More Related Content Similar to Hot Topics For 2010 (20) More from Brian Honan (20) Hot Topics For 20101. IISF Chapter Meeting
p g
What s
What’s Hot In Infosec
For
2010
28/01/2010 Copyright © BH IT Consulting Ltd www.bhconsulting.ie 1
2. 2010 – So Far
0 0 a
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 2
3. Reported Issues
epo ted ssues
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 3
4. Infosec Certainties
osec Ce ta t es
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 4
5. Why Improve Incident Response?
y p p
28/01/2010 Copyright © BH IT Consulting Ltd www.bhconsulting.ie 5
6. Establish Team
stab s ea
Information Human Public Facilities
Operations Legal
Security Resources Relations Management
28/01/2010 Copyright © BH IT Consulting Ltd www.bhconsulting.ie 6
7. Infosec C a e ges
osec Challenges
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 7
8. Economic Factors
co o c acto s
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 8
9. Budget Cuts
udget
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 9
10. Increased Co p a ce
c eased Compliance
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 10
11. Typical IT Secu ty
yp ca Security
28/01/2010 Copyright © BH IT Consulting Ltd www.bhconsulting.ie 11
12. Co t o s
Controls Will be Bypassed
ypassed
28/01/2010 Copyright © BH IT Consulting Ltd www.bhconsulting.ie 12
13. Dealing With The Future
ea g t e utu e
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 13
14. ISO 27001 Can Help
p
Recognisable Standard
g
Independent
Global
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 14
15. What is ISO 27001?
An INFORMATION Security Standard
Physical and Electronic
It is NOT a Computer Security
Standard
St d d
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 15
16. Risk Management Process
4 Measuring Program
1 Assessing Risk
Effectiveness
3 Implementing
Controls
2 Conducting
Decision Support
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 16
17. What ISO 27001 is Not
Limited to information technology
A security checklist
An insurance policy against security breaches
An audit method
A risk analysis method
y
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 17
18. C oud Security
Cloud Secu ty Alliance
a ce
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 18
19. C oud Security
Cloud Secu ty Alliance
a ce
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 19
20. C oud Security
Cloud Secu ty Alliance
a ce
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 20
21. C oud Security
Cloud Secu ty Alliance
a ce
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 21
22. Cloud Security Alliance
Promote common level of understanding
Promote independent research.
p
Launch awareness campaigns.
Create consensus lists of issues
Guidance for cloud security assurance
www.cloudsecurityalliance.org
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 22
23. Quest o s
Questions ?
Brian.honan@bhconsulting.ie
www.bhconsulting.ie
www.twitter.com/brianhonan
www.bhconsulting.ie/securitywatch
Tel : +353 – 1 - 4404065
28/01/2010 Copyright © 2008 BH IT Consulting Ltd www.bhconsulting.ie 23