Download Security and Assurance in IT organization

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
Document related concepts

Business intelligence wikipedia , lookup

Information security wikipedia , lookup

Computer security wikipedia , lookup

Transcript 
Security and
Assurance in IT
organization
Name: Mai Hoang Nguyen
Class: INFO 609
Professor: T. Rohm
Table of contents:
Attackers
 Classification of threats
 Defensive measures
 Security management framework
 Risk & incident management of Security

Attackers:
About 46% of companies and government
agencies suffered security incident from 2007
until now.
 Who are the attackers?
+ Thrill seekers who like the challenge of
defeating defense systems.
+ Other attackers who dislike their company and
intended to steal the company’s proprietary data,
such as credit card numbers or other online
payment.

Classification of threats:
Managers must understand the classification of threats:
 External Attacks: harm against computing infrastructure.
+E.g.: DoS-Denial of Service:
attackers send data packets
more rapidly than the target
machine can handle. Each
packet begins to be
authentic conversation
with the victim computer,
thus disable infrastructure
devices.

Classified threats:
Classification of threats:




Intrusion: gain access to a company’s internal IT
infrastructure by various methods. e.g. obtaining user
names & passwords.
Intruders can use high-tech ways such as using “sniffer”
software for LANs, or exploiting computer codes to gain
access to systems.
Hackers can scan IP exploitable addresses to their
master computer.
If a company does not know exactly about its system,
customers & business partners will not trust security of
data entrusted to the company.
Defensive Measures:

To secure a company’s data, infrastructure
components, and reputation, managers must build 6
defenses:
1.
Security Policies: related to people who has company account,
passwords, security features,…
Firewalls: collection of software/hardware to prevent system
assess
Authentication: host/network/data authentication to control
assesses
Encryption: renders the e-transmission unreadable
Patching and change management: change passwords regularly
or keep important data in computer’s files or “fingerprints”.
Intrusion Detection and network monitoring: combine hardware
probes and software diagnostic system to help network
administrators recognize when their infrastructure is under attack.
2.
3.
4.
5.
6.
Network intrusion detection system:
Security management frame work:





Make Deliberate security decisions: Managers must not
allow public internet in company and educate
themselves on security relation and decision.
Consider Security a Moving target: company must attack
their own system and hire outside firm to audit, stay in
source of CERT(Computer Emergency Response Team)
Practice Disciplined Management: for process changes
Educate users: to understand the dangers of sharing
password and connection.
Deploy Multilevel technical Measures: as may as needed
be. Use security at host & network levels.
Risk Management:



Managing before the incident: use sound infrastructure design,
disciplined execution of operating procedure, careful documentation,
established crisis management procedures and rehearsing incident
response.
Managing during the incident: human decision makers have
obstacles to deal with: confusion/denial/fear responses. Awareness
of psychological traps helps decision makers to avoid them.
Managing after the incident: erase or rebuild parts of the
infrastructure. Managers need to understand what incident
happened, and connect with the company’s protecting entrusted
information.
Related documents
Self Matters: Confronting Stress and Taking Care of yourself
Self Matters: Confronting Stress and Taking Care of yourself
File - Wisconsin MABAS Division 112
File - Wisconsin MABAS Division 112
Practice Based Improvement Log
Practice Based Improvement Log
Comprehensive All-Hazard Emergency Response Plan Overview
Comprehensive All-Hazard Emergency Response Plan Overview
PHYSICAL PLANT Incident Investigation Director’s Checklist
PHYSICAL PLANT Incident Investigation Director’s Checklist
Exposure Report
Exposure Report
Customer markets
Customer markets
Slayt 1
Slayt 1
Taxonomy of Computer Security Incidents
Taxonomy of Computer Security Incidents
A. Explain the nature of marketing plans. B. Explain the role
A. Explain the nature of marketing plans. B. Explain the role
Security
Security
01 Computer security overview
01 Computer security overview
Security Incident Response Long Form
Security Incident Response Long Form
Security Management and Operations
Security Management and Operations
A Common Language for Computer Security Incidents
A Common Language for Computer Security Incidents
Incident Handling Applied Risk Management September 2002
Incident Handling Applied Risk Management September 2002
After Detection of an Incident
After Detection of an Incident
Security Incident Investigation Report Sample
Security Incident Investigation Report Sample
Effective Log Management - National Cyber Security Centre
Effective Log Management - National Cyber Security Centre
Guidelines for Off-Site Care Facilities
Guidelines for Off-Site Care Facilities
Major Incident Response Policy - Portsmouth Hospitals NHS Trust
Major Incident Response Policy - Portsmouth Hospitals NHS Trust
Firing Theory - Naval Postgraduate School
Firing Theory - Naval Postgraduate School