SlideShare a Scribd company logo

Security in Mind

I
idlesun
1 of 13
Security In Mind James Jung, CISSP 2004 - 8 - 6
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
Background ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
10 Domains of InfoSec ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Vocabulary ,[object Object],[object Object],[object Object],[object Object],[object Object],Threat + Vulnerability = RISK
Vocabulary - Relationships Owners countermeasures vulnerabilities risk assets Threat agents threats value wish to minimize to reduce impose may be aware of that may be reduced by that may possess leading to that increase give rise to wish to abuse and/or may damage that exploit Security Concepts and Relationships (Source: Common Criteria)
Losses by Type
Concepts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Principles ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Example: Secure Email ,[object Object],[object Object],[object Object],[object Object],[object Object]
Secure Email Secure Email Message Encrypted Message Message E E Digital Signature D Encrypted S-Key OPRI S-Key RPUB RPRI S-Key H D Digest E Digest D OPUB H Digest Originator Receiver
Secure Email Message Encrypted Message Message E E Digital Signature D Encrypted S-Key OPRI S-Key RPUB RPRI S-Key H D Digest E Digest D OPUB H Digest Originator Receiver S-Key: Symmetric Key OPUB: Originator ’ s Public Key OPRI: Originator ’ s Private Key RPUB: Receiver ’ s Public Key RPRI: Receiver ’ s Private Key
Next Steps ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

How to be a Security Wingman by Dominique Singer
How to be a Security Wingman by Dominique Singer How to be a Security Wingman by Dominique Singer
How to be a Security Wingman by Dominique Singer SaraPia5
 
Mca5042 cryptography and network security (1)
Mca5042 cryptography and network security (1)Mca5042 cryptography and network security (1)
Mca5042 cryptography and network security (1)smumbahelp
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecurityTara Arnold
 
Phases of Incident Response
Phases of Incident ResponsePhases of Incident Response
Phases of Incident ResponseEC-Council
 
20171106 - Privacy Design Lab - LINDDUN
20171106 - Privacy Design Lab - LINDDUN20171106 - Privacy Design Lab - LINDDUN
20171106 - Privacy Design Lab - LINDDUNBrussels Legal Hackers
 
Cybersecurity career options & Getting started
Cybersecurity career options & Getting started Cybersecurity career options & Getting started
Cybersecurity career options & Getting started Balaji Rajasekaran
 
Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber SecuritySatria Ady Pradana
 
Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalSatria Ady Pradana
 

Recommended

How to be a Security Wingman by Dominique Singer
How to be a Security Wingman by Dominique Singer How to be a Security Wingman by Dominique Singer
How to be a Security Wingman by Dominique Singer SaraPia5
 
Mca5042 cryptography and network security (1)
Mca5042 cryptography and network security (1)Mca5042 cryptography and network security (1)
Mca5042 cryptography and network security (1)smumbahelp
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecurityTara Arnold
 
Phases of Incident Response
Phases of Incident ResponsePhases of Incident Response
Phases of Incident ResponseEC-Council
 
20171106 - Privacy Design Lab - LINDDUN
20171106 - Privacy Design Lab - LINDDUN20171106 - Privacy Design Lab - LINDDUN
20171106 - Privacy Design Lab - LINDDUNBrussels Legal Hackers
 
Cybersecurity career options & Getting started
Cybersecurity career options & Getting started Cybersecurity career options & Getting started
Cybersecurity career options & Getting started Balaji Rajasekaran
 
Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber SecuritySatria Ady Pradana
 
Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalSatria Ady Pradana
 
Media Operations Group (Volunteers) Presentation November 2011
Media Operations Group (Volunteers) Presentation November 2011Media Operations Group (Volunteers) Presentation November 2011
Media Operations Group (Volunteers) Presentation November 2011Info Ops HQ
 
Weapons of Social Influence (Social Media)
Weapons of Social Influence (Social Media)Weapons of Social Influence (Social Media)
Weapons of Social Influence (Social Media)Info Ops HQ
 
Information Operations Course - Nato School October 2013
Information Operations Course - Nato School October 2013Information Operations Course - Nato School October 2013
Information Operations Course - Nato School October 2013Info Ops HQ
 
This Thought has 5 Slides 1
This Thought has 5 Slides 1This Thought has 5 Slides 1
This Thought has 5 Slides 1Info Ops HQ
 
Scrum and Teamwork
Scrum and TeamworkScrum and Teamwork
Scrum and Teamworkidlesun
 
One App To Rule Them All
One App To Rule Them AllOne App To Rule Them All
One App To Rule Them AllJonas Tomaz
 
Strategising Social Media
Strategising Social MediaStrategising Social Media
Strategising Social MediaInfo Ops HQ
 
DB4 Consulting Corporate Overview
DB4 Consulting Corporate OverviewDB4 Consulting Corporate Overview
DB4 Consulting Corporate OverviewDB4 Consulting, LLC
 
Social Media Workshop - Shrivenham March 2012
Social Media Workshop - Shrivenham March 2012Social Media Workshop - Shrivenham March 2012
Social Media Workshop - Shrivenham March 2012Info Ops HQ
 
New Media, Social Networks - PSOTC Sarajevo - March2014
New Media, Social Networks - PSOTC Sarajevo - March2014New Media, Social Networks - PSOTC Sarajevo - March2014
New Media, Social Networks - PSOTC Sarajevo - March2014Info Ops HQ
 
Top 8 corporate sales manager resume samples
Top 8 corporate sales manager resume samplesTop 8 corporate sales manager resume samples
Top 8 corporate sales manager resume samplesverijom
 
Nato School PSYOPS Planner Course July 2014
Nato School PSYOPS Planner Course July 2014Nato School PSYOPS Planner Course July 2014
Nato School PSYOPS Planner Course July 2014Info Ops HQ
 
Pd0611 Hgtv
Pd0611 HgtvPd0611 Hgtv
Pd0611 Hgtvguest35e1031
 
Pd0901 Whats In Store
Pd0901 Whats In StorePd0901 Whats In Store
Pd0901 Whats In Storeguest35e1031
 
Mba Presentation
Mba PresentationMba Presentation
Mba Presentationguest35e1031
 
Sobre La Cruz
Sobre La CruzSobre La Cruz
Sobre La CruzDuanne Santana
 
Anuncio Oficial
Anuncio OficialAnuncio Oficial
Anuncio OficialDuanne Santana
 
Pgp
PgpPgp
PgpReham Maher El-Safarini
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalVinod Kumar
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
Cobit 2
Cobit 2Cobit 2
Cobit 2Securelogy
 
Main Menu
Main MenuMain Menu
Main MenuSecurelogy
 

More Related Content

Viewers also liked

Media Operations Group (Volunteers) Presentation November 2011
Media Operations Group (Volunteers) Presentation November 2011Media Operations Group (Volunteers) Presentation November 2011
Media Operations Group (Volunteers) Presentation November 2011Info Ops HQ
 
Weapons of Social Influence (Social Media)
Weapons of Social Influence (Social Media)Weapons of Social Influence (Social Media)
Weapons of Social Influence (Social Media)Info Ops HQ
 
Information Operations Course - Nato School October 2013
Information Operations Course - Nato School October 2013Information Operations Course - Nato School October 2013
Information Operations Course - Nato School October 2013Info Ops HQ
 
This Thought has 5 Slides 1
This Thought has 5 Slides 1This Thought has 5 Slides 1
This Thought has 5 Slides 1Info Ops HQ
 
Scrum and Teamwork
Scrum and TeamworkScrum and Teamwork
Scrum and Teamworkidlesun
 
One App To Rule Them All
One App To Rule Them AllOne App To Rule Them All
One App To Rule Them AllJonas Tomaz
 
Strategising Social Media
Strategising Social MediaStrategising Social Media
Strategising Social MediaInfo Ops HQ
 
DB4 Consulting Corporate Overview
DB4 Consulting Corporate OverviewDB4 Consulting Corporate Overview
DB4 Consulting Corporate OverviewDB4 Consulting, LLC
 
Social Media Workshop - Shrivenham March 2012
Social Media Workshop - Shrivenham March 2012Social Media Workshop - Shrivenham March 2012
Social Media Workshop - Shrivenham March 2012Info Ops HQ
 
New Media, Social Networks - PSOTC Sarajevo - March2014
New Media, Social Networks - PSOTC Sarajevo - March2014New Media, Social Networks - PSOTC Sarajevo - March2014
New Media, Social Networks - PSOTC Sarajevo - March2014Info Ops HQ
 
Top 8 corporate sales manager resume samples
Top 8 corporate sales manager resume samplesTop 8 corporate sales manager resume samples
Top 8 corporate sales manager resume samplesverijom
 
Nato School PSYOPS Planner Course July 2014
Nato School PSYOPS Planner Course July 2014Nato School PSYOPS Planner Course July 2014
Nato School PSYOPS Planner Course July 2014Info Ops HQ
 
Pd0901 Whats In Store
Pd0901 Whats In StorePd0901 Whats In Store
Pd0901 Whats In Storeguest35e1031
 

Viewers also liked (17)

Media Operations Group (Volunteers) Presentation November 2011
Media Operations Group (Volunteers) Presentation November 2011Media Operations Group (Volunteers) Presentation November 2011
Media Operations Group (Volunteers) Presentation November 2011
 
Weapons of Social Influence (Social Media)
Weapons of Social Influence (Social Media)Weapons of Social Influence (Social Media)
Weapons of Social Influence (Social Media)
 
Information Operations Course - Nato School October 2013
Information Operations Course - Nato School October 2013Information Operations Course - Nato School October 2013
Information Operations Course - Nato School October 2013
 
This Thought has 5 Slides 1
This Thought has 5 Slides 1This Thought has 5 Slides 1
This Thought has 5 Slides 1
 
Scrum and Teamwork
Scrum and TeamworkScrum and Teamwork
Scrum and Teamwork
 
One App To Rule Them All
One App To Rule Them AllOne App To Rule Them All
One App To Rule Them All
 
Strategising Social Media
Strategising Social MediaStrategising Social Media
Strategising Social Media
 
DB4 Consulting Corporate Overview
DB4 Consulting Corporate OverviewDB4 Consulting Corporate Overview
DB4 Consulting Corporate Overview
 
Social Media Workshop - Shrivenham March 2012
Social Media Workshop - Shrivenham March 2012Social Media Workshop - Shrivenham March 2012
Social Media Workshop - Shrivenham March 2012
 
New Media, Social Networks - PSOTC Sarajevo - March2014
New Media, Social Networks - PSOTC Sarajevo - March2014New Media, Social Networks - PSOTC Sarajevo - March2014
New Media, Social Networks - PSOTC Sarajevo - March2014
 
Top 8 corporate sales manager resume samples
Top 8 corporate sales manager resume samplesTop 8 corporate sales manager resume samples
Top 8 corporate sales manager resume samples
 
Nato School PSYOPS Planner Course July 2014
Nato School PSYOPS Planner Course July 2014Nato School PSYOPS Planner Course July 2014
Nato School PSYOPS Planner Course July 2014
 
Pd0611 Hgtv
Pd0611 HgtvPd0611 Hgtv
Pd0611 Hgtv
 
Pd0901 Whats In Store
Pd0901 Whats In StorePd0901 Whats In Store
Pd0901 Whats In Store
 
Mba Presentation
Mba PresentationMba Presentation
Mba Presentation
 
Sobre La Cruz
Sobre La CruzSobre La Cruz
Sobre La Cruz
 
Anuncio Oficial
Anuncio OficialAnuncio Oficial
Anuncio Oficial
 

Similar to Security in Mind

Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalVinod Kumar
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upDileep Kalidindi
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefingtechnext1
 
IS Security Presentation
IS Security PresentationIS Security Presentation
IS Security PresentationRenjith K P
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 
Lecture26 cc-security1
Lecture26 cc-security1Lecture26 cc-security1
Lecture26 cc-security1Ankit Gupta
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
Chapter 6Authenticating PeopleChapter 6 OverviewThe thChapter 6Authenticating PeopleChapter 6 OverviewThe th
Chapter 6Authenticating PeopleChapter 6 OverviewThe thsamirapdcosden
 
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRThe Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRNetpluz Asia Pte Ltd
 
Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Securitydrkelleher
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Miigaa Mine
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 

Similar to Security in Mind (20)

Pgp
PgpPgp
Pgp
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvan
 
Cobit 2
Cobit 2Cobit 2
Cobit 2
 
Main Menu
Main MenuMain Menu
Main Menu
 
Cisel1 d
Cisel1 dCisel1 d
Cisel1 d
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-up
 
E comm jatin
E comm jatinE comm jatin
E comm jatin
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
 
IS Security Presentation
IS Security PresentationIS Security Presentation
IS Security Presentation
 
PGP.ppt
PGP.pptPGP.ppt
PGP.ppt
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 
Lecture26 cc-security1
Lecture26 cc-security1Lecture26 cc-security1
Lecture26 cc-security1
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
 
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
Chapter 6Authenticating PeopleChapter 6 OverviewThe thChapter 6Authenticating PeopleChapter 6 OverviewThe th
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
 
Basics of IT security
Basics of IT securityBasics of IT security
Basics of IT security
 
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRThe Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDR
 
Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Security
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 

Security in Mind

  • 1. Security In Mind James Jung, CISSP 2004 - 8 - 6
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. Vocabulary - Relationships Owners countermeasures vulnerabilities risk assets Threat agents threats value wish to minimize to reduce impose may be aware of that may be reduced by that may possess leading to that increase give rise to wish to abuse and/or may damage that exploit Security Concepts and Relationships (Source: Common Criteria)
  • 8.
  • 9.
  • 10.
  • 11. Secure Email Secure Email Message Encrypted Message Message E E Digital Signature D Encrypted S-Key OPRI S-Key RPUB RPRI S-Key H D Digest E Digest D OPUB H Digest Originator Receiver
  • 12. Secure Email Message Encrypted Message Message E E Digital Signature D Encrypted S-Key OPRI S-Key RPUB RPRI S-Key H D Digest E Digest D OPUB H Digest Originator Receiver S-Key: Symmetric Key OPUB: Originator ’ s Public Key OPRI: Originator ’ s Private Key RPUB: Receiver ’ s Public Key RPRI: Receiver ’ s Private Key
  • 13.