Information Security Seminar 2013
|
|
- Griffin Hancock
- 8 years ago
- Views:
Transcription
1 Information Security Seminar 2013 Mr. Victor Lam, JP Deputy Government Chief Information Officer Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region 24 July 2013
2 Agenda 1. Introduction 2. Information Security Posture & Programmes 3. Hong Kong SAR Government Cloud Adoption 4. Cloud Challenges & Risk Mitigation 5. Closing 1
3 Who s Peeking At You? Security & Privacy Data Protection Outsourcing Data Location 2
4 3
5 Local ICT Environment 2.26M broadband accounts 86% household with broadband access public Wi-Fi access points 5 mobile network operators 19 local fixed network operators 193 Internet Service Providers (ISP) 4
6 Local ICT Environment Strong foundation for Cloud Computing Well established legal system with good protection of intellectual property rights and personal data World-class infrastructure and ideal location in Asia for data centres Pro-business culture Proximity to the Mainland of China Talented ICT professionals 5
7 Set up on 1 July 2004 Provides a streamlined government structure and leadership for delivering the ICT functions within Government Enables the Government to take a proactive, leading role in championing ICT development in the community Headed by Government Chief Information Officer (GCIO), deputised by two Deputy Government Chief Information Officers (DGCIOs) 6
8 ICT Facts and Figures in the Government 400+ Government web sites 50+ e-government mobile apps 29 Government data centres 1300 Government IT Professionals 2500 Contract IT Professionals 7
9 8
10 Information Security Major Stakeholders Security Bureau Provide policy steer, advice and support on Government s security requirements and security incidents OGCIO Provide policy steer, advice and support on Government information security requirements and matters Coordinate and facilitate the handling of IT security incidents within Government Protect Government s central IT infrastructure and information Ensure compliance with information security policy and requirements Conduct IT security awareness promotion and training for government staff and the public Information Security Hong Kong Police Force Prevent and detect technology crime Establish the Cyber Security Centre to strengthen resilience against cyber attacks Collaborate with OGCIO & HKCERT to conduct awareness promotion and training for the public Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) Coordinate computer security incident response Disseminate security alerts to the public Collaborate with OGCIO & Police to conduct awareness promotion and training for the public Conduct security drill 9
11 Review of Information Security Requirements To ensure that government information security requirements can keep in pace with the advancement of technology, security trends and latest development of international/industry practices. Cloud Computing Security Social Networking Security Mobile Device Security Security Regulations, Policies and Guidelines Review, Revise and Promulgate Government Bureaux and Departments (B/Ds) 10
12 Security Risk Assessment and Audit To ensure information security risks of government information systems are properly managed and appropriate mitigation measures are effectively implemented. Identify security threats, vulnerabilities and corresponding impacts Information Security Risk Assessment and Third-party Audit Ensure compliance of information security policies Information Systems Adopt effective information security measures 11
13 Security Governance To better monitor the security status of B/Ds and help them achieve compliance with government security requirements. Security Survey Government Bureaux and Departments (B/Ds) Security Risk Assessment Result Visit & Review 12
14 Awareness Promotion to the Public To empower citizens to withstand new and ever-changing security threats. Thematic website Public Seminars Radio clips Leaflets Multimedia materials Posters 13
15 14
16 Government Cloud Computing Strategy Outsourced Private Cloud (at contractor data centres) In-house Private Cloud (at government data centres) Public Cloud E-Government Services with Classified data Government Cloud (GovCloud) E-Government Infrastructure Services Central Computer Centre Virtualised Infrastructure E-Government Public Services without Classified data 15
17 Government Cloud Adoption A step by step approach to take full advantage of this new IT model while at the same time minimise the associated risks Pilot and Testing Portal for Public Sector Information (PSI) Central Computer Centre Virtualization Mar 2011 Government Cloud Computing Strategy 2013 Provision of Shared Services Electronic Information Mgt, Human Resource Mgt, e-procurement, etc and beyond 2012 Funding and Contracting Rollout and Review GovCloud Cloud-enabled Platform (EGIS) Government Public Cloud services 16
18 17
19 Cloud Challenges Data Protection Data location Multi-tenancy Outsourcing Data Ownership Service Continuity Off-Premises Security & Privacy Changes to Infrastructure Changes to Processes Changes to User Behaviour 18
20 Cloud Security Trends Source of Information: Cloud end-user survey conducted by the SME Global Alliance and Hong Kong Productivity Council in
21 Security Challenge & Risk Mitigation in Cloud Adoption Challenge Risk Mitigation Lack of corporate directions and relevant policies and guidelines Cloud adoption strategy Review of policies and guidelines Control on user authentication Access control security User education and training Assurance of information security and privacy in cloud Cloud security certifications and standards Conduct of risk assessments and audits Contractual agreement Protection of data out of organisational control boundary Data protection best practices Incident response mechanism 20
22 Promotion of Best Practices in Cloud Adoption 雲 資 訊 網 Practice Guide for Procuring Cloud Services Service Cost Service Level On Boarding & Off Boarding Service Operation Security and Privacy Protections Service Commitments/Warranties Data Ownership & Location and IP Ownership Service Default Contracting (Terms of Service) Expert Group on Cloud Computing Services and Standards OGCIO Security Checklists for Cloud Service Consumers Checklist for SMEs on selecting Cloud Service Provider Checklist for SMEs on using Cloud Services Checklist for Individuals on protecting their data in the Cloud Environment Security & Privacy Checklist for Cloud Service Providers in Handling Personal Identifiable Information in Cloud Platforms Policy Management Data Protection Principles Subcontractors Management Staff Management 21
23 22
24 Summary Hong Kong : Strong Foundation for Cloud Computing Cloud : Adoption through Risk Mitigation Government : Extensive Information Security Programmes 23
25
Legislative Council Panel on Information Technology and Broadcasting. Information Security
For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest
More informationDIGITAL 21 STRATEGY ADVISORY COMMITTEE. Government s Cloud Computing Programme
For discussion Paper No. 10/2012 on 22 November 2012 Purpose DIGITAL 21 STRATEGY ADVISORY COMMITTEE Government s Cloud Computing Programme This paper updates Members on the latest developments and upcoming
More informationHow To Develop A Cloud In Hong Kong
The Cloud Journey From Planning to Action Mr. Victor Lam Deputy Government Chief Information Officer (Consulting and Operations) 1 Is Cloud Computing New? John McCarthy Computation may someday be organized
More information立 法 會 Legislative Council
立 法 會 Legislative Council LC Paper No. CB(4)1212/14-15(04) Ref. : CB4/PL/ITB Panel on Information Technology and Broadcasting Meeting on 17 July 2015 Updated background brief on information security Purpose
More informationLegislative Council Panel on Information Technology and Broadcasting. Information Security
For Information on 12 July 2010 LC Paper No. CB(1)2465/09-10(03) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper informs Members about the progress
More informationFor Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security
For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE Cyber Security Purpose This paper briefs Members on the global cyber security outlook facing governments of some
More informationLegislative Council Panel on Information Technology and Broadcasting. Information Security
LC Paper No. CB(1)2407/10-11(05) For Information on 13 June 2011 Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper informs Members about the progress
More informationDIGITAL 21 STRATEGY ADVISORY COMMITTEE. Adoption of Cloud Computing Model in Government
For discussion Paper No. 2/2011 on 22 March 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE Adoption of Cloud Computing Model in Government Purpose The Government will be adopting the Cloud Computing 1 Model
More informationHead 47 GOVERNMENT SECRETARIAT: OFFICE OF THE GOVERNMENT CHIEF INFORMATION OFFICER
Controlling officer: the Government Chief Information Officer will account for expenditure under this Head. Estimate 2014 15... $690.2m Establishment ceiling 2014 15 (notional annual mid-point salary value)
More informationDigital Economy Facilitation Division, OGCIO Industry Forum 2012 24 July 2012
Get ready for IPv6 Digital Economy Facilitation Division, OGCIO Industry Forum 2012 24 July 2012 1 Agenda IPv4 address exhaustion Worldwide IPv6 deployment Major deployment milestones Hong Kong IPv6 deployment
More informationITEM FOR FINANCE COMMITTEE
For discussion on 8 June 2012 FCR(2012-13)39 ITEM FOR FINANCE COMMITTEE CAPITAL WORKS RESERVE FUND HEAD 710 COMPUTERISATION Office of the Government Chief Information Officer New Subhead Implementation
More informationMajor IT projects currently undertaken by Bureaux/Departments (B/Ds) with project details and staff deployment
Annex 3 Major IT projects currently undertaken by Bureaux/s (B/Ds) with project details and staff deployment B/D Projects Project details Staff Deployment 1. Census and Statistics Computer equipment and
More informationWorking Group on Cloud Security and Privacy. Brief Update on EGCCSS and WGPIUCS 24 June 2015
Working Group on Cloud Security and Privacy Brief Update on EGCCSS and WGPIUCS 24 June 2015 1 Expert Group on Cloud Computing Services and Standards 8th EGCCSS Meeting held on 6 May 2015 Sharing of Experience
More informationHead 47 GOVERNMENT SECRETARIAT: OFFICE OF THE GOVERNMENT CHIEF INFORMATION OFFICER
Controlling officer: the Government Chief Information Officer will account for expenditure under this Head. Estimate 2015 16... $714.7m Establishment ceiling 2015 16 (notional annual mid-point salary value)
More informationESKISP6054.01 Conduct security testing, under supervision
Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to
More informationLegislative Council Panel. on Information Technology and Broadcasting. Implementation of a Government Cloud Platform
LC Paper No. CB(1)1783/11-12(06) For discussion on 14 May 2012 Legislative Council Panel on Information Technology and Broadcasting Implementation of a Government Cloud Platform Purpose This paper seeks
More informationLegislative Council Panel on Information Technology and Broadcasting. 2016 Policy Address Policy Initiatives of Innovation and Technology Bureau
LC Paper No. CB(4)487/15-16(02) Legislative Council Panel on Information Technology and Broadcasting 2016 Policy Address Policy Initiatives of Innovation and Technology Bureau Background The Chief Executive
More information立 法 會 Legislative Council
立 法 會 Legislative Council LC Paper No. CB(4)1481/14-15 (These minutes have been seen by the Administration) Ref : CB4/PL/ITB/1 Panel on Information Technology and Broadcasting Minutes of meeting on Friday,
More informationLegislative Council Panel on Information Technology and Broadcasting Progress Update on E-Government Development Purpose
LC Paper No. CB(4)1083/14-15(03) For discussion on 8 June 2015 Legislative Council Panel on Information Technology and Broadcasting Progress Update on E-Government Development Purpose This paper updates
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationAdopting Cloud Computing with a RISK Mitigation Strategy
Adopting Cloud Computing with a RISK Mitigation Strategy TS Yu, OGCIO 21 March 2013 1. Introduction 2. Security Challenges Agenda 3. Risk Mitigation Strategy Before start using When using 4. Policy & Guidelines
More informationOffice of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region
Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region 1 1) Government Cloud Journey 2) Government Clouds 3) Way Forward 2 1. Government Cloud
More information(a) CWRF Head 710 Computerisation
LC Paper No. CB(4)125/15-16(03) For discussion on 9 November 2015 Introduction Legislative Council Panel on Information Technology and Broadcasting Capital Works Reserve Fund Head 710 Computerisation Subhead
More informationFor Discussion Paper No. 11/2012 on 22 November 2012. DIGITAL 21 STRATEGY ADVISORY COMMITTEE International IT Fest 2013
For Discussion Paper No. 11/2012 on 22 November 2012 Purpose DIGITAL 21 STRATEGY ADVISORY COMMITTEE International IT Fest 2013 This paper briefs Members on the International IT Fest 2013, a new Government
More informationCYSPA - EC projects supporting NIS
CYSPA - EC projects supporting NIS Nina Olesen, EOS March 2014 Athens, Greece www.cyspa.eu CYSPA the European project The European Cyber Security Protection Alliance, or CYSPA, is an initiative by 17 organisationsfrom
More informationCybersecurity in the States 2012: Priorities, Issues and Trends
Cybersecurity in the States 2012: Priorities, Issues and Trends Commission on Maryland Cyber Security and Innovation June 8, 2012 Pam Walker, Director of Government Affairs National Association of State
More informationBuild a Secure Cyberspace 2015 Cyber Security is Everywhere Graphic Design Contest
Build a Secure Cyberspace 2015 Cyber Security is Everywhere Graphic Design Contest Build a Secure Cyberspace is an annual promotion campaign on information security jointly organised by the Office of the
More informationCloud Security for SME
Cloud Security for SME Hong Kong Computer & Communications Festival 2015 21 Aug 2015 Agenda About HKCERT What is cloud? Cloud security challenges to SME Tips for using cloud service securely About HKCERT
More informationCyber Security - What Would a Breach Really Mean for your Business?
Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber
More informationSeminar on Unfair Competition Enforcement in the United States and Supply Chain Cybersecurity Issues. Palace Hotel Saigon, HCMC, November 19 th 2014
Seminar on Unfair Competition Enforcement in the United States and Supply Chain Cybersecurity Issues Palace Hotel Saigon, HCMC, November 19 th 2014 Cyber Security and Supply Chain Integrity as Risk Factors
More informationOverview TECHIS60441. Carry out security testing activities
Overview Information, services and systems can be attacked in various ways. Understanding the technical and social perspectives, how attacks work, the technologies and approaches used are key to being
More informationCIP 2016 Project Outline
Outline TR_SAND_1 1. Internship 2. Internship 3. Preferred Sandwich June 2016 to June 2017 First Priority: Computer Science/ Technology related Second Priority: Information Systems 4. Name: 2016 Group
More informationPROCUREMENT AND INVENTORY MANAGEMENT OF ICT PRODUCTS AND SERVICES. Executive Summary
PROCUREMENT AND INVENTORY MANAGEMENT OF ICT PRODUCTS AND SERVICES Executive Summary 1. The Government leverages on information and communications technology (ICT) to improve the operational efficiency
More informationCommonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation
Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing
More informationBy Alex Lee, AGCIO(IS) Industry Forum 29 July 2011
By Alex Lee, AGCIO(IS) Industry Forum 29 July 2011 Under the D21 Strategy, we have formulated the Pan Government IT Strategy for delivery of next-generation e-government services. Business Transformation
More informationGovHK: One-stop Portal to Deliver Citizen-centric Services. Linda So Deputy Government Chief Information Officer HKSAR Government
GovHK: One-stop Portal to Deliver Citizen-centric Services Linda So Deputy Government Chief Information Officer HKSAR Government 1 Vision for the e-government programme Use information technology to provide
More informationAPRICOT-APAN 2011, Hong Kong IPv6 Transition Conference 22 February 2011. C. K. Ng
APRICOT-APAN 2011, Hong Kong IPv6 Transition Conference 22 February 2011 The Government of the Hong Kong Special Administrative Region C. K. Ng Programme Manager, Government Office of the Government Chief
More informationCloud Computing and Records Management
GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version
More informationWORKING GROUP ON CLOUD SECURITY AND PRIVACY
WORKING GROUP ON CLOUD SECURITY AND PRIVACY Notes of the Seventh Meeting held at 2:30 p.m. on 19 September 2013 in Communal Meeting Room 3, G/F, Central Government Offices, Tamar Present Mr Vincent CHAN
More informationThe IT Strategic Plan
The IT Strategic Plan for the University of Oxford, 2013-2018 REVISED AND REISSUED, OCTOBER 2015 Contents IT Strategic Plan: Vision... 2 The IT Strategic Plan... 2 IT Strategic Plan: Principles and Assumptions...
More informationAustralian Government Cyber Security Review
Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and
More informationThe Office of the Government Chief Information Officer IT SECURITY GUIDELINES [G3]
The Office of the Government Chief Information Officer IT SECURITY GUIDELINES [G3] Version : 7.0 September 2012 The Government of the Hong Kong Special Administrative Region COPYRIGHT NOTICE 2012 by the
More informationInformation Security Summit 2005
Information Security Summit 2005 Forensically Sound Information Security Management in a Risk Compliance Era Keynote Opening Address by Mr. Howard C Dickson Government Chief Information Officer Government
More informationGuidance on the Use of Portable Storage Devices 1
Guidance on the Use of Portable Storage Devices Introduction Portable storage devices ( PSDs ) such as USB flash memories or drives, notebook computers or backup tapes provide a convenient means to store
More information2015 Information Security Awareness Catalogue
Contents 2015 Catalogue Wolfpack Engagement Model 4 Campaign Drivers 6 Offerings 8 Approach 9 Engaging Content 10 Stakeholder Change Management 12 Bundles 13 Content 14 Grey Wolf -Track compliance with
More informationLegislative Council Panel on Information Technology and Broadcasting. Hacking and Virus Activities and Preventive Measures
For discussion on 12 June 2000 Legislative Council Panel on Information Technology and Broadcasting Hacking and Virus Activities and Preventive Measures Purpose This paper briefs Members on the common
More informationHong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
More information2012 Resource Allocation Exercise - Block Vote Project Proposals
Item Organisation Title 1 Architectural Services Migration of the Automated Communication, Technical Information and Operations Network from Mainframe to Midrange Platform 9.9 2013-14 1st Quarter 2014-15
More informationReport on Hong Kong SME Cloud Adoption and Security Readiness Survey
Report on Hong Kong SME Cloud Adoption and Security Readiness Survey Collaborated by Internet Society Hong Kong and Cloud Security Alliance (HK & Macau Chapter) Sponsored by Microsoft Hong Kong Jointly
More informationThe Office of the Government Chief Information Officer INFORMATION SECURITY INCIDENT HANDLING GUIDELINES [G54]
The Office of the Government Chief Information Officer INFORMATION SECURITY INCIDENT HANDLING GUIDELINES [G54] Version: 5.0 September 2012 The Government of the Hong Kong Special Administrative Region
More informationWorking Group on. First Working Group Meeting 29.5.2012
Working Group on Cloud Security and Privacy (WGCSP) First Working Group Meeting 29.5.2012 1 Review of fexisting i Standards d and Best Practices on Cloud Security Security Standards and Status List of
More informationNational Initiative for Cyber Security Education
2014/PPWE/SEM2/007 Agenda Item: 5 National Initiative for Cyber Security Education Submitted by: United States Women Business and Smart Technology Seminar Beijing, China 23 May 2014 NICE OVERVIEW Women
More informationLegislative Council Panel on Security Creation of a permanent Chief Superintendent of Police post of the Cyber Security and Technology Crime Bureau
LC Paper No. CB(2)1621/13-14(05) For discussion on 3 June 2014 Legislative Council Panel on Security Creation of a permanent Chief Superintendent post of the Cyber Security and Technology Crime Bureau
More informationThe Future Development of egovernment in Hong Kong
The Future Development of egovernment in Hong Kong Howard C. Dickson Government Chief Information Officer HKSAR Government 5 September My Discussion Agenda Why e-government is vital to Hong Kong Where
More informationCyber security Indian perspective & Collaboration With EU
Cyber security Indian perspective & Collaboration With EU Abhishek Sharma, BIC IAG member, On behalf of Dr. A.S.A Krishnan, Sr. Director, Department of Electronics & Information Technology Government of
More informationCloud computing: benefits, risks and recommendations for information security
Cloud computing: benefits, risks and recommendations for information security Dr Giles Hogben Secure Services Programme Manager European Network and Information Security Agency (ENISA) Goals of my presentation
More informationThe Office of the Government Chief Information Officer BASELINE IT SECURITY POLICY [S17]
The Office of the Government Chief Information Officer BASELINE IT SECURITY POLICY [S17] Version : 5.0 September 2012 The Government of the Hong Kong Special Administrative Region The contents of this
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationThe Office of the Government Chief Information Officer BASELINE IT SECURITY POLICY [S17]
The Office of the Government Chief Information Officer BASELINE IT SECURITY POLICY [S17] Version : 3.0 May 2006 The Government of the Hong Kong Special Administrative Region COPYRIGHT NOTICE 2006 by the
More informationREPUBLIC OF MAURITIUS NATIONAL CYBER SECURITY STRATEGY
REPUBLIC OF MAURITIUS 5555555555555555555555555555555555555555555555555555555555 5555555555555555555555555555555555555555555555555555555555 NATIONAL CYBER SECURITY STRATEGY 2014-2019 The time has come
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationYOUR PASSPORT TO ASIA S WORLD CITY
YOUR PASSPORT TO ASIA S WORLD CITY WHY HONG KONG IS AT THE CENTER OF CLOUD POTENTIAL A MATURE MARKET Hong Kong is the third most important international financial center, after London and New York. Home
More informationE-Government Strategy 2013-2017 Implementation
2013-2017 Implementation Mr Hawabhay Rajnish Ag. Director Central Informatics Bureau Ministry of Information and Communication Technology 19 th February 2014 2013-2017 2013-2017 aims at increasing: the
More informationICT Usage & Cyber Security Issues in Myanmar
ICT Usage & Cyber Security Issues in Myanmar AESEN-Japan International Symposium on Cyber Security Khin Swe Htay Deputy Chief Engineer Myanma Posts and Telecommunications Tokyo, Japan October 25, 2013
More informationLogging In: Auditing Cybersecurity in an Unsecure World
About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that
More informationCITY UNIVERSITY OF HONG KONG
CITY UNIVERSITY OF HONG KONG (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief Information Officer in September 2015) INTERNAL Date of Issue:
More informationA Best Practice Guide
A Best Practice Guide Contents Introduction [2] The Benefits of Implementing a Privacy Management Programme [3] Developing a Comprehensive Privacy Management Programme [3] Part A Baseline Fundamentals
More informationESKISP6056.01 Direct security testing
Direct security testing Overview This standard covers the competencies concerning with directing security testing activities. It includes setting the strategy and policies for security testing, and being
More informationENISA and Cloud Security
ENISA and Cloud Security Rossen Naydenov Network Information Security Officer Critical Information Infrastructure Protection Department - ENISA European Union Agency for Network and Information Security
More informationAn Information Security and Privacy Perspective for Procurement Services Projects
MANAGEMENT OF DATA: An Information Security and Privacy Perspective for Procurement Services Projects Presentation for: Procurement Services Senior Leadership Meeting Presented by: Ann Nagel, Associate
More informationCyber security in an organization-transcending way
Cyber security in an organization-transcending way EASEE-gas meeting March 19, 2015 Paul Bloemen ICT Security Manager Gasunie Chair Dutch Energy ISAC March 19, 2015 2 What to talk about Why is cyber security
More informationPractice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited
Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident
More information2013 Policy Address Policy Initiatives of Communications and Technology Branch, Commerce and Economic Development Bureau
LC Paper No. CB(4)310/12-13(01) 2013 Policy Address Policy Initiatives of Communications and Technology Branch, Commerce and Economic Development Bureau Our Vision The Government s vision is to develop
More informationStatement of James Sheaffer, President North American Public Sector, CSC
Statement of James Sheaffer, President North American Public Sector, CSC United States House of Representatives Committee on Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection,
More informationCyber Security solutions
Cyber Security solutions The scenario IT security has become a highly critical issue for all businesses as a result of the growing pervasiveness and diffusion of ICT technology. Risks can arise both inside
More informationINFRASTRUCTURE ARCHITECTURE BLUEPRINT
INFRASTRUCTURE ARCHITECTURE BLUEPRINT MESYUARAT PENGURUS-PENGURUS ICT SEKTOR AWAM BIL.3 TAHUN 2010 26 Oktober 2010 BERSAMA MELAKSANA TRANSFORMASI Table of Content Introduction Current Environment Overview
More informationBusiness Continuity Management Framework 2014 2017
Business Continuity Management Framework 2014 2017 Blackpool Council Business Continuity Framework V3.0 Page 1 of 13 CONTENTS 1.0 Forward 03 2.0 Administration 04 3.0 Policy 05 4.0 Business Continuity
More information> English > Topical Issues (Statutory Minimum Wage) > Statutory Minimum Wage: Notes for Student Employees and Employers
Interested students can send their covering letter and CVs to chr@clp.com.hk with email titled 2016 CIP intern before 30 May 2016. Students need to state their priority of project number in the application
More informationLegislative Council Panel on Security Youth Drug Abuse. This paper briefs Members on the latest youth drug abuse
Legislative Council Panel on Security Youth Drug Abuse LC Paper No. CB(2)167/07-08(01) PURPOSE situation. This paper briefs Members on the latest youth drug abuse CURRENT ANTI-DRUG POLICY Formulation of
More informationTRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE
AGENDA ITEM 9 TRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE SUBJECT: REVIEW OF TFL RESILIENCE MANAGEMENT POLICY FRAMEWORK DATE: 20 JULY 2010 1 PURPOSE AND DECISION REQUIRED 1.1
More informationState Governments at Risk: The Data Breach Reality
State Governments at Risk: The Data Breach Reality NCSL Legislative Summit August 5, 2015 Doug Robinson, Executive Director National Association of State Chief Information Officers (NASCIO) About NASCIO
More informationMANAGED SERVICES PROVIDER. Dynamic Solutions. Superior Results.
MANAGED SERVICES PROVIDER Dynamic Solutions. Superior Results. REVOLUTIONIZE YOUR INSTITUTION BY FULLY LEVERAGING THE BENEFITS OF TECHNOLOGY MAXIMIZE YOUR TECHNOLOGY INVESTMENTS ENHANCE SECURITY OF YOUR
More informationThe Danish Cyber and Information Security Strategy
February 2015 The Danish Cyber and Information Security Strategy 1. Introduction In December 2014 the Government presented a National Cyber and Information Security Strategy containing 27 government initiatives
More informationNational Contact Management Strategy
National Contact Management Strategy 2012 NCMS 2012 NOT PROTECTIVELY MARKED 4 National Contact Management Strategy (NCMS) This document has been produced by the Association of Chief Police Officers (ACPO)
More informationCYBER AND IT SECURITY: CLOUD SECURITY FINAL SESSION. Architecture Framework Advisory Committee November 4, 2014
CYBER AND IT SECURITY: CLOUD SECURITY FINAL SESSION Architecture Framework Advisory Committee November 4, 2014 1 Agenda TIME TOPICS PRESENTERS 9:00 9:15 Opening Remarks and Introductions Shirley Ivan,
More informationBusiness Continuity Management Policy
Governance: Business Committee Policy Owner: Chief Superintendent, Corporate Services Department: Corporate Services Policy Number: 002 Version: 3.0 Policy Writer: Business Continuity Co-ordinator Effective
More informationCommonwealth IT Threat Management: Keeping Out the Cyber Villains Category: Cyber Security Initiatives. Initiation date: January 2012
Commonwealth IT Threat Management: Keeping Out the Cyber Villains Category: Cyber Security Initiatives Initiation date: January 2012 Completion date: June 2012 Nomination submitted by: Samuel A. Nixon
More informationFor discussion on 17 January 2011 LC Paper No. CB(1) 1001/10-11(04) LEGISLATIVE COUNCIL PANEL ON PUBLIC SERVICE
For discussion on 17 January 2011 LC Paper No. CB(1) 1001/10-11(04) LEGISLATIVE COUNCIL PANEL ON PUBLIC SERVICE Leadership and Management Training for the Civil Service Purpose This paper presents an updated
More informationLegislative Council Panel on Public Service T-contract Services
For discussion on 20 May 2013 LC Paper No. CB(4)625/12-13(04) Legislative Council Panel on Public Service T-contract Services Purpose This paper provides information on the use of services provided by
More informationAGIMO and whole-of-government ICT Policy
AGIMO and whole-of-government ICT Policy Overview DAMA Canberra July 2013 Meeting Brian Catto Andrew McGalliard James Woods ICT Policy Team AGIMO 1 Agenda Who are AGIMO? What is AGIMOs role? APS ICT Strategy
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationInfocomm Security Masterplan 2
INFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE 8 Temasek Boulevard #14-00 Suntec Tower 3 Singapore 038988 Tel : 65-62110888 Fax : 65-62112222 www.ida.gov.sg April 2009 Infocomm Security Masterplan 2 The Infocomm
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationCyber Security Solutions
Cyber Security Solutions Defending the Enterprise General Dynamics Information Technology defends mission-critical systems including government, health, finance, defence, large-enterprise and national
More informationStellenbosch University. Information Security Regulations
Stellenbosch University Information Security Regulations 1. Preamble 1.1. Information Security is a component of the Risk structure and procedures of the University. 1.2. Stellenbosch University has an
More informationGovernance and Management of Information Security
Governance and Management of Information Security Øivind Høiem, CISA CRISC Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector secretary for information
More informationSeamus Reilly Director EY Information Security sreilly@uk.ey.com 0207 951 3179 Cyber Security
Seamus Reilly Director EY Information Security sreilly@uk.ey.com 0207 951 3179 Cyber Security An Internal Audit perspective on the threats and responses within the Retail Sector 15 th May 2014 Agenda Introductions
More informationSecure Use of Electronic Banking Services. George Chou Hong Kong Monetary Authority Dec 2013
Secure Use of Electronic Banking Services George Chou Hong Kong Monetary Authority Dec 2013 Agenda Recent Development of Internet Banking in Hong Kong Regulatory Requirements on Internet Banking Supervisory
More informationCollaborative development in the public sector Some thoughts based on the Belgian experience. Linuxtag
Collaborative development in the public sector Some thoughts based on the Belgian experience Linuxtag 23-06-2005 oliver.schneider@e-gov.be Expert Cellule stratégique Context Belgian Federal Government
More information