Appendix C: Designing an Operations Framework to Manage Security.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Copyright © XiSEC, All rights reserved, 2002 Secure Computing Best Lifetime Achievement Award 2002 Ted Humphreys Information Security Management Goes Global.
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
Appendix B: Designing Policies for Managing Networks.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
E-commerce security by Asif Dalwai Introduction E-commerce applications Threats in e-commerce applications Measures to handle threats Incorporate.
Computer Security: Principles and Practice
1 Secure Your Business PATCH MANAGEMENT STRATEGY.
Factors to be taken into account when designing ICT Security Policies
Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.
Session 3 – Information Security Policies
Network security policy: best practices
IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting.
© 2010 Plexent – All rights reserved. 1 Change –The addition, modification or removal of approved, supported or baselined CIs Request for Change –Record.
SEC835 Database and Web application security Information Security Architecture.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Information Systems Security Computer System Life Cycle Security.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 1 – Overview.
Computer Security: Principles and Practice
Security Architecture
Project Management Methodology Project Closing. Project closing stage Must be performed for all projects, successfully completed or shut off by management.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Information Systems Security Operational Control for Information Security.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Note1 (Admi1) Overview of administering security.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
IMFO Annual Conference – 2015 S21: Good Governance & Oversight B2B.
Phases of BCP The BCP process can be divided into the following life cycle phases: Creation of a business continuity and disaster recovery policy. Business.
Chapter 2 Securing Network Server and User Workstations.
Module 9: Designing Security for Data. Overview Creating a Security Plan for Data Creating a Design for Security of Data.
Module 1 Introduction to Designing a Microsoft® Exchange Server 2010 Deployment.
SecSDLC Chapter 2.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
February 2, 2016 | Chicago NFA Cybersecurity Workshop.
PROGRESS ON THE IMPLEMENTATION OF AUDIT RECOMMENDATIONS FOR 2014/15: INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) 1 Briefing presentation to the Portfolio.
Module 7: Designing Security for Accounts and Services.
Project Management Methodology Project Closing. Project closing stage Must be performed for all projects, successfully completed or shut off by management.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Best Cyber Security Practices for Counties An introduction to cybersecurity framework.
Managed IT Services JND Consulting Group LLC
Module 2: IT Professionals in an Enterprise. IT Professional Roles IT Management and Processes Professional Development for IT Professionals.
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.
Information Security Management Goes Global
Information Systems Security
Managed IT Solutions More Reliable Networks Are Our Business
CompTIA Security+ Study Guide (SY0-401)
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
CYB 110 Competitive Success/snaptutorial.com
CYB 110 Education Begins / Snaptutorial.com. CYB 110 All Assignments For more classes visit CYB 110 Week 1 Individual Protecting.
CYB 110 Education Begins / tutorialrank.com. CYB 110 All Assignments For more course tutorials visit CYB 110 Week 1 Individual Protecting.
CYB 110 Teaching Effectively-- snaptutorial.com
CYB 110 Education for Service-- tutorialrank.com
I have many checklists: how do I get started with cyber security?
INFORMATION SYSTEMS SECURITY and CONTROL
12 STEPS TO A GDPR AWARE NETWORK
Information Security Awareness
Cybersecurity Threat Assessment
IT OPERATIONS Session 7.
Presentation transcript:

Appendix C: Designing an Operations Framework to Manage Security

Overview Analyzing Risks to Ongoing Network Operations Designing a Framework for Ongoing Network Operations

Lesson 1: Analyzing Risks to Ongoing Network Operations Management of Ongoing Network Operations Why Security of Network Operations Is Important Common Vulnerabilities to Network Operations

MOF provides a framework to manage operational security, including: Management of Ongoing Network Operations Changes to security design. Daily operation of network security. IT Support for security issues. Optimizing and revising the security design. Changes to security design. Daily operation of network security. IT Support for security issues. Optimizing and revising the security design.

Why Security of Network Operations Is Important External Internal AttackerThreatExample External No change and configuration management A software company releases a new security hotfix for a recently discovered vulnerability. An attacker exploits the vulnerability before the administrators apply the hotfix to all computers. Internal Security procedures not followed An administrator notices a potential security compromise but is unsure how to report it. The administrator decides to remove the corporate network from the internet.

Common Vulnerabilities to Network Operations VulnerabilityExample Inadequate plan for change management New security patches are applied irregularly or not at all Administrators and users lack proper training on securing new application. Poor operations plan Users do not follow security policies and procedures Administrators do not regularly test backup media Weak support structure Security incident goes unreported IT support services are not reliable Failure to revise policy New security risks are not added to risk management plan Policies and procedures become outdated

Lesson 2: Designing a Framework for Ongoing Network Operations Process for Planning a Security Operations Framework Guidelines for Change Management Guidelines for Daily Security Operations Guidelines for Supporting Security Policies and Procedures Guidelines for Using Service Level Agreements Guidelines for Optimizing Security Policies and Procedures Security Policy Checklist

When planning a security operations framework, you must: Design a change management process for security. Design a plan for daily security operations. Design a plan for security support. Create service level agreements for IT operations and support. Design a change management process for security. Design a plan for daily security operations. Design a plan for security support. Create service level agreements for IT operations and support Process for Planning a Security Operations Framework

Guidelines for Change Management PhaseExample Identify When new security hotfixes are released… Review …the hotfixes will be tested on all applicable platforms… Approve …and approved by the CIO within 24 hours… Implement …and will be deployed according to the approved procedure for deploying security hotfixes A change management process reduces: Time to deployment Cost of updating hardware and software Disruption of business continuity Time to deployment Cost of updating hardware and software Disruption of business continuity

Guidelines for Daily Security Operations Include standards for: Preparing for security incidents Testing for security vulnerabilities Monitoring network security Preparing for security incidents Testing for security vulnerabilities Monitoring network security For each daily security task, define: Who completes the task When to complete the task How to complete the task Who completes the task When to complete the task How to complete the task

Guidelines for Supporting Security Policies and Procedures PhaseResponsibilities Support request management Receives support requests from users Escalates support issues Incident management Resolves routine support Escalates complex support requests and security incidents Problem management Identifies and resolves underlying causes of problems Incorporates results in organizational learning Support request management Incident management Problem management

Guidelines for Using Service Level Agreements Include in your service level agreements: Service hours and availability Priorities and support levels Reliability and accountability Responsiveness and restrictions Contingency Costs and charges Service hours and availability Priorities and support levels Reliability and accountability Responsiveness and restrictions Contingency Costs and charges

Guidelines for Optimizing Security Policies and Procedures Include measures in the security operations design for: Preventing interruptions to network services over time Recovering from security incidents as networks change Improving security policies and procedures over time Preventing interruptions to network services over time Recovering from security incidents as networks change Improving security policies and procedures over time Activities include: Identifying new threats and vulnerabilities Updating risk management plans Improving daily procedures and processes Incorporating learning from each incident response Testing disaster recovery plans on a regular basis Training new IT staff in security policies and procedures Identifying new threats and vulnerabilities Updating risk management plans Improving daily procedures and processes Incorporating learning from each incident response Testing disaster recovery plans on a regular basis Training new IT staff in security policies and procedures

Security Policy Checklist Create policies and procedures for: Designing a change management plan. Performing daily security operations. Supporting security issues. Optimizing and revising security policies and procedures. Designing a change management plan. Performing daily security operations. Supporting security issues. Optimizing and revising security policies and procedures.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.