Presentation is loading. Please wait.

Presentation is loading. Please wait.

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.

Similar presentations


Presentation on theme: "Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous."— Presentation transcript:

1 Government Information Assurance (GIA) Policy

2 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous evolving and powerful technology available to everybody at a cheap price  With every opportunity come Risk.  Your business is at RISK!

3 3 Emerging Risks  Changing Political Scenario  Arab Spring  Qatar’s prominent role in International Arena  Changing Economic Scenario  Country with highest per capita income  International Sporting Events  Hacktivism  Sophisticated Attack Vectors  Insider Threats  Changing Legislative landscape  Data Privacy Law*  Critical Information Infrastructure Protection Law*

4 4 Real Incidents  During Arab Games in 2011  A number of critical sector and government organization were victim of attacks from Moroccan Hackers group  Number of sites affected: 10  Most of the incidents involved web defacement but it could have been worse!  Duration of incident: The attack was persistent for two weeks

5 Government Information Assurance Survey Increasing Reliance on ICT New Emerging Risks No Security Baseline standards Insufficient trained resources Baseline Policy & Standards Auditing Model Certified Training The need of Information Security Management System

6 Business Model of Information Security Challenges in Government Sector  Cultural Issues  Pre-set Mindset: Peaceful and secure environment  Lack of Awareness  Lack of Support  Lack of Resources

7 Government Information Assurance Survey Government Information Assurance Survey (2010) 30% of IT managers of Government organizations responded Survey demonstrated the need of information security support

8 8 Government Information Assurance Policy

9 What is GIA Policy

10 Government Information Assurance Survey GIA Components What is GIA Government Information Assurance Manual Governance Structure [IG] Risk Management [RM] Third Party Security Management [TM] Data Labeling [DL] Change Management [CM] Personnel Security [PS] Security Awareness [SA] Incident Management [IM] Business Continuity Management [BC] Logging & Security Monitoring [SM] Data Retention & Archival [DR] Documentation [DC] Accreditation [AC] Security Governance & Processes Government Information Classification Policy Communications Security [CS] Network Security [NS] Information Exchange [IE] Gateway Security [GS] Product Security [PR] Software Security [SS] System Usage Security [SU] Media Security [MS] Access Control Security [AM] Cryptographic Security [CY] Portable Devices & Working Off-Site Security [OS] Physical Security [PH] Technical Control Areas Implementation GuideAccreditation Manual Certified Training

11 Government Information Assurance Survey Assets Classification What is GIA Step 1: Identify key processes and their owners in the organization. Step 2: Identity process dependencies: information, applications, systems, networks, etc. Step 3. Determine the security classification for each information asset using table Step 4: Apply the necessary controls

12 Government Information Assurance Survey GIA Policy is… What is GIA Formulated from most common international standards/best practices Allows straight forward path for certification against other standards e.g. ISO27001 Maps well with established standards such as ITIL Approved by the Board of ictQATAR and has been sent to Council of Ministers. Adopted by MoI, ABQ

13 Thank You


Download ppt "Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous."

Similar presentations


Ads by Google