Information security for small business

Information Security For Small Businessby Julius Clark Sr., MBA, CISSP, CISA

About MeBDPA History2010-2012 Charlotte President2010-2012 National BDPA CISO2007-2009 Charlotte President-Elect2006-2004 VP of SITES (Education)2001-2003 Charlotte HSCC CoordinatorEducationMBA in Information SecuritySalem International University, Salem, WVMSIS in Information SecurityUniversity of Fairfax, Fairfax, VABS in Electronic EngineeringWentworth Institute of Technology, Boston, MACertificationsCertified Information Systems Security Professional (CISSP)

Certified Information Systems Auditor (CISA)

Microsoft Certified System Engineer (MSCE).Julius Clark Sr.Location: Charlotte, NCCurrent home, been residing in Charlotte, NC for over 10 yearsHometownBoston, MaProfessionInformation Security Professional.2

AgendaInformation Security for Small Business3

Agenda (Continued)Information Security for Small Business4

IT Security &Business Wholeness5

Maslow’s Hierarchy of NeedsBeing aware of one’s Wholeness keeps bad things from happening. A solid foundation must be built to advance. Understanding your environment, your health and activities helps one to continually perform risk assessments and move to the next level.Self – Actualization – Being All You Can Be

Esteem - Recognition for Good Work

Safety & Security – Stability

Needs – Air , Food, Water, Shelter6

Maslow’s Business ComparisonMaslow’s Hierarchy of Needs can be applied to building a successful business. IT Security is a foundation that businesses must build upon to lower IT Security risks, which can help your business gain a competitive edge.Self – Actualization – Meeting the Mission Statement

Esteem - Recognition in Market Place

Love - Acceptance by Clients or Customers

Safety & Security – IT Security & Insurance

Importance of Small BusinessesStatistic:There are over 26 million small businesses in the U.S.Source: NIST8

What Is At Stake?Your Business! Your business is at risk of being damaged due to:Financial loss

Theft of its technology , resources and products

What is Information Security?10

What Is Information Security?Protecting your information, technology, property, products and people; all vital business assets. The Information Security Triad is the foundation for Information Security and is based on concepts and principles known as CIA.Confidentiality

What Is Information Security?ConfidentialityConcept of protecting information from improper disclosure and protecting the secrecy and privacy of sensitive data so that the intellectual property and reputation of an organization is not damaged and that data related to individuals is not released in violation of regulations or the privacy policy of the organization.- From the CISSP® CBK®12

What Is Information Security?IntegrityAddresses two objects, which are protecting data and processes from improper modification, and ensuring the operations of the information is reliable and performing as expected.- From the CISSP® CBK®13

What Is Information Security?AvailabilityThe concept of ensuring that the systems and data can be accessed when required. Availability is impacted by human error, cabling problems, software bug, hardware failures, loss of skilled staff, malicious code, and the many other threats that can render a system un-usable or unreliable. - From the CISSP® CBK®:14

Components of information security architecture 15

Components of Information Security ArchitectureThe process of instituting a complete information security solution to the architecture of a business, ensuring the security of business information at every point in the architecture. People

Components of Information Security ArchitecturePeoplePeople are the weakest link of a business’ process. You all know why!17

Components of Information Security ArchitectureProcessesThe operational aspects of small business. Safeguards can be automated or manual. 18

Components of Information Security ArchitectureTechnologyAll of the tools, applications, software, and infrastructure that allows a business process to work and perform efficiently. Thus as a business owner you must ensure that you have adequate logical controls in place to help you stay on track with your business’ mission or purpose.19

Who Are The Actors?Their Roles:Experimenters

Who Are The Actors?Malicious Code!Key loggers – Stealing your keystrokes

Turning your computer into a zombie aka “Bot”22

Cyber Crime Statistics!Insider threats are responsible for over 80% of small business issues.There are over 70,000 active viruses ; and exponentially growingInformation Security threats can damage or destroy small business33% of businesses with 100 employees or less had a computer incidentSource: NIST24

Cyber Crime Statistics!Small Business Cyber Crime Report42 % of businesses had a Laptop theft44% of businesses suffered from Insider Abuse21% of businesses reported Denial of Service50% of businesses detected a viruses20% of business systems became a “Bot”Source: Computer Security Institute Survey25

Cyber Crime Statistics!Reported Data Breaches2007 - there were 445 data breaches reported 2008 – there were 656 data breaches reported2009 – approx. 392 data breaches reported.Source: October 9, 2009 USAToday 26

27Chronology of Data Breacheswww.privacyrights.org

28Chronology of Data Breacheswww.privacyrights.orgThe 354,537,108 indicates the total number of records compromised

Information security for small business

More Related Content

What's hot

Viewers also liked

Similar to Information security for small business

More from BDPA Charlotte - Information Technology Thought Leaders

Recently uploaded

Information security for small business