SlideShare a Scribd company logo

Information Security - The Missing Elements

Download as PPTX, PDF
A
ahmed_vr

The document discusses information security and proposes establishing a Computer Security Incident Response Center in Bahrain. Key points include: 1) Information security is important to protect organizations, ensure regulatory compliance, and protect intellectual property and customers' data. 2) A Computer Security Incident Response Center would coordinate security incidents within Bahrain, provide help and advice on incidents and best practices, and act as a trusted contact point. 3) Establishing such a center would help Bahrain fulfill its economic vision of empowering citizens, government, and businesses through secure information and communication technology.

Technology
1 of 15
– Information Security – The Missing Elements Ahmed Albalooshi, CISA. CISA President, Bahrain Internet Society.
Objective Identify Information Security model to protect your business against threats For:  Organizations   Kingdom of Bahrain  – Information Security – The Missing Elements
News Headlines  BBC team exposes cyber  crime risk  Estonia Cyber War   More Data Breached In  2008 Than In Previous Four Years Combined – Information Security – The Missing Elements
Question Can anyone from the audience assure that his/her organization is safeguarded form hacking by posing a financial reward for whoever can? – Information Security – The Missing Elements
Importance of Information Security  Protect profit and  reputation   Regulatory Compliance   Protection of Intellectual Property   Avoid Penalties   Loss of customers’ data   Coping with Disasters   Adhere to Service Level Agreements – Information Security – The Missing Elements
Information Security Concept Confidentiality Information Security Availability Integrity – Information Security – The Missing Elements
Security Technologies  Layer 7 Firewalls   Intrusion Prevention  Systems (IPS)   Multifactor Authentication   Multi Engine Anti Virus  End Point Security   Virtual Private Network  (VPN)   Virtual LANS (VLAN)   Vulnerability  Assessments  Honeybots   …etc. – Information Security – The Missing Elements
Information Security Management Model • Strategy • • Vision and Mission • Organization - • Governance • • IT Governance • • People Execute • Processes • People Uses • Technology • Technology enable • processes • The Perfect Model • • Senior • Management Responsibility – Information Security – The Missing Elements
Information Security Program Example 1. Senior Management approval and support 2. Define Roles and Responsibilities 3. Assets Classification 4. Risk Management 5. Information Security Manual Development: Policies, Processes and Procedures and Guidelines 6. Security Assessments And Reviews – Information Security – The Missing Elements
Information Security Program Example 7. Security Awareness And Training 8. Security Monitoring 9. Security Incident Response 10. Business Continuity Planning and Disaster Recovery – Information Security – The Missing Elements
Summary  Information Security is a  business requirement that will cascade on people, process and technology in order to achieve organization’s strategy and objectives  Information Security is  senior management responsibility   Don’t be afraid of going slowly. Only be afraid of standing still – Information Security – The Missing Elements
Bahrain: Secure ICT Business Friendly
Information Security In Bahrain Bahrain Economic Vision 2030 stress on the importance of ICT to empower citizens, government and private sector. How will Bahrain ensure the security of ICT in order to fulfill the vision? – Information Security – The Missing Elements
Information Security In Bahrain Establish Computer Security Incident Response Center Benefits:  Trusted point of contact   Coordinate incidents  within Bahrain   Capability to compat incidents within Bahrain   Provide help and advisory on incidents and security  best practices  National Security Monitor  Coordinate with International centers – Information Security – The Missing Elements
– Information Security – The Missing Elements Thank You By: Ahmed Albalooshi, CISA. CISA President, Bahrain Internet Society. ahmed.albalooshi@bis.org.bh

Recommended

20101012 isa larry_clinton
20101012 isa larry_clinton20101012 isa larry_clinton
20101012 isa larry_clinton
CIONET
 
20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results
CIONET
 
Emids Morning Security Virtual India V3
Emids Morning Security Virtual India V3Emids Morning Security Virtual India V3
Emids Morning Security Virtual India V3
techcouncil
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
gueste69f645
 
Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017
japijapi
 
Maloney slides
Maloney slidesMaloney slides
Maloney slides
Onkar Sule
 
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossPrivacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Thomas Gross
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16
Symantec APJ
 

Recommended

20101012 isa larry_clinton
20101012 isa larry_clinton20101012 isa larry_clinton
20101012 isa larry_clinton
CIONET
 
20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results
CIONET
 
Emids Morning Security Virtual India V3
Emids Morning Security Virtual India V3Emids Morning Security Virtual India V3
Emids Morning Security Virtual India V3
techcouncil
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
gueste69f645
 
Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017
japijapi
 
Maloney slides
Maloney slidesMaloney slides
Maloney slides
Onkar Sule
 
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossPrivacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Thomas Gross
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16
Symantec APJ
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
japijapi
 
Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013
Dale Butler
 
CISO Summit 2020 Post Event Report
CISO Summit 2020 Post Event ReportCISO Summit 2020 Post Event Report
CISO Summit 2020 Post Event Report
Sarthak Nanda
 
Steganography - Muheeb Ghallab
Steganography - Muheeb GhallabSteganography - Muheeb Ghallab
Steganography - Muheeb Ghallab
Fahmi Albaheth
 
Security For Free
Security For FreeSecurity For Free
Security For Free
gwarden
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
graywilliams
 
Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By Design
Nalneesh Gaur
 
Ci31560566
Ci31560566Ci31560566
Ci31560566
IJERA Editor
 
Incident Response Requires Superhumans
Incident Response Requires SuperhumansIncident Response Requires Superhumans
Incident Response Requires Superhumans
Dinesh O Bareja
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
jaredcarst
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013
DFLABS SRL
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
Julius Clark, CISSP, CISA
 
SMi Group's 5th annual Oil & Gas Cyber Security 2015
SMi Group's 5th annual Oil & Gas Cyber Security 2015SMi Group's 5th annual Oil & Gas Cyber Security 2015
SMi Group's 5th annual Oil & Gas Cyber Security 2015
Dale Butler
 
CBI Threat Landscape Webinar
CBI Threat Landscape WebinarCBI Threat Landscape Webinar
CBI Threat Landscape Webinar
Joseph Schorr
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
DFLABS SRL
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber security
nsheel
 
Challenges of doing security in uncharted territory
Challenges of doing security in uncharted territoryChallenges of doing security in uncharted territory
Challenges of doing security in uncharted territory
PECB
 
Compliance Awareness
Compliance AwarenessCompliance Awareness
Compliance Awareness
Dinesh O Bareja
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About Compliance
Dinesh O Bareja
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Minh Le
 
RW Keynote IDM2009
RW Keynote IDM2009RW Keynote IDM2009
RW Keynote IDM2009
racingsnake
 
InDorse Tech Red Herring 100 Presentation Final
InDorse Tech Red Herring 100 Presentation FinalInDorse Tech Red Herring 100 Presentation Final
InDorse Tech Red Herring 100 Presentation Final
Rob Marano
 

More Related Content

What's hot

Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
japijapi
 
Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013
Dale Butler
 
CISO Summit 2020 Post Event Report
CISO Summit 2020 Post Event ReportCISO Summit 2020 Post Event Report
CISO Summit 2020 Post Event Report
Sarthak Nanda
 
Steganography - Muheeb Ghallab
Steganography - Muheeb GhallabSteganography - Muheeb Ghallab
Steganography - Muheeb Ghallab
Fahmi Albaheth
 
Security For Free
Security For FreeSecurity For Free
Security For Free
gwarden
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
graywilliams
 
Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By Design
Nalneesh Gaur
 
Ci31560566
Ci31560566Ci31560566
Ci31560566
IJERA Editor
 
Incident Response Requires Superhumans
Incident Response Requires SuperhumansIncident Response Requires Superhumans
Incident Response Requires Superhumans
Dinesh O Bareja
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
jaredcarst
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013
DFLABS SRL
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
Julius Clark, CISSP, CISA
 
SMi Group's 5th annual Oil & Gas Cyber Security 2015
SMi Group's 5th annual Oil & Gas Cyber Security 2015SMi Group's 5th annual Oil & Gas Cyber Security 2015
SMi Group's 5th annual Oil & Gas Cyber Security 2015
Dale Butler
 
CBI Threat Landscape Webinar
CBI Threat Landscape WebinarCBI Threat Landscape Webinar
CBI Threat Landscape Webinar
Joseph Schorr
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
DFLABS SRL
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber security
nsheel
 
Challenges of doing security in uncharted territory
Challenges of doing security in uncharted territoryChallenges of doing security in uncharted territory
Challenges of doing security in uncharted territory
PECB
 
Compliance Awareness
Compliance AwarenessCompliance Awareness
Compliance Awareness
Dinesh O Bareja
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About Compliance
Dinesh O Bareja
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Minh Le
 

What's hot (20)

Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
 
Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013
 
CISO Summit 2020 Post Event Report
CISO Summit 2020 Post Event ReportCISO Summit 2020 Post Event Report
CISO Summit 2020 Post Event Report
 
Steganography - Muheeb Ghallab
Steganography - Muheeb GhallabSteganography - Muheeb Ghallab
Steganography - Muheeb Ghallab
 
Security For Free
Security For FreeSecurity For Free
Security For Free
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
 
Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By Design
 
Ci31560566
Ci31560566Ci31560566
Ci31560566
 
Incident Response Requires Superhumans
Incident Response Requires SuperhumansIncident Response Requires Superhumans
Incident Response Requires Superhumans
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
SMi Group's 5th annual Oil & Gas Cyber Security 2015
SMi Group's 5th annual Oil & Gas Cyber Security 2015SMi Group's 5th annual Oil & Gas Cyber Security 2015
SMi Group's 5th annual Oil & Gas Cyber Security 2015
 
CBI Threat Landscape Webinar
CBI Threat Landscape WebinarCBI Threat Landscape Webinar
CBI Threat Landscape Webinar
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber security
 
Challenges of doing security in uncharted territory
Challenges of doing security in uncharted territoryChallenges of doing security in uncharted territory
Challenges of doing security in uncharted territory
 
Compliance Awareness
Compliance AwarenessCompliance Awareness
Compliance Awareness
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About Compliance
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
 

Similar to Information Security - The Missing Elements

RW Keynote IDM2009
RW Keynote IDM2009RW Keynote IDM2009
RW Keynote IDM2009
racingsnake
 
InDorse Tech Red Herring 100 Presentation Final
InDorse Tech Red Herring 100 Presentation FinalInDorse Tech Red Herring 100 Presentation Final
InDorse Tech Red Herring 100 Presentation Final
Rob Marano
 
Information Systems Policy
Information Systems PolicyInformation Systems Policy
Information Systems Policy
Ali Sadhik Shaik
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy
Jason Clark
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersIssa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your Users
Mike Murray
 
SYMCAnnual
SYMCAnnualSYMCAnnual
SYMCAnnual
finance40
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
Julius Clark, CISSP, CISA
 
Fortress Group
Fortress GroupFortress Group
Fortress Group
guest43977
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT Security
Seccuris Inc.
 
SYMCInvestorPresentationDec2008II
SYMCInvestorPresentationDec2008IISYMCInvestorPresentationDec2008II
SYMCInvestorPresentationDec2008II
finance40
 
SYMCInvestorPresentationDec2008II
SYMCInvestorPresentationDec2008IISYMCInvestorPresentationDec2008II
SYMCInvestorPresentationDec2008II
finance40
 
Securing Mobile - A Business Centric Approach
Securing Mobile - A Business Centric ApproachSecuring Mobile - A Business Centric Approach
Securing Mobile - A Business Centric Approach
Salahuddin Khawaja
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012
Seema Sheth-Voss
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
Andris Soroka
 
Numerals In Legal Or Financial Documents
Numerals In Legal Or Financial DocumentsNumerals In Legal Or Financial Documents
Numerals In Legal Or Financial Documents
legalinfo
 
Legal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu FentawLegal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu Fentaw
legalservices
 
Addressing Fraud Risk Management with Facts
Addressing Fraud Risk Management with FactsAddressing Fraud Risk Management with Facts
Addressing Fraud Risk Management with Facts
Infosys BPM
 
Fighting Fraud With Digital Forensics
Fighting Fraud With Digital ForensicsFighting Fraud With Digital Forensics
Fighting Fraud With Digital Forensics
TOMMY SEAH
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligence
guest08b1e6
 

Similar to Information Security - The Missing Elements (20)

RW Keynote IDM2009
RW Keynote IDM2009RW Keynote IDM2009
RW Keynote IDM2009
 
InDorse Tech Red Herring 100 Presentation Final
InDorse Tech Red Herring 100 Presentation FinalInDorse Tech Red Herring 100 Presentation Final
InDorse Tech Red Herring 100 Presentation Final
 
Information Systems Policy
Information Systems PolicyInformation Systems Policy
Information Systems Policy
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersIssa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your Users
 
SYMCAnnual
SYMCAnnualSYMCAnnual
SYMCAnnual
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
Fortress Group
Fortress GroupFortress Group
Fortress Group
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT Security
 
SYMCInvestorPresentationDec2008II
SYMCInvestorPresentationDec2008IISYMCInvestorPresentationDec2008II
SYMCInvestorPresentationDec2008II
 
SYMCInvestorPresentationDec2008II
SYMCInvestorPresentationDec2008IISYMCInvestorPresentationDec2008II
SYMCInvestorPresentationDec2008II
 
Securing Mobile - A Business Centric Approach
Securing Mobile - A Business Centric ApproachSecuring Mobile - A Business Centric Approach
Securing Mobile - A Business Centric Approach
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
 
Numerals In Legal Or Financial Documents
Numerals In Legal Or Financial DocumentsNumerals In Legal Or Financial Documents
Numerals In Legal Or Financial Documents
 
Legal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu FentawLegal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu Fentaw
 
Addressing Fraud Risk Management with Facts
Addressing Fraud Risk Management with FactsAddressing Fraud Risk Management with Facts
Addressing Fraud Risk Management with Facts
 
Fighting Fraud With Digital Forensics
Fighting Fraud With Digital ForensicsFighting Fraud With Digital Forensics
Fighting Fraud With Digital Forensics
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligence
 

Recently uploaded

Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
Data Hops
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Antonios Katsarakis
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
alexjohnson7307
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
AstuteBusiness
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Tatiana Kojar
 

Recently uploaded (20)

Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
 

Information Security - The Missing Elements

  • 1. – Information Security – The Missing Elements Ahmed Albalooshi, CISA. CISA President, Bahrain Internet Society.
  • 2. Objective Identify Information Security model to protect your business against threats For:  Organizations   Kingdom of Bahrain  – Information Security – The Missing Elements
  • 3. News Headlines  BBC team exposes cyber  crime risk  Estonia Cyber War   More Data Breached In  2008 Than In Previous Four Years Combined – Information Security – The Missing Elements
  • 4. Question Can anyone from the audience assure that his/her organization is safeguarded form hacking by posing a financial reward for whoever can? – Information Security – The Missing Elements
  • 5. Importance of Information Security  Protect profit and  reputation   Regulatory Compliance   Protection of Intellectual Property   Avoid Penalties   Loss of customers’ data   Coping with Disasters   Adhere to Service Level Agreements – Information Security – The Missing Elements
  • 6. Information Security Concept Confidentiality Information Security Availability Integrity – Information Security – The Missing Elements
  • 7. Security Technologies  Layer 7 Firewalls   Intrusion Prevention  Systems (IPS)   Multifactor Authentication   Multi Engine Anti Virus  End Point Security   Virtual Private Network  (VPN)   Virtual LANS (VLAN)   Vulnerability  Assessments  Honeybots   …etc. – Information Security – The Missing Elements
  • 8. Information Security Management Model • Strategy • • Vision and Mission • Organization - • Governance • • IT Governance • • People Execute • Processes • People Uses • Technology • Technology enable • processes • The Perfect Model • • Senior • Management Responsibility – Information Security – The Missing Elements
  • 9. Information Security Program Example 1. Senior Management approval and support 2. Define Roles and Responsibilities 3. Assets Classification 4. Risk Management 5. Information Security Manual Development: Policies, Processes and Procedures and Guidelines 6. Security Assessments And Reviews – Information Security – The Missing Elements
  • 10. Information Security Program Example 7. Security Awareness And Training 8. Security Monitoring 9. Security Incident Response 10. Business Continuity Planning and Disaster Recovery – Information Security – The Missing Elements
  • 11. Summary  Information Security is a  business requirement that will cascade on people, process and technology in order to achieve organization’s strategy and objectives  Information Security is  senior management responsibility   Don’t be afraid of going slowly. Only be afraid of standing still – Information Security – The Missing Elements
  • 12. Bahrain: Secure ICT Business Friendly
  • 13. Information Security In Bahrain Bahrain Economic Vision 2030 stress on the importance of ICT to empower citizens, government and private sector. How will Bahrain ensure the security of ICT in order to fulfill the vision? – Information Security – The Missing Elements
  • 14. Information Security In Bahrain Establish Computer Security Incident Response Center Benefits:  Trusted point of contact   Coordinate incidents  within Bahrain   Capability to compat incidents within Bahrain   Provide help and advisory on incidents and security  best practices  National Security Monitor  Coordinate with International centers – Information Security – The Missing Elements
  • 15. – Information Security – The Missing Elements Thank You By: Ahmed Albalooshi, CISA. CISA President, Bahrain Internet Society. ahmed.albalooshi@bis.org.bh