SlideShare a Scribd company logo

4b - Security Management - Cyber Security Mgt (1).pptx

Download as PPTX, PDF
R
romawoodz

Do gggcxzxvbjj hsjshsjsj habakaoab jabagsj. Shsjsksjshs kkabausvs jbsksksbs jabsvsgsjs jkakahs jakajsn

Business
1 of 29
Copyright 2023 ©, ISBAT University, All rights reserved. Julius Wakooli Vigilance and Security Management Security Management Part 3
© ISBAT UNIVERSITY – 2023 03/05/2023 Outline 1) Types of Security Management 2
© ISBAT UNIVERSITY – 2023 03/05/2023 3 Types of Security Management There are several types of security management that organizations employ to address specific security concerns. The following are some of the common types: 1. Network Security Management 2. Cloud Security Management 3. Application Security Management 4. Information Security Management 5. Cyber Security Management 6. Physical Security Management
© ISBAT UNIVERSITY – 2023 03/05/2023 4 Overview CYBER SECURITY MANAGEMENT 1) What is Cyber Security? 2) Importance of Cyber security 3) Why Carry out a Cyber Security Risk Assessment 4) Cyber Risks 5) Cyber Security Management 6) Key Areas of Cyber Security Management 7) Conclusion
© ISBAT UNIVERSITY – 2023 03/05/2023 5 Introduction to Cyber Security Definitions: Cyber security refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access. Cyber security may also be referred to as information technology security.
© ISBAT UNIVERSITY – 2023 03/05/2023 6 Definitions to Cyber Security  According to S. 1901 “Cybersecurity Research and Education Act of 2002”: cybersecurity:“ information assurance, including scientific, technical, management, or any other relevant disciplines required to ensure computer and network security, including, but not limited to, a discipline related to the following functions: (A) Secure System and network administration and operations. (B) Systems security engineering.
© ISBAT UNIVERSITY – 2023 03/05/2023 7 Definitions to Cyber Security (C) Information assurance systems and product acquisition. (D) Cryptography. (E) Threat and vulnerability assessment, including risk management. (F) Web security. (G) Operations of computer emergency response teams. (H) Cybersecurity training, education, and management. (I) Computer forensics. (J) Defensive information operations.
© ISBAT UNIVERSITY – 2023 03/05/2023 8 Cyber Security is all about…. 1. Availability 2. Integrity & 3. Confidentiality of information systems and networks in the face of attacks, accidents and failures with the goal of protecting operations and assets
© ISBAT UNIVERSITY – 2023 03/05/2023 9 Importance of Cyber Security  Cyber security is important because government, military, corporate, financial, and medical organizations collect, process, and store unprecedented amounts of data on computers and other devices.  A significant portion of that data can be sensitive information, whether that be intellectual property, financial data, personal information, or other types of data for which unauthorized access or exposure could have negative consequences.
© ISBAT UNIVERSITY – 2023 03/05/2023 10 Importance of Cyber Security cont’d  Organizations transmit sensitive data across networks and to other devices in the course of doing businesses, and cyber security describes the discipline dedicated to protecting that information and the systems used to process or store it.  As the volume and sophistication of cyber-attacks grow, companies and organizations, especially those that are tasked with safeguarding information relating to national security, health, or financial records, need to take steps to protect their sensitive business and personnel information.
© ISBAT UNIVERSITY – 2023 03/05/2023 11 Importance of Cyber Security cont’d  As early as March 2013, top intelligence officials cautioned that cyber-attacks and digital spying are the top threat to national security, eclipsing even terrorism.
© ISBAT UNIVERSITY – 2023 03/05/2023 12 Why Carry out a Cyber Security Risk Assessment? RISK ASSESSMENT The process of identifying, analyzing and evaluating risk – is the only way to ensure that the cyber security controls you choose are appropriate to the risks your organization faces. Without a risk assessment to inform your cyber security choices, you could waste time, effort and resources –there is, after all, little point implementing measures to defend against events that are unlikely to occur or won’t have much material impact on your organization.
© ISBAT UNIVERSITY – 2023 03/05/2023 13 Why Carry out a Cyber Security Risk Assessment? Likewise, it is possible that you will underestimate or overlook risks that could cause significant damage to your organization. This is why so many best-practice frameworks, standards and laws – including the GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018 – require them.
© ISBAT UNIVERSITY – 2023 03/05/2023 14 Cyber Risks When setting up your new business, you are likely to rely on a variety of IT, such as smart devices, PCs and cloud- based systems. You could be holding customer data, employee information and possibly detailed product designs. These are likely to be of interest to cyber criminals – no matter how small your business. An awareness and basic understanding of the threats posed in a cyber-world will help protect your digital assets, intellectual property and your business.
© ISBAT UNIVERSITY – 2023 03/05/2023 15 Cyber Risks cont’d Below are the Top Five (5) Cyber Risks
© ISBAT UNIVERSITY – 2023 03/05/2023 16 Ransomware This is a form of malware (malicious software) that attempts to encrypt (scramble) your data and then extort a ransom to release an unlock code. Most ransomware is delivered via malicious emails. Key steps to protect your organization/business.  Staff awareness: staff should be wary of unsolicited emails, particularly those that ask for a prompt response.  Malware protection: install and maintain good anti-virus and malware protection software.  Software updates: keep your applications up to date.  Data backups: a series of well managed data backups will allow you to recover from an unencrypted version of a file. Make sure you regularly test your backups.
© ISBAT UNIVERSITY – 2023 03/05/2023 17 Phishing Phishing is an attempt to gain sensitive information while posing as a trustworthy contact, for example a bank or online service. Spear phishing is a highly targeted attempt to gain information from an individual. Phishing emails may look completely convincing, often with faultless wording and genuine logos. There is a form of phishing, where a fake email from a CEO applies pressure on a CFO into making an urgent payment, this is known as Whaling. It is worth considering ways to add additional safeguards to protect the identity of CEOs and CFOs to prevent impersonation.
© ISBAT UNIVERSITY – 2023 03/05/2023 18 Phishing Here are a few steps you can use to protect yourself from phishing.  Keep in mind that companies simply do not ask for sensitive information.  Be suspicious of unexpected emails.  Make use of anti-malware software.  Make sure you have spam filters turned on. Check them regularly in case they have accidentally trapped an innocent email.
© ISBAT UNIVERSITY – 2023 03/05/2023 19 Data Leakage While cyber security in the office may seem challenging, it is essential to understand that security extends well beyond the office these days. The use of smart phones and tablets has become widespread. The ubiquitous and cheap nature of portable storage devices makes them a useful tool for the backup and transportation of data. Those features mean they are also a target for data thieves. The following pointers provide useful first steps to prevent data leaking from your organization.  Ensure mobile devices have passcode locks.
© ISBAT UNIVERSITY – 2023 03/05/2023 20 Data Leakage cont’d  Turn on tracking by GPS and the option to remotely wipe the device if it is lost.  The use of encryption software is highly recommended when using portable storage devices.  Keep an eye on your mobile devices and paperwork at all times. A large proportion of crime is opportunistic, taking your eye off your briefcase or smart device could result in a serious loss of data.
© ISBAT UNIVERSITY – 2023 03/05/2023 21 Hacking Gaining access to IT systems from outside an organization still offers rich pickings for criminals. Traditionally they have attempted to gain access to bank account information or credit card databases. However, intellectual property is another source of value. The use of social engineering, tricking staff into revealing user names and passwords, remains a threat.  The primary methods to protect yourself from hacking are network firewalls, data access security, procedures for providing and removing access, and user awareness and training.
© ISBAT UNIVERSITY – 2023 03/05/2023 22 Insider Threat If your organization employs staff (full time or as contractors), there is a possibility they could leak data by mistake or maliciously. The potential damage from a leak of documents cannot be underestimated. Use these tips to mitigate the size of any data leak.  Educate your team to be alert to issues and minimize careless mistakes.  Limit how much data staff has access to. The principle of ‘least privilege access’ should apply to all IT systems. Only provide staff with the minimum access they need to do their roles.
© ISBAT UNIVERSITY – 2023 03/05/2023 23 Insider Threat cont’d  Control the use of portable storage devices, such as USB memory keys, portable hard drives and media players.  Consider using applications in certain situations to monitor staff behavior − who copies what.
© ISBAT UNIVERSITY – 2023 03/05/2023 24 Cyber Security Management Cybersecurity management refers to the practices and processes involved in protecting computer systems, networks, and data from unauthorized access, attacks, and damage. It involves the implementation of policies, procedures, and technologies to ensure the confidentiality, integrity, and availability of information.
© ISBAT UNIVERSITY – 2023 03/05/2023 25 Key Areas of Cyber Security Management Here are some key areas and principles often associated with cyber security management: 1) Risk assessment and management: Identify potential vulnerabilities and threats, assess the likelihood and impact of those risks, and implement measures to mitigate them. 2) Security policies and procedures: Develop and enforce policies and procedures that outline acceptable use of systems and data, password management, access controls, and incident reporting.
© ISBAT UNIVERSITY – 2023 03/05/2023 26 3. Security awareness and training: Educate employees and users about best practices for maintaining security, such as recognizing phishing emails, using strong passwords, and staying updated on security threats. 4. Network security: Implement firewalls, intrusion detection systems, and other network security measures to protect against unauthorized access and network attacks. 5. Data protection: Encrypt sensitive data, implement access controls, and establish backup and recovery procedures to ensure data integrity and availability. Key Areas of Cyber Security Management
© ISBAT UNIVERSITY – 2023 03/05/2023 27 6. Incident response and management: Develop a plan to detect, respond to, and recover from security incidents. This includes procedures for investigating and containing breaches, notifying affected parties, and restoring systems. 7. Regular security audits and assessments: Conduct periodic assessments of your security controls, policies, and procedures to identify vulnerabilities and ensure compliance with industry standards and regulations. Key Areas of Cyber Security Management
© ISBAT UNIVERSITY – 2023 03/05/2023 28 Conclusion In all these areas it is key to remember that alongside technology, well-developed processes, procedures and staff training go a long way to protecting your valuable data. For example, if someone leaves your employment, make sure you remove their access. The reality today is that you should protect your digital assets with the same vigilance as you do when locking your office door at the end of the day.
© ISBAT UNIVERSITY – 2023 03/05/2023 Thank you 29

Recommended

Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technologyijtsrd
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfMax Secure Ltd
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityIRJET Journal
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAbhishekDas794104
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 

Recommended

Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technologyijtsrd
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfMax Secure Ltd
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityIRJET Journal
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAbhishekDas794104
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policyeverestsky66
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
Data Storage Issues in Cloud Computing
Data Storage Issues in Cloud ComputingData Storage Issues in Cloud Computing
Data Storage Issues in Cloud Computingijtsrd
 
Abhishek kurre.pptx
Abhishek kurre.pptxAbhishek kurre.pptx
Abhishek kurre.pptxDolchandra
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxGogoOmolloFrancis
 
An Empirical Study on Information Security
An Empirical Study on Information SecurityAn Empirical Study on Information Security
An Empirical Study on Information Securityijtsrd
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET Journal
 
SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security ChecklistMobeen Khan
 
Cybersecurity – a critical business issue
Cybersecurity – a critical business issueCybersecurity – a critical business issue
Cybersecurity – a critical business issueSonaliG6
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber Securityijtsrd
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET Journal
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdfpublicchats
 
Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023K7 Computing Pvt Ltd
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisIJERD Editor
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksSkillmine Technology Consulting
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksSkillmine Technology Consulting
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss GremlinsIntronis MSP Solutions by Barracuda
 
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inCYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inOllieShoresna
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 

More Related Content

Similar to 4b - Security Management - Cyber Security Mgt (1).pptx

Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policyeverestsky66
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
Data Storage Issues in Cloud Computing
Data Storage Issues in Cloud ComputingData Storage Issues in Cloud Computing
Data Storage Issues in Cloud Computingijtsrd
 
Abhishek kurre.pptx
Abhishek kurre.pptxAbhishek kurre.pptx
Abhishek kurre.pptxDolchandra
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxGogoOmolloFrancis
 
An Empirical Study on Information Security
An Empirical Study on Information SecurityAn Empirical Study on Information Security
An Empirical Study on Information Securityijtsrd
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET Journal
 
SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security ChecklistMobeen Khan
 
Cybersecurity – a critical business issue
Cybersecurity – a critical business issueCybersecurity – a critical business issue
Cybersecurity – a critical business issueSonaliG6
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber Securityijtsrd
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET Journal
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdfpublicchats
 
Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023K7 Computing Pvt Ltd
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisIJERD Editor
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inCYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inOllieShoresna
 

Similar to 4b - Security Management - Cyber Security Mgt (1).pptx (20)

Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policy
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
Data Storage Issues in Cloud Computing
Data Storage Issues in Cloud ComputingData Storage Issues in Cloud Computing
Data Storage Issues in Cloud Computing
 
Abhishek kurre.pptx
Abhishek kurre.pptxAbhishek kurre.pptx
Abhishek kurre.pptx
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docx
 
An Empirical Study on Information Security
An Empirical Study on Information SecurityAn Empirical Study on Information Security
An Empirical Study on Information Security
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
 
SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security Checklist
 
Cybersecurity – a critical business issue
Cybersecurity – a critical business issueCybersecurity – a critical business issue
Cybersecurity – a critical business issue
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber Security
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdf
 
Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network Analysis
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacks
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber Attacks
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
 
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inCYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
 

Recently uploaded

Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in managementchhavia330
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...lizamodels9
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024christinemoorman
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Tina Ji
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Non Text Magic Studio Magic Design for Presentations L&P.pptx
Non Text Magic Studio Magic Design for Presentations L&P.pptxNon Text Magic Studio Magic Design for Presentations L&P.pptx
Non Text Magic Studio Magic Design for Presentations L&P.pptxAbhayThakur200703
 

Recently uploaded (20)

Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in management
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Non Text Magic Studio Magic Design for Presentations L&P.pptx
Non Text Magic Studio Magic Design for Presentations L&P.pptxNon Text Magic Studio Magic Design for Presentations L&P.pptx
Non Text Magic Studio Magic Design for Presentations L&P.pptx
 

4b - Security Management - Cyber Security Mgt (1).pptx

  • 1. Copyright 2023 ©, ISBAT University, All rights reserved. Julius Wakooli Vigilance and Security Management Security Management Part 3
  • 2. © ISBAT UNIVERSITY – 2023 03/05/2023 Outline 1) Types of Security Management 2
  • 3. © ISBAT UNIVERSITY – 2023 03/05/2023 3 Types of Security Management There are several types of security management that organizations employ to address specific security concerns. The following are some of the common types: 1. Network Security Management 2. Cloud Security Management 3. Application Security Management 4. Information Security Management 5. Cyber Security Management 6. Physical Security Management
  • 4. © ISBAT UNIVERSITY – 2023 03/05/2023 4 Overview CYBER SECURITY MANAGEMENT 1) What is Cyber Security? 2) Importance of Cyber security 3) Why Carry out a Cyber Security Risk Assessment 4) Cyber Risks 5) Cyber Security Management 6) Key Areas of Cyber Security Management 7) Conclusion
  • 5. © ISBAT UNIVERSITY – 2023 03/05/2023 5 Introduction to Cyber Security Definitions: Cyber security refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access. Cyber security may also be referred to as information technology security.
  • 6. © ISBAT UNIVERSITY – 2023 03/05/2023 6 Definitions to Cyber Security  According to S. 1901 “Cybersecurity Research and Education Act of 2002”: cybersecurity:“ information assurance, including scientific, technical, management, or any other relevant disciplines required to ensure computer and network security, including, but not limited to, a discipline related to the following functions: (A) Secure System and network administration and operations. (B) Systems security engineering.
  • 7. © ISBAT UNIVERSITY – 2023 03/05/2023 7 Definitions to Cyber Security (C) Information assurance systems and product acquisition. (D) Cryptography. (E) Threat and vulnerability assessment, including risk management. (F) Web security. (G) Operations of computer emergency response teams. (H) Cybersecurity training, education, and management. (I) Computer forensics. (J) Defensive information operations.
  • 8. © ISBAT UNIVERSITY – 2023 03/05/2023 8 Cyber Security is all about…. 1. Availability 2. Integrity & 3. Confidentiality of information systems and networks in the face of attacks, accidents and failures with the goal of protecting operations and assets
  • 9. © ISBAT UNIVERSITY – 2023 03/05/2023 9 Importance of Cyber Security  Cyber security is important because government, military, corporate, financial, and medical organizations collect, process, and store unprecedented amounts of data on computers and other devices.  A significant portion of that data can be sensitive information, whether that be intellectual property, financial data, personal information, or other types of data for which unauthorized access or exposure could have negative consequences.
  • 10. © ISBAT UNIVERSITY – 2023 03/05/2023 10 Importance of Cyber Security cont’d  Organizations transmit sensitive data across networks and to other devices in the course of doing businesses, and cyber security describes the discipline dedicated to protecting that information and the systems used to process or store it.  As the volume and sophistication of cyber-attacks grow, companies and organizations, especially those that are tasked with safeguarding information relating to national security, health, or financial records, need to take steps to protect their sensitive business and personnel information.
  • 11. © ISBAT UNIVERSITY – 2023 03/05/2023 11 Importance of Cyber Security cont’d  As early as March 2013, top intelligence officials cautioned that cyber-attacks and digital spying are the top threat to national security, eclipsing even terrorism.
  • 12. © ISBAT UNIVERSITY – 2023 03/05/2023 12 Why Carry out a Cyber Security Risk Assessment? RISK ASSESSMENT The process of identifying, analyzing and evaluating risk – is the only way to ensure that the cyber security controls you choose are appropriate to the risks your organization faces. Without a risk assessment to inform your cyber security choices, you could waste time, effort and resources –there is, after all, little point implementing measures to defend against events that are unlikely to occur or won’t have much material impact on your organization.
  • 13. © ISBAT UNIVERSITY – 2023 03/05/2023 13 Why Carry out a Cyber Security Risk Assessment? Likewise, it is possible that you will underestimate or overlook risks that could cause significant damage to your organization. This is why so many best-practice frameworks, standards and laws – including the GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018 – require them.
  • 14. © ISBAT UNIVERSITY – 2023 03/05/2023 14 Cyber Risks When setting up your new business, you are likely to rely on a variety of IT, such as smart devices, PCs and cloud- based systems. You could be holding customer data, employee information and possibly detailed product designs. These are likely to be of interest to cyber criminals – no matter how small your business. An awareness and basic understanding of the threats posed in a cyber-world will help protect your digital assets, intellectual property and your business.
  • 15. © ISBAT UNIVERSITY – 2023 03/05/2023 15 Cyber Risks cont’d Below are the Top Five (5) Cyber Risks
  • 16. © ISBAT UNIVERSITY – 2023 03/05/2023 16 Ransomware This is a form of malware (malicious software) that attempts to encrypt (scramble) your data and then extort a ransom to release an unlock code. Most ransomware is delivered via malicious emails. Key steps to protect your organization/business.  Staff awareness: staff should be wary of unsolicited emails, particularly those that ask for a prompt response.  Malware protection: install and maintain good anti-virus and malware protection software.  Software updates: keep your applications up to date.  Data backups: a series of well managed data backups will allow you to recover from an unencrypted version of a file. Make sure you regularly test your backups.
  • 17. © ISBAT UNIVERSITY – 2023 03/05/2023 17 Phishing Phishing is an attempt to gain sensitive information while posing as a trustworthy contact, for example a bank or online service. Spear phishing is a highly targeted attempt to gain information from an individual. Phishing emails may look completely convincing, often with faultless wording and genuine logos. There is a form of phishing, where a fake email from a CEO applies pressure on a CFO into making an urgent payment, this is known as Whaling. It is worth considering ways to add additional safeguards to protect the identity of CEOs and CFOs to prevent impersonation.
  • 18. © ISBAT UNIVERSITY – 2023 03/05/2023 18 Phishing Here are a few steps you can use to protect yourself from phishing.  Keep in mind that companies simply do not ask for sensitive information.  Be suspicious of unexpected emails.  Make use of anti-malware software.  Make sure you have spam filters turned on. Check them regularly in case they have accidentally trapped an innocent email.
  • 19. © ISBAT UNIVERSITY – 2023 03/05/2023 19 Data Leakage While cyber security in the office may seem challenging, it is essential to understand that security extends well beyond the office these days. The use of smart phones and tablets has become widespread. The ubiquitous and cheap nature of portable storage devices makes them a useful tool for the backup and transportation of data. Those features mean they are also a target for data thieves. The following pointers provide useful first steps to prevent data leaking from your organization.  Ensure mobile devices have passcode locks.
  • 20. © ISBAT UNIVERSITY – 2023 03/05/2023 20 Data Leakage cont’d  Turn on tracking by GPS and the option to remotely wipe the device if it is lost.  The use of encryption software is highly recommended when using portable storage devices.  Keep an eye on your mobile devices and paperwork at all times. A large proportion of crime is opportunistic, taking your eye off your briefcase or smart device could result in a serious loss of data.
  • 21. © ISBAT UNIVERSITY – 2023 03/05/2023 21 Hacking Gaining access to IT systems from outside an organization still offers rich pickings for criminals. Traditionally they have attempted to gain access to bank account information or credit card databases. However, intellectual property is another source of value. The use of social engineering, tricking staff into revealing user names and passwords, remains a threat.  The primary methods to protect yourself from hacking are network firewalls, data access security, procedures for providing and removing access, and user awareness and training.
  • 22. © ISBAT UNIVERSITY – 2023 03/05/2023 22 Insider Threat If your organization employs staff (full time or as contractors), there is a possibility they could leak data by mistake or maliciously. The potential damage from a leak of documents cannot be underestimated. Use these tips to mitigate the size of any data leak.  Educate your team to be alert to issues and minimize careless mistakes.  Limit how much data staff has access to. The principle of ‘least privilege access’ should apply to all IT systems. Only provide staff with the minimum access they need to do their roles.
  • 23. © ISBAT UNIVERSITY – 2023 03/05/2023 23 Insider Threat cont’d  Control the use of portable storage devices, such as USB memory keys, portable hard drives and media players.  Consider using applications in certain situations to monitor staff behavior − who copies what.
  • 24. © ISBAT UNIVERSITY – 2023 03/05/2023 24 Cyber Security Management Cybersecurity management refers to the practices and processes involved in protecting computer systems, networks, and data from unauthorized access, attacks, and damage. It involves the implementation of policies, procedures, and technologies to ensure the confidentiality, integrity, and availability of information.
  • 25. © ISBAT UNIVERSITY – 2023 03/05/2023 25 Key Areas of Cyber Security Management Here are some key areas and principles often associated with cyber security management: 1) Risk assessment and management: Identify potential vulnerabilities and threats, assess the likelihood and impact of those risks, and implement measures to mitigate them. 2) Security policies and procedures: Develop and enforce policies and procedures that outline acceptable use of systems and data, password management, access controls, and incident reporting.
  • 26. © ISBAT UNIVERSITY – 2023 03/05/2023 26 3. Security awareness and training: Educate employees and users about best practices for maintaining security, such as recognizing phishing emails, using strong passwords, and staying updated on security threats. 4. Network security: Implement firewalls, intrusion detection systems, and other network security measures to protect against unauthorized access and network attacks. 5. Data protection: Encrypt sensitive data, implement access controls, and establish backup and recovery procedures to ensure data integrity and availability. Key Areas of Cyber Security Management
  • 27. © ISBAT UNIVERSITY – 2023 03/05/2023 27 6. Incident response and management: Develop a plan to detect, respond to, and recover from security incidents. This includes procedures for investigating and containing breaches, notifying affected parties, and restoring systems. 7. Regular security audits and assessments: Conduct periodic assessments of your security controls, policies, and procedures to identify vulnerabilities and ensure compliance with industry standards and regulations. Key Areas of Cyber Security Management
  • 28. © ISBAT UNIVERSITY – 2023 03/05/2023 28 Conclusion In all these areas it is key to remember that alongside technology, well-developed processes, procedures and staff training go a long way to protecting your valuable data. For example, if someone leaves your employment, make sure you remove their access. The reality today is that you should protect your digital assets with the same vigilance as you do when locking your office door at the end of the day.
  • 29. © ISBAT UNIVERSITY – 2023 03/05/2023 Thank you 29