Download MIS 5208 – Data Analytics f or IT Auditors Introduction & Course O verview Ed Ferrara, MSIA, CISSP

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
Document related concepts

Nonlinear dimensionality reduction wikipedia , lookup

Transcript 
M I S 5 2 0 8 – Data An aly tic s f o r I T Au d ito r s
I n tr o d u c tio n & C o u r s e O v e r v ie w
Week1:Introductions,CourseOutline,Reading,Toolsand
OtherAdministrationIssues
EdFerrara,MSIA,CISSP
[email protected]
Ag e n d a
§
Introductions
§
CourseDescription
Tools
§
§
§
§
AuditControlLanguage(ACL)
Splunk
Excel
§
Schedule
§
§
§
Syllabus
ReadingList
GradesandGrading
§
§
§
§
§
Labs
Quizzes
Mid-term
Finalexam
ClassParticipationBlog
E d w ar d S . F e r r ar a
§
ChiefInformationSecurityOfficer,CSLBehring
§
§
§
§
§
§
§
§
§
§
Cybersecurityservices
Cloud
Metrics
Enterprise cybersecurityinformation architecture
CISSP#316968
B.A.Franklin&MarshallCollege(Economics)
M.A.UniversityofDelaware(EducationalStudies,
ComputerScience,Cognition)
M.S.NorwichUniversity(Cybersecurity)
Twitter:@eferrara
LinkedIn:EdFerrara
I n tr o d u c tio n s
§
WhoamI?
§
§
§
Sharemyinterestinthistopic
withyouandhelpyouapplydata
analyticstoITauditing and
cybersecurity
WestChester,Pennsylvania
Ireallylikesailing
§
Whoareyou?
§
§
§
§
§
Inyourfirstblog– pleasewritea
brief description ofyourself.
Pleasetellusyour goalsand
objectivesfor thisclass
Pleasetellusyour goalsand
objectivesfor theprogram
Pleasetelluswhereyouarefrom
Pleasetellusonething youwant
usalltoknowabout
C o u r s e De s c r ip tio n
§
§
§
MIS5208examinestheuseandpowerofdataforbothfraud
detectionbutalsoforcybersecurityincidentinvestigation
Yougetwhatyoumeasure.
Thecoursepresents:
§
§
§
Basicdataanalysisconceptsandthenappliesthesetechniquesto
cybersecurityandfrauddetectionproblems.
Tools:
Audit
§
§
AuditControlLanguage(ACL)
Excel
§
Cybersecurity
§
§
BashShellCommands
Splunk
CourseSchedule
C o u r s e S c h e d u le
Week
Meeting
Topic
Date
Tuesday Introduction totheCourse
01.12.201
Introduction toFraudandForensic
6
Investigations
ACL ToolinstallationDemonstration
1
2
3
Tuesday Introduction toACL01.26.201
6
5
6
7
WEBEX
Deliverables/Quizzes /
Tests Due
Reading
V9.0DesktopEDUCNon-Unicode (WindowsOnly). IfyouhaveaMacor
Linux machine youwillneedtorunWindowsinaVMtousethissoftware.
Templestudentsareentitledtoonecopyeachofthefollowingsoftware:
•
Windows8.1
•
MicrosoftOffice
SeethefollowingTempleWebsite: MicrosoftWorkAtHome
Tuesday FraudDetectionandPrevention
01.19.201
6
4
Comments
IfyouarenotusingWindowsasyourprimaryoperatingsystem(e.g.Mac
orLinux) youwillneedtoinstallavirtualwindowsmachineinordertorun
windows.ThereisnoversionofVMwarePlayerforOSX.VMwaresellsa
Macversionoftheirproductcalled VMwareFusion.Youmayuseitastrial
version30daysforfree.Thereisafreeversionof VMWarePlayerforLinux.
Toolsneeded: ACL
Quiz1Available
Lab1Available
WEBEX
WEBEX
Toolsneeded: ACL
Tuesday FraudinCyberspace
SpecialGuestSpeaker: Mr.MikeGreen,HeadofITSecurity,Risk,and
02.02.201
Governance,MarsInc.- Quiz2Available
6
Tuesday OverviewoftheDataandWorkingwithData Toolsneeded: ACL
02.09.201
6
Tuesday AnalyzingTrendsintheDataandKnown
Toolsneeded: ACL/EXCEL
02.16.201 Symptomsof Fraud
6
Tuesday UnknownSymptomsof Fraud,Automatingthe Toolsneeded: ACL/EXCEL
02.23.201 DetectionProcess,VerifyingtheResults
Mid-TermExam Available
6
Install SplunkCommunityEnterpriseorCommunityEdition tobereadyfor
thenexthalfof classoverSpringBreak.
Coderre - 1,2,3
Appendix C
Lab01:FraudsofNote
ACLInPracticeTutorial
- 1,2
Coderre - 4,5
Quiz1
NONE
ACLInPracticeTutorial
PleaseworkonLab- 3,4
andQuiz.
None.
WEBEX
Coderre - 6,7
WEBEX
ACLInPracticeTutorial
- 5,6
Coderre - 8,9
Lab- 03- UsingACLto
AnalyzeTransactions
Appendix A- Fraud
InvestigationPlans
MID-TERMEXAM
WEBEX
WEBEX
Lab- 02- UsingACLto
Examine Expense
Patterns
Quiz2
C o u r s e S c h e d u le
SPRINGBREAK(February29– March6)
Tuesday IntroductiontoCybersecurityInvestigations- Install SplunkCommunityEnterpriseorCommunityEdition
8 03.08.201 TheKillChain
6
Tuesday BigDataandSplunk
Tools:Splunk
9 03.15.201
6
Tuesday GettingDataIntoSplunk
Tools:Splunk
03.22.201
10 6
WEBEX
WEBEX
ZadrozniandKodalli–
1,2
WEBEX
ZadrozniandKodalli– Lab04– GettingData
3
intoSplunkand
ProcessingtheData
WEBEX
ZadrozniandKodalli–
4
WEBEX
ZadrozniandKodalli– Quiz4
5
Quiz3
11
12
13
14
Tuesday Processingand AnalyzingData
03.29.201
6
Tuesday VisualizingTheResults
04.05.201
6
Tuesday DefiningAlerts
04.12.201
6
Tuesday
04.19.201
6
Tools:Splunk
Tools:Splunk
Tools:Splunk
WEBEX
NONE.
PrepareforFinalExam Lab05– Visualizingthe
ResultsandDefining
Alerts
FINAL EXAM
M is s io n an d L e ar n in g O b j e c tiv e s
§
§
§
§
§
Understand howtoorganize and
analyzecontrol data
Understand theprinciples of
transaction-oriented data,andhowto
storeandretrievedatafor data
sources.
Understand methods toidentify ways
inwhichperpetrators compromise
datatoaffectfraud.
Identifyandcomparesourcesand
methods ofcapturing datathroughout
abusiness process.
Usedatamining techniques to
identify associationsandtrends
among data.
§
§
§
§
Apply datamining techniques to
examinecontrolefficacy.
Integratedataacrossmultiple
sources, transforming itintoasingle
view.
Understand andselectappropriate
datavisualization techniquesto
effectivelycommunicate theresults
ofananalysiseffort.
Communicateanalysisresultsto
stakeholders forongoing quality
assuranceandprocessimprovement.
Re q u ir e d T e x ts
O p tio n al T e x ts (F u tu r e Re ad in g )
Pr e s e n tatio n s an d L ab 0 1
§
§
§
§
Laterinthecourseyouwillbeaskedto
presentyourlabfindingsonaselective
basis– eitherindividuallyorasagroup
Ideasandproposalsinbusinessarenow
typicallycommunicatedvia“decks”.Often
thesedecksarenotevenpresentedinthe
formalsense,theyjustgetemailedtothe
recipient.Youneedtolearnhowto
communicateyourideasusingdecks.This
isanimportantskill.Youcanbethebest
analystintheworldbutifyoucannotget
yourideasacross…
Writingskillsareimportantbutwetendto
overemphasizecorrectgrammarandform
– notnecessarilysimpleanddirect
communication– theessenceofcreating
gooddecks.
Eachslideinyourdeckshouldbecrafted
justlikeyouwouldcraftacanvasofa
painting!
§
§
§
§
TheCognitiveStyleofPowerPoint by
EdwardTufte (34Pages)
PresentationSkillsVideo:
https://www.youtube.com/watch?v=ayxf
blOyUBY (3:56)
PresentationSkillsVideo:
https://www.youtube.com/watch?v=VVp
8UGjECt4(5:20)
PresentationSkillsVideo:
https://www.youtube.com/watch?v=whT
wjG4ZIJg(7:18)
Thankyou.
Related documents
ACL Connections
ACL Connections
ACL 450 - ACL Staticide
ACL 450 - ACL Staticide
Thursday - CSI Final Exam
Thursday - CSI Final Exam
What is an Agent?
What is an Agent?
Anterior Cruciate Ligament Reconstructive Surgery
Anterior Cruciate Ligament Reconstructive Surgery
Splunk at Corporate Express
Splunk at Corporate Express
Transcript: Network Hardening Techniques Part 1
Transcript: Network Hardening Techniques Part 1
The Knees - Elizabeth Bauer Consults
The Knees - Elizabeth Bauer Consults
EQALIS Resells Prelert
EQALIS Resells Prelert
A large number of problems in data mining are related to fraud
A large number of problems in data mining are related to fraud
Posterior lateral acl reconstruction icd 10
Posterior lateral acl reconstruction icd 10
Optimizing Data Analysis with a Semi-structured Time Series Database Splunk Inc. Abstract
Optimizing Data Analysis with a Semi-structured Time Series Database Splunk Inc. Abstract