Call Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur Escorts
Presentation 1.pptx
1. INFORMATION SECURITY
Group members :
Hamza Hamid BSCS-F19-236
Rabeet Kashif BSCS-F19-24
Jawad Ali BSCS-F19-214
Muhammad Bilal BSCS-F19-210
Sheraz Bakht BSCS-F19-213
2. W H AT I S I N F O R M AT I O N
S E C U R I T Y ?
2
o Information security, often referred to as InfoSec, refers to the processes and tools designed and
deployed to protect sensitive business information from modification, disruption, destruction, and
inspection.
o The primary principles are confidentiality, integrity, accountability, availability, least privilege,
separation of privilege, and least common mechanisms. The most common security principle is CIA
triad with accountability
o Cybersecurity deals with the danger in cyberspace. Information security deals with the protection of
data from any form of threat. Cybersecurity strikes against cybercrimes, cyber frauds, and law
enforcement. Information security strikes against unauthorized access, disclosure modification, and
disruption.
Crypto: investing & trading
3. TYPES OF
INFORMATION
SECURITY
Critical infrastructure security.
Application security.
Network security.
Cloud security.
Internet of Things (IoT) security.
4. WHAT IS A CISO?
A CISO, or chief information security officer, is a senior-level executive who
oversees an organization's information, cyber, and technology security. The
CISO's responsibilities include developing, implementing, and enforcing
security policies to protect critical data.
CISOs work closely with other senior executives, such as the chief information
officer (CIO) and chief technology officer (CTO), to ensure that the
organization's security program is effective and efficient. CISOs typically have a
background in information security, computer science, computer engineering
or another related field.
5. P R I M A R Y R E S P O N S I B I L I T I E S O F
C I S O S
5
Crypto: investing & trading
o Developing and implementing security policies and procedures, perhaps using a
security framework as guide
o Managing security staff, which means overseeing many security team at larger
organizations
o Understanding network activity and preparing for potential threats
o Overseeing incident response and disaster recovery planning
o Coordinating the response and recovery efforts when a data or security breach
occurs
o Reporting to the designated hierarchy, which might be the CIO, the CEO and
even the board of directors
6.
7. SECURITY OPERATIONS
CENTER
A security operations center (SOC) – sometimes called an information
security operations center, or ISOC – is an in-house or outsourced team of
IT security professionals that monitors an organization’s entire IT
infrastructure, 24/7, to detect cybersecurity events in real time and address
them as quickly and effectively as possible.
8. K E Y C O M P O N E N T S A N D F U N C T I O N S
O F A S O C T Y P I C A L LY I N C L U D E :
8
• Monitoring and Detection
• Incident Response
• Threat Intelligence
• Vulnerability
Management
• Security Incident
Investigation
• Threat Hunting
• Security Awareness and
Training
9. INFORMATION SECURITY
TECHNOLOGY
9
oInformation Technology (IT) includes computers and everything that can be done
with them. IT security is focused on protecting these computers, networks, and
other digital systems against cyberattacks and other threats.
o IT security is a set of cybersecurity strategies that prevents unauthorized access to organizational
assets such as computers, networks, and data.
10. BENEFITS OF
INFORMATION
SECURITY
TECHNOLOGIES
• Protects sensitive information
• Offers organization-wide protection
• Reduces the risks of remote work
• Infosec policies keep you away from penalties and fines
• It helps protect sensitive data
• It enables proactive risk management
• It builds trust with customers and other stakeholders
11. INFORMATION
SECURITY
TECHNOLOGIES
• High Cost of Implementation.
• Complex Management.
• Potential False Sense of Security.
• Compatibility Issues.
• Inconvenience to Users.
• Human Error.
• Limited Effectiveness Against Insider Threats.
12. EXAMPLES OF INFORMATION
SECURITY IN REAL WORLD
An Alarming Trend In The U.S.
Government
The Exit Interview
This Data Leak is Bananas
In Today’s News…Again.
13. I N F O R M AT I O N S E C U R I T Y
C E R T I F I C AT I O N
A digital certificate is a file or electronic
password that proves the authenticity of a
device, server, or user through the use of
cryptography and the public key infrastructure
(PKI). Digital certificate authentication helps
organizations ensure that only trusted devices
and users can connect to their networks.
14. I N F O R M AT I O N
S E C U R I T Y
C E R T I F I C AT I O N
• Certified Information Systems
Security Professional (CISSP)
• Certified Information Systems
Auditor (CISA)
• Certified Information Security
Manager (CISM)
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials
Certification (GSEC)
15. I N F O R M AT I O N S E C U R I T Y
B E S T P R A C T I C E S
Using strong passwords, updating your
software, thinking before you click on
suspicious links, and turning on multi-
factor authentication are the basics of
what we call “cyber hygiene” and will
drastically improve your online safety.
These cybersecurity basics apply to
both individuals and organizations.
16. INFORMATION
SECURITY BEST
PRACTICES
Best Practices for Developing IT Security Policies
and Procedures :
• Break it Down into Manageable Pieces.
• Include the Business Owners in the Process.
• Provide Procedures that Address More Than the
Do's and Dont's.
• Ensure Relevancy to Your Organization's Needs
and Goals.
• Review Policies on a Regular Basis.