Uploaded byMuhammadAbdullah311866
PPTX, PDF39 views

Fusion-Center-ITS-Security-and-Privacy-Operations (1).pptx

The document discusses incident response at a university fusion center. It outlines common security incidents like phishing, ransomware attacks, and lost/stolen devices. Effective response requires clear policies, a well-coordinated incident response team (CSIRT), and standardized procedures. The CSIRT is led by a CISO and includes experts from IT, legal, auditing, and HR. The CSIRT's key responsibilities are identifying, mitigating, reviewing, and reporting security incidents to preserve data confidentiality, integrity and system availability.

Embed presentation

Download to read offline
Fusion Center ITS Security and Privacy Operations Enhancing cybersecurity and upholding data privacy in incident response and security operations. by Muhammad Atif Imtiaz
Overview Incident Response Security Goals Preserve confidentiality, integrity and availability of enterprise data Incident Benefits Improve efficiency, reduce impact, and provide legal evidence University Policies Defined policies mandate incident reporting and response General Procedures Standardized steps to identify, mitigate and review incidents
Incident Response • Phishing - Accounts Compromised: Employees fall victim to phishing scams, leading to compromised user accounts and access to sensitive university data. • Compromised File: Malicious files are unknowingly downloaded, introducing malware or ransomware into the university's systems. • Ransomware: Critical university data is encrypted by ransomware, preventing access and disrupting operations until a ransom is paid or the incident is resolved. • Stolen Property: University-owned laptops, mobile devices, or other equipment containing sensitive information are lost or stolen, posing a data breach risk. • Final Comments: Effective incident response requires a well-coordinated team, clear policies, and robust procedures to mitigate the impact and ensure the university's security and operations are restored.
What is an Incident A computer security incident is any accidental or deliberate action that compromises the confidentiality, integrity, or availability of data and IT resources. Incidents also include the use of technology for criminal activities like fraud, theft, and child pornography. Policy violations may be considered security incidents as well.
Incident Response Goals 1 Preserve confidentiality, integrity, and availability Safeguard enterprise information assets 2 Minimize impact on the university Rapidly contain and resolve incidents 3 Provide data for management decisions Equip leaders to choose appropriate actions 4 Establish a repeatable process Ensure a structured, logical response approach
Incident Response Goals (con't) Increase the efficiency and effectiveness of incident response to minimize impact. Reduce the financial and human resource burden on the university. Provide legal evidence in case of liability issues.
University Policies Incident Reporting University policies require IT administrators to report and respond to security incidents. Key Policies 1. 4-OP-H-5 Information Technology Security 2. 4-OP-D-2-G Payment Cards 3. 4-OP-H-12 Information Privacy Incident Response The policies outline the university's requirements for incident response and management.
Team Leadership and Duties 1 CSIRT Leader CISO or operations lead manages CSIRT 2 Convene CSIRT Assemble the security incident response team 3 Coordinate Response Direct team training, manage incidents, and report to CIO
Team Expertise Chief Information Officer (CIO) Provides executive leadership and oversight for IT strategy and operations. Chief Auditor Office Ensures compliance with policies, procedures, and regulations. Legal Provides legal guidance and risk assessment for incident response. Human Resources Manages personnel issues and employee disciplinary actions.
# **Role of the CSIRT** 1 1 5 5 10 10 — Key Responsibilities The CSIRT serves as the first responder to computer security incidents, performing vital functions in identifying, mitigating, reviewing, and reporting findings to management. CSIRT activities include incident identification, triage, containment, eradication, and recovery - ensuring the confidentiality, integrity, and availability of IT assets. The CSIRT coordinates closely with stakeholders like IT, legal, HR, and leadership to effectively manage and document the incident response process.

More Related Content

PPTX
Security Policies & Incident Risk in cyber security
bytulmuntahasidra082
 
PPTX
Incident response
byAnshul Gupta
 
PDF
Cybersecurity Incident Response Planning.pdf
byCiente
 
PPTX
L11 Transition And Key Roles and SAT ROB IRP.pptx
byStevenTharp2
 
PPTX
Responsibilities of the CSIRT--abss.pptx
byMuhammadAbdullah311866
 
DOCX
IT 552 Module Five Assignment Rubric The purpose of t.docx
bychristiandean12115
 
PDF
INCIDENT RESPONSE CONCEPTS
bySylvain Martinez
 
PDF
CNIT 50: 9. NSM Operations
bySam Bowne
 
Security Policies & Incident Risk in cyber security
bytulmuntahasidra082
 
Incident response
byAnshul Gupta
 
Cybersecurity Incident Response Planning.pdf
byCiente
 
L11 Transition And Key Roles and SAT ROB IRP.pptx
byStevenTharp2
 
Responsibilities of the CSIRT--abss.pptx
byMuhammadAbdullah311866
 
IT 552 Module Five Assignment Rubric The purpose of t.docx
bychristiandean12115
 
INCIDENT RESPONSE CONCEPTS
bySylvain Martinez
 
CNIT 50: 9. NSM Operations
bySam Bowne
 

Similar to Fusion-Center-ITS-Security-and-Privacy-Operations (1).pptx

PPTX
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
byCashmir Pangandaman
 
PDF
Ch5-Incident Response Management.pdfncident Response Management.
bySuhail Qadir Mir
 
PPTX
chapter on Incident Response Management.
bySuhail Qadir Mir
 
PPTX
Lecture 06 - Incident Management and SOC.pptx
byprasadsanjaya2
 
PPTX
INCIDENT-RESPONSE_093004 (1).pdtffyghgptx
byjess12castano
 
PPTX
Security Foundation and Incident Mgmt and BCMS.pptx
byMohsenMojabi1
 
PPT
cyber security incident exercises TTX .ppt
byZharfanHanif
 
PPT
introcsce813-lect6csce813-lect6csce813-lect6.ppt
byabhimannyubanerjee
 
PPT
IRTIRTIRTIRTIRTIRTIRTIRTIRTIRTIRTIRTIRTIRT.ppt
byabhimannyubanerjee
 
PPTX
Chapter 11: Information Security Incident Management
byNada G.Youssef
 
PPTX
Phases of Incident Response
byEC-Council
 
PDF
Information Security Incident Management.pdf
byGoldenMIT
 
PDF
INCIDENT RESPONSE NIST IMPLEMENTATION
bySylvain Martinez
 
PPTX
CSIRT-Coordination-and-Collaboration-Overview.pptx
byMuhammad Salahuddien
 
PPTX
The Role of Incident Response in Cybersecurity: Protecting Your Organization
byLDMGlobal
 
PDF
Incident Response
byInnoTech
 
PPTX
The Role of Incident Response in Cybersecurity: Protecting Your Organization
byLDMGlobal
 
PPTX
Cause 11 im final
bycavapyta
 
PPTX
Cause 11 im final
bycavapyta
 
PDF
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
byIJNSA Journal
 
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
byCashmir Pangandaman
 
Ch5-Incident Response Management.pdfncident Response Management.
bySuhail Qadir Mir
 
chapter on Incident Response Management.
bySuhail Qadir Mir
 
Lecture 06 - Incident Management and SOC.pptx
byprasadsanjaya2
 
INCIDENT-RESPONSE_093004 (1).pdtffyghgptx
byjess12castano
 
Security Foundation and Incident Mgmt and BCMS.pptx
byMohsenMojabi1
 
cyber security incident exercises TTX .ppt
byZharfanHanif
 
introcsce813-lect6csce813-lect6csce813-lect6.ppt
byabhimannyubanerjee
 
IRTIRTIRTIRTIRTIRTIRTIRTIRTIRTIRTIRTIRTIRT.ppt
byabhimannyubanerjee
 
Chapter 11: Information Security Incident Management
byNada G.Youssef
 
Phases of Incident Response
byEC-Council
 
Information Security Incident Management.pdf
byGoldenMIT
 
INCIDENT RESPONSE NIST IMPLEMENTATION
bySylvain Martinez
 
CSIRT-Coordination-and-Collaboration-Overview.pptx
byMuhammad Salahuddien
 
The Role of Incident Response in Cybersecurity: Protecting Your Organization
byLDMGlobal
 
Incident Response
byInnoTech
 
The Role of Incident Response in Cybersecurity: Protecting Your Organization
byLDMGlobal
 
Cause 11 im final
bycavapyta
 
Cause 11 im final
bycavapyta
 
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
byIJNSA Journal
 

More from MuhammadAbdullah311866

PPTX
Security-Monitoring-and-Improvement.pptx
byMuhammadAbdullah311866
 
PPTX
Supply-Chain-Management-and-Cloud-Security.pptx
byMuhammadAbdullah311866
 
PPTX
cybersecurity assessS-Ment-and-I(1).pptx
byMuhammadAbdullah311866
 
PPT
Authentication Authorization-Lesson-2-Slides.ppt
byMuhammadAbdullah311866
 
PPT
information security importance and use.ppt
byMuhammadAbdullah311866
 
PPT
Information security power point slides.ppt
byMuhammadAbdullah311866
 
DOCX
1-William Stallings - Effective Cybersecurity_ A Guide to Using Best Practice...
byMuhammadAbdullah311866
 
PPTX
GCCS-privacy-PP-final presentation-3-1.pptx
byMuhammadAbdullah311866
 
PPTX
package module in the python environement.pptx
byMuhammadAbdullah311866
 
PPT
overview of principles of computerss.ppt
byMuhammadAbdullah311866
 
PPT
turning test, how it works and winners.ppt
byMuhammadAbdullah311866
 
PPTX
PTE-A Coaching- information slidess.pptx
byMuhammadAbdullah311866
 
PPT
compatibility and complexity in the IS.ppt
byMuhammadAbdullah311866
 
PDF
NVIDIA DGX User Group 1st Meet Up_30 Apr 2021.pdf
byMuhammadAbdullah311866
 
PPTX
presentationcloud-18123333331185718.pptx
byMuhammadAbdullah311866
 
PPT
implementing the encryption in the JAVA.ppt
byMuhammadAbdullah311866
 
PPT
games, infosec, privacy, adversaries .ppt
byMuhammadAbdullah311866
 
PDF
bash_1_2021-command line introduction.pdf
byMuhammadAbdullah311866
 
PPTX
cybersecurity_framework_webinar_2017.pptx
byMuhammadAbdullah311866
 
PPTX
framework_update_report-yer20170301.pptx
byMuhammadAbdullah311866
 
Security-Monitoring-and-Improvement.pptx
byMuhammadAbdullah311866
 
Supply-Chain-Management-and-Cloud-Security.pptx
byMuhammadAbdullah311866
 
cybersecurity assessS-Ment-and-I(1).pptx
byMuhammadAbdullah311866
 
Authentication Authorization-Lesson-2-Slides.ppt
byMuhammadAbdullah311866
 
information security importance and use.ppt
byMuhammadAbdullah311866
 
Information security power point slides.ppt
byMuhammadAbdullah311866
 
1-William Stallings - Effective Cybersecurity_ A Guide to Using Best Practice...
byMuhammadAbdullah311866
 
GCCS-privacy-PP-final presentation-3-1.pptx
byMuhammadAbdullah311866
 
package module in the python environement.pptx
byMuhammadAbdullah311866
 
overview of principles of computerss.ppt
byMuhammadAbdullah311866
 
turning test, how it works and winners.ppt
byMuhammadAbdullah311866
 
PTE-A Coaching- information slidess.pptx
byMuhammadAbdullah311866
 
compatibility and complexity in the IS.ppt
byMuhammadAbdullah311866
 
NVIDIA DGX User Group 1st Meet Up_30 Apr 2021.pdf
byMuhammadAbdullah311866
 
presentationcloud-18123333331185718.pptx
byMuhammadAbdullah311866
 
implementing the encryption in the JAVA.ppt
byMuhammadAbdullah311866
 
games, infosec, privacy, adversaries .ppt
byMuhammadAbdullah311866
 
bash_1_2021-command line introduction.pdf
byMuhammadAbdullah311866
 
cybersecurity_framework_webinar_2017.pptx
byMuhammadAbdullah311866
 
framework_update_report-yer20170301.pptx
byMuhammadAbdullah311866
 

Recently uploaded

PDF
The voice of the rain poem class 11th.pdf
byReeta Baral
 
PDF
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
PDF
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
PPTX
Planning Assessment for Outcome-based Education
byAdri Jovin
 
PPTX
Nursing Unit Management, patient care unit, physical layout of nursing unit,t...
byyellow4878
 
PPTX
Pig- piggy bank in Big Data Analytics.ppt.pptx
byVarshini M
 
PPTX
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
PDF
Analyzing the data of your initial survey
byThelma Villaflores
 
PPTX
Steve Hale - Developing Elite Young Goalkeepers 2024.pptx
bypjmfd
 
PPTX
TAMIS & TEMS - HOW, WHY and THE STEPS IN PROCTOLOGY
byJohn Thanakumar
 
PDF
Most Imp Chapters & Weightage for Boards 2025.pdf
byTamannaSagar
 
PPTX
Overview of how to Create a Model in Odoo 18
byCeline George
 
PPTX
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
PPTX
Expected Revenue Report In Odoo 18 CRM
byCeline George
 
PPTX
AN EXTREMELY BORING GENERAL QUIZ FOR UG.pptx
bySriramG47
 
PDF
International Men's Day Event: Breaking the Silence: Embracing Vulnerability ...
byAssociation for Project Management
 
PDF
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
PDF
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
PDF
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
PDF
Blood Group Incompatibility: Rh Factor and Erythroblastosis Fetalis
bySudhandraKarthi
 
The voice of the rain poem class 11th.pdf
byReeta Baral
 
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
Planning Assessment for Outcome-based Education
byAdri Jovin
 
Nursing Unit Management, patient care unit, physical layout of nursing unit,t...
byyellow4878
 
Pig- piggy bank in Big Data Analytics.ppt.pptx
byVarshini M
 
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
Analyzing the data of your initial survey
byThelma Villaflores
 
Steve Hale - Developing Elite Young Goalkeepers 2024.pptx
bypjmfd
 
TAMIS & TEMS - HOW, WHY and THE STEPS IN PROCTOLOGY
byJohn Thanakumar
 
Most Imp Chapters & Weightage for Boards 2025.pdf
byTamannaSagar
 
Overview of how to Create a Model in Odoo 18
byCeline George
 
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
Expected Revenue Report In Odoo 18 CRM
byCeline George
 
AN EXTREMELY BORING GENERAL QUIZ FOR UG.pptx
bySriramG47
 
International Men's Day Event: Breaking the Silence: Embracing Vulnerability ...
byAssociation for Project Management
 
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
Blood Group Incompatibility: Rh Factor and Erythroblastosis Fetalis
bySudhandraKarthi
 

Fusion-Center-ITS-Security-and-Privacy-Operations (1).pptx

  • 1.
    Fusion Center ITS Securityand Privacy Operations Enhancing cybersecurity and upholding data privacy in incident response and security operations. by Muhammad Atif Imtiaz
  • 2.
    Overview Incident Response SecurityGoals Preserve confidentiality, integrity and availability of enterprise data Incident Benefits Improve efficiency, reduce impact, and provide legal evidence University Policies Defined policies mandate incident reporting and response General Procedures Standardized steps to identify, mitigate and review incidents
  • 3.
    Incident Response • Phishing- Accounts Compromised: Employees fall victim to phishing scams, leading to compromised user accounts and access to sensitive university data. • Compromised File: Malicious files are unknowingly downloaded, introducing malware or ransomware into the university's systems. • Ransomware: Critical university data is encrypted by ransomware, preventing access and disrupting operations until a ransom is paid or the incident is resolved. • Stolen Property: University-owned laptops, mobile devices, or other equipment containing sensitive information are lost or stolen, posing a data breach risk. • Final Comments: Effective incident response requires a well-coordinated team, clear policies, and robust procedures to mitigate the impact and ensure the university's security and operations are restored.
  • 4.
    What is anIncident A computer security incident is any accidental or deliberate action that compromises the confidentiality, integrity, or availability of data and IT resources. Incidents also include the use of technology for criminal activities like fraud, theft, and child pornography. Policy violations may be considered security incidents as well.
  • 5.
    Incident Response Goals 1Preserve confidentiality, integrity, and availability Safeguard enterprise information assets 2 Minimize impact on the university Rapidly contain and resolve incidents 3 Provide data for management decisions Equip leaders to choose appropriate actions 4 Establish a repeatable process Ensure a structured, logical response approach
  • 6.
    Incident Response Goals(con't) Increase the efficiency and effectiveness of incident response to minimize impact. Reduce the financial and human resource burden on the university. Provide legal evidence in case of liability issues.
  • 7.
    University Policies Incident Reporting Universitypolicies require IT administrators to report and respond to security incidents. Key Policies 1. 4-OP-H-5 Information Technology Security 2. 4-OP-D-2-G Payment Cards 3. 4-OP-H-12 Information Privacy Incident Response The policies outline the university's requirements for incident response and management.
  • 8.
    Team Leadership andDuties 1 CSIRT Leader CISO or operations lead manages CSIRT 2 Convene CSIRT Assemble the security incident response team 3 Coordinate Response Direct team training, manage incidents, and report to CIO
  • 9.
    Team Expertise Chief Information Officer (CIO) Providesexecutive leadership and oversight for IT strategy and operations. Chief Auditor Office Ensures compliance with policies, procedures, and regulations. Legal Provides legal guidance and risk assessment for incident response. Human Resources Manages personnel issues and employee disciplinary actions.
  • 10.
    # **Role ofthe CSIRT** 1 1 5 5 10 10 — Key Responsibilities The CSIRT serves as the first responder to computer security incidents, performing vital functions in identifying, mitigating, reviewing, and reporting findings to management. CSIRT activities include incident identification, triage, containment, eradication, and recovery - ensuring the confidentiality, integrity, and availability of IT assets. The CSIRT coordinates closely with stakeholders like IT, legal, HR, and leadership to effectively manage and document the incident response process.