Reduce its size Generalize concepts Clean interfaces Highlight patterns Reduce clutter
  • 8. Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Infrastructure Simplification ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 15 Key decision-makers need certification and education programs Hundred percent end-user awareness is impractical; instead focus on improving security competence of decision-makers Senior Managers Designers and developers Administrators Security team members Create low-cost, high-return activities to certify and educate end users Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Certification and Education ‹#› The University of Adelaide, School of Computer Science
  • 9. 2 June 2019 Chapter 2 — Instructions: Language of the Computer 16 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Fig. 5.8 – Return on investment (ROI) trends for security education ‹#› Create and establish career paths and reward structures for security professionals These elements should be present in national infrastructure environments Attractive salaries Career paths Senior managers Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Career Path and Reward Structure ‹#› The University of Adelaide, School of Computer Science 2 June 2019
  • 10. Chapter 2 — Instructions: Language of the Computer 18 Companies and agencies being considered for national infrastructure work should be required to demonstrate past practice in live security incidents Companies and agencies must do a better job of managing their inventory of live incidents Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Responsible Past Security Practice ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 19 Companies and agencies being considered for national infrastructure work should provide evidence of the following past practices Past damage Past prevention Past response Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality Responsible Past Security Practice
  • 11. ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 20 A national commonality plan involves balancing the following concerns Plethora of existing standards Low-water mark versus world class Existing commissions and boards Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 5 – Commonality National Commonality Program ‹#› The University of Adelaide, School of Computer Science 2 June 2019 Chapter 2 — Instructions: Language of the Computer 21