A4 to A10 of security V3.1

1,042 views

Published on

A4 to A10 of security, a journey in security experience...

A4 to A10 of security V3.1

  1. 1. A4toA10ofSecurityA journey in Security…
  2. 2. How do we secure this?
  3. 3. Security need is everywhere…
  4. 4. Putting in layers, is not Trust?
  5. 5. Are your barriers effective?
  6. 6. Effective Security is hiddendeep underneath…TechnologyProcessPeople
  7. 7. 4As A4 of SecurityAssess Evaluate, Audit, CheckArchitect Plan, DesignApply Build, Implement, DoAdminister Operate, Act
  8. 8. 5As A5 of SecurityAssess Evaluate, Audit, CheckArchitect Plan, DesignApply Build, Implement, DoAdminister Operate, ActAwareness Intelligence, User
  9. 9. 6As A6 of SecurityAssess Evaluate, Audit, CheckArchitect Plan, DesignApply Build, Implement, DoAdminister Operate, ActAwareness Intelligence, UserAgility Timeliness of Response
  10. 10. Agility is all about time…
  11. 11. TBS = Time Based SecurityProtectionDetectionResponse SECURITYP>D+RAnti-virus, FirewallVPN, QuantumDoor, GatesAccess ControlGrid Time ResponseRemediation, DisasterRecoveryIncidence ResponseGuards ResponseVulnerability TestingSIEM, CorrelationQuantum PhotonsCCTV, Access ControlAlarms
  12. 12. Security is about maturity…BusinessRiskMatureControls
  13. 13. 10As A10 of SecurityAssess Evaluate, Audit, CheckArchitect Plan, DesignApply Build, Implement, DoAdminister Operate, Act, RespondAwareness Intelligence, UserAgility Timeliness of ResponseAppetite How much Risk can you take?Alignment Business focusAssumption Something is wrong?Authorization Right to access, authentication
  14. 14. Align Security to your Business…
  15. 15. What is you Appetite for Risk?
  16. 16. Risk Appetite framework…
  17. 17. Update your Assumptions…
  18. 18. Understand your Authorizations
  19. 19. Layer your security to reduce Risk
  20. 20. Integrate security for Effectiveness…Total Integrated SecurityPhysicalSecurityManagementInformationSecurityManagementTelecomSecurityManagement
  21. 21. Measure everything!!!Security MetricsKey Performance IndicatorsCoBiT, ComplianceITILISO20000ISMSISO27001BCMSISO22301Time Based Security
  22. 22. Think outside the box!!!
  23. 23. “…Security isa continuousskilledprocess…”…Jorge Sebastiaohttp://linkedin.com/in/sebastiao

×