Telephone : +234 (0) 1 815 8152 | Website : Registered company : 985937 Telephone : +234.

Slides:

Advertisements

Similar presentations

Life Science Services and Solutions

Advertisements

Max Shirshov AlgoSec Security Management Suite.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

ISS IT Assessment Framework

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

© 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Saks Gloweli Consulting Management Consulting and Market Entry in China.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

The Evergreen, Background, Methodology and IT Service Management Model

Evolving IT Framework Standards (Compliance and IT)

© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.

Cyber Security & Fraud – The impact on small businesses.

IT Governance: COBIT, ISO17799 & ITIL. Introduction COBIT ITIL ISO17799Others.

Connecting with Your Peers IT Challenges and Opportunities in 2012 A Facilitated Group Discussion Thursday, January 12, 2012.

Consulting Information Technology Agency Your IT Outsourcing Partner.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.

Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.

Information Security Framework Regulatory Compliance and Reporting Auditing and Validation Metrics Definition and Collection Reporting (management, regulatory,

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Current risk and compliance priorities for law firms PETER SCOTT CONSULTING.

CLOUD-BASED VIDS A CIO’S PERSPECTIVE Stephen Alford, CIO WEP, Inc.

- Company Confidential - Corporate Overview March 2015.

Security and resilience for Smart Hospitals Key findings

TOPdesk Service Management Software on Azure

Cisco Compliance Management and Configuration Service

BIL 424 NETWORK ARCHITECTURE AND SERVICE PROVIDING.

BANKING INFORMATION SYSTEMS

Securing the Law Firm Myth vs. Reality vs. Practicality:

Information Security: Risk Management or Business Enablement?

Transforming IT Management

CMGT 431 Competitive Success/snaptutorial.com

CMGT 431 Education for Service-- snaptutorial.com.

CMGT 431 STUDY Lessons in Excellence--cmgt431study.com.

CMGT 431 Education for Service/tutorialrank.com

API Integration Services in

CMGT 431 Teaching Effectively-- snaptutorial.com.

CMGT 431 STUDY Education for Service- -cmgt431study.com.

Making Information Security Manageable with GRC

Making Information Security Actionable with GRC

Compliance Automation Portal

Compliance Automation Portal

ECT 589: E-Commerce Management

Federal Reserve Retail Payments Risk Forum

Contact Center Security Strategies

Optimizing Your Software Licensing Investment Senior Managing Analyst

University of Muenster Consulting

Powerful Partnerships with Industry Leaders

Deloitte & Touche November 2018.

Kovaion Consulting IT Services Portfolio Date : Apr-2015

ISO management systems

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

MAZARS’ CONSULTING PRACTICE

GRC - A Strategic Approach

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

Capitalize on Your Business’s Technology

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

WELCOME TO MELSAFE. Internal Audit Services Our internal audit professionals can work with you to understand your business strategy and its associated.

Recommendation Tree from a Marketing Manager

Recommendation Tree from a Marketing Manager

Presentation transcript:

Telephone : +234 (0) | Website : Registered company : Telephone : +234 (0) | Website : Registered company : Aligning information security operations and management for an effective information security program Insights Africa 2013

Infoprive Overview Information Security Advisory and Consulting Managed Compliance and Services Security Technology Implementation and Integration Information Security Advisory and Consulting Managed Compliance and Services Security Technology Implementation and Integration Clients Service Offering Banks Government Oil and Gas firms Payment Companies Educational Institutions Electronic payment firms Banks Government Oil and Gas firms Payment Companies Educational Institutions Electronic payment firms Infoprive Limited is a core Business Information Security Company that delivers and maintains trusted and enabling Information Security services and solutions for its clients giving them the confidence to focus on their core business objectives

Outline  Why an Information Security Program  Aspects of an Information Security Program  Challenges  Alignment

Why an Information security Program ? © 2012 Skybox Security4 To protect critical information assets

Most importantly … © 2012 Skybox Security5 Current State Desired State Short- term initiatives Medium- term Initiatives Long- term Initiatives Information Security program Information Security Objectives Information Security Strategy

Information Security Management Aspects of an Information Security Program Strategic Tactical Information Security Operations

© 2012 Skybox Security7 So Why is alignment Hard ? Simply…….

Security Management Challenges Complexity Change Network changes - virtualization, cloud, acquisitions Applications changes - agile development People changes – behavioural, roles/functions Compliance Complex regulations and internal mandates Time-consuming audits Communication Disconnect between application, security and operation teams Terminology gaps Challenges Thousands of security access rules and configurations Highly-connected business critical applications Technology solution sprawl

Security Operations Challenges Projects Threat Prevention Change threat Landscape Third party, supplier or customer Technology Risk Management Disaster Recovery and Business Continuity Incidence Response Architecture Disparate platforms Integration gaps Challenges Too many commissioned projects Lack of ROI

ManagementOperations Risk Assessment Threat Prevention ProjectsArchitectureComplianceChangesCommunicationComplexity Alignment ….. Becomes striking a balance

ManagementOperations ComplianceChangesCommunicationComplexityArchitecture Alignment ? What we must understand

ManagementOperations ComplianceChangesCommunicationComplexityProjects Alignment ? What we must understand

ManagementOperations ComplianceChangesCommunicationComplexity Threat Prevention Alignment ? What we must understand

ManagementOperations ComplianceChangesCommunicationComplexityRisk Assessment Alignment ? What we must understand

ManagementOperations Risk AssessmentThreat PreventionProjectsArchitectureComplianceChangesCommunicationComplexity Alignment becomes striking a balance……. based on Organizational Structure People Policies Drivers Products Services Processes Procedures Business Goals Lines of Business

Thank You

Questions?