Phil Holmes/ Robert Tate. Security Training



Similar documents
Risk Analysis and the Security Survey

C-I Factor. Bringing creative businesses together with investment. Appointment of Creative Industries Access to Finance Advisory Board Members

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

Paul Vlissidis Group Technical Director NCC Group plc

Cloud Security Introduction and Overview

Leveraging SANS and NIST to Evaluate New Security Tools

ITIL v3 Service Manager Bridge

In partnership with. Food & Drink A fresh approach to risk management

G-Cloud II Services Service Definition Accenture Cloud SaaS Implementation Services Google Apps

Programme Specification and Curriculum Map for MSc Electronic Security and Digital Forensics

Critical Environment Risk Management

AN OVERVIEW OF INFORMATION SECURITY STANDARDS

Ubertas Cloud Services: Service Definition

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Cloud Vendor Evaluation

Roles & Grades Rate Cards and Applicable SFIA Skills

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

ITIL Service Lifecycle Design

Specialist Cloud Services. Acumin Cloud Security Resourcing

Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER

Caretower s SIEM Managed Security Services

FM & SECURITY SOLUTIONS. SSS Managed Services. Impartial, innovative, involved

ISO27032 Guidelines for Cyber Security

SALES & MARKETING TRAINING COURSES OCT-15

Bring Your Own Device (BYOD) and Mobile Device Management

BRING YOUR OWN DEVICE (BYOD) AND MOBILE DEVICE MANAGEMENT

ITIL: Service Design

AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES

Launch of the National Clinical Utilisation Review Framework

Data Sheet Innate Timesheets

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

Our risk management framework Reviewed quarterly by our executive committee

Guidance. Injection: Crafts Council s business development scheme Guidelines for Applicants. Crafts Council Registered Charity Number

ENISA and Cloud Security

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

TMMi Case Study. Methodology. Scope. Use TMMi to do a gap analysis for an independent

WEBINAR INTRODUCTION TO COMMISSIONING BETTER OUTCOMES, SOCIAL OUTCOMES FUND AND THE SOCIAL FINANCE AND LOCAL GOVERNMENT ASSOCIATION SUPPORT CONTRACT

Guideline on Implementing Cloud Identity and Access Management

Information Security: Cloud Computing

IBM Data Security Services for endpoint data protection endpoint encryption solution

SCOTTISH CENSUS INDEPENDENT SECURITY REVIEW REPORT

Helping the police to support people with vulnerabilities

Cloud Computing in a Regulated Environment

Information Security Management System (ISMS) Policy

DISCUSSION PAPER ON SEMANTIC AND TECHNICAL INTEROPERABILITY. Proposed by the ehealth Governance Initiative Date: October 22 nd, 2012

Safeguarding life, property and the environment

The Internal Audit fraud challenge Prevention, protection, detection

Online/Cloud Services Trust challenges & eidentity-aspects

Delivering our Vision 5 Year Programme A Performance Management Framework Tier 1: Strategic goals and objectives RIGHT CARE, RIGHT PLACE, RIGHT TIME

UKCP Standards of Education and Training

ediscovery G-Cloud V Service Definition Lot 4 SCS Contact us: Danielle Pratt Tel: G-Cloud@esynergy-solutions.co.

ehealth Architecture Principles

ACCA is the global body for professional accountants with 428,000 trainees and 162,000 qualified members in 170 countries.

On Premise Vs Cloud: Selection Approach & Implementation Strategies

Expert Group on Cloud Computing Services and Standards ( EGCCSS ) Formation of Working Groups

INFRASTRUCTURE ARCHITECTURE BLUEPRINT

ISO/IEC/IEEE The New International Software Testing Standards

DELIVERING OUR STRATEGY

Cloud Platform Development Services

Frameworks for IT Management

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

People Director Job description

Thales Service Definition for PSN Secure Gateway Service for Cloud Services

Cloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems

NHS HDL (2006)41 abcdefghijklm. = eé~äíü=aéé~êíãéåí= = aáêéåíçê~íé=çñ=mêáã~êó=`~êé=~åç=`çããìåáíó=`~êé

THE STRATEGIC POLICING REQUIREMENT. July 2012

ICT and Information Security Resources

Information Management Advice 35: Implementing Information Security Part 1: A Step by Step Approach to your Agency Project

NIST Cyber Security Activities

IMA ANNUAL CONFERENCE 2014

How to gain and maintain ISO certification

Information Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS

G Cloud III Framework Lot 4 (SCS) Project Management

BUILDING THE BRITISH BUSINESS BANK: INVESTMENT PROGRAMME. Question & Answers FEBRUARY 2014

Cloud Services Overview

Dedicated Hosted Exchange 2013

THE UNIVERSITY OF EDINBURGH. PROGRAMME SPECIFICATION FOR MSc Science and Technology Policy and Management 1

Interoute Virtual Data Centre. Hands on cloud control.

PROGRAMME SPECIFICATION POSTGRADUATE PROGRAMMES

Shropshire Highways Draft Asset Management and Communications Strategy and Implications of Department for Transport Incentivised funding

Transcription:

1 Update Phil Holmes/ Robert Tate

Update - Agenda 2 Position in June 1997 Alliance Security Briefings at Member Meetings Relation to BS 7799 Training Matrices Coverage, orientation and approach Actions

London Meeting, June 1997 (1) 3 Need for The Open Group to be involved in Security Training Gave some of the options Offer own courses Leverage existing training activity in the market Resource and market issues What The Open Group has to offer

London Meeting, June 1997 (2) 4 Recognition of third parties Proposed three tier approach: accreditation of training organizations, approved courses and professional certification The importance of BS 7799 Action Test marketing and training Develop training matrix Feedback Relation to procurement activity

The Alliance (STA) 5 Collaboration between The Open Group and Aid to Industry Working to run a series of briefing seminars in March/April 98 timed to benefit from the publicity arising out of the BISS 98 Survey Working on Set of Courses to be given from May 98 onwards related to Security Breaches, Security Management and solutions based on IT Security Standards Treated as a pilot project and open to other participants

AID TO INDUSTRY 6 Represented by Vernon Poole and Stan Dormer Formed in 1982 Specialist training organisation especially oriented to audit professionals Now owned by Deliotte & Touche

STA - Proposed Courses (1) 7 Half day courses related to BISS 98 and Security Management Security Incident Reporting Impact of Security Breaches Cost of Security Breaches Contingency Plans/Standards Information Security Policies Information Security Standards and Procedures Communications Controls

STA - Proposed Courses (2) 8 One or two day courses Establishing an Effective Information Security Guide Establishing a Distributed Security Framework Establishing Baseline Security Services Defining and Buying Secure Open Systems New and Emerging Open System Security Technologies

STA - Course Delivery 9 Courses would be grouped in series to provide for three to four days training at one time. Offered publically in London, N. England and Edinburgh from May 98 Offered for in-house training Roll out - Europe and beyond Offer under license to other training organizations through proposed three tier accreditation scheme

Security Briefings at Member Meetings 10 Amsterdam - Security Briefing Sessions on Security Management (Stan Dormer) and Single Sign On (Pierre Noel) Objectives Feedback San Diego - Security Briefing Sessions on Security Management and CDSA Dependent upon experience from Amsterdam Roll out alongside the Alliance

Relation to BS 7799 11 Alliance (STA) seminars and courses, and Security Briefings at Member Meetings both reference BS 7799 Need to position alongside BS 7799 to ensure that TOG and the STA add unique value and promote the benefits adopting and implementing IT standards such as CDSA Question the value of TOG attempting to compete directly with consultancy firms and others offering services relating to BS 7799 Accreditation.

STA Training Matrix 12 Parameters: Level of the audience Type of practitioner Subject area Map against proposed activities Develop course curricula that could also be used as the basis of approved courses under the three tier accreditation scheme

Checklist of topics to cover (1) 13 discuss the security issues facing commercial organisations discuss the importance and development of security policies describe how a generally-accepted code of practice for information security can benefit the business outline a generally accepted technical architecture for information security can be applied to support the security policy and codes of practice such as BS7799

Checklist of topics to cover (2) 14 identify commercially-developed common standards for security services that support the architecture and the practical implementation of codes of practice such as BS7799 illustrate how these standards can be used in an effective commercial procurement and deployment strategy in order to achieve improved corporate security to combat identified risks and vulnerabilities

Checklist of topics to cover (3) 15 cost effective deployment with demonstrable cost benefits improved flexibility and scalability of the corporate infrastructure to respond to changing business needs improved portability and interoperability between products in order to reduce the risk of "product lock-in" avoidance of the security through obscurity" syndrome

Next Action 16 Feedback from Amsterdam Look at CDSA training opportunities including webbased training possibilities Refine and enlarge the training matrix Deliver the pilot seminars and courses through STA Re-examine the Business Case Extend TOG activities beyond the UK Offer licenses and/or engage other organizations in STA Establish the three tier accreditation scheme

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information