Presentation is loading. Please wait.

Presentation is loading. Please wait.

Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO 17799 / BS7799.

Published byGabriel Norman Modified over 8 years ago

Similar presentations

Presentation on theme: "Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO 17799 / BS7799."— Presentation transcript:

1 Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO 17799 / BS7799

2 Adaptive Processes Simpler, Faster, Better 2 Just Imagine… What will happen if our current office can’t be used for few days because of fire? What will happen if our competitor hacks into our network and gets all sensitive information? Our communication link to our customer goes down for prolonged period? And many more…..

3 Adaptive Processes Simpler, Faster, Better 3 So The Implications Are… Information security is essential to maintain competitive edge, cash-flow, profitability, legal compliance and commercial image It is extremely critical for us to identify, assess and take preventive / corrective measures for risks that our business faces It is legally required to protect information that customers provide us

4 Adaptive Processes Simpler, Faster, Better 4 Global Information Village

5 Adaptive Processes Simpler, Faster, Better 5 Information Criticality Digital Nervous System Strategic Thinking Business Reflexes Basic Operations Customer Interaction Information systems are nervous system of an information enterprise - Failure of nervous system indicates failure of the organization

6 Adaptive Processes Simpler, Faster, Better 6 Understanding Information Security Confidentiality –Ensuring that information is accessible only to those authorized to have access Integrity –Safeguarding the accuracy and completeness of information and processing methods Availability –Ensuring that authorized users have access to information and associated assets when required

7 Adaptive Processes Simpler, Faster, Better 7 Securing Information INFORMATION ATTACK

8 Adaptive Processes Simpler, Faster, Better 8 Introducing ISO 17799 Provides recommendations for information security management for use by those who are responsible for initiating, implementing or maintaining security in their organization Provides a common basis for developing organizational security standards and effective security management practice and to provide confidence in inter-organizational dealings

9 Adaptive Processes Simpler, Faster, Better 9 ISO 17799 What it is: An internationally recognized structured methodology dedicated to information security A defined process to evaluate, implement, maintain, and manage information security What it is: An internationally recognized structured methodology dedicated to information security A defined process to evaluate, implement, maintain, and manage information security What it is not: A technical standard Product or technology driven An equipment evaluation methodology such as the Common Criteria/ISO 15408) What it is not: A technical standard Product or technology driven An equipment evaluation methodology such as the Common Criteria/ISO 15408)

10 Adaptive Processes Simpler, Faster, Better 10 ISO 17799 What it is: A comprehensive set of controls comprised of best practices in information security Developed by industry for industry What it is: A comprehensive set of controls comprised of best practices in information security Developed by industry for industry What it is not: Related to the "Generally Accepted System Security Principles," or GASSP Related to the five-part "Guidelines for the Management of IT Security," or GMITS/ISO TR 13335 What it is not: Related to the "Generally Accepted System Security Principles," or GASSP Related to the five-part "Guidelines for the Management of IT Security," or GMITS/ISO TR 13335

Download ppt "Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO 17799 / BS7799."

Similar presentations

Copyright © XiSEC, All rights reserved, 2002 Secure Computing Best Lifetime Achievement Award 2002 Ted Humphreys Information Security Management Goes Global.

Copyright © XiSEC, All rights reserved, 2002 Secure Computing Best Lifetime Achievement Award 2002 Ted Humphreys Information Security Management Goes Global.
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Information Security Policies and Standards

Information Security Policies and Standards
ISO 17799&ITS APPLICATION Prepared by Çağatay Boztürk 14.06.2005.

ISO 17799&ITS APPLICATION Prepared by Çağatay Boztürk
Information Systems Security Officer

Information Systems Security Officer
23 January 2003© All rights Reserved, 2002 Understanding Facilitated Risk Analysis Process (FRAP) and Security Policies for Organizations Infocomm Security.

23 January 2003© All rights Reserved, 2002 Understanding Facilitated Risk Analysis Process (FRAP) and Security Policies for Organizations Infocomm Security.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.
The 10 Deadly Sins of Information Security Management

The 10 Deadly Sins of Information Security Management
Risk Management Vs Risk avoidance William Gillette.

Risk Management Vs Risk avoidance William Gillette.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Chapter 4 Internal Controls McGraw-Hill/Irwin

Chapter 4 Internal Controls McGraw-Hill/Irwin
ADDRESSING CORPORATE CONCERNS ON INFORMATION SECURITY MANAGEMENT INFORMATION SECURITY MANAGEMENT WITH ISO 17799/BS 7799. Ajai K. Srivastava G.M. Marketing.

ADDRESSING CORPORATE CONCERNS ON INFORMATION SECURITY MANAGEMENT INFORMATION SECURITY MANAGEMENT WITH ISO 17799/BS Ajai K. Srivastava G.M. Marketing.
Consultancy.

Consultancy.
Gurpreet Dhillon Virginia Commonwealth University

Gurpreet Dhillon Virginia Commonwealth University

Similar presentations

Ads by Google