Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managing Security Risks in the Federal Reserve System Marianne Emerson, Deputy Director Information Technology Division Board of Governors of the Federal.

Published byErnest Stuart Ellis Modified over 8 years ago

Similar presentations

Presentation on theme: "Managing Security Risks in the Federal Reserve System Marianne Emerson, Deputy Director Information Technology Division Board of Governors of the Federal."— Presentation transcript:

1 Managing Security Risks in the Federal Reserve System Marianne Emerson, Deputy Director Information Technology Division Board of Governors of the Federal Reserve System Washington, D.C. 20551

2 Automation Oversight in the Federal Reserve System

3 Information Security Officers support development and implementation of FR System security policies and practices serve as the primary point of contact in each FR Bank for purposes of quickly sharing information on threats to the Federal Reserve's automation environment Each ISO member is the information security officer in his operational unit

4 ISO Policies and Procedures Information Security Manual Distributed Processing Security Support Manual Mainframe and FedNet Security Support Manual Standard Operating Procedures

5 Current Security Activities PKI framework to support Web-based access to major FR business applications architecture for the next-generation firewall for Internet and extranet applications nationwide and global remote access system additional support for laptops and personal digital assistants (PDAs)

6 Support to ISO Advisories –FS/ISAC (Financial Services Information Sharing and Assessment Center) public/private partnership with anonymous contributions –NIPC (National Infrastructure Protection Center) biweekly Cybernotes

7 Support to ISO Advisories –SANS Institute (System Administration, Networking, and Security) cooperative research and educational organization for sharing experience and finding solutions to security issues

8 Support to ISO VCC (Virtual Competency Center) –expert staff from FR Banks who conduct preemptive penetration tests of FR networks penetration testing from outside vendors

9 Handling of Actual Threats protection of FR System is more immediately important than prosecution of hacker check and update virus signatures daily from Symantec escalation procedures in place throughout FR System to handle threats Information Security Officers in FR System hold conference calls to handle threats as necessary

10 Current Challenges Public web site protection comment letters scam email configuration management

Download ppt "Managing Security Risks in the Federal Reserve System Marianne Emerson, Deputy Director Information Technology Division Board of Governors of the Federal."

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Civilian Intelligence Organizations

Civilian Intelligence Organizations
EuroCRIS Best Practices & Solutions Members Helping Members Move Forward.

EuroCRIS Best Practices & Solutions Members Helping Members Move Forward.
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
K-State Information Systems Office Application Development Services Accomplishments for Calendar Year 2008 Last update: March 10, 2009.

K-State Information Systems Office Application Development Services Accomplishments for Calendar Year 2008 Last update: March 10, 2009.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.

Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Compliance and its Cast of Characters ~ Introductory Compliance Concepts for those with Auxiliary Roles Kimberli E. Bowman NCAA Membership Services.

Compliance and its Cast of Characters ~ Introductory Compliance Concepts for those with Auxiliary Roles Kimberli E. Bowman NCAA Membership Services.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
State Agency and Association Partnership The example from Oklahoma.

State Agency and Association Partnership The example from Oklahoma.
Departmental Risk Assessment Coordinators (DRAC) Program CUVA Conference May 23, 2012 Mason Inn George Mason University Robert Nakles and Josh Schiefer.

Departmental Risk Assessment Coordinators (DRAC) Program CUVA Conference May 23, 2012 Mason Inn George Mason University Robert Nakles and Josh Schiefer.
What is Chapter Affairs? Global View and Support –Leadership Forum –Chapter Executive Workshop –Chapter Awards Program Liaison between Chapters and ACC.

What is Chapter Affairs? Global View and Support –Leadership Forum –Chapter Executive Workshop –Chapter Awards Program Liaison between Chapters and ACC.

Similar presentations

Ads by Google