Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Digital Security

500 views

Published on

Digital Security,Business, People and Economics

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Digital Security

  1. 1. Digital Security Business, People and Economics<br />T Koshy<br />NSDL<br />http://www.rollingstone-revelations.blogspot.com/<br />
  2. 2. The digital World<br />The world is getting more and more digital<br />Security threats in the digital world<br />Security no more domain of hardware expert<br />It is about risk management<br />It is a management decision<br />
  3. 3. Risk Management<br />Components<br />Risk Elements<br />Probabilities<br />Impact<br />Cost & Benefit of Risk Mitigation<br />Need for a New Framework<br />Business Compulsion<br />Human Nature<br />Incentives<br />
  4. 4. The Human Element<br />Two Ends of the spectrum<br />One end – The inability to understand risk<br />Natural Response<br />Flight or Fight<br />Hold the instinct and analyze<br />Optimism Bias<br />Quirks of Software Industry<br />Impact on Security <br />
  5. 5. Human Element<br />Other End – Paranoid Reaction<br />Constant Selling Pressure<br />Advice of expert<br />Ambient Noise<br />Recent Events<br />Need for a Balanced View<br />Need for continuous rebalance.<br />
  6. 6. NSDL Case Study<br />.<br />
  7. 7. NSDL<br />Public Good<br />Demat – Get it right the first time<br />Primary Responsibility to the Depository<br />State-of-the-art Technology <br />PKI<br />DRS<br />Appropriate Tools<br />Integrity and Honesty – The core values<br />Risk as a part of Management Process<br />Security Committee<br />RAG<br />Certifications<br />Audits<br />
  8. 8. Learning<br />Information Security is about Managerial Choice<br />Whether Gadget or Process. It should justify the merit<br />Not a One-Time Activity – A Continuous Process<br />It should form a part of organizational process and culture<br />But Don’t Forget Your Client<br />

×