[LT] V.Benetis. Kibernetinis saugumas: ką būtina žinoti IT paslaugų pirkėjamsVilius Benetis
VDAI konferencijoje DUOMENŲ APSAUGA 2014 M.: NAUJOVĖS, AKTUALIJOS, PROBLEMATIKA - skaitytos paskaitos "Kibernetinis saugumas: ką būtina žinoti IT paslaugų pirkėjams" medžiaga
The document describes various locations visited by the Malard family in Canada including cities like Vancouver and Victoria as well as natural areas like Stanley Park, Grouse Mountain, and Jericho Beach. It mentions cultural sites such as Gastown, Chinatown, and Granville Island. Recreational activities are also noted at Rogers Arena, Cedar Rim Nursery, Fort Langley, and UBC Museum of Anthropology. Further destinations include Bowen Island, Steveston, Richmond Night Market, Long Beach, and Tofino.
This short document does not contain any substantive information to summarize in 3 sentences or less. It consists of only two words without any context or details.
These are the slides from a presentation I made at the 2011 HRO Summit in Singapore on the 12th of May. The information will be interesting to any HR Leader with responsibility for HR Compliance in the APAC region.
Bloom's taxonomy is a classification system used to categorize levels of thinking according to their complexity, from simple recall or recognition of facts to the more complex skills of evaluation, analysis, and creation of new ideas or products. It was originally developed in 1948 and has been revised over time. The taxonomy moves from lower to higher order thinking skills, starting with remembering factual information, then understanding concepts, applying knowledge to solve problems, analyzing by breaking things down into parts, evaluating by making judgments, and finally creating new ideas or products at the highest level.
This very short document contains 4 short sentences or phrases listed with numbers. It does not provide enough contextual information to extract any meaningful essence or create a multi-sentence summary.
[LT] V.Benetis. Kibernetinis saugumas: ką būtina žinoti IT paslaugų pirkėjamsVilius Benetis
VDAI konferencijoje DUOMENŲ APSAUGA 2014 M.: NAUJOVĖS, AKTUALIJOS, PROBLEMATIKA - skaitytos paskaitos "Kibernetinis saugumas: ką būtina žinoti IT paslaugų pirkėjams" medžiaga
The document describes various locations visited by the Malard family in Canada including cities like Vancouver and Victoria as well as natural areas like Stanley Park, Grouse Mountain, and Jericho Beach. It mentions cultural sites such as Gastown, Chinatown, and Granville Island. Recreational activities are also noted at Rogers Arena, Cedar Rim Nursery, Fort Langley, and UBC Museum of Anthropology. Further destinations include Bowen Island, Steveston, Richmond Night Market, Long Beach, and Tofino.
This short document does not contain any substantive information to summarize in 3 sentences or less. It consists of only two words without any context or details.
These are the slides from a presentation I made at the 2011 HRO Summit in Singapore on the 12th of May. The information will be interesting to any HR Leader with responsibility for HR Compliance in the APAC region.
Bloom's taxonomy is a classification system used to categorize levels of thinking according to their complexity, from simple recall or recognition of facts to the more complex skills of evaluation, analysis, and creation of new ideas or products. It was originally developed in 1948 and has been revised over time. The taxonomy moves from lower to higher order thinking skills, starting with remembering factual information, then understanding concepts, applying knowledge to solve problems, analyzing by breaking things down into parts, evaluating by making judgments, and finally creating new ideas or products at the highest level.
This very short document contains 4 short sentences or phrases listed with numbers. It does not provide enough contextual information to extract any meaningful essence or create a multi-sentence summary.
This document describes a human resources consulting firm that offers scalable and cost-effective solutions. The firm has strengths in auditing, system design, strategy, risk management, and training. It has experience in areas like employee relations, compliance, change management, talent acquisition, and vendor management. The firm's clients seek to be informed, cost-conscious, efficiency-focused, and risk-mitigating as their needs evolve. Contact information is provided for two directors at the consulting firm.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
The document describes a route through British Columbia that includes stops in the Okanagan Valley region known for wine, specifically at Mission Hill Winery in Kelowna, then traveling to Revelstoke in the Canadian Rockies before reaching Banff also located in the Rocky Mountains and passing through the Fraser Canyon.
Central and Eastern European economies are booming and companies are seeking talent. Neumann International, with over 35 years of experience in human resources for Western Europe and emerging markets, is ready to provide its services wherever needed. As Eastern economies become global leaders, Neumann International understands developing local economies and has expertise in key sectors to connect top talent with expanding businesses. Neumann International works proactively across borders to bring together candidates and companies through a shared understanding of local parameters.
The document discusses HR compliance in the Asia Pacific region. It notes that HR compliance involves adhering to employment regulations where a company operates. The Asia Pacific region faces complexity due to diversity across countries in areas like minimum wages. Recent changes in countries like Hong Kong, Malaysia, and India are discussed. The challenges for HR leaders in ensuring compliance across the region are addressed, including creating centers of excellence, balancing corporate policies with local laws, and effectively managing internal and outsourced compliance resources.
Laëtitia works during the day and spends time at home with her family in the evenings. She enjoys cooking and eating meals with her family. The document wishes Laëtitia a safe trip home from work.
The Normans descended from Norse Vikings and Frankish conquerors. In 1066, William the Conqueror, a Norman, led the Norman conquest of England and became King William I. The Normans brought changes to England like replacing the native English ruling class with a French-speaking Norman nobility and clergy. They also transformed the English language by introducing many French words. Norman rule had a significant impact on English culture, government, and language.
This document analyzes how the media product represents social groups such as women and men. It argues that women are represented negatively as overly emotional and mentally unstable. The main character and her niece are shown to have mental health issues stemming from their childhood. Men are represented as cold, emotionless problem-solvers who see mentally ill women as routine cases. However, the document also notes that these representations were not intentional, as the goal was to portray a type of mental illness, not send messages about gender. Choosing a female lead helped use childish props and costumes to link to Alice in Wonderland.
The document discusses potential media distribution companies in the UK for a new music magazine. It analyzes the two major publishing houses, IPC and Bauer Media, which both distribute magazines with similar target audiences of 15-34 year olds. Specifically, Bauer Media distributes Q Magazine, which has a circulation of 80,418 copies and targets a slightly older audience than NME Magazine. The document concludes that Bauer Media would be the preferred choice to distribute a new music magazine targeting 16-25 year olds, as they have experience targeting the desired demographic. An alternative option would be to independently publish the magazine, citing the success of MixMag as an example.
This portfolio belongs to Juliana Serrano Chávarro and contains works from her class 10-02 J.M. It includes a presentation and a drawing of her best friend.
Context audience understanding plus 2013Les Bicknell
The document discusses how context influences the experience and understanding of artworks. It describes various systems and structures like museums, galleries, books, and digital platforms that mediate how artworks are presented and accessed by audiences and makers. These contexts, like hanging methods, locations, and presentation formats can frame how audiences and artists interpret and relate to creative works.
Pranešimas "Kibernetinė sauga. Vadovo požiūris" BKA ir ISACA Lietuva renginyje "Kaip pagerinti IT valdymą?" Balandžio 9 d., 2015. Pranešėjas - Romualdas Lečickis, UAB NRD CS.
BKA renginio "Kaip tapti lyderiais IT valdymo, saugos ir audito srityje?" pranešimas apie COBIT ir jo panaudojimą IT valdymui ir auditui. Renginys vyko balandžio 18 d., 2013.
This document describes a human resources consulting firm that offers scalable and cost-effective solutions. The firm has strengths in auditing, system design, strategy, risk management, and training. It has experience in areas like employee relations, compliance, change management, talent acquisition, and vendor management. The firm's clients seek to be informed, cost-conscious, efficiency-focused, and risk-mitigating as their needs evolve. Contact information is provided for two directors at the consulting firm.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
The document describes a route through British Columbia that includes stops in the Okanagan Valley region known for wine, specifically at Mission Hill Winery in Kelowna, then traveling to Revelstoke in the Canadian Rockies before reaching Banff also located in the Rocky Mountains and passing through the Fraser Canyon.
Central and Eastern European economies are booming and companies are seeking talent. Neumann International, with over 35 years of experience in human resources for Western Europe and emerging markets, is ready to provide its services wherever needed. As Eastern economies become global leaders, Neumann International understands developing local economies and has expertise in key sectors to connect top talent with expanding businesses. Neumann International works proactively across borders to bring together candidates and companies through a shared understanding of local parameters.
The document discusses HR compliance in the Asia Pacific region. It notes that HR compliance involves adhering to employment regulations where a company operates. The Asia Pacific region faces complexity due to diversity across countries in areas like minimum wages. Recent changes in countries like Hong Kong, Malaysia, and India are discussed. The challenges for HR leaders in ensuring compliance across the region are addressed, including creating centers of excellence, balancing corporate policies with local laws, and effectively managing internal and outsourced compliance resources.
Laëtitia works during the day and spends time at home with her family in the evenings. She enjoys cooking and eating meals with her family. The document wishes Laëtitia a safe trip home from work.
The Normans descended from Norse Vikings and Frankish conquerors. In 1066, William the Conqueror, a Norman, led the Norman conquest of England and became King William I. The Normans brought changes to England like replacing the native English ruling class with a French-speaking Norman nobility and clergy. They also transformed the English language by introducing many French words. Norman rule had a significant impact on English culture, government, and language.
This document analyzes how the media product represents social groups such as women and men. It argues that women are represented negatively as overly emotional and mentally unstable. The main character and her niece are shown to have mental health issues stemming from their childhood. Men are represented as cold, emotionless problem-solvers who see mentally ill women as routine cases. However, the document also notes that these representations were not intentional, as the goal was to portray a type of mental illness, not send messages about gender. Choosing a female lead helped use childish props and costumes to link to Alice in Wonderland.
The document discusses potential media distribution companies in the UK for a new music magazine. It analyzes the two major publishing houses, IPC and Bauer Media, which both distribute magazines with similar target audiences of 15-34 year olds. Specifically, Bauer Media distributes Q Magazine, which has a circulation of 80,418 copies and targets a slightly older audience than NME Magazine. The document concludes that Bauer Media would be the preferred choice to distribute a new music magazine targeting 16-25 year olds, as they have experience targeting the desired demographic. An alternative option would be to independently publish the magazine, citing the success of MixMag as an example.
This portfolio belongs to Juliana Serrano Chávarro and contains works from her class 10-02 J.M. It includes a presentation and a drawing of her best friend.
Context audience understanding plus 2013Les Bicknell
The document discusses how context influences the experience and understanding of artworks. It describes various systems and structures like museums, galleries, books, and digital platforms that mediate how artworks are presented and accessed by audiences and makers. These contexts, like hanging methods, locations, and presentation formats can frame how audiences and artists interpret and relate to creative works.
Pranešimas "Kibernetinė sauga. Vadovo požiūris" BKA ir ISACA Lietuva renginyje "Kaip pagerinti IT valdymą?" Balandžio 9 d., 2015. Pranešėjas - Romualdas Lečickis, UAB NRD CS.
BKA renginio "Kaip tapti lyderiais IT valdymo, saugos ir audito srityje?" pranešimas apie COBIT ir jo panaudojimą IT valdymui ir auditui. Renginys vyko balandžio 18 d., 2013.
Kaip gauti daugiau naudos iš verslo valdymo sistemosvvsprendimai
Kodėl diegiant verslo valdymo sistemas vienos įmonės pasiekia geresnių rezultatų nei kitos? Verslo valdymo sistemos pasirinkimas yra vienas iš svarbesnių faktorių. Tačiau, tai ne viskas. Tyrimai rodo, kad sėkmingiausios įmonės pasižymi tam tikromis savybėmis, kurių neturi likusios įmonės. Pristatymo medžiagoje pateikiami tyrimo duomenys ir siūlomi penki būdai, kaip padidinti verslo valdymo sistemos teikiamą naudą.
Iteracinio‐inkrementinio (angl. Agile) metodo naudojimo naudos ir rizikos už...Vaidas Adomauskas
Iteracinio-inkrementinio (angl. Agile) metodo naudojimo naudos ir rizikos užsakovui. Vaidas Adomauskas, asociacijos „Agile Lietuva“ prezidentas
Prezentacija „Agile Lietuva“ ir „Infobalt“ organizuotame seminare valstybinėms institucijoms: “Valstybės IS gyvavimo ciklo valdymo metodikos pasikeitimai. Ką svarbu žinoti?”
A. Kovaliov ir M. Žemaitis: Viešieji pirkimai ir Agile. RekomendacijosAgile Lietuva
Nuotolinio susitikimo metu pranešėjai Aleksej Kovaliov ir Marius Žemaitis supažindino su viešiesiems pirkimams naujai parengtomis rekomendacijomis, kurios padės rengiant IT pirkimus. Rekomendacijos parengtos viešojo ir privataus sektoriaus kartu ir jose įraukti Agile principai.
Susitikimo metu buvo aptartos:
- techninės įrangos, Programinės įrangos licencijų, licencijų atnaujinimų ir/arba gamintojo garantinio palaikymo pirkimų rekomendacijos;
- el. paslaugos arba IT sprendimo įgyvendinimo, modernizavimo, diegimo ir priežiūros paslaugų pirkimų rekomendacijos
- IT ekspertų paslaugų pirkimų rekomendacijos ;
- saugos testavimo paslaugų pirkimų rekomendacijos;
- IT infrastruktūros nuomos pirkimų rekomendacijos.
Viešieji pirkimai ir Agile. Rekomendacijos (Agile Lietuva meetup 2020 11)Alexey Kovalyov
VPT+Infobalt+Agile Lietuva Rekomendacijos
„Didelio projekto“ pirkimai
Esamų sistemų aprašymas
Nepersistengti su technologiniais reikalavimais
Aprašyti tai, ką labiausiai norisi praleisti
Realizavimo etapai
Techninis priėmimas ir kt
2. Saugumo auditas: kas tai?
• Saugumo auditas – tai sistemingas duomenų
apie esamą informacinio saugumo užtikrinimo
situaciją objektuose, veiksmuose ir įvykiuose,
egzistuojančiuose tikrinamoje informacinėje
infrastruktūroje rinkimas, analizė ir atitikties
nustatytiems kriterijams įvertinimas
• Paprasčiau tariant...
3. Saugumo audito tikslas
• Informacinės saugos užtikrinimo procesų tyrimas
sistemose, dirbančiose pagal tiesioginę paskirtį –
vartotojų poreikių tenkinimą
• Sistema tai - konkreti aplikacija, konkretus
serveris ar jų grupė, visa įmonė ir t.t.
4. Šiuolaikinių informacinių sistemų savybės
• Vyksta daug procesų ir situacijų, kurių kontekstas
ir parametrai nebūtinai tinkamai fiksuojami ir
aprašomi
• Pažeidžiamumų, leidžiančių apeiti
egzistuojančius saugumo apribojimus skaičius
nuolat auga
• Informacinio saugumo užtikrinimas suvedamas į
tam tikrą produktų rinkinį
5. Saugumo auditas: realybė
• Saugumo auditas – tai SVARBU
• Saugumo auditas – tai REIKALINGA
• Saugumo auditas – tai NAUDINGA
6. Tai svarbu, nes:
• Ekonominiai nuostoliai dėl IT saugumo
pažeidimų nuolat sparčiai auga
• Informacijos apsaugai skirtų priemonių rinka
vystosi nevisuomet aiškia kryptimi: ko gi iš tiesų
reikia?
• Mums yra reikalingas atsakymas į klausimą: Kas
yra gerai, o kas yra blogai?
7. Tai reikalinga, nes:
• Tik nepriklausoma ekspertizė gali parodyti
objektyvią informacinio saugumo užtikrinimo
priemonių būklę
• Reikia įvertinti visus informacijos apsaugos
aspektus ir nustatyti jų sąryšius
• IT saugumo modelio pažeidimai yra latentiški,
todėl geriau vykdyti prevenciją nei šalinti
pasekmes
8. Tai naudinga, nes:
• Atsiranda informacijos saugumo užtikrinimo
strategija, atitinkanti realią situaciją
• Atsiranda galimybė surasti balansą tarp
organizacinių ir techninių IT saugumo
sudedamųjų dalių
• Išlaidos auditui atsiperka ateityje dėl IT saugumo
užtikrinimo optimizacijos
9. Saugumo auditas: mitai
• Saugumo auditas – tai ISO 17799 standartas
• Saugumo auditas – tai ISO 15408 standartas
• Saugumo auditas – tai automatinis skenavimas ir
atakų aptikimas
10. Mitas Nr 1: Standartas ISO 17799
• ISO 17799 labiau reikalingas informacinio
saugumo užtikrinimo vadybos lygio įvertinimui,
kadangi:
• Yra galimybė įvertinti tik informacijos apsaugos
valdymo būklę
• Neleidžia realiai įvertinti sistemų apsaugos lygio
• Lieka neišspręstas klausimas: ar pakanka esamų
priemonių ir kiek efektyviai jos veikia?
11. Mitas Nr 2: Standartas ISO 15408
• ISO 15408 galima taikyti sudarant reikalavimus
informacijos apsaugai ir vertinant apsaugos priemones,
kadangi:
• Numatyta tik reikalavimų produktams ar technologijoms
formavimo metodika
• Reikalauja “saugumo profilio” ir “saugumo užduočių”
sukūrimo norint įvertinti saugumo funkcijų realizacijos
taisyklingumą
• Lieka neišspręstas klausimas: ar visos realios grėsmės
nagrinėjamame objekte yra įvertintos ir gali būti
pašalintos?
12. Mitas Nr 3: Automatinis skenavimas
• Praverčia palaikant norimą saugumo būklę,
tačiau to neužtenka:
• Automatizuoti skeneriai klysta
• Automatizuoti sprendimai negali išspręsti
loginių ar “žmogiškųjų” klausimų
• Lieka neišspręstas klausimas: jei skenavimo metu
nebuvo aptikta jokių pažeidžiamumų, tai jų išties
nėra?
13. Saugumo auditų tipai
• Procedūrinis saugumo auditas (organizacijos
atitikimas ISO-xxxxx)
• Technologinis saugumo auditas
• Įsibrovimo testas + kompleksinis saugumo
auditas
• Planinis saugumo įvertinimas (kontrolinis
auditas)
14. Kiek galima (reikia) išleisti saugumo auditui?
• Saugumo auditas – tai prevencinė priemonė (pvz.
draudimas), neturinti tiesioginės investicijų grąžos
• Tačiau yra netiesioginė nauda – esamos situacijos
pagerinimas, rizikos sumažinimas, aiški saugumo
užtikrinimo strategija ir t.t.
• Vieni sako, jog reikia išleisti 2-5% nuo galimos žalos, kiti
teigia, jog 10-15% IT biudžeto. Tretiems saugumo
nereikia. Įvertinti padėtį yra sudėtinga – universalios
formulės čia nėra, o spręsti vis tiek Jums.
15. Ačiū!
Miroslav Lučinskij
miroslav.lucinskij@critical.lt
http://corporate.critical.lt | http://www.critical.lt