Cyril Onwubiko Networking and Communications Group ncg.kingston.ac.

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cyril Onwubiko Networking and Communications Group http://ncg. ncg.kingston.ac."

Transcription

1 Cyril Onwubiko Networking and Communications Group ncg.kingston.ac..ac.uk (0)

2 Security Threats & Vulnerabilities in assets are two most fundamental challenges Characterised as being Unavoidable present in most assets Evolving freshly identified (Day-Zero attacks) Increasing growing incidents Increased risk of network attack Technical models without proper evaluation Existing Classification models not comprehensive Impact leading to huge financial losses Cost an issue for Small to Mid-size

3 Threats Ranking Deliberate Software threats viruses & worms Unauthorised Access growing incidents Theft of hardware Mobile and laptop Theft of Proprietary Information According to CSI/FBI 11 th Annual Computer Crime & Security Survey of 2006 Threats exploit vulnerabilities to harm systems Code Red Incident - Exploited (buffer overflow) in MS DLL vulnerability to infect systems MSBlast,, Slammer, Sasser As attack agent to DoS and DDoS

4 Comparison in Security Management Faculty of Computing, Information Systems and Mathematics Technical Solutions Direction Use of security mechanisms without proper evaluation E.g. Firewalls, IDS, local virus detection Weakness Each organisation requires unique security measures Different countermeasures maybe required Security Concepts & Relationships Comprehensive Framework for security evaluation Advantage Better requirement : able to Identify valuable assets, vulnerabilities in classified assets, & threats adequate response : able to recommend multiple countermeasures across a network. However this approach has been stipulated by The CC (Common Criteria) ISO/IEC 15408, but their model is limited in perspective.

5 What is required is a security management framework for SME that assists in identifying valuable assets for the SME vulnerabilities in classified assets threat agents that give rise to threats threats that exploit vulnerabilities associated risks due to threats & Vulnerabilities. appropriate mix of countermeasures to threats & vulnerabilities

6 Proposal: Security Concepts & Relationships Framework Faculty of Computing, Information Systems and Mathematics Owners wish to minimise value impose Countermeasures to mitigate be aware of to mitigate Vulnerabilities exist in Threat agents give rise to exploit Threats increase likelihood of Risks increase likelihood of cause harm to wish to abuse and/or cause harm Assets Security Concepts and Relationships Framework

7 Framework Descriptors Faculty of Computing, Information Systems and Mathematics Owners : SMEs that own assets. Assets : Systems, infrastructures, programs, information, or data owned by SMEs. Vulnerabilities : Flaws in assets, or the absence of controls that could lead to a security breach when exploited by threats. Threat agents : Entities with the capability to impose threats to assets. Threats : Entities that exploit vulnerabilities in assets to cause harm or predispose assets to harm. Risks : The Likelihood that assets may be compromise due to threats or vulnerabilities. Countermeasures: Preventive and mitigation controls

8 Asset Classification Model Faculty of Computing, Information Systems and Mathematics Minor Major Critical Information classified as very sensitive and confidential Failures leading to Huge Financial Losses Failure affects multiple parts of the network at the same time; POPs or multiple POPs Information classified as confidential Failures leading to Huge Financial Losses Failure affects part of the network Information classified as personal Failures leading to Minimal financial Losses Failure affects a single user 3-tier Asset classification model

9 Threat Propagation Dynamics Faculty of Computing, Information Systems and Mathematics Attack Timeline Initial Phase Second Phase Last Phase F(t) Probing stage Penetration stage Perpetuation stage Threat propagation based on Attack Timeline

10 Threat Propagation Descriptors Faculty of Computing, Information Systems and Mathematics Probing Stage: Reconnaissance - information gathering and network mapping Eg = Port scan, social engineering deception Penetration Stage: Unauthorised access - threat bypasses access control mechanisms to breach system Denial of Service threat does not require authorised access to invade system Eg = brute force attacks, dictionary attacks, DoS and DDoS

11 Descriptors to Threat Propagation Faculty of Computing, Information Systems and Mathematics Perpetuation Stage: Disclosure of information & data when threat intent is to breach confidentiality of system Manipulation of data intent is to alter assets Destruction of system intent is to destroy asset Clean-up attacker removes traces of footprint to prevent forensic investigate and litigation Eg = Intrusions, deliberate software agents, rootkits

12 1 Two fundamental Threat Categories: Natural Phenomena Human Action Network Error software bugs & hardware caveats Deliberate Software viruses and worms Natural Disasters wildfire, flooding, earthquakes and tidal waves Tsunami Cyber-threats terrorism, political warfare Insiders threats disgruntled employee

13 2 Human-made Faults Category Intentional Unintentional Motive Non-malicious Malicious Non-malicious Intent Non-deliberate Deliberate Deliberate Non-deliberate Deliberate Capability Acc. Incomp. Acc. Incomp. N/A Acc. Incomp. Acc. Incomp. KEY:Acc. -Accidental; Incomp. Incompetence; N/A Not Applicable Adapted from Avizienis et.al. [ Basic Concepts and Taxonomy of Dependable and Secure Computing, IEEE Transactions on Dependable and Secure Computing, Vol. 1, NO. 1, January-March 2004, pp ]

14 3 Network Error: Caused by unintentional, non-deliberate, non-malicious, accidental human actions. Example: faulty system designs Deliberate Software: Caused by intentional, malicious, deliberate human actions.. Example: viruses and computer worms Natural Disasters: Caused by natural, accidental phenomena.. Example: wildfire, flooding, earthquakes and tidal waves Tsunami Cyber-threats threats: Caused by intentional, malicious, deliberate human actions.. Example: terrorism, political warfare Insiders threats: Caused by intentional, malicious, deliberate human actions.. Example: disgruntled employee

15 Proposed is a process/model based approach to managing security for Small, Medium and Enterprise (SME). To mitigate vulnerabilities & threats a requirement is to implement adequate countermeasures. But adequate countermeasures are attainable through models that assists to: Identify what needs to be protected, what they should be protected against, and how best to protect them, including associated risks This leads to recommending adequate Responses Most SMEs focus on Technical controls without properly evaluating needs and requirements. This leads to implementation of controls that are Isolated, less efficient and uncoordinated.

16 +44 (0)

Data Management & Protection: Common Definitions

Data Management & Protection: Common Definitions Data Management & Protection: Common Definitions Document Version: 5.5 Effective Date: April 4, 2007 Original Issue Date: April 4, 2007 Most Recent Revision Date: November 29, 2011 Responsible: Alan Levy,

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

UF Risk IT Assessment Guidelines

UF Risk IT Assessment Guidelines Who Should Read This All risk assessment participants should read this document, most importantly, unit administration and IT workers. A robust risk assessment includes evaluation by all sectors of an

More information

Incident Reporting Guidelines for Constituents (Public)

Incident Reporting Guidelines for Constituents (Public) Incident Reporting Guidelines for Constituents (Public) Version 3.0-2016.01.19 (Final) Procedure (PRO 301) Department: GOVCERT.LU Classification: PUBLIC Contents 1 Introduction 3 1.1 Overview.................................................

More information

RUTGERS POLICY. Section Title: Legacy UMDNJ policies associated with Information Technology

RUTGERS POLICY. Section Title: Legacy UMDNJ policies associated with Information Technology RUTGERS POLICY Section: 70.2.20 Section Title: Legacy UMDNJ policies associated with Information Technology Policy Name: Information Security: Incident Management Formerly Book: 95-01-09-02:00 Approval

More information

INFORMATION TECHNOLOGY SECURITY STANDARDS

INFORMATION TECHNOLOGY SECURITY STANDARDS INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL

More information

Incident Categories (Public) Version 3.0-2016.01.19 (Final)

Incident Categories (Public) Version 3.0-2016.01.19 (Final) Incident Categories (Public) Version 3.0-2016.01.19 (Final) Procedures (PRO 303) Department: GOVCERT.LU Classification: PUBLIC Contents 1 Introduction 3 1.1 Overview.................................................

More information

Vulnerability Assessment: Towards an Integrated Security Infrastructure

Vulnerability Assessment: Towards an Integrated Security Infrastructure Vulnerability Assessment: Towards an Integrated Security Infrastructure C. Onwubiko and A. P. Lenaghan Networking and Communications Group, Kingston University Penrhyn Road, Kingston Upon Thames, KT1 2EE,

More information

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1 Threats and Attacks Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to:

More information

Penetration Testing. Presented by

Penetration Testing. Presented by Penetration Testing Presented by Roadmap Introduction to Pen Testing Types of Pen Testing Approach and Methodology Side Effects Demonstration Questions Introduction and Fundamentals Penetration Testing

More information

Guidelines 1 on Information Technology Security

Guidelines 1 on Information Technology Security Guidelines 1 on Information Technology Security Introduction The State Bank of Pakistan recognizes that financial industry is built around the sanctity of the financial transactions. Owing to the critical

More information

INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS

INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS Effective Date June 9, 2014 INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS OF THE HELLER SCHOOL FOR SOCIAL POLICY AND MANAGEMENT Table of Contents 1.

More information

ISO27001 Controls and Objectives

ISO27001 Controls and Objectives Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the

More information

Rulebook on Information Security Incident Management General Provisions Article 1

Rulebook on Information Security Incident Management General Provisions Article 1 Pursuant to Article 38 of the Law on State Administration (Official Gazette of the Republic of Montenegro 38/03 from 27 June 2003, 22/08 from 02 April 2008, 42/11 from 15 August 2011), The Ministry for

More information

Please note this policy is mandatory and staff are required to adhere to the content

Please note this policy is mandatory and staff are required to adhere to the content Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the

More information

Managing internet security

Managing internet security Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

Certified Ethical Hacker (CEH)

Certified Ethical Hacker (CEH) Certified Ethical Hacker (CEH) Course Number: CEH Length: 5 Day(s) Certification Exam This course will help you prepare for the following exams: Exam 312 50: Certified Ethical Hacker Course Overview The

More information

Incident Object Description and Exchange Format

Incident Object Description and Exchange Format Incident Object Description and Exchange Format TF-CSIRT at TERENA IODEF Editorial Group Jimmy Arvidsson Andrew Cormack Yuri Demchenko

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

Incident categories. Version 2.0-04.02.2013 (final version) Procedure (PRO 303)

Incident categories. Version 2.0-04.02.2013 (final version) Procedure (PRO 303) Version 2.0-04.02.2013 (final version) Procedure (PRO 303) Classification: PUBLIC / Department: GOVCERT.LU Table Contents Table Contents... 2 1 Introduction... 3 1.1 Overview... 3 1.2 Purpose... 3 1.3

More information

IY2760/CS3760: Part 6. IY2760: Part 6

IY2760/CS3760: Part 6. IY2760: Part 6 IY2760/CS3760: Part 6 In this part of the course we give a general introduction to network security. We introduce widely used security-specific concepts and terminology. This discussion is based primarily

More information

Cybersecurity for the C-Level

Cybersecurity for the C-Level Cybersecurity for the C-Level Director Glossary of Defined Cybersecurity Terms A Active Attack An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources,

More information

white SECURITY TESTING WHITE PAPER

white SECURITY TESTING WHITE PAPER white SECURITY TESTING WHITE PAPER Contents: Introduction...3 The Need for Security Testing...4 Security Scorecards...5 Test Approach... 11 Framework... 16 Project Initiation Process... 17 Conclusion...

More information

Data Security Incident Response Plan. [Insert Organization Name]

Data Security Incident Response Plan. [Insert Organization Name] Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

Information Security Baseline (minimal measures)

Information Security Baseline (minimal measures) Information Security Baseline (minimal measures) 1 Version management Version 0.1 9 September 2013 1st draft Version 0.2 23 September 2013 2nd draft after review by Erik Adriaens Version 0.3 8 October

More information

Third Party Security Requirements Policy

Third Party Security Requirements Policy Overview This policy sets out the requirements expected of third parties to effectively protect BBC information. Audience Owner Contacts This policy applies to all third parties and staff, including contractors,

More information

Incident Response Plan for PCI-DSS Compliance

Incident Response Plan for PCI-DSS Compliance Incident Response Plan for PCI-DSS Compliance City of Monroe, Georgia Information Technology Division Finance Department I. Policy The City of Monroe Information Technology Administrator is responsible

More information

UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE

UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE Originator Patch Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Recommended by Director

More information

Risk Management Guide for Information Technology Systems. NIST SP800-30 Overview

Risk Management Guide for Information Technology Systems. NIST SP800-30 Overview Risk Management Guide for Information Technology Systems NIST SP800-30 Overview 1 Risk Management Process that allows IT managers to balance operational and economic costs of protective measures and achieve

More information

Managing IT Security with Penetration Testing

Managing IT Security with Penetration Testing Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information

The Leading Provider of Endpoint Security Solutions

The Leading Provider of Endpoint Security Solutions The Leading Provider of Endpoint Security Solutions Innovative Policies to Defend Against Next-Generation Threats Conrad Herrmann CTO and Co-Founder Zone Labs, Inc. Network Security Is an Uphill Battle

More information

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How Network Security Is Breached Network Security Policy

More information

93% of large organisations and 76% of small businesses

93% of large organisations and 76% of small businesses innersecurity INFORMATION SECURITY Information Security Services 93% of large organisations and 76% of small businesses suffered security breaches in the last year. * Cyber attackers were the main cause.

More information

Mitigating and managing cyber risk: ten issues to consider

Mitigating and managing cyber risk: ten issues to consider Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control Requirements Cyber Security For Suppliers Categorised as High Cyber Risk Cyber Security Requirement Description Why this is important 1. Asset Protection and System Configuration

More information

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure Bendigo and Adelaide Bank Ltd Security Incident Response Procedure Table of Contents 1 Introduction...1 2 Incident Definition...2 3 Incident Classification...2 4 How to Respond to a Security Incident...4

More information

Iowa Health Information Network (IHIN) Security Incident Response Plan

Iowa Health Information Network (IHIN) Security Incident Response Plan Iowa Health Information Network (IHIN) Security Incident Response Plan I. Scope This plan identifies the responsible parties and action steps to be taken in response to Security Incidents. IHIN Security

More information

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2) Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2) Course number: CFED Length: 5 days Certification Exam This course will help you prepare for the following exams: CCE --

More information

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15. NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities

More information

ISO 27001 Controls and Objectives

ISO 27001 Controls and Objectives ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements

More information

Information Security Incident Management Guidelines

Information Security Incident Management Guidelines Information Security Incident Management Guidelines INFORMATION TECHNOLOGY SECURITY SERVICES http://safecomputing.umich.edu Version #1.0, June 21, 2006 Copyright 2006 by The Regents of The University of

More information

Information and Communication Technology. Information Security Policy

Information and Communication Technology. Information Security Policy BELA-BELA LOCAL MUNICIPALITY - - Chris Hani Drive, Bela- Bela, Limpopo. Private Bag x 1609 - BELA-BELA 0480 - Tel: 014 736 8000 Fax: 014 736 3288 - Website: www.belabela.gov.za - - OFFICE OF THE MUNICIPAL

More information

GETTING PHYSICAL WITH NETWORK SECURITY WHITE PAPER

GETTING PHYSICAL WITH NETWORK SECURITY WHITE PAPER GETTING PHYSICAL WITH NETWORK SECURITY WHITE PAPER Molex Premise Networks EXECUTIVE SUMMARY This article discusses IT security, which is a well documented and widely discussed issue. However, despite the

More information

The Cyber Threat Profiler

The Cyber Threat Profiler Whitepaper The Cyber Threat Profiler Good Intelligence is essential to efficient system protection INTRODUCTION As the world becomes more dependent on cyber connectivity, the volume of cyber attacks are

More information

CSC 474 Information Systems Security

CSC 474 Information Systems Security CSC 474 Information Systems Security Introduction About Instructor Dr. Peng Ning, assistant professor of computer science http://www.csc.ncsu.edu/faculty/ning pning@ncsu.edu (919)513-4457 Office: Room

More information

Research Imperatives

Research Imperatives Research Imperatives Areas of Research Needed in Information Security Julie J.C.H. Ryan, D.Sc. Assistant Professor The George Washington University What We Know Technology Fabulous research going on in

More information

AUDITOR GENERAL S REPORT. Protection of Critical Infrastructure Control Systems. Report 5 August 2005

AUDITOR GENERAL S REPORT. Protection of Critical Infrastructure Control Systems. Report 5 August 2005 AUDITOR GENERAL S REPORT Protection of Critical Infrastructure Control Systems Report 5 August 2005 Serving the Public Interest Serving the Public Interest THE SPEAKER LEGISLATIVE ASSEMBLY THE PRESIDENT

More information

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs EXECUTIVE SUMMARY Supervisory Control and Data Acquisition (SCADA) systems are used for remote

More information

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

REGULATIONS FOR THE SECURITY OF INTERNET BANKING REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY

More information

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.

More information

Penetration Testing Service. By Comsec Information Security Consulting

Penetration Testing Service. By Comsec Information Security Consulting Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your

More information

UMHLABUYALINGANA MUNICIPALITY ANTIVIRUS MANAGEMENT POLICY

UMHLABUYALINGANA MUNICIPALITY ANTIVIRUS MANAGEMENT POLICY UMHLABUYALINGANA MUNICIPALITY ANTIVIRUS MANAGEMENT POLICY Antivirus Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator Recommended by Director

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

Nine Steps to Smart Security for Small Businesses

Nine Steps to Smart Security for Small Businesses Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...

More information

Cyber Essentials Scheme

Cyber Essentials Scheme Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these

More information

Environmental Management Consolidated Business Center (EMCBC) Subject: Cyber Security Incident Response

Environmental Management Consolidated Business Center (EMCBC) Subject: Cyber Security Incident Response Date 06/10/10 Environmental Management Consolidated Business Center (EMCBC) Subject: Cyber Security Incident Response 1.0 PURPOSE Implementing Procedure APPROVED: (Signature on File) EMCBC Director ISSUED

More information

Information Technology Cyber Security Policy

Information Technology Cyber Security Policy Information Technology Cyber Security Policy (Insert Name of Organization) SAMPLE TEMPLATE Organizations are encouraged to develop their own policy and procedures from the information enclosed. Please

More information

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4

More information

Privacy & Security: Fundamentals of a Security Risk Analysis. Preparing for Meaningful Use Measure 15

Privacy & Security: Fundamentals of a Security Risk Analysis. Preparing for Meaningful Use Measure 15 Privacy & Security: Fundamentals of a Security Risk Analysis Preparing for Meaningful Use Measure 15 1/18/2012 Why Are We Here? Privacy and Security is a priority for ONC Consistency among Regional Extension

More information

QUANTITATIVE MODEL FOR INFORMATION SECURITY RISK MANAGEMENT

QUANTITATIVE MODEL FOR INFORMATION SECURITY RISK MANAGEMENT QUANTITATIVE MODEL FOR INFORMATION SECURITY RISK MANAGEMENT Rok Bojanc ZZI d.o.o. rok.bojanc@zzi.si Abstract: The paper presents a mathematical model to improve our knowledge of information security and

More information

Issue 1.0. UoG/ILS/IS 001. Information Security and Assurance Policy. Information Security and Compliance Manager

Issue 1.0. UoG/ILS/IS 001. Information Security and Assurance Policy. Information Security and Compliance Manager Document Reference Number Date Title Author Owning Department Version Approval Date Review Date Approving Body UoG/ILS/IS 001 January 2016 Information Security and Assurance Policy Information Security

More information

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA SITA Information Security SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA September, 2012 Contents 1. Introduction... 3 1.1 Overview...

More information

Information Security: Business Assurance Guidelines

Information Security: Business Assurance Guidelines Information Security: Business Assurance Guidelines The DTI drives our ambition of prosperity for all by working to create the best environment for business success in the UK. We help people and companies

More information

Cyber Security. John Leek Chief Strategist

Cyber Security. John Leek Chief Strategist Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity

More information

CSI/FBI 2000 COMPUTER CRIME AND SECURITY SURVEY

CSI/FBI 2000 COMPUTER CRIME AND SECURITY SURVEY CSI/FBI 00 COMPUTER CRIME AND SECURITY SURVEY Statement of intent This survey was conducted by the Computer Security Institute (CSI) in association with the San Francisco Computer Crime Squad of the Federal

More information

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network

WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Executive Summary Wireless

More information

Threat Management: Incident Handling. Incident Response Plan

Threat Management: Incident Handling. Incident Response Plan In order to meet the requirements of VCCS Security Standards 13.1 Reporting Information Security Events, and 13.2 Management of Information Security Incidents, SVCC drafted an (IRP). Incident handling

More information

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.

More information

CompTIA Security+ (Exam SY0-410)

CompTIA Security+ (Exam SY0-410) CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Austin Peay State University

Austin Peay State University 1 Austin Peay State University Identity Theft Operating Standards (APSUITOS) I. PROGRAM ADOPTION Austin Peay State University establishes Identity Theft Operating Standards pursuant to the Federal Trade

More information

The Influence of Software Vulnerabilities on Business Risks 1

The Influence of Software Vulnerabilities on Business Risks 1 The Influence of Software Vulnerabilities on Business Risks 1 Four sources of risk relevant for evaluating the influence of software vulnerabilities on business risks Authors Hilbrand Kramer, MSc (Royal

More information

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso Cyber Attacks Protecting National Infrastructure Student Edition Edward G. Amoroso ELSEVIER. AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Butterworth-Heinemann

More information

Information Technology Policy

Information Technology Policy ITP Number ITP-SEC024 Category Security Contact RA-ITCentral@pa.gov Information Technology Policy IT Security Incident Policy Effective Date August 2, 2012 Supersedes Scheduled Review Annual 1. Purpose

More information

2012 Data Breach Investigations Report

2012 Data Breach Investigations Report 2012 Data Breach Investigations Report A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting & Information

More information

Identifying Cyber Risks and How they Impact Your Business

Identifying Cyber Risks and How they Impact Your Business 10 December, 2014 Identifying Cyber Risks and How they Impact Your Business David Bateman, Partner, K&L Gates, Seattle Sasi-Kanth Mallela, Special Counsel, K&L Gates, London Copyright 2013 by K&L Gates

More information

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013 Cyber Security and Information Assurance Controls Prevention and Reaction 1 About Enterprise Risk Management Capabilities Cyber Security Risk Management Information Assurance Strategic Governance Regulatory

More information

Emerging Security Technological Threats

Emerging Security Technological Threats Emerging Security Technological Threats Jamie Gillespie Training and Education Team Leader, AusCERT About AusCERT Australia s national CERT Collect, monitor, advise on threats and vulnerabilities Incident

More information

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun CSCI 454/554 Computer and Network Security Instructor: Dr. Kun Sun About Instructor Dr. Kun Sun, Assistant Professor of Computer Science http://www.cs.wm.edu/~ksun/ Phone: (757) 221-3457 Email: ksun@wm.edu

More information

So the security measures you put in place should seek to ensure that:

So the security measures you put in place should seek to ensure that: Guidelines This guideline offers an overview of what the Data Protection Act requires in terms of information security and aims to help you decide how to manage the security of the personal data you hold.

More information

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery Disaster Recovery 1.1 Introduction Every day, there is the chance that some sort of business interruption, crisis, disaster, or emergency will occur. Anything that prevents access to key processes and

More information

Zero-Day and Less-Than-Zero-Day Vulnerabilities and Exploits in Networked Infrastructures 1

Zero-Day and Less-Than-Zero-Day Vulnerabilities and Exploits in Networked Infrastructures 1 Zero-Day and Less-Than-Zero-Day Vulnerabilities and Exploits in Networked Infrastructures 1 Hartmut Pohl All computers are at risk from security vulnerabilities that are generally unknown to the user and

More information

Chapter 4 Information Security Program Development

Chapter 4 Information Security Program Development Chapter 4 Information Security Program Development Introduction Formal adherence to detailed security standards for electronic information processing systems is necessary for industry and government survival.

More information

University of Liverpool

University of Liverpool University of Liverpool Information Security Incident Response Policy Reference Number Title CSD-012 Information Security Incident Response Policy Version Number 1.2 Document Status Document Classification

More information

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Framework

More information

Information Security Services

Information Security Services Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual

More information

IQware's Approach to Software and IT security Issues

IQware's Approach to Software and IT security Issues IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.

More information

Information Security Incident Response Policy & Procedures

Information Security Incident Response Policy & Procedures Information Security Incident Response Policy & Procedures DATE ESTABLISHED BY GOVERNING BODY: Summer 2015 DATE FOR REVIEW: Summer 2018 www.dorothy-stringer.co.uk INFORMATION SECURITY INCIDENT RESPONSE

More information

Minnesota State Colleges and Universities System Procedures Chapter 5 Administration

Minnesota State Colleges and Universities System Procedures Chapter 5 Administration Minnesota State Colleges and Universities System Procedures Chapter 5 Administration Vulnerability Scanning Part 1. Purpose. Subpart A. This guideline establishes the minimum technical standards for vulnerability

More information

Security Issues with Integrated Smart Buildings

Security Issues with Integrated Smart Buildings Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern

More information

Type Threats Origin. Destruction of equipment or media. Dust, corrosion, freezing. Climatic phenomenon. Seismic phenomenon. Volcanic phenomenon

Type Threats Origin. Destruction of equipment or media. Dust, corrosion, freezing. Climatic phenomenon. Seismic phenomenon. Volcanic phenomenon nnex C (informative) xamples of typical threats The following table gives examples of typical threats. The list can be used during the threat assessment process. Threats may be deliberate, accidental or

More information

Information Security Incident Management Policy and Procedure

Information Security Incident Management Policy and Procedure Information Security Incident Management Policy and Procedure Version Final 1.0 Document Control Organisation Title Author Filename Owner Subject Protective Marking North Dorset District Council IT Infrastructure

More information

Common Cyber Threats. Common cyber threats include:

Common Cyber Threats. Common cyber threats include: Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...

More information

Survey: Endpoint Security Concerns 2014 The issues keeping IT admins awake into the New Year

Survey: Endpoint Security Concerns 2014 The issues keeping IT admins awake into the New Year Survey: Endpoint Security Concerns 2014 The issues keeping IT admins awake into the New Year Intro 2014 has created uncertainty for those in charge of IT security. Not only is the threat landscape advancing

More information

Security Risk Management - Approaches and Methodology

Security Risk Management - Approaches and Methodology 228 Informatica Economică vol. 15, no. 1/2011 Security Risk Management - Approaches and Methodology Elena Ramona STROIE, Alina Cristina RUSU Academy of Economic Studies, Bucharest, Romania ramona.stroie@gmail.com,

More information

INFORMATION SECURITY POLICY DOCUMENT. The contents of this document are classified as DC 1 Private information

INFORMATION SECURITY POLICY DOCUMENT. The contents of this document are classified as DC 1 Private information 6 th Floor, Tower A, 1 CyberCity, Ebene, Mauritius T + 230 403 6000 F + 230 403 6060 E ReachUs@abaxservices.com INFORMATION SECURITY POLICY DOCUMENT Information Security Policy Document Page 2 of 15 Introduction

More information