Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Cyberwarfare wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Multilevel security wikipedia , lookup
Unix security wikipedia , lookup
Distributed firewall wikipedia , lookup
Wireless security wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Information security wikipedia , lookup
Mobile security wikipedia , lookup
Airport security wikipedia , lookup
Security printing wikipedia , lookup
Cyber-security regulation wikipedia , lookup
AFCEA ITS Course 2012 - Synopsis of Briefings The AFCEA IT Security Course is in its 21st year of operation! This all inclusive course offers a complete range of IT Security topics presented by 20 different experts in their respective fields. Along with its recognized quality of content, the top notch facilities, lodging and food, participants have an opportunity to interact with leading experts in the IT Security community in Ottawa. Many past students report that this interaction was key in helping steer their career in IT Security in the private and public sectors. In fact, the government of Canada Information Technology Security community views this course as a useful IT Security training and awareness investment for any person mandated to deal with Information Security issues. Security Risk Management Everything about security comes down to a risk management decision. This session will introduce one of the main pillars of this course: Risk Management. After presenting basic concepts and terminology, the important elements of a Risk Management Program will be introduced. The Threat and Risk Assessment (TRA) is one of the most important pieces of documentations in the certification and accreditation process. You will learn how to determine the sensitivity of the information you need to protect, examine the threats you’ve identified, assess the safeguards available, and put forth recommendations. The case studies that will be worked on through out the course will utilize the information obtained in this briefing.nnn Privacy Issues This briefing lightly touches on the type of information that is covered under the Personal Information Protection and Electronics Documents Act, (PIPEDA), what some of the consequences might be, and some examples of cases that went in front of the Privacy Commissioner. IT Legal Issues Discusses a variety of Acts, (for example Patent Act, Copyright Act, Access to Information Act, and Trade-Marks Act), that must be adhered to. As well, the sections of the Criminal Code that are specifically related to Information Technology are brought to the forefront. Threat Briefing This session provides a broad overview of deliberate threats, accidents and natural hazards that can compromise crucial IT systems and related assets as a useful point of departure for developing detailed threat assessments during the TRA process. Credible sources of threat information will also be identified. Policy on Government Security & Organization and Administration Security During this session, you will receive an overview of the Policy on Government Security (PGS), with emphasis on the basic policy requirements, the hierarchy of supporting documentation and the responsibilities of security lead agencies. As well, this session will identify fundamental roles and responsibilities in a security organization and explore some important management safeguards. Physical Security In this section you will discover the principles of physical security to be utilized from the security perimeter to the destruction of sensitive assets. In addition, the multi-layered approach and useful building construction features to be used will be brought to your attention. Personnel Security The major topics that will be presented during this briefing are: relevance of personnel security; linkages with other safeguards; and personnel security Life Cycle. The essential elements of the security screening of employees will also be provided. Defence-in-Depth This session introduces the second pillar of this course: Defence-in-Depth. Deploying security in successive layers of technological, procedural and personnel security measures is a recognized way of increasing the cost for the attacker. This session provides the foundation for the understanding and application of this security architecture methodology. IT Security Technical Safeguards This session will provide an overview of technical safeguards and, more specifically, the security functions that might be implemented in hardware or software to protect IT systems. IP Convergence Security; SCADA Security & Critical Infrastructure Protection As systems and network are moving towards “one” common infrastructure: video, phones, data etc all riding on one common network, it requires more and different styles of security to protect the system while providing a quality level of user expectation. This session discusses IP convergence from this point of view and its maturity state. In addition SCADA systems which used to be totally independent infrastructures are becoming IP based and what does that mean with respect to system effectiveness and cohesion. Internet Security We use the Internet in a wide and ever increasing number of ways. How secure is the environment? Who is attacking us? How are the types of attacks changing? What hacking tools are they using? How much do we really need to worry about these threats? All these questions and more will be answered during this briefing. Cryptographic Security & Public Key Infrastructure (PKI) In this briefing you learn about the two categories of encryption, symmetric and asymmetric, the advantages and disadvantages of both, and when it is best to use one or the other. The session will also introduce the rationale behind PKI and some of the fundamentals that govern how it is able to work without compromise. You will come out the session with a greater appreciation for the features, components and major policy and operational elements of a typical PKI deployment. IT & Cryptographic Assurance Many of you have seen the acronyms, FIPS, EAL and CC. The Common Criteria and FIPS 140-2 will be examined along with the methodologies used to evaluate security products and cryptographic systems against these standards. How these standards impact the selection of products and software, will be thoroughly explored in this very informative session. Network/Host Security Design Gone are the days of putting up a strong fence or wall to guard against the evil “Hun.” Today’s “Hun” plays ninja to the wall and starts to play amok within. This session introduces and reinforces the need to structure your defensive posture all the way throughout the networks right on down to the final host on your network. This session also introduces the concepts of Multi-Level Security and how HighAssurance computer architecture supports multi-level access. Security Standards Why are standards important? What are the key organizations in ITS standards? The main ITS standards from the ISO 27000 series to Sarbanes-Oxley will be explored. How to select and apply the precepts of these security standards to your organization? This session will provide the keys to a successful standards strategy. Mobile Computing Security Mobile computing has become very pervasive. Smart phones, tablets, laptop computers, USB memory (aka thumb drives) are convenient and easy to use and can easily become an organization’s worst nightmare. In this session you will be introduced to the risks they present and examine some of the ways to protect your personal and the organization’s privacy and data. Cloud Computing Security and Virtualization Security This fast growing opportunity for capital and operational savings presents increasing benefits for organizations of all sizes. Whether as an internal initiative or as an out-sourced model, virtualization and cloud computing present new and complex security questions that can lead to huge vulnerabilities if not addressed properly. Network boundaries are becoming more blurred. Computing services such as data storage and document management are being provided via the web or ‘Internet Cloud’. If that wasn’t enough to keep the IT Security Specialist awake at nights, consider who is delivering and managing your data when it’s in the cloud? In this session you will be introduced to the risks associated with using Cloud Computing services and methods that can be used to mitigate some of the respective threats. This session will offer various approaches to help implement these initiatives correctly. Security Incident and Event Management (SIEM) The ever evolving landscape of threats our network infrastructure must face require faster and more intelligent monitoring capabilities. When this infrastructure grows, there is a possibility for greater vulnerabilities that can be exploited. SIEM capability helps coordinate all aspects of Protect, Detect, React and Recover strategies. This session helps ensure adequate visibility and correlation of multiple security sensors to ensure threats are recognized, contained and blocked in real-time. Identity & Access Management ‘Halt! Step forward and be recognized’. This form of identity confirmation to grant access to the fortification is the basic foundation for today’s Identity and Access Management problem. This session will discuss fundamental concepts to ensure system access is granted only to known personnel and the technologies available to ensure higher degrees of assurances that the individual is who and what he says he is. This introduces the need and requirement for 2, 3 and 4 factor authentication mechanisms and why they are used at the repository and client levels. Vulnerability Assessment (Penetration Testing) Assessing the compliance of various systems with organizational policies must be performed in an on-going basis. Whether it is to validate the organization’s security posture or to detect security breaches, these processes ensure security measures continue to protect key assets during a system’s operational life cycle. EMSEC, TRANSEC Emission Security issues and the use of TEMPEST equipment will be covered, as well as Transmission Security as a means of protecting your computing platforms from compromising emanations and preventing your transmissions from being captured. Certification and Accreditation; Compliance & Business Continuity Planning Given the accelerated schedules under which systems are fielded in the public and private sectors, ensuring security requirements are adequately met and that the organization recognizes the inherent residual risks is the business of the Certification and Accreditation processes. This session will present the main steps in this life cycle process. In order to recover from a major disaster or from temporary outages, it is essential to understand the criticality of the organization’s systems and services. From there assigning recovery strategies provides the basis for a contingency plan. In this session you will learn of the importance of the C&A Process, the impact of meeting compliancy requirements, and the value of a good Business Continuity Plan. ITS Forensics You have detected a security incident. How do you proceed? This session describes how to install the framework that should be in place before incidents occur. In addition, an outline of what the “Incident Handling Team” should do throughout this process. Some of the essential tools of the trade will be demonstrated. Intro to ITSG-33 Information Technology Security Guidance-33 (ITSG-33) is a new security guidance document from CESC and TBS that aims to standardize Certification and Accreditation (now called Security Assessment & Authorization) across government and to provide common taxonomy of security controls. This session will introduce this document and how it can help ease development and security of our infrastructure and systems. Biometrics This session will encompass the history of biometrics, how the devices work, issues that must be taken into consideration and some examples of implementation. ITS Training Options This session describes various additional IT Security training options addressing technical, managerial, operational or more general security training purposes. Case Study Course participants will be divided into syndicates and given a case to examine before the fictional system can be installed. During these syndicate sessions you have the opportunity to put into practice what you have learned. You will gain insight from others within your syndicate, be exposed to other viewpoints and where/if necessary receive guidance from the syndicate advisors.