ETSI ISG ISI Information Security Indicators
|
|
- Ezra Edwards
- 6 years ago
- Views:
Transcription
1 ETSI ISG ISI Information Security Indicators Updates on ISI standardization results Paolo De Lutiis (Telecom Italia Information Technology) 9th ETSI Security Workshop ETSI All rights reserved
2 Cyber Defense and SIEM standardization ISI focus is Security Assurance, Cyber Defense, SIEM (Security Information Event Detection) Make security measurable, by defining a set of security indicators, to be used not only by security experts, but also by the senior management Overcome real world difficulties on this matter focusing on standard implementation: easy to use standards ISG ISI started in late 2011, by using the Fench club R2GS results as the starting point 2 ETSI All rights reserved
3 Cyber Defense and SIEM standardization ISI defined a complete framework, strongly focused on the DETECTION part of cybersecurity. Find out the half way between security governance and Security Operations: Gain support from IT and security managers and decision makers Experience is the key ISG ISI established many relationships and collaborations, e.g.: ISO SC27 WG4 Security control & Services (Operational Security) ITU-T SG17 Q4 Cyber Security ETSI TC E2NA-NTECH (Security) 3 ETSI All rights reserved
4 ISI: the focus is on detection measures Event reaction measures Fake events (Simulation) Security prevention measures Real events Residual risk (event modelcentric vision) Event detection measures Detected events 4 ETSI All rights reserved
5 A new framework to Address the full scope of main missing security event detection issues ISI Indicators (ISI and Guide ISI-001-2) A powerful way to assess the performance of the security operations and to benchmark security posture of Organizations About 100 indicators oriented to the comprehension of the events How to select your indicators? Use your ISMS (ISO 27000) ISI Event Model (ISI-002) A complete security event classification model covering incidents, vulnerability and non-conformities Full taxonomy to describe completely IT security events Bases for security analysis methodologies (e.g. LS with ETSI NTECH) ISI Maturity (ISI-003) Assessing the maturity level regarding of all event detection mechanisms 8 indicators based on the SANS CAG: Consensus Audit Guideline Select your KPSI on the bases of the selected ISI-001 indicators. 5 ETSI All rights reserved
6 A new framework to Address the full scope of main missing security event detection issues ISI Event Detection (ISI-004) Describes how to produce indicators and how to detect the related events Examples of detection methods: use cases/symptoms to investigate ISI Event Testing (ISI-005) How to produce fake security events Testing of the effectiveness of existing detection means Improvement of detection rates 6 ETSI All rights reserved
7 ISI firsts results and work plan for 2014 ISI Indicators (ISI and ISI-001-2), ISI Event Model (ISI- 002) and ISI Event Detection (ISI-004) have been already published as Group Standards. ISI maturity (ISI-003) has been finalized and it will be published during 1Q2014 ISI Event Testing (ISI-005) has been already started in 2013 and it will developed during 2014 During 2014 maintenance WIs will opened to collect and integrate into the framework the comments received so far 7 ETSI All rights reserved
8 Conclusion ISI deliverables are based on real-field experience: the French club R2GS ISI follows ETSI standardization process: stable and robust deliverables to fulfil the EU needs: Europe is the first target for ISI specs The ISI framework is now stable and almost fully available Many interests and proposals for collaboration collected around Security Indicators topic within the standardization world: ISO, ITU-T, ETSI, etc. The work will continue in 2014 to complete the framework and start its maintenance 8 ETSI All rights reserved
9 Contact Details: Paolo De Lutiis Telecom Italia Information Technology Rapporteur of WI ISI-003 Maturity Thank you! 9 ETSI All rights reserved
ISG ISI (Information Security Indicators)
ETSI ISG ISI Standardization (ISO SC27/ETSI Security joint meeting) 26 April 2013 Gerard Gaudin (G²C) Chairman of ISG ISI ISG ISI positioning against Risk Management and ISMS fields Risk Management (ISO
More informationETSI ISI-00x : A full set of new standards in Cyber Defence Gerard Gaudin (Chair of ETSI ISG ISI)
ETSI ISI-00x : A full set of new standards in Cyber Defence Gerard Gaudin (Chair of ETSI ISG ISI) ETSI 2017. All rights reserved Reference frameworks missing and hindering IT security controls measurement
More informationstandards and so the text is not to be used for commercial purposes, gain or as a source of profit. Any changes to the slides or incorporation in
ISO/IEC JTC 1/SC 27/WG 4 IT Security Controls and Services M. De Soete, ISO/IEC JTC 1 SC27 Vice Chair copyright ISO/IEC JTC 1/SC 27, 2014. This is an SC27 public document and is distributed as is for the
More informationETSI GS ISI 003 V1.2.1 ( )
GS ISI 003 V1..1 (018-01) GROUP SPECIFICATION Information Security Indicators (ISI); Key Performance Security Indicators (KPSI) to evaluate the maturity of security event detection Disclaimer The present
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationSecurity Standardization
ISO-ITU ITU Cooperation on Security Standardization Dr. Walter Fumy Chairman ISO/IEC JTC 1/SC 27 Chief Scientist, Bundesdruckerei GmbH, Germany 7th ETSI Security Workshop - Sophia Antipolis, January 2012
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More information_isms_27001_fnd_en_sample_set01_v2, Group A
1) What is correct with respect to the PDCA cycle? a) PDCA describes the characteristics of information to be maintained in the context of information security. (0%) b) The structure of the ISO/IEC 27001
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationBuilding UAE s cyber security resilience through effective use of technology, processes and the local people.
WHITEPAPER Security Requirement WE HAVE THE IN-HOUSE DEPTH AND BREATH OF INFORMATION AND CYBER SECURIT About Us CyberGate Defense (CGD) is a solution provider for the full spectrum of Cyber Security Defenses
More informationInformation Technology Branch Organization of Cyber Security Technical Standard
Information Technology Branch Organization of Cyber Security Technical Standard Information Management, Administrative Directive A1461 Cyber Security Technical Standard # 1 November 20, 2014 Approved:
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationHow to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model
How to Optimize Cyber Defenses through Risk-Based Governance Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model The Goal: Risk-Based Operationalization Incident Management IT/IS
More informationITU - World Telecommunication/ICT Indicators Symposium 2017 Hammamet, Tunisia, 14 to 16 November Measuring Cybersecurity Effectiveness
ITU - World Telecommunication/ICT Indicators Symposium 2017 Hammamet, Tunisia, 14 to 16 November 2017 Measuring Cybersecurity Effectiveness Dr. Syrine Tlili CEO, National Agency for Digital Certification
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationInternet of Things Security standards
Internet of Things Security standards Vangelis Gazis (vangelis.gazis@huawei.com) Chief Architect Security Internet of Things (IoT) Security Solution Planning & Architecture Design (SPD) Security standards
More informationISO/IEC JTC 1/SC 27 N7769
ISO/IEC JTC 1/SC 27 N7769 REPLACES: N ISO/IEC JTC 1/SC 27 Information technology - Security techniques Secretariat: DIN, Germany DOC TYPE: officer's contribution TITLE: SC 27 Presentation to ITU-T Workshop
More informationISO/IEC JTC 1 Study Group on Smart Cities
ANSI WORKSHOP ISO/IEC JTC 1 Study Group on Smart Cities Presented by Alex Tarpinian Senior Manager, IBM ANSI WORKSHOP: Smart and Sustainable Cities November 21, 2013 1 Overview ISO/IEC JTC 1 Study Group
More informationIntroducing Cyber Observer
"Organizations are failing at early breach detection, with more than 92% of breaches undetected by the breached organization. The situation can be improved with stronger threat intelligence, the addition
More informationUnited States Energy Association Energy Technology and Governance Program REQUEST FOR PROPOSALS
United States Energy Association Energy Technology and Governance Program REQUEST FOR PROPOSALS UTILITY CYBER SECURITY INITIATIVE (UCSI) CYBERSECURITY CAPABILITY MATURITY MODEL (C2M2) ASSESSMENT FOR THE
More informationCertified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
More informationChallenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9
HAWK Overview Agenda Contents Slide Challenges 3 HAWK Introduction 4 Key Benefits 6 About Gavin Technologies 7 Our Security Practice 8 Security Services Approach 9 Why Gavin Technologies 10 Key Clients
More informationJohn Snare Chair Standards Australia Committee IT/12/4
John Snare Chair Standards Australia Committee IT/12/4 ISO/IEC 27001 ISMS Management perspective Risk Management (ISO 31000) Industry Specific Standards Banking, Health, Transport, Telecommunications ISO/IEC
More informationSharing Best Security Practices with your Peers - on an International Level
Public Sharing Best Security Practices with your Peers - on an International Level Urpo Kaila, Head of Security, csc.fi EUDAT Security Officer WISE Community SC member GÉANT SIG-ISMS
More informationETSI GS ISI V1.1.1 ( )
GS ISI 001-2 V1.1.1 (2013-04) Group Specification Information Security Indicators (ISI); Indicators (INC); Part 2: Guide to select operational indicators based on the full set given in part 1 Disclaimer
More informationSuma Soft s IT Risk & Security Management Solutions for Global Enterprises
Suma Soft s IT Risk & Security Management Solutions for Global Enterprises Overview: For over 16 years, Suma Soft has provided IT risk management solutions for varied SMEs and MNCs and helped solve regulatory,
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationConsolidation Committee Final Report
Committee Details Date: November 14, 2015 Committee Name: 36.6 : Information Security Program Committee Co- Chairs: Ren Flot; Whitfield Samuel Functional Area: IT Functional Area Coordinator: Phil Ventimiglia
More informationFederal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011
Federal Continuous Monitoring Working Group March 21, 2011 DOJ Cybersecurity Conference 2/8/2011 4/12/2011 Why Continuous Monitoring? Case for Change Strategy Future State Current State Current State Case
More informationBUILD YOUR CYBERSECURITY SKILLS WITH TRASYS INTERNATIONAL
BUILD YOUR CYBERSECURITY SKILLS WITH TRASYS INTERNATIONAL BECOME A PECB CERTIFIED ISO 27001 AUDITOR OR INSTRUCTOR Trasys International established a partnership with the Professional Evaluation and Certification
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationISO/IEC ISO/IEC
ISO/IEC 27000 2010 6 3 1. ISO/IEC 27000 ISO/IEC 27000 ISMS ISO IEC ISO/IEC JTC1 SC 27 ISO/IEC 27001 ISO/IEC 27000 ISO/IEC 27001 ISMS requirements ISO/IEC 27000 ISMS overview and vocabulary ISO/IEC 27002
More informationProtecting productivity with Industrial Security Services
Protecting productivity with Industrial Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. usa.siemens.com/industrialsecurityservices
More informationSecurity Metrics. February 25, Annabelle Lee Senior Technical Executive
Security Metrics February 25, 2015 Annabelle Lee Senior Technical Executive alee@epri.com Cybersecurity Capability Maturity Model (C2M2) Overview Expansion Project and Comparative Analysis Framework Implementation
More informationTACOMA PUBLIC UTILITIES CYBERSECURITY PROGRAM NIAC WORKSHOP JUNE 2017
TACOMA PUBLIC UTILITIES CYBERSECURITY PROGRAM NIAC WORKSHOP JUNE 2017 AGENDA TPU Cybersecurity Program Overview Document Management & Program Governance Compliance Driven Best Practices Protect, Detect,
More informationDeveloping an integrated approach to the analysis of MOD cyber-related risks
Developing an integrated approach to the analysis of MOD cyber-related risks James Tate, Colette Jeffery Joint Enablers Analysis Group 28 th July 2016 COVERING Overview 1. risk research 2. Customer requirement
More informationAT FIRST VIEW C U R R I C U L U M V I T A E. Diplom-Betriebswirt (FH) Peter Konrad. Executive Partner Senior Consultant
Our Contact Details IT-SCAN GMBH c/o: DOCK3 Hafenstrasse 25-27 68159 Mannheim E: info@it-scan.de W: www.it-scan.de Nationalität Berufserfahrung C U R R I C U L U M V I T A E Diplom-Betriebswirt (FH) Peter
More informationNIS Standardisation ENISA view
NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number
More informationNational Cyber Security Strategy (NCS) Toolkit
National Cyber Security Strategy (NCS) Toolkit Let s create a toolkit to help states to develop or improve their national cyber security strategies Examples of Topics To Be Addressed The role, objectives
More informationPredstavenie štandardu ISO/IEC 27005
PERFORMANCE & TECHNOLOGY - IT ADVISORY Predstavenie štandardu ISO/IEC 27005 ISMS Risk Management 16.02.2011 ADVISORY KPMG details KPMG is a global network of professional services firms providing audit,
More informationISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Information security management systems Overview and vocabulary
INTERNATIONAL STANDARD ISO/IEC 27000 Second edition 2012-12-01 Information technology Security techniques Information security management systems Overview and vocabulary Technologies de l'information Techniques
More informationIntroduction to ISO/IEC 27001:2005
Introduction to ISO/IEC 27001:2005 For ISACA Melbourne Chapter Technical Session 18 th of July 2006 AD Prepared by Endre P. Bihari JP of Performance Resources What is ISO/IEC 17799? 2/20 Aim: Creating
More informationGlobal cybersecurity and international standards
World Class Standards Global cybersecurity and international standards Professor Solange Ghernaouti-Hélie sgh@unil.ch Faculty of Business and Economics, University of Lausanne Member of the Hight Level
More informationSystems and software engineering Requirements for managers of information for users of systems, software, and services
This is a preview - click here to buy the full publication INTERNATIONAL STANDARD ISO/IEC/ IEEE 26511 Second edition 2018-12 Systems and software engineering Requirements for managers of information for
More informationISC2. Exam Questions CAP. ISC2 CAP Certified Authorization Professional. Version:Demo
ISC2 Exam Questions CAP ISC2 CAP Certified Authorization Professional Version:Demo 1. Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose
More informationDeveloping an integrated approach to the analysis of MOD cyber-related risks
Developing an integrated approach to the analysis of MOD cyber-related risks Colette Jeffery, James Tate Defence Science Technology Laboratory COST Expert Judgement Meeting 12 to 14 October 2016 COVERING
More informationImplementing Executive Order and Presidential Policy Directive 21
March 26, 2013 Implementing Executive Order 13636 and Presidential Policy Directive 21 Mike Smith, Senior Cyber Policy Advisor, Office of Electricity Delivery and Energy Reliability, Department of Energy
More informationGLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius
GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius Presented By Mrs K.Gunesh-Balaghee,, Assistant Solicitor General Mr M.Armmogum,, Ag Senior State Counsel Mrs B.Kissoon-Luckputtya,
More informationBusiness Continuity Management
Business Continuity Management Cyber Security importance by Ashraf Hasanov Business Continuity Expert BCMS BS25999 Lead Auditor Regional Disaster Response Team Member of IFRC What could stop your business?
More informationPlant Security Services Protecting productivity in the digital era October
Plant Security Services Protecting productivity in the digital era October2017 Restricted www.siemens.com/plant-security-services Internet of (hacked) Things Page 2 Use case - No OT cybersecurity company
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationITU-T FG-DPM: Key Activities and Future Plans
1st ITU Workshop on Data Processing and Management for IoT and Smart Cities & Communities (Brussels, Belgium, 19 February 2018) ITU-T FG-DPM: Key Activities and Future Plans Gyu Myoung Lee Chair, ITU-T
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationIEEE 802 EC ITU standing committee
1 IEEE 802 EC ITU standing committee Glenn Parsons - Ericsson glenn.parsons@ericsson.com +1 613 963 8141 March 2017 2 Agenda for March meeting Role of this standing committee IEEE membership in ITU IEEE-SA
More informationstandards and frameworks and controls oh my! Mike Garcia Senior Advisor for Elections Best Practices
standards and frameworks and controls oh my! Mike Garcia Senior Advisor for Elections Best Practices mike.garcia@cisecurity.org The big three in their own words ISO 27000: family of standards to help organizations
More informationTesters vs Writers: Pen tests Quality in Assurance Projects. 10 November Defcamp7
Testers vs Writers: Pen tests Quality in Assurance Projects 10 November 2016 @ Defcamp7 Contents INTRODUCTION CONTEXT WHAT ABOUT AUDITING STANDARDS WHAT ABOUT INDEPENDENCE PEN TEST BETWEEN REGULATORY AND
More informationFintech District. The First Testing Cyber Security Platform. In collaboration with CISCO. Cloud or On Premise Platform
Fintech District The First Testing Cyber Security Platform In collaboration with CISCO Cloud or On Premise Platform WHAT IS SWASCAN? SWASCAN SERVICES Cloud On premise Web Application Vulnerability Scan
More informationInformation Security Management Systems Standards ISO/IEC Global Opportunity for the Business Community
Information Security Management Systems Standards ISO/IEC 27001 Global Opportunity for the Business Community Prof. Edward (Ted) Humphreys IPA Global Symposium 2013 23 rd May 2013, Tokyo, Japan CyberSecurity
More informationSPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES
SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES Dear Executive, you requested more information, here are three quick questions Would you know if your company
More informationBeyond the CC certificate. How to continue to assess the security assurance in operational systems?
Beyond the CC certificate How to continue to assess the security assurance in operational systems? 1 Christophe BLAD / OPPIDA 1999 2005: Certifier then Technical manager of the French scheme 2005 now:
More informationNCSF-CFM Practitioner Syllabus
NCSF-CFM Practitioner Syllabus Based on NIST-CSF 1.1 itsm910 NCSF Practitioner Syllabus Version 1.1 January 2018 Page 1 Page 2 Publisher itsm Solution Publishing, LLC 742 Mink Ave. #135 Murrells Inlet,
More informationVulnerability Assessments and Penetration Testing
CYBERSECURITY Vulnerability Assessments and Penetration Testing A guide to understanding vulnerability assessments and penetration tests. OVERVIEW When organizations begin developing a strategy to analyze
More informationThe Network and Information Security Directive - ENISA's contribution
The Network and Information Security Directive - ENISA's contribution Konstantinos Moulinos Information Security Expert 3rd IMPROVER- ERNCIP Operators Workshop Lisbon 23.05.2018 European Union Agency for
More informationNEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?
NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? What the new data regulations mean for your business, and how Brennan IT and Microsoft 365 can help. THE REGULATIONS: WHAT YOU NEED TO KNOW Australia:
More informationA Controls Factory Approach To Building a Cyber Security Program Based on the NIST Cybersecurity Framework (NCSF)
A Controls Factory Approach To Building a Cyber Security Program Based on the NIST Cybersecurity Framework (NCSF) Prepared by: Larry Wilson lwilson@umassp.edu Chief Information Security Officer University
More informationENISA S WORK ON ICS AND SMART GRID SECURITY
AMSTERDAM, OCTOBER 15, 2012 ENISA S WORK ON ICS AND SMART GRID SECURITY Dr. Evangelos OUZOUNIS Head of CIIP & Resilience Unit ENISA 1 Why is it important? Industrial networks is the CI for the SCADA and
More informationIT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive
IT Governance ISO/IEC 27001:2013 ISMS Implementation Service description Protect Comply Thrive 100% guaranteed ISO 27001 certification with the global experts With the IT Governance ISO 27001 Implementation
More informationFOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY
FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide
More informationCyber Security Standards Developments
INTERNATIONAL ELECTROTECHNICAL COMMISSION Cyber Security Standards Developments Bart de Wijs Head of Cyber Security Power Grids Division ABB b.v. Frédéric Buchi Sales&Consulting Cyber Security Siemens
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationMay 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations
May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose
More informationSoftware & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management
Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management Joe Jarzombek, PMP, CSSLP Director for Software & Supply
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationAFCEA Welcome/Opening Keynote Speech. Murad Bayar, Undersecretary for Defense Industries, MoND, Turkey
AFCEA Welcome/Opening Keynote Speech Murad Bayar, Undersecretary for Defense Industries, MoND, Turkey A Turkish Perspective on the Challenges of Security in a Network-Enabled Environment I would like to
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015
ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO 27001 FRAMEWORK AUGUST 19, 2015 Agenda Coalfire Overview Threat Landscape What is ISO Why ISO ISO Cycle Q&A 2 Presenters
More informationISO/IEC INTERNATIONAL STANDARD
INTERNATIONAL STANDARD This is a preview - click here to buy the full publication ISO/IEC 27017 First edition 2015-12-15 Information technology Security techniques Code of practice for information security
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationHITRUST CSF: One Framework
HITRUST CSF: One Framework Leveraging the HITRUST CSF to Support ISO, HIPAA, & NIST Implementation and Compliance, and SSAE 16 SOC Reporting Dr. Bryan Cline, CISSP-ISSEP, CISM, CISA, CCSFP, HCISPP Senior
More informationFOCUS GROUP ON MACHINE LEARNING
INTERNATIONAL TELECOMMUNICATION UNION TELECOMMUNICATION STANDARDIZATION SECTOR STUDY PERIOD 2017-2020 FOCUS GROUP ON MACHINE LEARNING FOR FUTURE NETWORKS INCLUDING 5G Question(s): N/A Geneva, 30 January
More informationThe Pursuit of ISO/IEC 27001:2005 Certification. Joan Ross, CISSP, NSA IEM Moss Adams LLP
The Pursuit of ISO/IEC 27001:2005 Certification Joan Ross, CISSP, NSA IEM Moss Adams LLP When you think of compliance, what comes to mind? The Compliance Paradigm Game...test your knowledge for fun and
More informationERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford
Cybersecurity is a EU strategic priority DG CONNECT* > The Digital Single Market strategy aims to open up digital opportunities for people and business and enhance Europe's position as a world leader in
More informationTHE ISACA CURACAO CHAPTER IS ORGANIZING FOLLOWING INFORMATION SECURITY AND TECHNOLOGY SESSIONS ON MAY 15-MAY :
THE ISACA CURACAO CHAPTER IS ORGANIZING FOLLOWING INFORMATION SECURITY AND TECHNOLOGY SESSIONS ON MAY 15-MAY 18 2017: INFORMATION SYSTEM AUDIT AND SECURITY MANAGEMENT ( 2 DAYS) MAY 15 AND 16 o INFORMATION
More informationWhen Recognition Matters INTRODUCING NEW PECB CERTIFICATION SCHEMES.
When Recognition Matters INTRODUCING NEW PECB CERTIFICATION SCHEMES www.pecb.com 1 Introduction Seeing the great importance of distinguishing highly d professionals, PECB has introduced a new senior certification
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationAsda. Privacy and Electronic Communications Regulations audit report
Asda Privacy and Electronic Communications Regulations audit report Executive summary May 2018 1. Background and Scope The Information Commissioner may audit the measures taken by the provider of a public
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationStandardization of Knowledge and Skills for IT Security
Standardization of Knowledge and Skills for IT Security Milan Friday, October 28th 2016 Veronica Salsano Overview Standardization in general Legislation Technical foundations Actors Current situation Security
More informationSneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security
Sneak Peak at CIS Critical Security Controls V 7 Release Date: March 2018 2017 Presented by Kelli Tarala Principal Consultant Enclave Security 2 Standards and Frameworks 3 Information Assurance Frameworks
More informationIT123: SABSA Foundation Training
IT123: SABSA Foundation Training IT123 Rev.002 CMCT COURSE OUTLINE Page 1 of 8 Training Description: SABSA is the world s leading open security architecture framework and methodology. SABSA is a top-tobottom
More informationRapid Communications Deployment: Federated Service Management to Support Multi-National Preparedness in Crisis
Rapid Communications Deployment: Federated Service Management to Support Multi-National Preparedness in Crisis Marie Murphy, Product Manager, TM Forum October 21, 2011 2011 TeleManagement Forum 1 Who is
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More informationJTC 1 SC 37 Biometrics International Standards
JTC 1 SC 37 Biometrics International Standards Dr. Stephen Elliott Biometrics Standards, Performance, and Assurance Laboratory Purdue University www.bspalabs.org Overview Market Opportunities for Biometric
More informationReport on ISO/IEC/JTC1/SC27 Activities in Digital Identities
International Telecommunication Union ITU-T Report on ISO/IEC/JTC1/SC27 Activities in Digital Identities Dick Brackney ISO/SC27 Liaison Officer to ITU-T SG17 Standards Program Manager, U.S. Dept of Defense
More informationARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin
ARC VIEW FEBRUARY 1, 2018 Critical Industries Need Continuous ICS Security Monitoring By Sid Snitkin Keywords Anomaly and Breach Detection, Continuous ICS Security Monitoring, Nozomi Networks Summary Most
More informationMoving Beyond the Heat Map: Making Better Decisions with Cyber Risk Quantification
A CLOSER LOOK Moving Beyond the Heat Map: Making Better Decisions with Cyber Risk Quantification A major cybersecurity event can dissolve millions of dollars in assets and tarnish even the strongest company
More information