Presentation is loading. Please wait.

Presentation is loading. Please wait.

OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016.

Published byKristopher Sparks Modified over 8 years ago

Similar presentations

Presentation on theme: "OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016."— Presentation transcript:

1 OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016

2 Office of VA Enterprise Architecture Working Draft – For Internal VA Use Only Purpose and Use of the Report Purpose – Present a pictorial overview of cybersecurity information captured in the VA EA Use – Provides a graphical illustration of the relationships between the integrated cybersecurity information that is discoverable in the VA EA – The report is one of the many VA EA artifacts used to: Enable the identification of cybersecurity capability gaps and duplication for Planning, Programming, Budgeting and Execution (PPBE) Support the CIO’s initiatives in discovering, managing and implementing cybersecurity policies affecting the security of VA IT infrastructure and all related physical and human assets. 1

3 Office of VA Enterprise Architecture Working Draft – For Internal VA Use Only What Cybersecurity information is captured in the VA EA? 1.VA BRM Functions and Business Functions 2.FEA BRM Code 3.CIO’s Enterprise Cybersecurity Strategy Goals 4.CIO’s Enterprise Cybersecurity Strategy Objectives 5.Processes: IT Service Continuity Management Milestone (ITCSM) – ITCSM Create Service Continuity Capability – ITCSM Monitor and Assess Service Continuity – ITCSM Enhance IT Service Continuity Capability – ITCSM Manage Emergency Events 6.The National Institute of Standards and Technology (NIST) Cybersecurity Standards 2 7.Laws, Regulations, Policies and Directives (LRPDs) 8.Findings: 2014 VA Performance and Accountability Report (PAR) 9.Findings: OIG FISMA 2014 Audit 10.Performance Measurement ID and Name 11.Design Patterns – Enterprise Secure Messaging Design Pattern – Internal User Identity Authentication Design Pattern – IT Service Management Increment 1: FISMA/FICAM Material Weakness #1 & #6 Resolution Design Pattern 12.VASI System ID and Name

4 Office of VA Enterprise Architecture Working Draft – For Internal VA Use Only Enable visibility and discoverability of VA cybersecurity related content for effective decision making.

5 Office of VA Enterprise Architecture Working Draft – For Internal VA Use Only Line of Sight Report Legend VA Cybersecurity Business Function Metadata Title Hyperlinks to Cybersecurity Findings and Material Weaknesses Hyperlinks to comprehensive NIST Standards and LPRD’s VA Cybersecurity BRM Function VA Cybersecurity BRM Business Functions VASI System Name VA Cybersecurity BRM Business Function Description VASI System ID VA CIO’s Enterprise Cybersecurity Strategy Goals and Objectives VA Cybersecurity Business Function Metadata Description FEA Business Reference Model v 3.1 Service Code VA Cybersecurity BRM Business Function

6 5 Manage Data Integrity and Privacy 3.5.1.1 TitleNo. Description Manage Data Integrity and Privacy involves the coordination of data collection, storage, dissemination, and destruction as well as managing the policies, guidelines, and standards regarding data management, so that data quality is maintained and information is shared or available in accordance with the law and best practices Enterprise Cybersecurity Goals Goal 1. Protecting Veteran Information and Data Enterprise Cybersecurity Objectives Objective A: Provide secure access and assure privacy protections Objective B: Incorporate security and privacy protections in VA’s environment FEA Service Code 317 NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6502: VA Enterprise Privacy Program 6502.3: Web Page Privacy Policy 6504: VA Directive 6504 Rescinded by VA Handbook 6500 6507: Reducing the Use of Social Security Numbers 6508: Implementation of Privacy Threshold Analysis and Privacy Impact Assessment 6509: Duties of Privacy Officers 6511: Presentations Displaying Personally-Identifiable Information 6517: Cloud Computing Services, 6515: Use of Web-Based Collaboration Technologies 6518: Enterprise Information Management (EIM), 6600: Responsibility Of Employees And Others supporting VA In Protecting Personally Identifiable Information (PII) Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 180Percent of users required to use a Personal Identity Verification (PIV) card to authenticate Design Patterns Enterprise Secure Messaging Design Pattern: http://www.techstrategies.oit.va.gov/docs_design_patterns_aaa.asp http://www.techstrategies.oit.va.gov/docs_design_patterns_aaa.asp VASI System 1124Common Security System 1463VistA - Patient Data Exchange 1524Portal for Electronic Third-party Insurance Recovery 1767VHA Support Service Center National SSN Security Database 2015Common Security Applications Manager 2017Common Security User Manager Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Manage Data Integrity and Privacy

7 6 Manage Identification, Authentication and Access 3.5.1.2 TitleNo. Description Manage Identification, Authentication and Access defines the set of capabilities to support obtaining information about those parties attempting to log on to a system or application for security purposes and the validation of those users Enterprise Cybersecurity Goals Goal 1: Protecting Veteran Information and Data Enterprise Cybersecurity Objectives Objective A: Provide secure access and assure privacy protections FEA Service Code 648 NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 6512: Secure Wireless Technology Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 136Percent of encrypted devices (Laptops) Design Patterns Enterprise Secure Messaging Design Pattern http://www.techstrategies.oit.va.gov/docs_design_patterns_aaa.asp VASI System 1124Common Security System 1257Fat-client Kernel Authentication & Authorization Tool 1510VistA - Person Services Identity Management 2017Common Security User Manager 2030Electronic Computer Access Request Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Manage Identification, Authentication and Access

8 7 Manage Data Protection and Cryptography 3.5.1.3 TitleNo. Description Manage Data Protection and Cryptography defines the set of capabilities to support the use and management of ciphers, including encryption and decryption processes, to ensure confidentiality and integrity of data Enterprise Cybersecurity Goals Goal 1: Protecting Veteran Information and Data Enterprise Cybersecurity Objectives Objective A: Provide secure access and assure privacy protections FEA Service Code 650 NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 6512: Secure Wireless Technology Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 136Percent of encrypted devices (Laptops) Design Patterns Enterprise Secure Messaging Design Pattern http://www.techstrategies.oit.va.gov/docs_design_patterns_aaa.asp VASI System 1002Access Manager 1124Common Security System 1257Fat-client Kernel Authentication & Authorization Tool 1767VHA Support Service Center National SSN Security Database 2015Common Security Applications Manager 2016Common Security Employee Manager 2017Common Security User Manager 2030Electronic Computer Access Request Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Manage Data Protection and Cryptography

9 8 Respond to IT Security Incidents 3.5.1.4 TitleNo. Description Respond to IT Security Incidents defines the set of capabilities to provide active response and remediation to a security incident that has allowed unauthorized access to a government information system Enterprise Cybersecurity Goals Goal 2: Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective B: Respond rapidly to cyber threats and intrusions through timely network monitoring and detection Objective C: Recover rapidly from cyber incidents through effective response, resilience and restorations plans FEA Service Code 654 NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 69Number of Security Incidents 70Percent reduction in events requiring credit protective services/notifications VASI System 2046BMC Remedy Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Respond to IT Security Incidents

10 9 Monitor IT Security Controls 3.5.1.5 TitleNo. Description Monitor IT Security Controls includes all activities related to the real-time monitoring of security controls employed within or inherited by a system. (see Appendix G of NIST Special Publication 800-37) Enterprise Cybersecurity Goals Goal 1: Protecting Veteran Information and Data Goal 2:Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective A: Provide secure access and assure privacy protections Objective D: Manage risk via continuous monitoring, detection and diagnostics, intelligence sharing, accelerated adoption of lessons learned and mitigations FEA Service Code 316 NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6504:VA Directive 6504: Rescinded by VA Handbook 6500 6513: Secure External Connections 6500: Managing Information Security Risk: VA Information Security Program Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 181Percent of external network traffic passing through a Trusted Internet Connection (TIC) VASI System 2050Tenable Nessus Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Monitor IT Security Controls

11 10 Capture and Analysis of Audit Trails 3.5.1.6 TitleNo. Description Capture and Analysis of Audit Trails defines the set of capabilities to support the identification and monitoring of activities within an application, system, or network Enterprise Cybersecurity Goals Goal 2: Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective A: Enhance timely detection of cyber threats and intrusions and situations awareness FEA Service Code 316 NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 69Number of Security Incidents Design Patterns Internal User Identity Authentication Design Pattern Enterprise Secure Messaging Design Pattern External User Authentication Design Pattern http://www.techstrategies.oit.va.gov/docs_design_patterns_aaa.asp VASI System 1002Access Manager 2030Electronic Computer Access Request 2049SPLUNK Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Capture and Analysis of Audit Trails

12 11 Description Certify and Accredit IT Systems, Applications and Devices defines the set of capabilities to support the certification and accreditation (C&A) of federal information systems, applications and devices, as described in NIST SP800-37 Enterprise Cybersecurity Goals Goal 3: Protecting VA Infrastructure and Assets Enterprise Cybersecurity Objectives Objective A: Prioritize identification and protection of high value assets and sensitive information Objective B: Incorporate security and privacy protections in VA's environment FEA Service Code 656 NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 72Percent of IT systems formally approved for secure operations 136Percent of users required to use a Personal Identity Verification (PIV) card to authenticate 182Percent of required TIC capabilities implemented by TIC(s) used by the organization VASI System 2032Risk Vision - Governance, Risk and Compliance System 2050Tenable Nessus Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function 3.5.1.7 TitleNo. Certify and Accredit IT Systems, Applications and Devices

13 Perform IT Service Continuity Management Perform IT Service Continuity Management 3.5.1.8 TitleNo. Description Perform IT Service Continuity Management defines the set of capabilities to ensure that agreed-upon IT services continue to support business requirements in the event of a disruption to the business. Enterprise Cybersecurity Goals Goal 2: Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective D: Manage risk via continuous monitoring, detection and diagnostics, intelligence sharing, accelerated adoption of lessons learned and mitigations Objective C: Strengthen business process and supporting technology including partner and third party interactions Processes IT Service Continuity Management Milestone (ITCSM) Level Process ITCSM Create Service Continuity Capability ITCSM Monitor and Assess Service Continuity ITCSM Enhance IT Service Continuity Capability ITCSM Manage Emergency Events NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 145 Percent of facilities with completed/updated site security plan within the last 12 months 195 Percent of facilities with completed/updated risk assessment within the last 12 month 201 Percent of facilities with completed Incident Response Plan (IRP) Design Pattern IT Service Management Increment 1: FISMA/FICAM Material Weakness #1 & #6 Resolution http://www.techstrategies.oit.va.gov/docs/designpatterns/Enterprise%20ITSM%20Design%2 0Pattern%20Final%20V1_508_08202014.pdf VASI System 1524 Portal for Electronic Third-party Insurance Recovery (PETIR) Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture an Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities 12 VA BRM Function Perform IT Service Continuity Management

14 Manage Threats and Vulnerabilities 3.5.1.9 TitleNo. Description Manage Threats and Vulnerabilities involves all functions pertaining to the protection of federal information and information systems from unauthorized access, use, disclosure, disruptions, modification, or destruction, as well as the creation and implementation of security policies, procedures and controls. It includes all risk and controls tracking for IT systems Enterprise Cybersecurity Goals Goal 2: Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective A: Enhance timely detection of cyber threats and intrusions and situations awareness FEA Service Code 315 NIST Standards http://csrc.nist.gov/publications/PubsSPs.html http://csrc.nist.gov/publications/PubsFIPS.html#FIPS http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) http://www.va.gov/budget/docs/report/2014-VAparPartIII.pdf Findings: OIG FISMA 2014 Audit http://www.va.gov/oig/pubs/VAOIG-14-01820-355.pdf Performance Measurement ID and Name 225 Number of critical and high vulnerabilities identified and mitigated within 30 days 226 Number of unauthorized software found and removed within the last 30 days VASI System 1009 AITC Physical Security 2050 Tenable Nessus 2066 National Vulnerability Database Repository Tool Provide Cyber Information Security Services 3.5.1 Manage Data Integrity and Privacy 3.5.1.1 3.5.1.3 3.5.1.4 3.5.1.5 VA BRM Business Function 3.5.1.2 3.5.1.6 3.5.1.7 3.5.1.8 3.5.1.9 Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities 13 Manage Threats and Vulnerabilities VA BRM Function

Download ppt "OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016."

Similar presentations

NISTs Role in Securing Health Information AMA-IEEE Medical Technology Conference on Individualized Healthcare Kevin Stine, Information Security Specialist.

NISTs Role in Securing Health Information AMA-IEEE Medical Technology Conference on Individualized Healthcare Kevin Stine, Information Security Specialist.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
BENEFITS OF SUCCESSFUL IT MODERNIZATION

BENEFITS OF SUCCESSFUL IT MODERNIZATION
Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)

Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, 2007. This work is the intellectual property rights of the author.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.

Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
NIST framework vs TENACE Protect Function (Sestriere, 21-23 Gennaio 2015)

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.

Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
A First Course in Information Security

A First Course in Information Security
No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+

No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Information Security Update CTC 18 March 2015 Julianne Tolson.

Information Security Update CTC 18 March 2015 Julianne Tolson.

Similar presentations

Ads by Google