Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security & Critical Controls Chris Few Industry Enabling Services CESG February 2011 © Crown Copyright. All rights reserved.

Published bySerena Byce Modified over 9 years ago

Similar presentations

Presentation on theme: "Cyber Security & Critical Controls Chris Few Industry Enabling Services CESG February 2011 © Crown Copyright. All rights reserved."— Presentation transcript:

1 Cyber Security & Critical Controls Chris Few Industry Enabling Services CESG February 2011 © Crown Copyright. All rights reserved.

2 Cyber Essentials An HMG scheme for testing security controls to defeat common Internet based threats Covers five control areas: –Internet Gateways; Secure configuration; User access control; Malware protection; Patch management Includes a two tier assurance framework: –Cyber Essentials: verified self-assessment Organisation completes self assessment questionnaire Responses reviewed as reasonable by assessor –Cyber Essentials PLUS: independently tested Tests whether controls implemented are sufficient to defeat common Internet based attacks February 2011 © Crown Copyright. All rights reserved.

3 Relevance of Cyber Essentials to LMN Policing of connections to shared academic networks Criterion for selecting suppliers accessing academic data Demonstrating commitment to cyber security Incorporation into ESISS penetration testing improves clarity of scope of testing February 2011 © Crown Copyright. All rights reserved.

4 February 2011 © Crown Copyright. All rights reserved. CESG & industry partners Cyber Security Industry Standards Products Systems Services People Education & Training Organisations Certify Supply Consumers Information risk owning organisations In the public sector, industry or academia Buy Employ The Assurance Landscape

5 CESG Service Catalogue OrganisationsTraining & Education PeopleProductsSystemsServices Information Assurance Maturity Model Certified Training Certified Professional Assisted Products Scheme Cyber Essentials Cyber Incident Response MSc in Cyber Security Listed Advisors Commercial Product Assurance Tailored Advice Service CHECK penetration testing Academic Centres of Excellence Common Criteria Technical Design Review Secure Destruction TEMPESTGovCertUK Further details at www.cesg.gov.ukContact us at Enquiries@cesg.gsi.gov.uk

6 Questions for LMN Which parts of the CESG service catalogue are most relevant to you? How can CESG develop its portfolio of schemes to meet your needs? Can CESG facilitate closer relationships between academia and industry on the topic of cyber security? February 2011 © Crown Copyright. All rights reserved.

Download ppt "Cyber Security & Critical Controls Chris Few Industry Enabling Services CESG February 2011 © Crown Copyright. All rights reserved."

Similar presentations

Compliance, Capability and Competence half-the-battle won.

Compliance, Capability and Competence half-the-battle won.
Quality Assurance of ICT in Education NAACE is the professional association for those who are concerned with advancing education through the appropriate.

Quality Assurance of ICT in Education NAACE is the professional association for those who are concerned with advancing education through the appropriate.
Module 1 Evaluation Overview © Crown Copyright (2000)

Module 1 Evaluation Overview © Crown Copyright (2000)
Get Started in e-Business. Aim This presentation is prepared to support and give a general overview of the ‘How to Get Started in e-Business’ Guide and.

Get Started in e-Business. Aim This presentation is prepared to support and give a general overview of the ‘How to Get Started in e-Business’ Guide and.
The Queen’s University of Belfast JISC BS7799 Pilot The Queen’s University of Belfast Dr. Ricky Rankin.

The Queen’s University of Belfast JISC BS7799 Pilot The Queen’s University of Belfast Dr. Ricky Rankin.
Secure Email Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1.

Secure Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1.
Secure Email Standard Introduction for IT Suppliers 09 June 2014 Clive Star 1.

Secure Standard Introduction for IT Suppliers 09 June 2014 Clive Star 1.
Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance.

Copyright © 2011 Cloud Security Alliance.
Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.

Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.
SOX and IT Audit Programs John R. Robles Thursday, May 31, 2007 Tel: 787-647-396.

SOX and IT Audit Programs John R. Robles Thursday, May 31, Tel:
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Employment NTO Who is Tony Green? - Chief Executive of the Employment NTO Previous job - Regional Commercial Director, Central Opencast 20 years experience.

Employment NTO Who is Tony Green? - Chief Executive of the Employment NTO Previous job - Regional Commercial Director, Central Opencast 20 years experience.
Supply Chain Development A step-change in Supply Chain performance 08/08/2015 OFFICIAL 1 Supply Chain Focus Group – 17 th September 2014 Vic Carlill.

Supply Chain Development A step-change in Supply Chain performance 08/08/2015 OFFICIAL 1 Supply Chain Focus Group – 17 th September 2014 Vic Carlill.
Www.derby.ac.uk/corporate University of Derby Corporate www.derby.ac.uk/corporate University of Derby Corporate (UDC) and International Centre for Guidance.

University of Derby Corporate University of Derby Corporate (UDC) and International Centre for Guidance.
The Crown and Suppliers: A New Way of Working People & Security15:35 – 16:20 Channels & Citizen Engagement Social Media ICT Capability Risk Management.

The Crown and Suppliers: A New Way of Working People & Security15:35 – 16:20 Channels & Citizen Engagement Social Media ICT Capability Risk Management.
National Vocational Qualifications in the United Kingdom Author:Richard Leach Venue: Turku, Finland Date:14 th September 2007.

National Vocational Qualifications in the United Kingdom Author:Richard Leach Venue: Turku, Finland Date:14 th September 2007.
IT ©e-skills UK 2000-2011 National Skills Academy Learning, Qualifications and Skills September 2011 ©©©

IT ©e-skills UK National Skills Academy Learning, Qualifications and Skills September 2011 ©©©
IT Internal Audit Survey Overview of survey findings May 2009 IT ADVISORY ADVISORY.

IT Internal Audit Survey Overview of survey findings May 2009 IT ADVISORY ADVISORY.

Similar presentations

Ads by Google