Crea%ng a SARNET Alliance by applying the Service Provider Group Framework and by using the Ciena/GENI testbed
|
|
- Camron Floyd
- 5 years ago
- Views:
Transcription
1 Crea%ng a SARNET Alliance by applying the Service Provider Group Framework and by using the Ciena/GENI testbed April 29 th 2015 Leon Gommans: leon.gommans@klm.com
2 Content - Introduc@on - Security Autonomous Response NETwork research - Service Provider Group framework - How framework will be studied using GENI concepts - Research Ques@ons: - SARNET alliance feasibility? - Future networking: is SPG a way to define & deliver slice archetypes? Note: session is about federa@ng services assuming Iden@ty federa@on has been arranged.
3 Internet Security envisioned in RFC 1958* *Brian Carpenter, Architectural Principles of the Internet, RFC 1958, IETF June 1996.
4 Cyber Security readiness Secure Transport Alliance Detect & Filter Protec%ve Perimeters SARNET Security state / defense tac@cs automa@on Crea@ng a SARNET Alliance Sharing intelligence and defensive power SARNET Topology dynamics
5 SARNET Alliance concept SARNET Alliance research The Big Bad Internet Internet Service Provider A Internet Ex change Internet Service Provider B Enterprise A Enterprise B Enterprise C SARNET research Testbed provided by using technology
6 SARNET Projects Security Autonomous Response NETwork project: Studies best ways to provide autonomous responses to cyber- security threats by automated security state monitoring using so]ware defined, virtualized & defense mechanisms. Funded by NWO Cyber Security Research Agenda 2 PhD students, research team: Air France KLM, Ciena, TNO and UvA. SARNET forms the context for a research project considering the applicability of the Service Provider Group concept: Crea@ng a SARNET Alliance project: Studies how to organize SARNET func@onali@es across mul@ple Service Provider- and Enterprise Networks, where each par@cipant must trust other par@cipants to correctly detect and mi@gate cyber threats, whilst authorizing each other to be involved. Funded by Dutch ministry of economic affairs 1 PhD student, research team: Air France KLM, COMMIT/, CS- and Legal faculty UvA.
7 SPG is rooted in IRTF RG on Mul%- domain AAA Architecture Agreement? Trust? Study started in 2010 Governance? Enterprise Level How to organize a service with mul@ple organisa@ons? Authoriza@on Level Opera@onal Level
8 Service Provider Group framework A Service Provider Group (SPG) is an organisa5on structure providing a defined service only available if its members collaborate. Examples:
9 Study of a highly trusted collabora@ve service MC Users MC Service Provider Group Merchant Agreement Member Agreement Cardholder Agreement Banking Infrastructure Merchant bank account Trusted Service Cardholder bank account MasterCard allows its member financial ins@tu@ons to serve merchants and cardholders with a card payment & processing service that is trusted worldwide.
10 MC rule study: anatomy of the SPG (presented I2 Spring member 2012) & Law, Rules and & Law, Rules and Law & Governance of an Autonomous Member Rooted MC Service Provider Group Level Power Legisla%ve Judicial En- force ment Exe- cu%ve Ad mini- Str a%on MasterCard (Directorate) Mem ber Banks Business, Legal and IT have to work together
11 Mapping rules that create trust on types of power Legisla%ve Judicial Execu%ve Membership Service Licenses Risk Management Non- compliancy Fees Chargebacks Liability Appeals Enforcement Rules Licenses Messages Reports Markings L Membership Agreements Processes Monitoring Fee collec@on Appeals Audi@ng Admini stra%on Cardholder Agreement Merchant Agreement Disputes Reports Audi@ng MasterCard Corpora@on Member Banks
12 Fit level model
13 SPG Framework showing key elements organizing trust. See Chapter 5 of PhD Thesis Mul@- domain authoriza@on for e- Infrastructures hjp://dare.uva.nl/record/1/ ISBN
14 Service Provider Group Autonomous members together on a decision to provide a service none could provide on its own Appears as a single provider to a customer Appears as a collabora@ve group to members with standards, rules and policies that are defined, administered, enforced and judged by the group. Autonomy in the group: every member signs an agreement declaring compliance with common rules, unless local law determines otherwise. Membership rules organizes trust amongst members and manage group reputa@on and viability.
15 Testbed GENI Racks serve as programmable routers, security state monitors, firewalls, security app, honeypots, SDX, etc..
16 Envisioned role of the SPG: define slice archetypes? Privacy Big Science DRP Cyber defense Slice level SPG A SPG - B Service Provider Group level Aggregate Manager Service Provider Infrastructure Level
17 Research SARNET: Is a cyber security alliance, allowing networks to join/leave freely, feasible? What is needed to organize an alliance, considering the SPG concept? Considering future networking concepts: Is a SPG a concept that should iden@fy and arrange slice archetypes e.g. defining cyber- security assurance levels What concerns should the SPG address (e.g. economical-, legal-, administra@ve-, etc. slice ownerships)? Collabora@on welcomed: delaat@uva.nl
An introduc/on to Sir0i
Authen4ca4on and Authorisa4on for Research and Collabora4on An introduc/on to Sir0i Addressing Federated Security Incident Response Hannah Short CERN hannah.short@cern.ch TF-CSIRT May, 2016 Agenda Federated
More informationWat verandert het toekomstige Internet voor architecten? Sogeti DYA Dag 2017
Wat verandert het toekomstige Internet voor architecten? Sogeti DYA Dag 2017 Leon Gommans Science Officer Air France KLM Group IT Technology Office R&D Guest Researcher, University of Amsterdam FNWI- SNE
More informationInteragency Advisory Board Meeting Agenda, Wednesday, December 5, 2012
Interagency Advisory Board Meeting Agenda, Wednesday, December 5, 2012 1. Opening Remarks 2. The State Identity Credential and Access Management Guidance and Roadmap (SICAM) (Chad Grant, NASCIO) 3. PIV
More informationTURNING THE TABLE THROUGH FEDERATED INFORMATION SHARING
TURNING THE TABLE THROUGH FEDERATED INFORMATION SHARING Kathleen Moriarty EMC Corporation Patrick Curry British Business Federation Authority (BBFA) Session ID: GRC- W09 Session Classification: Intermediate
More informationGDPR ESSENTIALS END-USER COMPLIANCE TRAINING. Copyright 2018 Logical Operations, Inc. All rights reserved.
GDPR ESSENTIALS END-USER COMPLIANCE TRAINING 1 POTENTIAL MAXIMUM GDPR PENALTY 2 WHAT IS DATA PRIVACY? MOST NOTABLE US/CA PRIVACY LAWS Federal Trade Commission Act, Sec4on 5 California Online Privacy Protec4on
More informationImproving Discoverability with Unique Identifiers: ORCID, ISNI, and Implementation
Improving Discoverability with Unique Identifiers: ORCID, ISNI, and Implementation NFAIS, 23 July 2014 Laura Dawson Product Manager, Identifier Services, Bowker Laura.Dawson@bowker.com ISNI 0000 0004 1029
More informationEnterprise Risk Management (ERM) and Cybersecurity. Na9onal Science Founda9on March 14, 2018
Enterprise Risk Management (ERM) and Cybersecurity Na9onal Science Founda9on March 14, 2018 Agenda Guiding Principles for Implementing ERM at NSF (Based on COSO) NSF s ERM Framework ERM Cybersecurity Risk
More informationUnlocking the Data Economy via Digital Marketplaces
Unlocking the Data Economy via Digital Marketplaces Researching governance and infrastructure patterns in airline context. November 12-17 th 2017 Denver, CO SURF Exhibition Booth #857 Leon Gommans, Ameneh
More informationCyber Security Capabilities
Cyber Security Capabilities Informa:on Assurance ü Vulnerability Assessment ü Penetra8on Tes8ng ü Informa8on Security Assessment ü Applica8on Security Evalua8on ü Network Traffic Assessment ü Cri8cality
More informationNetSecOps: Policy-Driven, Knowledge-Centric, Holis<c Network Security Opera<ons
NetSecOps: Policy-Driven, Knowledge-Centric, Holis
More informationRaising Security and Trust in our Inter-Federated World
Authen4ca4on and Authorisa4on for Research and Collabora4on Raising Security and Trust in our Inter-Federated World Hannah Short IT-DI-CSO CERN ISGC, Taipei 12-18 March, 2016 Agenda The federated landscape
More informationExperiences Implemen.ng Usable MPC For Social Good
Experiences Implemen.ng Usable MPC For Social Good Mayank Varia Hariri Ins.tute, Boston University Based on joint work with BU: Azer Bestavros, Eric Dunton, Frederick Jansen, Kyle Holzinger, Andrei Lapets,
More informationRead Me. Intent of the work The Periodic Table. About trust marks and trust frameworks Use of the table to illustrate marks and frameworks Next steps
Read Me Intent of the work The Periodic Table Rows - Clusters - Colors Cau:ons on dynamic nature of table About trust marks and trust frameworks Use of the table to illustrate marks and frameworks Next
More informationGlobal Forum on Competition
Unclassified DAF/COMP/GF/WD(2005)5 DAF/COMP/GF/WD(2005)5 Unclassified Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 12-Jan-2005 English
More informationFundamentals of Federated Iden0ty Infrastructure
Fundamentals of Federated Iden0ty Infrastructure Sal D Agos0no IDmachines LLC Federate fed er ate Verb past tense: federated; past participle: federated ˈfedəәˌrāt/ 1. (with reference to a number of states
More informationBlue Lava InfoSec Update
Blue Lava InfoSec Update ISSA Los Angeles Demetrios Lazarikos (Laz) January 21, 2015 Agenda Intros Blue Lava InfoSec Survey Research and Findings Evolution How Did We Get Here? What Organizations Are Doing
More informationPERSONAL DATA PROTECTION ACT 2010 IMPLEMENTATION PHASE : WHAT NEXT FOR MALAYSIA BY
PERSONAL DATA PROTECTION ACT 2010 IMPLEMENTATION PHASE : WHAT NEXT FOR MALAYSIA BY DEPUTY DIRECTOR GENERAL DEPARTMENT OF PERSONAL DATA PROTECTION MINISTRY OF COMMUNICATION AND MULTIMEDIA MALAYSIA CONTENT
More informationDigital Trust Ecosystem
Digital Trust Ecosystem IoT Risks and Solutions Chris Edwards CTO - Intercede What s the Problem? Billions of devices Millions of services Mixed closed / open trust networks Devices transferring between
More informationCAREER PATH FOR THE NEXT GENERATION RECORDS MANAGER
CAREER PATH FOR THE NEXT GENERATION RECORDS MANAGER San Jose State University October 1,2014 Presented by: Jim Merrifield, IGP, CIP, ERMs Jim Merrifield, IGP, CIP, ERMs Director of Informa.on Governance
More informationCybersecurity Curricular Guidelines
Cybersecurity Curricular Guidelines Ma2 Bishop, University of California Davis, co-chair Diana Burley The George Washington University, co-chair Sco2 Buck, Intel Corp. Joseph J. Ekstrom, Brigham Young
More informationWelcome to this Clean Sky Info Day on how to become a Partner in Clean Sky 2. This presenta=on will explain how to prepare a proposal and submit it
Welcome to this Clean Sky Info Day on how to become a Partner in Clean Sky 2. This presenta=on will explain how to prepare a proposal and submit it via the Par=cipant Portal. 1 To make the submission process
More informationPCI compliance the what and the why Executing through excellence
PCI compliance the what and the why Executing through excellence Tejinder Basi, Partner Tarlok Birdi, Senior Manager May 27, 2009 Agenda 1. Introduction 2. Background 3. What problem are we trying to solve?
More informationACCESS Health Indonesia. ACCESS Global Mee.ng February 10-13, 2014 Goa, India
ACCESS Health Indonesia ACCESS Global Mee.ng February 10-13, 2014 Goa, India 1 CONTENTS 1. ACCESS Health Interna.onal 2. Sustainable ehealth Ecosystem 3. 4. 5. 6. 7. ACCESS Mission and Sustainable ehealth
More informationInformation Systems and Tech (IST)
Information Systems and Tech (IST) 1 Information Systems and Tech (IST) Courses IST 101. Introduction to Information Technology. 4 Introduction to information technology concepts and skills. Survey of
More informationCon$nuous Audi$ng and Risk Management in Cloud Compu$ng
Con$nuous Audi$ng and Risk Management in Cloud Compu$ng Marcus Spies Chair of Knowledge Management LMU University of Munich Scien$fic / Technical Director of EU Integrated Research Project MUSING Cloud
More informationThe Honest Advantage
The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents
More informationObject Oriented Design (OOD): The Concept
Object Oriented Design (OOD): The Concept Objec,ves To explain how a so8ware design may be represented as a set of interac;ng objects that manage their own state and opera;ons 1 Topics covered Object Oriented
More informationUniversity of Sunderland Business Assurance PCI Security Policy
University of Sunderland Business Assurance PCI Security Policy Document Classification: Public Policy Reference Central Register IG008 Policy Reference Faculty / Service IG 008 Policy Owner Interim Director
More informationOpen Mee'ng of the Security & Stability Advisory Commi=ee. 26 October 2009
Open Mee'ng of the Security & Stability Advisory Commi=ee 26 Agenda Introduc'on Steve Crocker, Chair, SSAC SSAC Retreat Ram Mohan DNS Redirec'on Ram Mohan Root Scaling Study Ram Mohan Orphaned Name Servers
More informationCloud Adop)on, Risks & Security & GDPR An Ac)on Guide
April 2016 Cloud Adop)on, Risks & Security & GDPR An Ac)on Guide Nigel Hawthorn, Skyhigh Networks Cloud Adop)on and Risk Agenda Skyhigh Networks An Introduc)on European Cloud Adop)on and Risk Report Q1
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationAARC Assurance Profiles
Authen4ca4on and Authorisa4on for Research and Collabora4on AARC Assurance Profiles Addressing Federated Security Incident Response Hannah Short CERN hannah.short@cern.ch Kantara April 7 th, 2016 Agenda
More informationStrengthening Cybersecurity Workforce Development December 2017
Strengthening Cybersecurity Workforce Development December 2017 Agenda 1. Introduc3ons SANS GIAC Team 2. Goal: 2017 Execu3ve Order 3. SANS GIAC NICE Workforce Framework (NCWF) Mapping Overview 4. Workforce
More informationAWS Iden)ty And Access Management (IAM) Manohar Rapolu
AWS Iden)ty And Access Management (IAM) Manohar Rapolu Topics Introduc5on Principals Authen5ca5on Authoriza5on Other Key Feature -> Mul5 Factor Authen5ca5on -> Rota5ng Keys -> Resolving Mul5ple Permissions
More informationUser Community Driven Development in Trust and Identity Services
User Community Driven Development in Trust and Identity Services Ann Harding, SWITCH Internet2 Global Summit 27 April 2015 Washington DCs Agenda Trust and Iden.ty Landscape GÉANT Research Community Engagement
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationBy Aftab A. Siddiqui Cyber Internet Services (Pvt.) Ltd IPv6 Task Force Pakistan
By Aftab A. Siddiqui Cyber Internet Services (Pvt.) Ltd IPv6 Task Force Pakistan Introduction IPv6 delegation in Pakistan Pakistan s IPv6 prefixes visibility IPv6 Task Force Introduction Pakistan v6core
More informationBusiness Case Components
How to Build A SOC Agenda Mission Business Case Components Regulatory requirements SOC Terminology Technology Components Events categories Staff Requirements Organiza>on s Considera>ons Training Requirements
More informationSpecial Publication
Special Publication 800-171 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations Patricia Toth NIST MEP What is Information Security? Personnel Security Cybersecurity
More informationCoG: The NEW ESGF WEB USER INTERFACE
CoG: The NEW ESGF WEB USER INTERFACE ESGF F2F Workshop, Livermore, CA, December 2014 Luca Cinquini [1], Cecelia DeLuca [2], Sylvia Murphy [2] [1] California Ins/tute of Technology & NASA Jet Propulsion
More information2017 Annual Meeting of Members and Board of Directors Meeting
2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,
More informationAutonomic Mul,- Agents Security System for mul,- layered distributed architectures. Chris,an Contreras
Autonomic Mul,- s Security System for mul,- layered distributed architectures Chris,an Contreras Agenda Introduc,on Mul,- layered distributed architecture Autonomic compu,ng system Mul,- System (MAS) Autonomic
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Officer Senior Vice President, General Counsel and Corporate
More informationIden%ty, Risk and Privacy in the broader enterprise
Iden%ty, Risk and Privacy in the broader enterprise Or Why the hell are you calling ME in Florida in the middle of the night because there is a tornado in Indiana?? Mark Bruhn Associate Vice President
More informationWLAN Security Overview
WLAN Security Overview This Chapter Explore the basic terminology of WLAN security. Discuss the organizations that create the standards, certifications, and recommendations that help guide and direct wireless
More informationNERC Staff Organization Chart Budget 2018
NERC Staff Organization Chart Budget 2018 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationIdentity-Based Cyber Defense. March 2017
Identity-Based Cyber Defense March 2017 Attackers Continue to Have Success Current security products are necessary but not sufficient Assumption is you are or will be breached Focus on monitoring, detecting
More informationSystems Engineering Capabili2es
Systems Engineering Capabili2es Purdue University November 9, 2010 Integrated Deepwater System Concept US Coast Guard / ICGS Recent History of SE at Purdue 2003 Purdue College of Engineering ini2ates Signature
More informationAgenda. About ECRIN Overview of ECRIN Ac4vi4es Increasing value
Agenda About ECRIN Overview of ECRIN Ac4vi4es Increasing value ECRIN Overview A non- profit organisa4on with the legal status of European Research Infrastructure Consor4um (ERIC) Mission: support the conduct
More informationCo-operation against cybercrime CSIRTs LE private sector
Co-operation against cybercrime CSIRTs LE private sector Octopus Interface 2010 Kauto Huopio Sr. Infosec Advisor Finnish Communications Regulatory Authority CERT-FI Finnish national CSIRT authority { National
More informationAgenda. Security essentials. Year in review. College/university challenges. Recommendations. Agenda RSM US LLP. All Rights Reserved.
Agenda Agenda Security essentials Year in review College/university challenges Recommendations 2 About me Matt Franko Director, Risk Advisory Services matthew.franko@rsmus.com (216) 927-8224 11+ years
More informationStop Cyber Threats With Adaptive Micro-Segmentation. Chris Westphal Head Of Product Marketing
Stop Cyber Threats With Adaptive Micro-Segmentation Chris Westphal Head Of Product Marketing Agenda Why Are We Here? What Is Adaptive Micro-Segmentation? How Adaptive Micro-Segmentation Is Used Why Visibility
More informationcctld in the Frontier of the IG Ecosystem Mo Dong China Internet Network Informa4on Center
cctld in the Frontier of the IG Ecosystem Mo Dong China Internet Network Informa4on Center cctld in IG Definition and Contents of Internet Governance The Definition of Internet Governance Internet governance
More informationAutomate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds
EXECUTIVE BRIEF SHAREBASE BY HYLAND Automate sharing. Empower users. Retain control. With ShareBase by Hyland, empower users with enterprise file sync and share (EFSS) technology and retain control over
More informationLegal, Ethical, and Professional Issues in Information Security
Legal, Ethical, and Professional Issues in Information Security Downloaded from http://www.utc.edu/center-information-securityassurance/course-listing/cpsc3600.php Minor Changes from Dr. Enis KARAARSLAN
More informationApril 17, Ronald Layne Manager, Data Quality and Data Governance
Ensuring the highest quality data is delivered throughout the university providing valuable information serving individual and organizational need April 17, 2015 Ronald Layne Manager, Data Quality and
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationCloud Standards Coordina.on
Cloud Standards Coordina.on A collabora.ve snapshot on Cloud Standards E. Darmois CSC Workshop, 11 December 2013 ETSI 2013. All rights reserved The Context EC Cloud Strategy (09/2012) Faster adopdon of
More informationMobile Payment Security
Mobile Payment Security What it means and how to implement it Macroeconomics of Mobile Money Columbia University Apr. 2, 2010 Hadi Nahari Principal Security & Mobile Architect PayPal, Inc. an ebay Company
More informationThe Vitro Integrated Ontology Editor and Seman5c Web Applica5on
The Vitro Integrated Ontology Editor and Seman5c Web Applica5on Brian Lowe, Brian Caruso, Nick Cappadona, Miles Worthington, Stella Mitchell, Jon Corson- Rikert, and the VIVO Collabora5on Interna5onal
More informationBenefits of Open Cross Border Data Flows
/SMEWG41/039 Agenda Item: 16.3 Benefits of Open Cross Border Data Flows Purpose: Information Submitted by: United States 41 st Small and Medium Enterprises Working Group Meeting Iloilo, Philippines 23-24
More informationISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard
Certification Exam Outline Effective Date: April 2013 About CISSP-ISSMP The Information Systems Security Management Professional (ISSMP) is a CISSP who specializes in establishing, presenting, and governing
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationPTLGateway Data Breach Policy
1 PTLGateway Data Breach Policy Last Updated Date: 02 March 2018 Data Breach Policy This page informs you of our policy which is to establish the goals and the vision for the breach response process. This
More informationAnonymity on the Internet. Cunsheng Ding HKUST Hong Kong
Anonymity on the Internet Cunsheng Ding HKUST Hong Kong Part I: Introduc
More informationBecoming National Hub of TLDs in the New gtld Era
Becoming National Hub of TLDs in the New gtld Era SUN, Xiantang 26 March 2014 Update 18.44 millions domain names in total in Chinese market 10.83 millions.cn, 50%+ of the market - - - - Dec 2013 Ne6zen
More informationAltitude Software. Data Protection Heading 2018
Altitude Software Data Protection Heading 2018 How to prevent our Contact Centers from Data Leaks? Why is this a priority for Altitude? How does it affect the Contact Center environment? How does this
More informationFundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment
Fundamentals of Cybersecurity/CIIP Building Capacity: Using a National Strategy & Self- Presented to: 2009 ITU Regional Cybersecurity Forum for Asia-Pacific Connecting the World Responsibly 23-25 25 September
More informationTerms and Conditions between Easy Time Clock, Inc. And Easy Time Clock Client
Terms and Conditions between Easy Time Clock, Inc. And Easy Time Clock Client Client s Responsibility Easy Time Clock, Inc. ( ETC ) is a client-led time and attendance program. The Client is solely responsible
More informationDealing with Sensi.ve Data: Helping You Protect You
Dealing with Sensi.ve Data: Helping You Protect You Why the Focus on Data Security? Because some data collec.on and use is federally regulated, and data security is a core regulatory component. Ignoring
More informationFinFit will request and collect information in order to determine whether you qualify for FinFit Loans*.
FinFit Web Privacy Policy General: This Privacy Policy ( Policy ) describes the ways FinFit, LLC ( FinFit, we, us) collects, stores, uses and protects information we receive from you or that you may provide
More informationImproving the cyber security posture of New Zealand Barry Brailey NZITF Chair
New Zealand Internet Task Force Improving the cyber security posture of New Zealand Barry Brailey NZITF Chair Programme Introduc7on Background The Birth of a Trust Group Ongoing work Q&A Who Am I? Manager,
More informationCyber Security Guidelines for Public Wi-Fi Networks
Cyber Security Guidelines for Public Wi-Fi Networks Version: 1.0 Author: Cyber Security Policy and Standards Document Classification: PUBLIC Published Date: April 2018 Document History: Version Description
More informationAspects of Identity. IGF November BCS Security Community of Expertise
Aspects of Identity IGF November 2012 BCS Security Community of Expertise Representatives Dr. Louise Bennett FBCS CITP Chair of the BCS Security Community of Expertise Mirza Asrar Baig Executive Director,
More informationInternational and Industry Programs at National Defence
ASSISTANT DEPUTY MINISTER (MATERIEL) DIRECTOR GENERAL INTERNATIONAL & INDUSTRY PROGRAMS International and Industry Programs at National Defence Ms. Jennifer C. Hubbard Director General International &
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationSecure Cyber Infrastructure for Valuable Big Data Processing!
Secure Cyber Infrastructure for Valuable Big Data Processing! Cees de Laat Systems & Network Laboratory University of Amsterdam Fading Trust in Internet Trust Research Gap! Dependency 1980 2017 Main problem
More informationThe Office for Outer Space Affairs bringing space- based tools and applica:ons at the heart of the 2030 Agenda for Sustainable Development
The Office for Outer Space Affairs bringing space- based tools and applica:ons at the heart of the 2030 Agenda for Sustainable Development SIMONETTA DI PIPPO, DIRECTOR United Nations Office for Outer Space
More informationIntroduction to Securing Critical Infrastructure
Her kan tekst skrives Her kan tekst skrives Introduction to Securing Critical Infrastructure Her kan tekst skrives Keith Frederick CISSP, CAP, CRISC, Author securenok.com Topics A)acks on the Oil and Gas
More informationTrusted Data Processing in Untrusted Environments
Digital Data Markets: Trusted Data Processing in Untrusted Environments Cees de Laat Systems and Networking Laboratory University of Amsterdam Main problem statement Organizations that normally compete
More informationApple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.10 Effective Date: June 10, 2013
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.10 Effective Date: June 10, 2013 Table of Contents 1. Introduction... 5 1.1. Trademarks... 5
More informationNational CIRT - Montenegro. Ministry for Information Society and Telecommunications
National CIRT - Montenegro Ministry for Information Society and Telecommunications Regional Cybersecurity Forum Sofia, November 2016 CIRT ESTABLISHMENT Key Organizations in establishing Montenegro CIRT:
More informationAfrica Peering and Interconnec0on Forum Panel discussion on the Content equa1on of NRENs August 11 12, 2010
Africa Peering and Interconnec0on Forum Panel discussion on the Content equa1on of NRENs August 11 12, 2010 Meoli Kashorda, PhD, MIEEE Execu0ve Director, KENET and Professor of informa0on Systems, USIU
More informationSAVANNAH LAKES VILLAGE PROPERTY OWNERS ASSOCIATION, INC. JOB DESCRIPTION
SAVANNAH LAKES VILLAGE PROPERTY OWNERS ASSOCIATION, INC. JOB DESCRIPTION POSITION: CHIEF OPERATING OFFICER FUNCTION: Responsible for all aspects of the SLV POA day-to-day operations. In this capacity,
More informationNERC Staff Organization Chart Budget 2017
NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel
More informationCloud-Enable Your District s Network For Digital Learning
Cloud-Enable Your District s Network For Digital Learning Session B40 BrainStorm 17.0 Gavin Lee Education Business Development Manager Juniper Networks gavinl@juniper.net Juniper Innovations for Mission
More informationData Governance Industrial Internet & Big Data
Data Governance Kari Hiekkanen 29.3.2018 CS-E5340 Introduction to Industrial Internet Industrial Internet & Big Data (IDC Data Age 2025, April 2017) 1 Industrial Internet & Big Data (Statista, 2017) Data
More informationIssues in Assessing Commercial Certification Service Trust
The Open Group Security Program Group Building Trust on the Net ---- San Diego -- April 30, 1998 Issues in Assessing Commercial Certification Service Trust Michael S. Baum, J.D., M.B.A. VP, Practices &
More informationVendor Management: SSAE 18. Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner
Vendor Management: SSAE 18 Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner Audio Handouts Questions Welcome Joseph Kirkpatrick is the Managing Partner at KirkpatrickPrice
More informationThe Project on Capacity Development toward Effec*ve Disaster Risk Management Case Study: Bursa
The Project on Capacity Development toward Effec*ve Disaster Risk Management Case Study: Bursa Dr. Yeliz TEKER April, 2014 Contents Ø Legal basis of the project Ø Jus4fica4on for the project Ø Project
More informationStephanie Zierten Associate Counsel Federal Reserve Bank of Boston
Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Cybersecurity Landscape Major Data Breaches (e.g., OPM, IRS) Data Breach Notification Laws Directors Derivative Suits Federal Legislation
More informationENCS The European Network for Cyber Security
ENCS The European Network for Cyber Security A not-for-profit European Public Private Partnership on cyber security for critical infrastructures Initial focus: smart grids and process control, to be extended
More informationNERC Staff Organization Chart Budget 2017
NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel
More informationCredit Card Data Compromise: Incident Response Plan
Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,
More informationTHE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:
June 2013 Sponsored by Introduction Mobile devices cause ongoing concern for IT teams responsible for information security. Sensitive corporate information can be easily transported and lost, while the
More informationh7ps://bit.ly/citustutorial
Before We Start Setup a Citus Cloud account for the exercises: h7ps://bit.ly/citustutorial Designing a Mul
More information3/13/2015. COSO Revised: Implications for Compliance and Ethics Programs. Session Agenda. The COSO Framework
COSO Revised: Implications for Compliance and Ethics Programs Urton Anderson, CCEP Director of the Von Allmen School of Accountancy and EY Professor The University of Kentucky Session Agenda The COSO Framework
More informationCredit Union Service Organization Compliance
Credit Union Service Organization Compliance How do SOC reporting and PCI requirements affect your overall compliance strategy? May 15 2012 Your Speakers Dennis Lavin Credit Union Assurance Partner Moderator
More information01.0 Policy Responsibilities and Oversight
Number 1.0 Policy Owner Information Security and Technology Policy Policy Responsibility & Oversight Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 1. Policy Responsibilities
More information