Information Security

1,275 views

Published on

Pre Summer Internship Presentation at VGSOM

1 Comment
0 Likes
Statistics
Notes
  • Attend Free Workshop on ' Need of Information Security in Today's Word?' and get participation Certificate.
    For Registration Call @ +91-9810197068
    http://www.appinfaridabad.in/
    http://www.appinfaridabad.com/
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
1,275
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
37
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Information Security

  1. 1. Information Security<br />DebeshMajumdar<br />1st Year Student, VGSOM<br />Mahindra Special Services Group Intern<br />
  2. 2. Mahindra Special Services Group<br />Part of $6.7bn Mahindra Group<br />Corporate Security Risk Consulting<br />Aim is to become leading player in de-risking solutions<br />DineshPillai is the current CEO<br />
  3. 3. Competitors<br />McKinsey<br />KPMG<br />Ernst & Young<br />PwC<br />
  4. 4. Information<br />Facts or knowledge provided or learned [Oxford Dictionary]<br />Inversely proportional to probability of occurrence of an event<br />
  5. 5. CIA Triad<br />Confidentiality<br />Only those authorized have access to information<br />Integrity<br />Accuracy and completeness of information and processing methods<br />Availability<br />Ensuring that authorized users have access to information and associated assets<br />
  6. 6. ISMS<br />Stands for Information Security Management Systems<br />Set of policies for information security management<br />ISMS standards typically follow Deming Cycle<br />Plan<br />Do<br />Check<br />Act<br />
  7. 7. Current ISMS standards<br />ISO/IEC 27001 – being followed at MSSG<br />COBIT<br />ITIL<br />Information Security Forum’s Standard of Good Practice<br />SSE-CMM<br />Information Security Management Maturity Model<br />
  8. 8. ISO/IEC 27001<br />Formal specification to bring IS under explicit management control<br />Examination organization’s IS risks<br />Design and implementation of IS controls<br />Continuous monitoring<br />
  9. 9. PDCA in ISO/IEC 27001<br />Design and establish<br />Plan<br />Implement and operate<br />Act<br />Do<br />Update and improve<br />Check<br />Monitor and review<br />
  10. 10. Proposed project<br />Review of the prevalent ISMS standards<br />Best practices of successful ISMS implementations<br />Best practices of ISMS audit<br />ISMS maturity levels in various industries in India<br />
  11. 11. How will I go about it <br />Detailed study of the major ISMS standards<br />Study of the various ISMS consulting assignments at MSSG<br />Best practices documents<br />
  12. 12. Readings &References<br />MSSG corporate factsheet<br />SSE CMM http://www.sse-cmm.org/index.html<br />State-of-the-art information security management systems with ISO/IEC 27001:2005 – ISO Insider<br />ISM3 Consortium - http://www.ism3.com/<br />Assessment Methodology on Maturity Levels of ISMS by Leem, Kim and Lee<br />Common defects in ISMS of Korean companies by Kwon, Jang, Lee, Kim<br />A study of the certification of ISMS by Fung, Farn, Lin<br />
  13. 13. Thank You!<br />

×