1 Copyright © 2002 M. E. Kabay. All rights reserved. Information Security on a Budget: Where to Invest First M. E. Kabay, PhD, CISSP Assoc. Prof. Information.

Slides:

Advertisements

Similar presentations

1 Copyright © 2005 M. E. Kabay. All rights reserved. 15:30-16:00 INFORMATION WARFARE Part 4: Assignment Advanced Course in Engineering 2005 Cyber Security.

Advertisements

1 Copyright © 2007 M. E. Kabay. All rights reserved. Using the TRACK CHANGES Features in MS-Word M. E. Kabay, PhD, CISSP-ISSMP CTO & Program Director,

Database Design (1) IS 240 – Database Management Lecture #10 – Prof. M. E. Kabay, PhD, CISSP Norwich University

E-R Model (1) IS 240 – Database Management Lecture #5 – Prof. M. E. Kabay, PhD, CISSP Norwich University

Introduction to the Course IS301 – Software Engineering Lecture #1 – M. E. Kabay, PhD, CISSP Assoc. Prof. Information Assurance Division of.

Working with MS-ACCESS IS 240 – Database Management Lecture #2 – Assoc. Prof. M. E. Kabay, PhD, CISSP Norwich University

1 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved. Software Testing IS301 – Software.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

FMS. 2 Fires Terrorism Internal Sabotage Natural Disasters System Failures Power Outages Pandemic Influenza COOP/ Disaster Recovery/ Emergency Preparedness.

1 Secure Online Presence Savio Fernandes

IT Security Assurance Management of Network and User Behavior Budi Rahardjo INDOCISC - ID-CERT -

EMS Checklist (ISO model)

Appexigo Technologies Human capital is increasingly being acknowledged as the most important investment for any company. Finding.

The Office Procedures and Technology

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.

© Prentice Hall CHAPTER 15 Managing the IS Function.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

Security and Personnel

Security Controls – What Works

Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Computer Security: Principles and Practice

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Network security policy: best practices

Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.

Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,

Lean and (Prepared for) Mean: Application Security Program Essentials Philip J. Beyer - Texas Education Agency John B. Dickson.

SEC835 Database and Web application security Information Security Architecture.

InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

Course ILT Course Code CSN 208 Network Security. Course ILT Course Description This course provides an in-depth study of network security issues, standards,

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Information Assurance Program Manager U.S. Army Europe and Seventh Army Information Assurance in Large-Scale Practice International Scientific NATO PfP/PWP.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

Web Security for Network and System Administrators1 Chapter 2 Security Processes.

Information Systems Security Operations Security Domain #9.

August Mr. Mike Finley, CISSP Senior Security Engineer Computer Science Corporation.

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Note1 (Admi1) Overview of administering security.

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

Eleventh National HIPAA Summit 5.04 Security Incident Response – What to do if a breach occurs and how to mitigate damages Chris Apgar, CISSP.

Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.

Scott Charney Cybercrime and Risk Management PwC.

Pro-active Security Measures

Csci5233 Computer Security & Integrity 1 Overview of Security & Java (based on GS: Ch. 1)

SecSDLC Chapter 2.

Project Management IS301 – Software Engineering Lecture #5 – M. E. Kabay, PhD, CISSP Dept of Computer Information Systems Norwich University.

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

SEC 420 Entire Course (UOP) For more course tutorials visit  SEC 420 Week 1 Individual Assignment Responsibilities of Personal Protection.

Security Outsourcing Melissa Karolewski. Overview Introduction Definitions Offshoring MSSP Outsourcing Advice Vendors MSSPs Benefits & Risks Security.

SEC 420 Entire Course (UOP) SEC 420 Week 1 DQ 1 (UOP)  SEC 420 Week 1 Individual Assignment Responsibilities of Personal Protection Officers Paper 

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

SEC 420 UOP professional tutor / sec420dotcom.  SEC 420 Entire Course (UOP)  SEC 420 Week 1 DQ 1 (UOP)  SEC 420 Week 1 Individual Assignment Responsibilities.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Cybersecurity - What’s Next? June 2017

Building A Security Program From The Ground Up

Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.

Capabilities Matrix Access and Authentication

Data Compromises: A Tax Practitioners “Nightmare”

Enterprise Roles and Structures:

Managing the Security Function

IS4680 Security Auditing for Compliance

Security week 1 Introductions Class website Syllabus review

Penetration Testing Market Research Report By Forecast to 2023 Industry Survey, Growth, Competitive Landscape and Forecasts to 2023 PREPARED BY Market.

Presentation transcript:

1 Copyright © 2002 M. E. Kabay. All rights reserved. Information Security on a Budget: Where to Invest First M. E. Kabay, PhD, CISSP Assoc. Prof. Information Assurance Dept. Computer Information Systems Norwich University, Northfield, VT

2 Copyright © 2002 M. E. Kabay. All rights reserved. Topics Policy, Power & Position Training and Awareness Hiring, Management and Firing System Administration Security Evaluations

3 Copyright © 2002 M. E. Kabay. All rights reserved. Policy, Power & Position Policies must be living documents Assign responsibility for security CISO as equal of CEO, CFO... Status must not equal access Compliance depends on top-level support

4 Copyright © 2002 M. E. Kabay. All rights reserved. Training and Awareness Training and awareness are not single events Social engineering can be fought only by awareness and preparation Constant learning is essential Formal courses & conferences Web-based courses Free resources on Web Textbooks, magazines Videofilms and DVDs In-house courses from experts

5 Copyright © 2002 M. E. Kabay. All rights reserved. Hiring, Management and Firing Hiring Check background carefully Have candidates interviewed by future colleagues Management Sensitive to changes in behavior Enforce vacations Firing Shut down access Retrieve corporate property

6 Copyright © 2002 M. E. Kabay. All rights reserved. System Administration Establish Effective Security Configurations Maintain Software Detect Security Breaches Respond Intelligently to Incidents

7 Copyright © 2002 M. E. Kabay. All rights reserved. Establish Effective Security Configurations Default configurations often inadequate Firewalls need to implement thought-out policy Network topology should reflect needs for data partition Adapt network security to changing needs Evaluate anti-DDoS tools

8 Copyright © 2002 M. E. Kabay. All rights reserved. Maintain Software Single most important problem: known vulnerabilities Consult or subscribe to alerts CERT/CC Bundesammt für Sicherheit in der Informationstechnik (BSI) Common Vulnerabilities and Exposures Database (CVE) ICAT Metabase

9 Copyright © 2002 M. E. Kabay. All rights reserved. BSI

10 Copyright © 2002 M. E. Kabay. All rights reserved. ICAT / CVE

11 Copyright © 2002 M. E. Kabay. All rights reserved. Detect Security Breaches Quick response is valuable and economical Intrusion detection systems (IDS) Not cheap Learn / define normal patterns Identify anomalies Allow human response Total cost of acquisition, tuning and management can be high But cost of undetected & uncontrolled penetration can be higher

12 Copyright © 2002 M. E. Kabay. All rights reserved. Respond Intelligently to Incidents IDS useless without effective response plan Computer Emergency Response Team Also known as Incident Response Team Complex and expensive planning Involvement from throughout organization Most experienced personnel essential Link CERT/IRT to DRP and BCP DRP = disaster recovery plan BCP = business continuity plan May choose to use honeypots System to delay intruder, study behavior

13 Copyright © 2002 M. E. Kabay. All rights reserved. Security Evaluations Developing security policies may be too hard Use existing guides May use external help to reduce time spent by expensive employees Checking security may be best done by outsiders Editing text is best done by someone else Checking program source code is best done by another programmer Need to find trustworthy experts Beware those who hire criminal hackers Should test only after development & training

14 Copyright © 2002 M. E. Kabay. All rights reserved. DISKUSSION