Forensics and Active Protection

Similar documents
New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

Cyber Security Program

External Supplier Control Obligations. Cyber Security

How AlienVault ICS SIEM Supports Compliance with CFATS

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS

Department of Management Services REQUEST FOR INFORMATION

Cybersecurity Auditing in an Unsecure World

Dr. Stephanie Carter CISM, CISSP, CISA

Cyber Resilience. Think18. Felicity March IBM Corporation

Information Technology Security Plan Policies, Controls, and Procedures Identify Risk Assessment ID.RA

Cyber Risks in the Boardroom Conference

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Background FAST FACTS

CompTIA Cybersecurity Analyst+

Standard for Security of Information Technology Resources

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Heavy Vehicle Cyber Security Bulletin

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Cybersecurity, safety and resilience - Airline perspective

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

Information Security Policy

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Security Standards for Electric Market Participants

University of Pittsburgh Security Assessment Questionnaire (v1.7)

SECURITY & PRIVACY DOCUMENTATION

PERSON SPECIFICATION. Cyber PROTECT Officer. Job Title: Status: Established

Cyber Security Strategy

CYBER SECURITY POLICY REVISION: 12

Cyber Resilience - Protecting your Business 1

ISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006

Presentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT

MANAGEMENT OF INFORMATION SECURITY INCIDENTS

Robert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard

ISAO SO Product Outline

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

National Policy and Guiding Principles

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

Certified Information Security Manager (CISM) Course Overview

DETAILED POLICY STATEMENT

NY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO

INFORMATION ASSURANCE DIRECTORATE

The Impact of Cybersecurity, Data Privacy and Social Media

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Continuous protection to reduce risk and maintain production availability

Information Security Management System

Staffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today

HIPAA Security and Privacy Policies & Procedures

Advanced IT Risk, Security management and Cybercrime Prevention

Designing and Building a Cybersecurity Program

Healthcare Security Professional Roundtable. The Eighth National HIPAA Summit Monday, March 8, 2004

Tool-Supported Cyber-Risk Assessment

THE WHITE HOUSE. Office of the Press Secretary EXECUTIVE ORDER

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

NW NATURAL CYBER SECURITY 2016.JUNE.16

THE WHITE HOUSE Office of the Press Secretary EXECUTIVE ORDER

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Legal Foundation and Enforcement: Promoting Cybersecurity

Overview of the Federal Interagency Operational Plans

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

IMF IT-Incident Management and IT-Forensics

ADIENT VENDOR SECURITY STANDARD

locuz.com SOC Services

Checklist: Credit Union Information Security and Privacy Policies

Cyber Risk in the Marine Transportation System

Section One of the Order: The Cybersecurity of Federal Networks.

MIS5206-Section Protecting Information Assets-Exam 1

Compliance with ISPS and The Maritime Transportation Security Act of 2002

Oracle Data Cloud ( ODC ) Inbound Security Policies

Bradford J. Willke. 19 September 2007

Guidelines. on the security measures for operational and security risks of payment services under Directive (EU) 2015/2366 (PSD2) EBA/GL/2017/17

Table of Contents. Sample

Information Security Policy

Information Security Controls Policy

CYBER RESILIENCE & INCIDENT RESPONSE

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

Incident Response Services

Handbook Webinar

CYBER SECURITY AND MITIGATING RISKS

Gujarat Forensic Sciences University

EC-Council Certified Incident Handler v2. Prepare to Handle and Respond to Security Incidents EC-COUNCIL CERTIFIED INCIDENT HANDLER 1

PROJECT RESULTS Summary

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

The University of Queensland

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

NCSF Foundation Certification

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Certified Information Systems Auditor (CISA)

Workshop on Cyber Security & Cyber Crime Policies. Policies for African Diplomats

Best Practices for Campus Security. January 26, 2017

Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Threat and Vulnerability Assessment Tool

K12 Cybersecurity Roadmap

Transcription:

Forensics and Active Protection Computer and Network Forensics Research Project 2003 Work Update Yanet Manzano Florida State University manzano@cs.fsu.edu manzano@cs.fsu.edu 1 Outline CNF Project Goal Review Presentation Goal Information Security Policies Review Security Risk and Control Review ISO 17799 National Strategy to Secure Cyberspace Conclusion manzano@cs.fsu.edu 2 1

CNF Project Goals Review Computer and Network Security Project Goals Help enterprises deter computer crime Improving their ability to conduct CNF analysis Presentation Goal: Updates on key issue relevant to CNF policies manzano@cs.fsu.edu 3 Information Security (IS) Policies COVERAGE cover the full range of risks associated with creating, amending or storing information Securing Hardware, Peripherals and Other Equipment Controlling Access to Information and Systems Processing Information and Documents Purchasing and Maintaining Commercial Software Developing and Maintaining In-house Software Combating Cyber Crime manzano@cs.fsu.edu 4 2

Information Security (IS) Policies COVERAGE Complying with Legal and Policy Requirements Planning for Business Continuity Addressing Personnel / HR Issues Relating to Information Security Controlling e-commerce Information Security Delivering Training and Staff Awareness Dealing with Premises Related Considerations Detecting and Responding to Security Incidents Classifying Information and Data manzano@cs.fsu.edu 5 Information Security (IS) Policies OBJECTIVES IS policy: intended to support the protection, control and management of info assets protect business and client or customer info establish responsibility and accountability for IS maintain management and staff awareness, knowledge and skill ensure commercial activities in the event of significant IS incident Meet standards manzano@cs.fsu.edu 6 3

IS Policies SCOPE Covers all info assets: Stored databases, or computers removable media such as CD-ROMs fixed media such as hard disks and disk sub-systems Transmitted across internal and public networks Spoken during telephone calls and meetings or conveyed by any other method (email) manzano@cs.fsu.edu 7 Security Risk (SR) Analysis Review essential in ensuring controls and expenditures are equivalent to the risk to the enterprise is exposed to Threats create attacks Attacks exploit Vulnerabilities Controls are countermeasures for vulnerabilities manzano@cs.fsu.edu 8 4

Security Controls(SC) Review Deterrent reduce likelihood of deliberate attack Preventative detect and eliminate vulnerabilities Corrective reduce effect of attack Detective detect attacks trigger preventative or corrective controls manzano@cs.fsu.edu 9 SR and SC Relational Model manzano@cs.fsu.edu 10 5

ISO 17799: International Security Standard A comprehensive set of controls comprising best practices in information security Single reference point for identifying a range of controls needed for more situation where info system are used in industry and commerce Standard relevance as a common currency for information security measurement Main standard being used for security policy development manzano@cs.fsu.edu 11 Large Enterprises manzano@cs.fsu.edu 12 6

Toward a Corporate Security Council consisting of key members of the company with security-related responsibilities Officials can prepare and coordinate plans to ensure cybersecurity is factored into enterprise and business operations advise the CEO in a crisis coordinate the execution of their contingency and continuity plans in response to cybersecurity incidents manzano@cs.fsu.edu 13 Best Practices facilitate the integrity, reliability, availability, and confidentiality of the enterprise Authentication: Implement processes and procedures to authenticate, or verify, users of the network Configuration management: enterprise architecture and deployment with security in mind enterprise wide software, patches, and OS control manzano@cs.fsu.edu 14 7

Best Practices Training: Train all employees on the need for IT security Develop policies based on roles Verify compliance Periodic Reviews Incident response: Develop enterprise capability for responding to incidents mitigating damage recovering systems investigating and capturing forensic evidence working with law enforcement manzano@cs.fsu.edu 15 Best Practices Organization network: Organize enterprise security, IT, and risk management functions to promote efficient exchange of information corporatewide Network management: Create a regular process to assess, remediate, and monitor the vulnerabilities of the network automated processes for vulnerability reporting, patching, and detecting insider threats. manzano@cs.fsu.edu 16 8

Conclusion Policy-driven approach to managing info security Automate technology implementation and ongoing maintenance of key security management functions to Comprehensive security management integration and coverage enterprise wide Embed security in enterprise culture, business and technical operations manzano@cs.fsu.edu 17 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback