KV
Uploaded byKrutarth Vasavada
2,419 views

Introduction to Cybersecurity

The document presents an overview of cybersecurity, detailing its definition, importance, and various areas including cloud computing, risk management, and application security. It highlights the evolution of cybersecurity challenges, including common attack methods and the need for compliance and awareness in organizations. Additionally, it addresses the integration of cybersecurity into the software development lifecycle and explores career options within the field.

Software
Related topics:
Information Security
In this document
Powered by AI

Introduction to the significance of cybersecurity, its scope, and the topics covered including its importance.

Definition of cybersecurity and its three key components: confidentiality, integrity, and availability.

Overview of various cybersecurity areas including cloud computing, legal issues, and data security.

Discussion about the history of cyber attacks, current challenges, and various types of cybersecurity attacks.

Overview of factors driving cybersecurity in organizations such as compliance, audits, and continuous improvement.

Internal and external cybersecurity challenges faced by corporations including fraud and data breaches.

Integrating cybersecurity into the software development lifecycle with special focus on DevSecOps and secure practices.

New principles in personal data processing including 'Forget me' requests and privacy-by-design principles.

Overview of the skills required in cybersecurity across various domains and career options available.

References provided for further reading on cybersecurity frameworks and best practices.

Open floor for questions and conclusion of the presentation.

Embed presentation

Downloaded 135 times
Cybersecurity Presented to ATMIYA University
Krutarth Vasavada • B.E. (Electronics and Communication), AITS 2002- 06 • M.S. (Computer Engineering), San Jose State University, California, US • Certified Cloud Security Professional, ISC2 • 13+ Years into Software Product Development, Cybersecurity, Information Security Audits, Data Privacy & Compliance • Worked in India, USA, EU (currently) in Automobile, Chemicals, Insurance, Investment Banking, and e-Commerce domains.
Topics Cybersecurity – What? Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
What is Cybersecurity? Cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use
Why Cybersecurity? CONFIDENTIALITY Unauthorized individuals or entities can not get any information that is not intended for them. INTEGRITY The accuracy and completeness of data must be assured. AVAILABILITY It must be ensured that vital information is available whenever needed.
Areas of Cybersecurity Cloud Computing Concepts and Architecture Legal Issues, Contracts and Electronic Discovery Governance and Enterprise Risk Management Compliance and Audit Management Infrastructure Security Application Security Data Security and Encryption
Next Topic Cybersecurity – What? Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
Brief History of Cybersecurity Attacks Do you remember “million-dollar lottery” emails? Have you received one? This is called phishing email. It is a training topic in itself.
How are we dealing with challenges? To be honest, pretty badly! Here’s the list of data breaches occurred during the year 2020 so far.
Commonly Known Cybersecurity Attacks Denial-of-service (DoS) and distributed denial- of-service (DDoS) Man-in-the-middle (MitM) Phishing Drive-by attack Identity Theft SQL Injection Cross-site scripting (XSS) Eavesdropping Malware/Ransomware
Next Topic Cybersecurity – What? Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
Cybersecurity Drivers for Organizations Continuous Improvement (e.g., ISMS, Security Roadmap, Training & Awareness, Logging & Monitoring) Compliance (e.g., ISO 27001, GDPR, Local Legislation) Audits (e.g., Technical Platform Audit, Penetration Testing, Customer Due Diligence) Contractual Obligations (e.g., Two-factor authentication, HSM for Key Management)
Challenges for Corporations – Global and Local Internal External Fraud Data Breach Unintended information exposure Loss of reputation Asset theft Loss of business/revenue Internal information leak Penalty/Government fine Today, companies face wide range of challenges in the Cyberseucirty domain which can have internal or external causes and implications.
Next Topic Cybersecurity – What? Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
Cybersecurity in Software Development
Cybersecurity and DevSecOps Purpose & Intent "everyone is responsible for cybersecurity" → everyone thinks about cybersecurity, all the time. How to Achieve? People Technology Processes By promoting security throughout the SDLC. Training and awareness provided to development teams Agile doesn’t mean absence of process Codifying security requirements and checklists which allow built-in security type of development Automation and configuration management CI/CD Secure coding practices “Security as Code” Application level auditing (SAST, DAST)
Next Topic Cybersecurity – What? Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
Information Security from Product and Infrastructure Perspective Application Database Customer Controls Data Center Operations, Policies & Compliance Role-based access Logical Separation Between Customers Single sign-on Geographical Preference (US/EU/Asia) ISO 27001 Certified Information Security Management Audit logs AWS Hosting Audit Logs Offsite Backups GDPR Compliant DPA 24x7 Monitoring Daily Backups User Management / Per-Role Authentication Highest Level of Physical Security Regular Penetration Testing Secure Browser Connections Data Encryption (In Transit and At Rest) Task Level Permission More than 85 Global Certifications/Attestations Third-Party Audits Two-Factor Authentication No Direct Access to All Employees Ability to Export Data Certified Disaster Recovery Practices CSA-STAR Participation Secure Architecture Segregation of Duty Configurable Password/IT Policy Continuous Capacity Monitoring Competent In-House Development Team
Personal Data Processing – New Era • Architecture Supporting Secure-by-design / Privacy-by-design Principles • The new architecture will be built based on the following considerations – • “Forget me” requests • Restrict processing • Export data • Keeping data no longer than necessary • Access control • Audit logs • Local legislations • Further Reading https://gdpr-info.eu/art-25-gdpr/
Next Topic Cybersecurity – What? Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
Cybersecurity – Skills Matrix and Career Options INFRASTRUCTURE COMPLIANCE TECHNOLOGY PRODUCT LEADERSHIP SPECIALIZED AREAS Next Generation Firewall Configuration Authentication Infrastructure Hardware Encryption AWS CI/CD ISO 27001 ISO 27018 SOC2 NIST C5 (German Market) Internal/External Audits Security Testing RESTful API OWASP Project Automated Incident Handling Threat Modeling Security Features Product Roadmap Customer Liaison Vendor Management Budget Input/Cost Estimation Risk Analysis Security Awareness Training Ethical Hacking Cryptography Masking/Tokenization Encryption Keys Management
Reference Reading OWASP Project - https://owasp.org/ NIST Cybersecurity Framework - https://www.nist.gov/cyberframework ISO 27001 - https://www.iso.org/isoiec- 27001-information-security.html Web Security Academy - https://portswigger.net/web-security
Questions? Thank you!

More Related Content

PPTX
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
PDF
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
PDF
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
byEdureka!
 
PPTX
Introduction to Cybersecurity
byAdri Jovin
 
PPTX
Introduction to Cyber Security
byPriyanshu Ratnakar
 
PDF
Cyber security and demonstration of security tools
byVicky Fernandes
 
PPTX
Cybersecurity - Overview
byThanuja Seneviratne
 
PDF
Cybersecurity PowerPoint Presentation Slides
bySlideTeam
 
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
byEdureka!
 
Introduction to Cybersecurity
byAdri Jovin
 
Introduction to Cyber Security
byPriyanshu Ratnakar
 
Cyber security and demonstration of security tools
byVicky Fernandes
 
Cybersecurity - Overview
byThanuja Seneviratne
 
Cybersecurity PowerPoint Presentation Slides
bySlideTeam
 

What's hot

PDF
Application Security | Application Security Tutorial | Cyber Security Certifi...
byEdureka!
 
PPTX
Information security
byavinashbalakrishnan2
 
PPTX
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
PPTX
Cyber security Information security
byAYESHA JAVED
 
PPTX
Cybersecurity Awareness Training
byDave Monahan
 
PPTX
Cybersecurity Attack Vectors: How to Protect Your Organization
byTriCorps Technologies
 
PDF
Cyber Security Vulnerabilities
bySiemplify
 
PPTX
Cyber Security Awareness Program.pptx
byDinesh582831
 
PPSX
Security Awareness Training
byWilliam Mann
 
PPTX
CyberSecurity
bydivyanshigarg4
 
PDF
End-User Security Awareness
bySurya Bathulapalli
 
PDF
Threat Modelling
byn|u - The Open Security Community
 
PPTX
Employee Awareness in Cyber Security - Kloudlearn
byKloudLearn
 
PDF
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
PPTX
NIST CyberSecurity Framework: An Overview
byTandhy Simanjuntak
 
PDF
Cybersecurity Roadmap Development for Executives
byKrist Davood - Principal - CIO
 
PDF
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
byEdureka!
 
PDF
Cybersecurity Employee Training
byPaige Rasid
 
PPSX
Next-Gen security operation center
byMuhammad Sahputra
 
PDF
Information Security Risk Management
byErsoy AKSOY
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
byEdureka!
 
Information security
byavinashbalakrishnan2
 
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
Cyber security Information security
byAYESHA JAVED
 
Cybersecurity Awareness Training
byDave Monahan
 
Cybersecurity Attack Vectors: How to Protect Your Organization
byTriCorps Technologies
 
Cyber Security Vulnerabilities
bySiemplify
 
Cyber Security Awareness Program.pptx
byDinesh582831
 
Security Awareness Training
byWilliam Mann
 
CyberSecurity
bydivyanshigarg4
 
End-User Security Awareness
bySurya Bathulapalli
 
Threat Modelling
byn|u - The Open Security Community
 
Employee Awareness in Cyber Security - Kloudlearn
byKloudLearn
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
NIST CyberSecurity Framework: An Overview
byTandhy Simanjuntak
 
Cybersecurity Roadmap Development for Executives
byKrist Davood - Principal - CIO
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
byEdureka!
 
Cybersecurity Employee Training
byPaige Rasid
 
Next-Gen security operation center
byMuhammad Sahputra
 
Information Security Risk Management
byErsoy AKSOY
 

Similar to Introduction to Cybersecurity

PPTX
Cybersecurity Training For Sales People.pptx
bysubodh258201
 
PPTX
Introduction-to-Cybersecurit57hhfcbbcxxx
byzahraomer517
 
PPTX
Cyber Security
byIllumeo
 
PDF
An Overview of Cyber Security_ Risks, Threats, and Solutions.pdf
bykhushnuma khan
 
PPTX
Cybersecurity Overview and importance.pptx
byVeeraReddy686238
 
PDF
Cyber Security Course & Guide. X.GI. pdf
byGrowthy.web
 
PPTX
Introduction to Cyber Security and its importance
byishasindwani
 
PPTX
cyber security presentation.pptx
bykishore golla
 
PDF
cybersecurity-careers.pdf
byRakeshKumar442494
 
PPTX
So You Want a Job in Cybersecurity
by2nd Sight Lab
 
PPTX
Cybersecurity: Definition, Importance, and Best Practices.pptx
byCloudavize
 
PDF
Cybersecurity Challenges - Identifying Key Threats and Trends.pdf
bySeasiaInfotech2
 
PDF
Cybersecurity solution-guide
byAdilsonSuende
 
PPTX
An An Exploration Into the Cyber Security
bysivasakthin2022cse
 
PDF
Career Opportunities in Cyber Security
bystjohns9
 
PPTX
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
PPTX
INFORMATION SECURITY PPT.pptx ON CYBER SECURITY
bymee23nu
 
DOCX
digital marketing
byabdullahanwarabdulla
 
PDF
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
byRakeshPatel583282
 
PPTX
Cyber Security and its impact -17042025_ppt.pptx
bypreethigowda6363
 
Cybersecurity Training For Sales People.pptx
bysubodh258201
 
Introduction-to-Cybersecurit57hhfcbbcxxx
byzahraomer517
 
Cyber Security
byIllumeo
 
An Overview of Cyber Security_ Risks, Threats, and Solutions.pdf
bykhushnuma khan
 
Cybersecurity Overview and importance.pptx
byVeeraReddy686238
 
Cyber Security Course & Guide. X.GI. pdf
byGrowthy.web
 
Introduction to Cyber Security and its importance
byishasindwani
 
cyber security presentation.pptx
bykishore golla
 
cybersecurity-careers.pdf
byRakeshKumar442494
 
So You Want a Job in Cybersecurity
by2nd Sight Lab
 
Cybersecurity: Definition, Importance, and Best Practices.pptx
byCloudavize
 
Cybersecurity Challenges - Identifying Key Threats and Trends.pdf
bySeasiaInfotech2
 
Cybersecurity solution-guide
byAdilsonSuende
 
An An Exploration Into the Cyber Security
bysivasakthin2022cse
 
Career Opportunities in Cyber Security
bystjohns9
 
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
INFORMATION SECURITY PPT.pptx ON CYBER SECURITY
bymee23nu
 
digital marketing
byabdullahanwarabdulla
 
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
byRakeshPatel583282
 
Cyber Security and its impact -17042025_ppt.pptx
bypreethigowda6363
 

Recently uploaded

PDF
DSD-INT 2025 Hydrological Modelling in Society Assumptions, Impacts, and Appl...
byDeltares
 
PPTX
NSF Converter Software to Convert NSF to PST, EML, MSG
byNSF Converter Software
 
PPTX
Week 7 Introduction to HTML PowerPoint Notes.pptx
bylesandawelgens
 
PDF
Database Management Systems(DBMS):UNIT-I Introduction to Database(DBMS) BCA S...
byKuvempu University
 
PDF
DSD-INT 2025 Latest Developments for HydroMT and wflow - Meshgi
byDeltares
 
PDF
Cloud-Based Underwriting Software for Insurance
byInsurance Tech Services
 
PPTX
Modern P&C Insurance Software for Smarter, Faster Operations.pptx
byInsurance Tech Services
 
PPTX
SNG460-CNG489_Week6_3-7Nov25_Chp6-Part1.pptx
byberayseray382
 
PDF
Database Management Systems(DBMS):UNIT-II Relational Data Model BCA SEP SEM ...
byKuvempu University
 
PPTX
Lecture 3 - Scheduling - Operating System
bynurulalomador
 
PPTX
OTT Content Analytics Enhanced by ALTBalaji Data Scraping.pptx
byyashpatric
 
PPTX
Python-Functions-A-Comprehensive-Overview.pptx
byMuhammad Fahad Bashir
 
PDF
Kiến trúc hướng dịch vụ UET!!!!!!!!!!!!!!!!!!!!!!!
bydoquangminh962004
 
PPTX
List on Python Programming Language.pptx
byRICHARDALONSAGAY1
 
PPTX
Road_Quality_Indicator using deeplearning algorithms and computer vision
byDHARUNPRASHOBMM
 
PDF
From Experiment to Enterprise: Scaling AI Coding Assistants Across Engineerin...
byMaxim Salnikov
 
PDF
Cybersecurity Alert- What Organisations Must Watch Out For This Christmas Fes...
byCybernetic Global Intelligence
 
PDF
TNG_Architecting Green Software - An Introduction_Nils-Oliver Linden&Alexande...
byQAware GmbH
 
PPTX
SAP FICO Training Agenda for new learners
bysasidhar unnagiri
 
PDF
BCS-FACS Peter Landin Semantics Seminar - Formal Methods: Whence and Whither?
byJonathan Bowen
 
DSD-INT 2025 Hydrological Modelling in Society Assumptions, Impacts, and Appl...
byDeltares
 
NSF Converter Software to Convert NSF to PST, EML, MSG
byNSF Converter Software
 
Week 7 Introduction to HTML PowerPoint Notes.pptx
bylesandawelgens
 
Database Management Systems(DBMS):UNIT-I Introduction to Database(DBMS) BCA S...
byKuvempu University
 
DSD-INT 2025 Latest Developments for HydroMT and wflow - Meshgi
byDeltares
 
Cloud-Based Underwriting Software for Insurance
byInsurance Tech Services
 
Modern P&C Insurance Software for Smarter, Faster Operations.pptx
byInsurance Tech Services
 
SNG460-CNG489_Week6_3-7Nov25_Chp6-Part1.pptx
byberayseray382
 
Database Management Systems(DBMS):UNIT-II Relational Data Model BCA SEP SEM ...
byKuvempu University
 
Lecture 3 - Scheduling - Operating System
bynurulalomador
 
OTT Content Analytics Enhanced by ALTBalaji Data Scraping.pptx
byyashpatric
 
Python-Functions-A-Comprehensive-Overview.pptx
byMuhammad Fahad Bashir
 
Kiến trúc hướng dịch vụ UET!!!!!!!!!!!!!!!!!!!!!!!
bydoquangminh962004
 
List on Python Programming Language.pptx
byRICHARDALONSAGAY1
 
Road_Quality_Indicator using deeplearning algorithms and computer vision
byDHARUNPRASHOBMM
 
From Experiment to Enterprise: Scaling AI Coding Assistants Across Engineerin...
byMaxim Salnikov
 
Cybersecurity Alert- What Organisations Must Watch Out For This Christmas Fes...
byCybernetic Global Intelligence
 
TNG_Architecting Green Software - An Introduction_Nils-Oliver Linden&Alexande...
byQAware GmbH
 
SAP FICO Training Agenda for new learners
bysasidhar unnagiri
 
BCS-FACS Peter Landin Semantics Seminar - Formal Methods: Whence and Whither?
byJonathan Bowen
 

Introduction to Cybersecurity

  • 1.
  • 2.
    Krutarth Vasavada • B.E.(Electronics and Communication), AITS 2002- 06 • M.S. (Computer Engineering), San Jose State University, California, US • Certified Cloud Security Professional, ISC2 • 13+ Years into Software Product Development, Cybersecurity, Information Security Audits, Data Privacy & Compliance • Worked in India, USA, EU (currently) in Automobile, Chemicals, Insurance, Investment Banking, and e-Commerce domains.
  • 3.
    Topics Cybersecurity – What? Why? Where?How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
  • 4.
    What is Cybersecurity? Cybersecurityis the art of protecting networks, devices, and data from unauthorized access or criminal use
  • 5.
    Why Cybersecurity? CONFIDENTIALITY Unauthorized individualsor entities can not get any information that is not intended for them. INTEGRITY The accuracy and completeness of data must be assured. AVAILABILITY It must be ensured that vital information is available whenever needed.
  • 6.
    Areas of Cybersecurity CloudComputing Concepts and Architecture Legal Issues, Contracts and Electronic Discovery Governance and Enterprise Risk Management Compliance and Audit Management Infrastructure Security Application Security Data Security and Encryption
  • 7.
    Next Topic Cybersecurity – What?Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
  • 8.
    Brief History ofCybersecurity Attacks Do you remember “million-dollar lottery” emails? Have you received one? This is called phishing email. It is a training topic in itself.
  • 9.
    How are wedealing with challenges? To be honest, pretty badly! Here’s the list of data breaches occurred during the year 2020 so far.
  • 10.
    Commonly Known CybersecurityAttacks Denial-of-service (DoS) and distributed denial- of-service (DDoS) Man-in-the-middle (MitM) Phishing Drive-by attack Identity Theft SQL Injection Cross-site scripting (XSS) Eavesdropping Malware/Ransomware
  • 11.
    Next Topic Cybersecurity – What?Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
  • 12.
    Cybersecurity Drivers forOrganizations Continuous Improvement (e.g., ISMS, Security Roadmap, Training & Awareness, Logging & Monitoring) Compliance (e.g., ISO 27001, GDPR, Local Legislation) Audits (e.g., Technical Platform Audit, Penetration Testing, Customer Due Diligence) Contractual Obligations (e.g., Two-factor authentication, HSM for Key Management)
  • 13.
    Challenges for Corporations– Global and Local Internal External Fraud Data Breach Unintended information exposure Loss of reputation Asset theft Loss of business/revenue Internal information leak Penalty/Government fine Today, companies face wide range of challenges in the Cyberseucirty domain which can have internal or external causes and implications.
  • 14.
    Next Topic Cybersecurity – What?Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
  • 15.
  • 16.
    Cybersecurity and DevSecOps Purpose& Intent "everyone is responsible for cybersecurity" → everyone thinks about cybersecurity, all the time. How to Achieve? People Technology Processes By promoting security throughout the SDLC. Training and awareness provided to development teams Agile doesn’t mean absence of process Codifying security requirements and checklists which allow built-in security type of development Automation and configuration management CI/CD Secure coding practices “Security as Code” Application level auditing (SAST, DAST)
  • 17.
    Next Topic Cybersecurity – What?Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
  • 18.
    Information Security fromProduct and Infrastructure Perspective Application Database Customer Controls Data Center Operations, Policies & Compliance Role-based access Logical Separation Between Customers Single sign-on Geographical Preference (US/EU/Asia) ISO 27001 Certified Information Security Management Audit logs AWS Hosting Audit Logs Offsite Backups GDPR Compliant DPA 24x7 Monitoring Daily Backups User Management / Per-Role Authentication Highest Level of Physical Security Regular Penetration Testing Secure Browser Connections Data Encryption (In Transit and At Rest) Task Level Permission More than 85 Global Certifications/Attestations Third-Party Audits Two-Factor Authentication No Direct Access to All Employees Ability to Export Data Certified Disaster Recovery Practices CSA-STAR Participation Secure Architecture Segregation of Duty Configurable Password/IT Policy Continuous Capacity Monitoring Competent In-House Development Team
  • 19.
    Personal Data Processing– New Era • Architecture Supporting Secure-by-design / Privacy-by-design Principles • The new architecture will be built based on the following considerations – • “Forget me” requests • Restrict processing • Export data • Keeping data no longer than necessary • Access control • Audit logs • Local legislations • Further Reading https://gdpr-info.eu/art-25-gdpr/
  • 20.
    Next Topic Cybersecurity – What?Why? Where? How? 01 Past and Present Scenario 02 Deep Dive – Areas of Cybersecurity 03 Cybersecurity in Software Development Lifecycle 04 Information Security from a Product Perspective 05 Cybersecurity – Skills Matrix and Career Options 06 References 07
  • 21.
    Cybersecurity – SkillsMatrix and Career Options INFRASTRUCTURE COMPLIANCE TECHNOLOGY PRODUCT LEADERSHIP SPECIALIZED AREAS Next Generation Firewall Configuration Authentication Infrastructure Hardware Encryption AWS CI/CD ISO 27001 ISO 27018 SOC2 NIST C5 (German Market) Internal/External Audits Security Testing RESTful API OWASP Project Automated Incident Handling Threat Modeling Security Features Product Roadmap Customer Liaison Vendor Management Budget Input/Cost Estimation Risk Analysis Security Awareness Training Ethical Hacking Cryptography Masking/Tokenization Encryption Keys Management
  • 22.
    Reference Reading OWASP Project -https://owasp.org/ NIST Cybersecurity Framework - https://www.nist.gov/cyberframework ISO 27001 - https://www.iso.org/isoiec- 27001-information-security.html Web Security Academy - https://portswigger.net/web-security
  • 23.