Jane Drews University IT Security Officer EDUCAUSE On-line 2009

Slides:



Advertisements
Similar presentations
Security and Personnel
Advertisements

Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
VITA [Virginia Information Technologies Agency]
Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Budget Prep Budget Prep Dates Budgets will be released mid-May Budgets will be due to the Budget Office on June 18 th Budget will be finalized and.
Stephen S. Yau CSE , Fall Security Strategies.
Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.
By Drudeisha Madhub Data Protection Commissioner Date:
Ensuring Information Security
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.
Chapter 10: Ethics, Privacy, and Security Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Welcome To the Objectives Pillar Workshop Introduction Business need Target Audience - technical and professional staff who support decision maker.
Incident Response And a debrief of UNM’s response to the Heartbleed vulnerability 1 Presented by: Michael Burlison, Information Security Analyst – CISSP,
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Chapter 11: Managing a Secure Network
INCIDENT RESPONSE IMPLEMENTATION David Basham University of Advancing Technology Professor: Robert Chubbuck NTS435.
STANKIEWICZ. Essential Questions and Learning What is the purpose of criminal Investigation? What are the basic steps in criminal investigations? What.
Note1 (Admi1) Overview of administering security.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
CIFOR Council to Improve Foodborne Outbreak Response CIFOR Guidelines and CIFOR Toolkit Donald J. Sharp, MD, DTM&H Food Safety Office National Center for.
Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.
Incident Response November 2015 Navigating a Cybersecurity Incident.
Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.
SecSDLC Chapter 2.
Evaluate Phase Pertemuan Matakuliah: A0774/Information Technology Capital Budgeting Tahun: 2009.
Information Security Services. Overview  Administrative Systems Security  Legislative Requirements  SUNet Security  Individual Security Awareness.
Advanced Virus Protection: A Strategic Blueprint to Repel the Next Attack Presented by Paul Schmehl Information Security Officer University of Texas at.
Policy, Standards and Guidelines Breakout Co-Chairs Victor Hazlewood OCIO Cyber Security, ORNL Kim Milford ISO, University of Rochester.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
FBI Phoenix Computer Crime Squad SA Tom Liffiton 10/23/2003 Maricopa Association of Governments Telecommunications Advisory Group.
1 WA Legal and Policy Documents School Education Regulations 2000 Occupational Safety and Health Act 1984 –Occupational Safety And.
Incident Response Christian Seifert IMT st October 2007.
INFORMATION SECURITY MANAGEMENT L ECTURE 2: P LANNING FOR S ECURITY You got to be careful if you don’t know where you’re going, because you might not get.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Security Methods and Practice Principles of Information Security, Fourth Edition CET4884 Planning for Security Ch5 Part I.
Chapter 1 An Introduction to Dynamic Business Law Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
Incident Response Strategy and Implementation Anthony J. Scaturro University IT Security Officer September 22, 2004.
HIPAA PRIVACY & SECURITY TRAINING
Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity
IT Audit Processes and Audit
Fusion Center ITS security and Privacy Operations Joe Thomas
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Disaster and Emergency Planning
Policy & Procedure Writing
Information Security Seminar
When Things Go Awry: Managing Conflict
Out of the Breach and Into the Fire
CMGT 582 Competitive Success/tutorialrank.com
CMGT 582 STUDY Lessons in Excellence--cmgt582study.com.
CMGT 582 Education for Service-- tutorialrank.com.
Building organic expertise within the public sector
The State of Cybersecurity and
Constitutions & the Design of Government
IS4550 Security Policies and Implementation
EDUCAUSE Security Professionals Conference 2018 Jason Pufahl, CISO
Operationalizing Export Certification and Regionalization Programmes
a. Financing b. Designing c. Construction d. Operating
Neil Kirton and Zoë Newman
Incident response and intrusion detection
Delegation of Authority & Management by Objectives
Risk Mitigation & Incident Response Week 12
IMPLEMENTATION OF THE DNA BILL ACCREDITATION PLAN
An Introduction to System Administration
Introduction to the PACS Security
THE 10 x 10 RESILIENCE FRAMEWORK
Security Policies and Implementation Issues
Presentation transcript:

Jane Drews University IT Security Officer EDUCAUSE On-line 2009 Incident Management Jane Drews University IT Security Officer EDUCAUSE On-line 2009

General Elements Policy Training Technical and operational issues Procedures and decision making Quality Improvement

EDUCAUSE/I2 Information Security Guide Aligns with ISO-27002 standards for Information Security Management Chapter 13: Information Security Incident Management https://wiki.internet2.edu/confluence/display/itsg2/Information+Security+Incident+Management

Sample Security Incident Some policy was in place Decision making authority and depth Technical decisions Political decisions Operational decisions Insufficient security services Notification questions not fully understood

Notification Considerations Applicable policy, and/or local, state, or federal laws Physical possession (lost or stolen device?) Credible evidence the information was copied/removed Length of time between intrusion and detection Purpose of the intrusion was acquisition of information Credible evidence the information was in a useable format (unencrypted) Ability to reach the affected individuals

Preparation, Detection, and Reporting Policy for reporting, containment, notifications, communications Training – End users, IT admins, and Security personnel Technical resources/services Detection, analysis, forensics

Security Incident Response and Process Improvement Response team members vary by incident Security, Sysadmins Affected Unit, Legal, LE, Media/Relations, Administration, CIO, CISO Clearly defined expectations at all levels Responsibility, timing, recovery Debriefing (lessons learned)

Questions ? jane-drews@uiowa.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.