Leadership et Gouvernance Cap sur la création de valeur
|
|
- Wilfred Lamb
- 8 years ago
- Views:
Transcription
1 Leadership et Gouvernance Cap sur la création de valeur Telindus Trend Day , November 24th Cédric Mauny, Technology Leader, CISM, CISSP, ITIL, ISO27001 Security, Audit and Governance Services A Telindus Security department Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 1
2 Agenda Les nouveaux usages sous-tendent de nouveaux challenges pour l entreprise Comment les nouveaux besoins influencent-ils la manière dont seront délivrés les services IT? Comment s'assurer que les risques sont maîtrisés quand une majorité des systèmes, services et utilisateurs ne sont plus sous le contrôle direct et exclusif de l'entreprise? Comment intégrer les contraintes de l'entreprise dans la gouvernance sécurité de demain? Créer de la valeur métier pour soutenir la stratégie et les objectifs de l'entreprise La gouvernance en sécurité de l information Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 2
3 Agenda World has changed Era of Information Era of Risk Era of Information Security and Governance Bring Your Own Device Era of Value Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 3
4 World has changed Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 4 9/11/2013
5 World has changed Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 5
6 World has changed Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 6
7 World has changed Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 7
8 World has changed Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 8
9 World has changed Cisco Connected World Technology Report 2011 How College students and young professionals attitudes with social medias will influence job decisions, hiring and work-life balance Y-Generation Social media access / device freedom > money Some figures 66% asks about social media policies during job interviews 56% will not accept a job from a company that bans social media (or will circumvent the policy) 80% wants to choose the device for their jobs 71% thinks corporate devices should be used for social media / pers. use 63% of students want to access to corporate information and networks from home computers Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 9
10 World has changed Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 10
11 Era of Information Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 11 9/11/2013
12 Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 12
13 Era of Information World is changing quickly Use of information Access to information Value of information Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 13
14 Era of Information Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 14
15 Era of Information Any 3 Economy Anywhere, Anyhow, Anytime here & without constraints & now Mobility Connectivity BYOD Any 3 Security? Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 15
16 Era of Information Globalisation of the threats Internet does not have borderies Malicious insiders External attackers Cyberwar APT Spear attacks Theft of personal data, passwords, Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 16
17 Era of Information Globalisation of the threats need for a global securization approach Human security / user awareness Logical security Network and telecommunications security Information systems security Application security Physical security Principles + Policies + Technologies + Coordination Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 17
18 Era of Risk Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 18 9/11/2013
19 Nos entreprises doivent devenir des maisons de verre, avec tout ce que cela comporte comme opportunités de collaboration et de partage mais aussi tous les risques correspondants Maurice Levy, Président du Groupe Publicis Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 19 9/11/2013
20 Era of Risk Information systems are more and more critical increase of value complex increase of components connected and interconnected increase of interfaces used increase of number of users vulnerable Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 20
21 Manage risks is the key Manage risks To be pragmatic To efficiently and effectively protect assets Cost benefit Not too much Not too less Prioritisation Risks influence use of the information systems Enterprise risk management is influenced by risks against information systems Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 21
22 To know risks and assess risk profile Management of risks should not be based on prevision based on past events Anticipate consequences based on scenarios of risks Information needs to be protected commensurately value / impact their compromise poses to the organization Increasing legal and regulatory context Failure of an organization s security measures can have a direct impact on an organization s business and reputation Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 22
23 To want to manage risks Security is no longer an option Culture of enterprise Reluctance to change Risk management activities to be supported by Upper-Management to be integrated into every project IT and not IT-related Because information is everywhere Consider the security at the beginning Legal and Regulatory environment as incentive Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 23
24 To be able to manage risks Resources Budget TCO Time Timelines / deadlines Windows of opportunity Capabilities Expertise Skills Manage incidents Capability of detection and response to events and incidents Costs ROI / ROSI Cost-benefit approach Risk vs Cost of protection Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 24
25 Era of Information Security and Governance Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 25 9/11/2013
26 IT Security vs Information Security IT Security Ensure Confidentiality, Integrity and Availability of information systems Information Security Ensure Confidentiality, Integrity and Availability of everything that manage information Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 26
27 Information Security Governance Information Security Governance Information Security Governance Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 27
28 Relationship with other Governance models Several governance models exist within an organization Importance of alignment with business objectives Make the Information Security Governance as integrated part of the Enterprise Governance Enterprise Governance Financial Governance IT Governance IS Governance Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 28
29 Information Security Governance Information Security Governance is the link between Board of Directors Executive Management Teams responsible for implementing and operating the security provides the mandate essential for driving information security initiatives throughout the organization defines the set of responsibilities and practices exercised by the Board of Directors and Executive Management in relation to information security ensures the Board of Directors receives relevant (business centric) reporting about information security-related activities to enable pertinent and timely decisions about information security issues in support of the strategic objectives of the organization Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 29
30 Tests Rules administration BCP DRP Policies Information Security Governance framework S Requirements Corporate/IT policy IT/Security policy S T T O Usage policy BUSINESS LINE Security needs Information, Systems and Services Policy design O Administration IT/SECURITY LINE Security means, tools and measures Business Impacts analysis Threats preventions/protections Technology/threats watch Intrusion Security policy assessments and audits Risks analysis - Baseline Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 30
31 Information Security Governance framework Information Security Governance framework Business Strategy & Objectives Expectations & Interests Legal & Regulatory & Ethical Strategic alignment Risk management Value delivery Resource management Performance measurement Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 31
32 Information Security Governance framework Information Security Governance framework Provides the basis for the development and management of a cost effective information security program that support organization s business goals Defines activities to provide assurance that information assets are appropriately protected Consider different values, needs and requirements of Stakeholders Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 32
33 Information Security Governance Objectives Align the information security strategy with business strategy / objectives Ensure that information risks are managed appropriately Deliver value to Stakeholders and the Board of Directors Ensures enterprise information resources are used responsibly Monitors information security to ensure the objectives of the organization are achieved Desired outcomes Visibility of the Board of Directors on the information security status Decision-making about information risks Efficient and effective investments on information security Compliance with external requirements Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 33
34 Goals of Information Security Governance framework Strategic alignment The rational for the Information Security Governance Align information security with business strategy to support business objectives Consider enterprise culture, technology and structure of the organization Security investments to be aligned with the strategy (and risk profile) Security objectives should be based on business needs and expectations First to be described in business terms / expectations / requirements Then to be translated into policies, standards, procedures, processes and technologies Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 34
35 Goals of Information Security Governance framework Risk management To define what to protect and how to protect Define, implement and maintain appropriate security measures to mitigate risks and reduce potential impacts of incidents to an acceptable level Organization's threat, vulnerability and risk profile Risk exposure and risk appetite Assign priorities based on potential consequences Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 35
36 Goals of Information Security Governance framework Value delivery The ultimate goal of the Information Security Governance being cost-effective Optimise security investments in support of business objectives Priority to areas with highest business impact and greatest business benefit Optimal when strategic goals for security are achieved + acceptable risk posture is attained + lowest possible cost Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 36
37 Goals of Information Security Governance framework Resource management BYOD is at the heart of this topic Improve the efficiency and effectiveness of business solutions by allocating and controling resources People Process Technology Track security controls back to specific business requirements Resources to be proportionate to risk and potential impact Effective and efficient use information security knowledge Ensure that knowledge is created, available and updated Document processes and practices Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 37
38 Goals of Information Security Governance framework Performance measurement You cannot manage what you cannot measure Monitoring and reporting on information security processes To ensure that objectives are achieved Metrics / KPIs To be aligned with strategic objectives To be meaningful To provide the information needed for effective decisions To target the appropriate audience Independent assurance by internal / external assessments and audits Continous improvement Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 38
39 Principles of Information Security Governance framework Principles of Governance of information security Accepted rules for governance action or conduct Meeting the needs and expectations of Stakeholders Delivering value to each of them Provide a good foundation for the implementation of governance activities Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 39
40 Principles of Information Security Governance framework Establish organization-wide security Adopt a risk-based approach Set the direction of investment decisions Ensure conformance with internal and external requirements Foster a security-positive environment Review performance in relation to business outcomes Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 40
41 Principles of Information Security Governance framework Principle 1: Establish organization-wide security Take into account business, information security and appropriate IT perspectives Convergence physical security / logical security Consider storage and transfer to/by external parties Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 41
42 Principles of Information Security Governance framework Principle 2: Adopt a risk-based approach Integrate and make consistent the information security risk management approach with the organization s overall risk management approach Acceptable level of risk to be defined and accepted Determine the sufficient level of security Based on the risk appetite Consider loss of competitive advantage, compliance and liability risks, operational disruptions, reputational harm, financial loss, Allocate appropriately resources to implement agreed risk management strategy Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 42
43 Principles of Information Security Governance framework Principle 3: Set the direction of investment decisions Strategy of security investments to be based on achieving business outcomes To meet the needs of Stakeholders Map business requirements with security requirements Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 43
44 Principles of Information Security Governance framework Principle 4: Ensure conformance with internal and external requirements Policies and practices (mandatory) Legislation and regulations Independent security audits as support Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 44
45 Principles of Information Security Governance framework Principle 5: Foster a security-positive environment Information security is a people problem Security-positive environment to be built upon human behavior Coordinate Stakeholders activities to achieve a coherent direction for information security Security education, training and awareness programs Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 45
46 Principles of Information Security Governance framework Principle 6: Review performance in relation to business outcomes Ensure that the approach taken to protect information is convenient to the organization Maintain security performance at levels required to meet current and future business requirements Quality of service Performance of information security to be evaluated in regard of business impact Link information security performance to business performance Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 46
47 Now we have Information Security Governance Requirements Goals Principles Business Strategic alignment Establish organization-wide security Strategy & Objectives Risk management Adopt a risk-based approach Expectations & Interests Value delivery Set the direction of investment decisions Legal & Regulatory & Ethical Resource management Ensure conformance with internal and external requirements Performance measurement Foster a securitypositive environment Review performance in relation to business outcomes Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 47
48 Bring Your Own Device Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 48 9/11/2013
49 BYOD for Bring You Own Device Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 49
50 BYOD > Main concerns PROS CONS Merge private / Enable staff to work corporate life + from anywhere associated legal and regulatory issues Meet employees demands for the most up-to-date device More productive employees by using devices with which they re comfortable Reduce hardware costs Difficult to register, control, manage, update all employee devices (remote-wiping ) Risk management Increase Security risks concerns (malware to the corporate network, theft, ) Require to revoke distant access when no longer applicable Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 50
51 BYOD > Make a choice Tight Control Flexible & Open Anywhere, Anyhow, Anytime at Anycost? at Anyrisk? Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 51
52 BYOD > Main concerns solved Security vs flexibility? 2 ways to deal with this situation 1. Close eyes and leave employees doing 2. Forbid BYOD initiative from employees Best way is to balance the two above Control usage instead of blocking it Policy to address and mitigate risks Define with HRD new behaviour standards Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 52
53 New use brings new challenges Information value Security needs and issues Risk posture Compliance requirements Information Security Governance Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 53
54 BYOD Consumerization of IT / BYOD Brings numerous financial and technological advantages for organizations Introduces additional risk management and security concerns ipad (2010?) has quickly accelerated the era of BYOD BYOD is close to the mobility topic BYOD and Mobility changed habits of users habits of companies security and risk posture of companies Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 54
55 BYOD and Mobility changed the habits of users Merge private / work life 24/7 connected to the workplace Europeans citizens have specific approach to the work/life balance issue Country-specific legal and regulatory issues make BYOP complicated to implement Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 55
56 BYOD and Mobility changed the habits of companies Challenges in supporting your mobile workforce? Cost (41%) Managing mobile devices (37%) Corporate network security (31%) Protecting corporate data on devices (29%) Ensuring compliance (11%) Growth of ipad and Android comes with increase of these challenges N=136 IDC EMEA Enterprise Mobility Bi-Annual Survey 2011 Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 56
57 BYOD and Mobility changed the habits of companies Enterprise Mobility is a hot topic Development, deployment and use of mobile apps Business interest in mobility is high Companies have to deal with mobility governance Best practices for managing mobility risks Mobile policy IT needs a support for managing mobile devices and for managing added security risks associated with these devices and associated ecosystems Involve HRD Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 57
58 BYOD and Mobility changed the security and risk posture of companies Need for new approach to mobile security to address risk management requirements Mobile device management Application management Mobile security Compliance & Regulation Regulation influences / governs use of professional information on mobile devices Data protection Privacy Use and protection to be based on risk management decisions Company sensitive data stored onto personal device Who is responsible for their protection? Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 58
59 Security professional point of view on BYOD and associated risks 2011 ISACA Shopping on the Job Survey Online Holiday Shopping and BYOD Security (October 2011) Most risked activity An employee loses/misplaces a work-supplied computer or smartphone (66%) What about risks on BYOD? 30% 21% 50% Legend Benefits outweigh risks Risks outweigh benefits Risk and benefits are appropriately balanced Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 59
60 Adopting a BYOD Strategy for Mobile Devices 1. The user has the final word on what happens on the mobile device Users can modify the configuration, applications and technical controls on the device itself 2. Update policies and standards to incorporate BYOD specificities Guidance on how a company expects users to operate and behave when connecting and interacting with Corporate network and systems 3. Certify mobile devices and associated capabilities for Corporate use Test and certify mobile devices, OS and apps for their ability to meet an organization s information risk management and security capabilities Communicate an alternative list of popular mobile devices, operating systems and applications which evaluated but not certified Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 60
61 Adopting a BYOD Strategy for Mobile Devices 4. Limit access for employee-owned mobile devices compared to corporateissued and -managed mobile devices Limit the access of users using personal mobile devices only to low-risk activities , employee directories, internal web browsing, Issue corporate-owned and -managed mobile devices to individuals who have business needs to access sensitive data or applications 5. Inform and educate users Company s technical security control capabilities User concerns about the level of access and restrictions of organization s technical security controls enabled on their personal devices Consider the local regulations User concerns are about technical controls on personal mobile devices Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 61
62 Era of Value Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 62 9/11/2013
63 Era of Value Information Security Governance Governance Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 63
64 Era of Value Globalisation of the threats need for a global securization approach Rise of cybercrime and threats to organization s critical information assets mandates an effective information security governance strategy to enable secure business operations The use of the information is value creation for the organisation Information is the most valuable asset of the organisation From Risk vs Cost of protection To Cost + Risk vs Value Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 64
65 Era of Value Information Security Governance Develop / align Information Security Strategy and Program with business goals to support business activities by designing an effective organization of Information Security Align information security program activities with business goals and priorities Effectively manage information security risk (ROSI) Optimize resource management by utilizing information security knowledge and infrastructure efficiently and effectively Increase the value of information security activities for your organization New usage brings new risks BYOD Consider a risk management approach for balancing value, use, expectations and risks Y-Generation is coming Need for new approach to mobile security to address risk management requirements Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 65
66 La gouvernance de la sécurité de l information n est pas qu une affaire de moyens et d outils mais bien plus de cohérence, de volonté, de ténacité dans la conduite d un changement annoncé et inéluctable Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 66 9/11/2013
67 Questions & Answers Click to add chapter title Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 67
68 Evaluation forms Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 68
69 Our strategic partners Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 69
70 Thank you for your attention Click to add chapter title Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 70
71 For more information Cédric Mauny (+352) Click to add chapter title Classification: Public Telindus Trend Day 2011 Leadership et Gouvernance - Cap sur la création de valeur 2011, November 24 th Slide 71
ATP Co C pyr y ight 2013 B l B ue C o C at S y S s y tems I nc. All R i R ghts R e R serve v d. 1
ATP 1 LES QUESTIONS QUI DEMANDENT RÉPONSE Qui s est introduit dans notre réseau? Comment s y est-on pris? Quelles données ont été compromises? Est-ce terminé? Cela peut-il se reproduire? 2 ADVANCED THREAT
More informationSecurity Risk Management Strategy in a Mobile and Consumerised World
Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationSytorus Information Security Assessment Overview
Sytorus Information Assessment Overview Contents Contents 2 Section 1: Our Understanding of the challenge 3 1 The Challenge 4 Section 2: IT-CMF 5 2 The IT-CMF 6 Section 3: Information Management (ISM)
More informationEnterprise Risk Management & Board members. GUBERNA Alumni Event June 19 th 2014 Prepared by Gaëtan LEFEVRE
Enterprise Risk Management & Board members GUBERNA Alumni Event June 19 th 2014 Prepared by Gaëtan LEFEVRE Agenda Introduction Do we need Risk Management? The 8 th EU Company Law Directive Art 41, 2b Three
More informationEnabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments
Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments Efficiently and Cost- Effectively Managing Mobility Risks in the Age of IT Consumerization Table of Contents EXECUTIVE
More information10 Smart Ideas for. Keeping Data Safe. From Hackers
0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000
More informationQuel pilote ètes-vous
Quel pilote ètes-vous Mario Andretti Unique Multi-World Champion en Formula 1, Indy Car, World Sportscar, Nascar Copyright 2 3/27/2013 BMC Software, Inc 2 If everything seems under control, you're not
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationBYOD THE SMALL BUSINESS GUIDE TO BRING YOUR OWN DEVICE
BYOD THE SMALL BUSINESS GUIDE TO BRING YOUR OWN DEVICE INTRODUCTION The technological revolution has made us dependent on our mobile devices, whether we re at home, in the office, on the go or anywhere
More informationFeature. Leveraging and Securing the Bring Your Own Device and Technology Approach
Feature Gaurav Priyadarshi, CISA, BS 25999 LI, ISO 27001 LA, ITIL V3, is a senior security consultant at TATA Consultancy Services, a leading IT service company with worldwide experience in the information
More informationSecurity & IT Governance: Strategies to Building a Sustainable Model for Your Organization
Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization Outside View of Increased Regulatory Requirements Regulatory compliance is often seen as sand in the gears requirements
More informationBUSINESS PROCESS OPTIMIZATION. OPTIMIZATION DES PROCESSUS D ENTERPRISE Comment d aborder la qualité en améliorant le processus
BUSINESS PROCESS OPTIMIZATION How to Approach Quality by Improving the Process OPTIMIZATION DES PROCESSUS D ENTERPRISE Comment d aborder la qualité en améliorant le processus Business Diamond / Le losange
More informationInformation security risk management using ISO/IEC 27005:2008
Information security risk management using ISO/IEC 27005:2008 Hervé Cholez / Sébastien Pineau Centre de Recherche Public Henri Tudor herve.cholez@tudor.lu sebastien.pineau@tudor.lu March, 29 th 2011 1
More informationCyber security strategies, services and CyberSOC organizations. How can you deal with cyber-attacks?
Cyber security strategies, services and CyberSOC organizations. How can you deal with cyber-attacks? 1 Thierry Evangelista Marketing Director, Security Services agenda market trends & facts regarding (cyber)threats
More informationPolitique de sécurité de l information Information Security Policy
Politique de sécurité de l information Information Security Policy Adoptée par le Conseil d administration Le 10 novembre 2011 Adopted by the Board of Directors on November 10, 2011 Table of contents FOREWORD
More informationGlobal Corporate IT Security Risks: 2013
Global Corporate IT Security Risks: 2013 May 2013 For Kaspersky Lab, the world s largest private developer of advanced security solutions for home users and corporate IT infrastructures, meeting the needs
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationCourse: Information Security Management in e-governance. Day 1. Session 3: Models and Frameworks for Information Security Management
Course: Information Security Management in e-governance Day 1 Session 3: Models and Frameworks for Information Security Management Agenda Introduction to Enterprise Security framework Overview of security
More informationCYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES
POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response
More informationArchived Content. Contenu archivé
ARCHIVED - Archiving Content ARCHIVÉE - Contenu archivé Archived Content Contenu archivé Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationCyber Security - What Would a Breach Really Mean for your Business?
Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber
More informationHow To Decide If You Should Move To The Cloud
Can security conscious businesses really adopt the Cloud safely? January 2014 1 Phone: 01304 814800 Fax: 01304 814899 info@ Contents Executive overview The varied Cloud security landscape How risk assessment
More informationSun Management Center Change Manager 1.0.1 Release Notes
Sun Management Center Change Manager 1.0.1 Release Notes Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. Part No: 817 0891 10 May 2003 Copyright 2003 Sun Microsystems, Inc. 4150
More informationCIBECS / IDG Connect DATA LOSS SURVEY. The latest statistics and trends around user data protection for business. www.cibecs.
CIBECS / IDG Connect 2014 DATA LOSS SURVEY The latest statistics and trends around user data protection for business. REPORT www.cibecs.com 2 Table of ontents EXECUTIVE 01 02 03 04 05 06 SUMMARY WHO PARTICIPATED
More informationBYOD BEST PRACTICES GUIDE
BYOD BEST PRACTICES GUIDE 866.926.8746 1 www.xantrion.com TABLE OF CONTENTS 1 Changing Expectations about BYOD... 3 2 Mitigating the Risks... 4 2.1 Establish Clear Policies and Expectations... 4 2.2 Create
More informationINDUSTRY PERSPECTIVE
INDUSTRY PERSPECTIVE 1 A Brief Introduction As IT administrators and chief information officers, you face a particular challenge: facilitate the ability for your agency to work remotely, while reducing
More informationA number of factors contribute to the diminished regard for security:
TrendLabs Enterprises cite security as their number one concern with regard to consumerization. During the actual execution of a consumerization strategy, however, IT groups find that the increasing demand
More informationA Guide to MAM and Planning for BYOD Security in the Enterprise
A Guide to MAM and Planning for BYOD Bring your own device (BYOD) can pose a couple different challenges, not only the issue of dealing with security threats, but also how to handle mobile applications.
More informationVoice over IP, or "VoIP" for Voice over IP is a technology that allows to communicate by voice over IP compatible networks, either networks or the
Voice over IP, or "VoIP" for Voice over IP is a technology that allows to communicate by voice over IP compatible networks, either networks or the Internet. Several solutions exist to make VoIP: Some use
More informationThe great debate: Corporate vs. personal liability for smartphones and tablet devices in the workplace
The great debate: Corporate vs. personal liability for smartphones and tablet devices in the workplace Jeff R Fawcett Dell SecureWorks Security Practice Executive M Brandon Swain Dell SecureWorks Security
More informationW H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s
W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s IDC Middle East, Africa, and Turkey, Al Thuraya Tower 1, Level 15, Dubai
More informationDomain 5 Information Security Governance and Risk Management
Domain 5 Information Security Governance and Risk Management Security Frameworks CobiT (Control Objectives for Information and related Technology), developed by Information Systems Audit and Control Association
More informationStrategic Workforce Planning and Competency Management at Schneider Electric
Strategic Workforce Planning and Competency Management at Schneider Electric Congres HR 7 et 8 octobre 2015 - http://www.congreshr.com/ Cecile Rayssiguier 1 Cécile RAYSSIGUIER Workforce and Competency
More informationMAKING BUSINESS MOBILITY BETTER Best practices for business mobility management
MAKING BUSINESS MOBILITY BETTER Best practices for business mobility management -1- THE MOBILE REVOLUTION - OPPORTUNITIES AND CONCERNS The CIO today faces a versatile environment where cloud and mobility
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationA number of factors contribute to the diminished regard for security:
TrendLabs Enterprises cite security as their number one concern with regard to consumerization. During the actual execution of a consumerization strategy, however, IT groups find that the increasing demand
More informationGETRONICS: A BALANCED CLOUD POSITION
GETRONICS: A BALANCED CLOUD POSITION GETRONICS: A BALANCED CLOUD POSITION IN DISCUSSIONS WITH OUR CLIENTS, CLOUD STRATEGY IS REGULARLY TOP OF THE AGENDA. BUT CLOUD CAN BE A DILEMMA FOR SENIOR ENTERPRISE
More informationAsset management in urban drainage
Asset management in urban drainage Gestion patrimoniale de systèmes d assainissement Elkjaer J., Johansen N. B., Jacobsen P. Copenhagen Energy, Sewerage Division Orestads Boulevard 35, 2300 Copenhagen
More informationHow To Protect Your Network From Attack From A Network Security Threat
Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your
More informationThree Best Practices to Help Enterprises Overcome BYOD Challenges
WHITE PAPER Three Best Practices to Help Enterprises Overcome BYOD Challenges Nearly 80% of white-collar workers in the United States use a mobile device for work and approximately 95% of IT organizations
More informationInformation Security Risk Management
Information Security Risk Management June 11, 2013 Patrick Perreault Daniel Gaudreau Agenda Current State of Affairs Why Information Security? The Role of Risk Management Information Security Threats,
More informationArchived Content. Contenu archivé
ARCHIVED - Archiving Content ARCHIVÉE - Contenu archivé Archived Content Contenu archivé Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject
More informationMeasuring Policing Complexity: A Research Based Agenda
ARCHIVED - Archiving Content ARCHIVÉE - Contenu archivé Archived Content Contenu archivé Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject
More informationAre all of your employees applying all security updates to all of their devices?
Are all of your employees applying all security updates to all of their devices? If the answer is yes, read no further. If the answer is no, here s some food for thought! Consumer behavior is reshaping
More informationJoint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One
Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One Information Security- Perspective for Management Information Security Management Program Concept
More informationThree Best Practices to Help Enterprises Overcome BYOD Challenges
WHITE PAPER Three Best Practices to Help Enterprises Overcome BYOD Challenges Nearly 80% of white-collar workers in the United States use a mobile device for work and approximately 95% of IT organizations
More informationIntroduction au BIM. ESEB 38170 Seyssinet-Pariset Economie de la construction email : contact@eseb.fr
Quel est l objectif? 1 La France n est pas le seul pays impliqué 2 Une démarche obligatoire 3 Une organisation plus efficace 4 Le contexte 5 Risque d erreur INTERVENANTS : - Architecte - Économiste - Contrôleur
More informationAndroid for Work powered by SOTI
Android for Work powered by SOTI Work The Way You Live Secure Enterprise Mobility Management Android for Work powered by SOTI transforms workplace mobility with enhanced security, consistent management
More informationIndustrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk
Industrial Cyber Security Risk Manager Proactively Monitor, Measure and Manage Cyber Security Risk With Today s Cyber Threats, How Secure is Your Control System? Today, industrial organizations are faced
More informationThe Workplace of the Future and Mobile Device Risk ISACA Pittsburgh. May 20 th, 2013
The Workplace of the Future and Mobile Device Risk ISACA Pittsburgh May 20 th, 2013 Companies are leveraging mobile computing today Three major consumption models: 1. Improving productivity Improving employee
More informationInformation security governance has become an essential
Copyright 2007 ISACA. All rights reserved. www.isaca.org. Developing for Effective John P. Pironti, CISA, CISM, CISSP, ISSAP, ISSMP Information security governance has become an essential element of overall
More informationDomain 1 The Process of Auditing Information Systems
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
More informationCONSULTING IMAGE PLACEHOLDER
CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization
More informationArchived Content. Contenu archivé
ARCHIVED - Archiving Content ARCHIVÉE - Contenu archivé Archived Content Contenu archivé Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject
More informationA Guide to Consumerization & Building a BYOD Policy June 2012
INTRODUCTION iphones, ipads, Android-powered devices, and Windows phones have grown into powerful computing platforms, and their use allows enterprise employees to connect to work as never before. These
More informationMitigating Bring Your Own Device (BYOD) Risk for Organisations
Mitigating Bring Your Own Device (BYOD) Risk for Organisations Harness the benefits and mitigate the risks of BYOD espiongroup.com Executive Summary Mobile devices such as smart phones, tablets, or laptops
More informationVirginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101
Virginia Government Finance Officers Association Spring Conference May 28, 2014 Cloud Security 101 Presenters: John Montoro, RealTime Accounting Solutions Ted Brown, Network Alliance Presenters John Montoro
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationIssue 1.0. UoG/ILS/IS 001. Information Security and Assurance Policy. Information Security and Compliance Manager
Document Reference Number Date Title Author Owning Department Version Approval Date Review Date Approving Body UoG/ILS/IS 001 January 2016 Information Security and Assurance Policy Information Security
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationIT Governance: The benefits of an Information Security Management System
IT Governance: The benefits of an Information Security Management System Katerina Cai, CISSP Hewlett-Packard 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More informationtrends and audit considerations
Bring your own device (BYOD) trends and audit considerations SIFMA IT audit session 4 October 2012 Disclaimer Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited,
More informationAIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE
AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,
More informationReadiness Assessments: Vital to Secure Mobility
White Paper Readiness Assessments: Vital to Secure Mobility What You Will Learn Mobile devices have been proven to increase employee productivity and job satisfaction, but can also pose significant threats
More informationSay Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER
Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER FORTINET Say Yes to BYOD PAGE 2 Introduction Bring Your Own Device (BYOD) and consumerization
More informationCYBERSECURITY: ISSUES AND ISACA S RESPONSE
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures Mobile devices Social media Cloud services
More informationQu est-ce que le Cloud? Quels sont ses points forts? Pourquoi l'adopter? Hugues De Pra Data Center Lead Cisco Belgium & Luxemburg
Qu est-ce que le Cloud? Quels sont ses points forts? Pourquoi l'adopter? Hugues De Pra Data Center Lead Cisco Belgium & Luxemburg Agenda Le Business Case pour le Cloud Computing Qu est ce que le Cloud
More informationEvolving your network for the BYOD Era
Viewpoint Evolving your network for the BYOD Era 3-step guide to developing a mobility strategy Survive the rising tide of mobile devices in your workplace 1 Contents uide for CIOs Introduction: The Rise
More informationSamsung Mobile Security
Samsung Mobile Security offering enhanced core capabilities for enterprise mobility Samsung Enterprise Mobility Enterprise-ready Mobility management for your business Samsung Mobile Security offers enterprise
More informationSub-section Content. 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx
Sub-section Content 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx 2 Job Purpose - To support the implementation of an Enterprise Risk Management
More informationCOBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)
COBIT 5 For Cyber Security Governance and Management Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE) Cybersecurity Governance using COBIT5 Cyber Defence Summit Riyadh, KSA
More informationManagement and Leadership. Level 5 NVQ Diploma in Management and Leadership (QCF)
Management and Leadership Level 5 NVQ Diploma in Management and Leadership (QCF) 2014 Skills CFA Level 5 NVQ Diploma in Management and Leadership (QCF) Page 1 Level 5 NVQ Diploma in Management and Leadership
More informationBYOD AND ME. How cell phone hacking effects your business.! Richard Rigby CEO Wraith Intelligence
BYOD AND ME How cell phone hacking effects your business! Richard Rigby CEO Wraith Intelligence 90% of companies will offer BYOD, or bring-your-own-device options to employees by 2014, according to Gartner.
More informationBest Practices for a BYOD World
Face Today s Threats Head-On: Best Practices for a BYOD World Chris Vernon CISSP, VTSP Security Specialist Agenda Mobile Threats Overview 2013 State of Mobility Survey Canada BYOD Best Practices 2 Mobile
More informationW H I T E P A P E R E m b r a c i n g C o n s u m e r i z a t i o n w i t h C o n f i d e n c e
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R E m b r a c i n g C o n s u m e r i z a t i o n w i t h C o n f i d e n c e Sponsored
More informationInformation Security Awareness Training
Information Security Awareness Training Presenter: William F. Slater, III M.S., MBA, PMP, CISSP, CISA, ISO 27002 1 Agenda Why are we doing this? Objectives What is Information Security? What is Information
More informationBYOD PARTNER QUESTIONS YOU SHOULD ASK BEFORE CHOOSING A. businessresources.t-mobile.com/resources. A Buyer s Guide for Today s IT Decision Maker
QUESTIONS YOU SHOULD ASK BEFORE CHOOSING A BYOD PARTNER 2013 T-Mobile USA, Inc. TABLE OF CONTENTS Which BYOD model is right for your organization? Have you identified the pros and cons?... 3 Other factors
More informationExecutive Management of Information Security
WHITE PAPER Executive Management of Information Security _experience the commitment Entire contents 2004, 2010 by CGI Group Inc. All rights reserved. Reproduction of this publication in any form without
More informationSECURITY RISK MANAGEMENT
SECURITY RISK MANAGEMENT ISACA Atlanta Chapter, Geek Week August 20, 2013 Scott Ritchie, Manager, HA&W Information Assurance Services Scott Ritchie CISSP, CISA, PCI QSA, ISO 27001 Auditor Manager, HA&W
More informationBuild (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)
It is a well-known fact in computer security that security problems are very often a direct result of software bugs. That leads security researches to pay lots of attention to software engineering. The
More informationOVERVIEW. In all, this report makes recommendations in 14 areas, such as. Page iii
The Office of the Auditor General has conducted a procedural review of the State Data Center (Data Center), a part of the Arizona Strategic Enterprise Technology (ASET) Division within the Arizona Department
More informationInformation Technology Security Training Requirements APPENDIX A. Appendix A Learning Continuum A-1
APPENDIX A Appendix A Learning Continuum A-1 Appendix A Learning Continuum A-2 APPENDIX A LEARNING CONTINUUM E D U C A T I O N Information Technology Security Specialists and Professionals Education and
More informationBYOD File Sharing Go Private Cloud to Mitigate Data Risks
AN ACCELLION WHITE PAPER BYOD File Sharing Go Private Cloud to Mitigate Data Risks Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite 200 www.accellion.com Palo Alto, CA
More informationQuelle sécurité dans une banque? " Sécurité des transactions électroniques sur Internet et KYC"
Quelle sécurité dans une banque? " Sécurité des transactions électroniques sur Internet et KYC" Genève- UIPF 27 Nov.2010 La mission de WISeKey est de faciliter la croissance économique globale en sécurisant
More informationClient Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs
1 Client Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs NEW YORK Byungkwon Lim blim@debevoise.com Gary E. Murphy gemurphy@debevoise.com Michael J. Decker mdecker@debevoise.com
More informationBYOD. and Mobile Device Security. Shirley Erp, CISSP CISA November 28, 2012
BYOD and Mobile Device Security Shirley Erp, CISSP CISA November 28, 2012 Session is currently being recorded, and will be available on our website at http://www.utsystem.edu/compliance/swcacademy.html.
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationIT Security Risk Management: A Lifecycle Approach
Information Technology Security Guidance IT Security Risk Management: A Lifecycle Approach ITSG-33 November 2012 Foreword The of is an unclassified publication issued under the authority of the Chief,
More informationThe IT Service Management according to the ITIL framework applied to the enterprise value chain
www.ijcsi.org 515 The IT Service Management according to the ITIL framework applied to the enterprise value chain Abdelaali Himi 1, Samir Bahsani 2 and Alami Semma 3 1 Department of Mathematics and Computer
More informationWHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK
WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...
More informationMobile computing. Does your organisation have any safe options? The better the question. The better the answer. The better the world works.
Mobile computing Does your organisation have any safe options? The better the question. The better the answer. The better the world works. The big picture The mobile security risk surface Devices Jailbreak
More informationLeveraging a Maturity Model to Achieve Proactive Compliance
Leveraging a Maturity Model to Achieve Proactive Compliance White Paper: Proactive Compliance Leveraging a Maturity Model to Achieve Proactive Compliance Contents Introduction............................................................................................
More informationProduct / Produit Description Duration /Days Total / Total
DELL Budget Proposal / Proposition Budgétaire Solutions Design Centre N o : 200903201602 Centre de Design de Solutions Date: 2009-03-23 Proposition valide pour 30 jours / Proposal valid for 30 days Customer
More informationCybersecurity Audit Why are we still Vulnerable? November 30, 2015
Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event
More informationEnterprise Security Architecture
Enterprise Architecture -driven security April 2012 Agenda Facilities and safety information Introduction Overview of the problem Introducing security architecture The SABSA approach A worked example architecture
More informationA global infrastructure to safeguard your business_
Global Security Services A global infrastructure to safeguard your business_ Global Solutions More than just peace of mind: increase confidence and reduce risk across your entire organisation_ How do you
More informationArchived Content. Contenu archivé
ARCHIVED - Archiving Content ARCHIVÉE - Contenu archivé Archived Content Contenu archivé Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject
More information