Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security Incident Management Process

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Security Incident Management Process"— Presentation transcript:

1 Information Security Incident Management Process
A. Kostina, N. Miloslavskaya, and A. Tolstoy, Proceedings of the 2nd International Conference on Security of Information and Networks, , 2009 Presented by Anh Nguyen February 15, 2010

2 Organization Introduction
International Documents Regulating IS Incidents and Management IS Event and IS Incident Approach to ISIMP Development VEI Detection and Notification Joint Process Conclusions 2

3 Organization Introduction
International Documents Regulating IS Incidents and Management IS Event and IS Incident Approach to ISIMP Development VEI Detection and Notification Joint Process Conclusions

4 Introduction Why ISIMP?
Detect, report and assess IS incidents Respond to IS incidents Learn from IS incidents

5 Introduction Why ISIMP?
One of the basic parts of ISMS Data obtained from ISIMP can be used in other ISMS’ processes Helps assess the overall level of organization’s IS

6 Organization Introduction
International Documents Regulating IS Incidents and Management IS Event and IS Incident Approach to ISIMP Development VEI Detection and Notification Joint Process Conclusions 6

7 International Documents Regulating IS Incidents and Management
The Standard ISO/IEC “Information technology – Security techniques – Information security management systems – Requirements” NIST SP <<Computer security incident handling guide>> CMU/SEI-2004-TR-015 <<Defining incident management processes for CSIRT>>

8 Organization Introduction
International Documents Regulating IS Incidents and Management IS Event and IS Incident Approach to ISIMP Development VEI Detection and Notification Joint Process Conclusions 8

9 IS Event and IS Incident IS Event
An identified occurrence of a system, service or network state indicating a possible breach of IS policy or failure of safeguards

10 IS Event and IS Incident IS Event (Cont.)

11 IS Event and IS Incident IS Incident
Is indicated by a single or a series of unwanted or unexpected IS events that have a significant probability of compromising business operations and threatening IS

12 IS Event and IS Incident IS Incident (Cont.)

13 Organization Introduction
International Documents Regulating IS Incidents and Management IS Event and IS Incident Approach to ISIMP Development VEI Detection and Notification Joint Process Conclusions 13

14 Approach to ISIMP Development IS Incident Management Policy
The importance of IS incident management IS events detection, alerts and notification about IS incidents procedures Summary of activities following the confirmation that an IS event is an IS incident Structure of IS incidents management List of legal acts being used

15 Approach to ISIMP Development IS Incidents Management Process
Vulnerabilities, IS events and incidents (VEI) detection VEI notification VEI messages processing Reaction to IS incidents IS incidents analysis IS incidents investigation ISIMP efficiency analysis

16 Approach to ISIMP Development IS Incidents Management Process (Cont.)

17 Organization Introduction
International Documents Regulating IS Incidents and Management IS Event and IS Incident Approach to ISIMP Development VEI Detection and Notification Joint Process Conclusions 17

18 VEI Detection and Notification Joint Process

19 VEI Detection and Notification Joint Process (Cont.)

20 VEI Detection and Notification Joint Process (Cont.)

21 VEI Detection and Notification Joint Process (Cont)

22 VEI Detection and Notification Joint Process (Cont)

23 VEI Detection and Notification Joint Process (Cont)

24 VEI Detection and Notification Joint Process (Cont)

25 VEI Detection and Notification Joint Process (Cont)

26 VEI Detection and Notification Joint Process (Cont)

27 Organization Introduction
International Documents Regulating IS Incidents and Management IS Event and IS Incident Approach to ISIMP Development VEI Detection and Notification Joint Process Conclusions 27

28 Conclusions Thank you for your time Questions and feedback are welcome

Download ppt "Information Security Incident Management Process"

Similar presentations

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
Red Flag Rules: What they are? & What you need to do

Red Flag Rules: What they are? & What you need to do
SEARO –CSR Early Warning and Surveillance System Module Event-based Surveillance.

SEARO –CSR Early Warning and Surveillance System Module Event-based Surveillance.
Control and Accounting Information Systems

Control and Accounting Information Systems
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.

National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.
Security Controls – What Works

Security Controls – What Works
University of Minho School of Engineering Algoritmi Center Uma Escola a Reinventar o Futuro – Semana da Escola de Engenharia - 24 a 27 de Outubro de 2011.

University of Minho School of Engineering Algoritmi Center Uma Escola a Reinventar o Futuro – Semana da Escola de Engenharia - 24 a 27 de Outubro de 2011.
23 January 2003© All rights Reserved, 2002 Understanding Facilitated Risk Analysis Process (FRAP) and Security Policies for Organizations Infocomm Security.

23 January 2003© All rights Reserved, 2002 Understanding Facilitated Risk Analysis Process (FRAP) and Security Policies for Organizations Infocomm Security.
Planning for Contingencies

Planning for Contingencies
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Computer Security Fundamentals

Computer Security Fundamentals
Maintaining & Reviewing a Web Application’s Security By: Karen Baldacchino Date: 15 September 2012.

Maintaining & Reviewing a Web Application’s Security By: Karen Baldacchino Date: 15 September 2012.
INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.

INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.
Overview of Systems Audit

Overview of Systems Audit
Evolving IT Framework Standards (Compliance and IT)

Evolving IT Framework Standards (Compliance and IT)
Overview Of Information Security Management By BM RAO Senior Technical Director National Informatics Centre Ministry of Communications and Information.

Overview Of Information Security Management By BM RAO Senior Technical Director National Informatics Centre Ministry of Communications and Information.
HIPAA COMPLIANCE WITH DELL

HIPAA COMPLIANCE WITH DELL
ISMS for Mobile Devices Page 1 ISO/IEC 27001 Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.

ISMS for Mobile Devices Page 1 ISO/IEC Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.
Operations Security (OPSEC) 301-371-1050. Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.

Operations Security (OPSEC) Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.

Similar presentations

Ads by Google