Managing Information Security In a Disruptive IT Landscape

Slides:

Advertisements

Similar presentations

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.

Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

Taxes for Growth & Development RWANDA REVENUE AUTHORITY INTRODUCTION Rwanda Revenue Authority in its modernization program embarked on.

David A. Brown Chief Information Security Officer State of Ohio

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

Collaboration Oriented Architecture COA Position Paper An Overview Adrian Seccombe Board of Management, Jericho Forum ® CISO & Snr Enterprise Information.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Security Controls – What Works

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

The Role of Security & Privacy in EA Program

1 Kuwait Central Agency for information technology.

Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.

Tech Talk IT Guidance for Executives.  Information & Communications Technology is a key enabler to Customs reform and modernization  Already ubiquitous.

© 2007 ISACA ® All Rights Reserved DAMA-NCR Chapter Meeting March 11, 2008.

Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.

TTBIZLINK PROJECT MINISTRY OF TRADE, INDUSTRY, INVESTMENT & COMMUNICATIONS.

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Information Security Issues at Casinos and eGaming

Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Chapter Three IT Risks and Controls.

Presented By Tay Un Soo Senior VP, Bank of Commerce President of ISACA - Malaysia Chapter 1999 National Accountants Conference THRIVING IN THE DIGITAL.

INFORMATION SECURITY & RISK MANAGEMENT SZABIST – Spring 2012.

Overview of COBIT5 and Impact on Local Content for IT By Mrs Tokunbo Martins Director Banking Supervision (Central Bank of Nigeria)

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Cyber Security & Fraud – The impact on small businesses.

1 Efficient, Transparent and Strategic Management Presented by: Prof. Venansius Baryamureeba Acting Vice Chancellor, Makerere University, Kampala, UGANDA.

“Serving those who serve” “À votre service” PRESENTATION TO THE NON-PUBLIC PROPERTY BOARD OF DIRECTORS 14 OCTOBER 2003, OTTAWA.

1 7 th CACR Information Workshop Vulnerabilities of Multi- Application Systems April 25, 2001 MAXIMUS.

Catawba County Board of Commissioners Retreat June 11, 2007 It is a great time to be an innovator 2007 Technology Strategic Plan *

Designing Services for Security: Information Security Management throughout the Service Lifecycle Sarah Irwin & Craig Haynal 2015 Penn State Security Conference,

Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.

Global policy framework and standards on ICT accessibility UNDESA/DSPD FPRUM DISABILITY INCLUSION AND ACCESSIBLE URBAN DEVELOPMENT Nairobi, Kenya 28 October.

Managed Support CSM Event – 1 st June Steven Grier Premier Support Manager Premier Support.

Chapter 8 Auditing in an E-commerce Environment

Ellis Paul Technical Solution Specialist – System Center Microsoft UK Operations Manager Overview.

WCO Standards and Strategies

1 MANAGEMENT OF CHANGE LEADERSHIP TOWARDS CHANGE, RENDERING STRUCTURES, FUNCTIONS AND PROCEDURES COMPATIBLE A Case Study of the Kenya Revenue Authority.

ISACA: 2016 AND BEYOND MATT LOEB (CGEIT, CAE) ISACA CHIEF EXECUTIVE OFFICER.

Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.

Donald JG Chiarella, PhD, CISM, CDMP, PEM, CHS-CIA, MBA.

Context Rich Systems Market to Global Analysis and Forecasts by Component, Device and Vertical No of Pages: 150 Publishing Date: Jan 2017 Single.

Context Rich Systems Market to Global Analysis and Forecasts by Component, Device and Vertical No of Pages: 150 Publishing Date: Feb 2017 Single.

Small Charities Challenge Fund (SCCF) Guidance Webinar

JMFIP Financial Management Conference

CAPACITY BUILDING “Customs Perspective”

IS4550 Security Policies and Implementation

and Security Management: ISO 28000

CIGFARO ANNUAL CONFERENCE – 11 OCTOBER 2017

ICT PSP 2011, 5th call, Pilot Type B, Objective: 2.4 eLearning

Current ‘Hot Topics’ in Information Security Governance Auditing

Gender statistics in Information and Communication Technology for Women’s Empowerment and Gender Equality Dorothy Okello, Annual.

Trends in my profession, Information Technology

E-commerce and E-logistics Trends from an European perspective

GENDER STATISTICS IN INFORMATION AND COMMUNICATION

YOUR DIGITAL TRANSFORMATION JOURNEY

Supplier Partnership Supplier Partnership is the discipline the strategically planning for, and managing, all interactions with third party organization.

Managing Information Technology

Artificial Intelligence Changes the Security Landscape

Growth-Driven Performance Management

CompTIA Security+ Study Guide (SY0-401)

Presentation for information days Units involved:

Smart Learning concepts to enhance SMART Universities in Africa

Cyber Security Ecosystem of Georgia. Experience and Challenges

Cloud adoption NECOOST Advisory | June 2017.

Collaboration Oriented Architecture COA Position Paper An Overview

KEY INITIATIVE Financial Data and Analytics

Growth-Driven Performance Management

Presentation transcript:

Managing Information Security In a Disruptive IT Landscape A Presentation to ISACA Kenya Chapter Annual Conference, Mombasa By G. MURAGURI, CISM, CGEIT Ag. DC – ICT, KRA 25th May 2017

Content Introduction KRA Services The Changing IT Landscape How We Approach Security Adopting to a Disruptive IT Landscape

1. Introductionp The vision of KRA ICT is to achieve fully integrated electronic customer service, self service KRA recognizes ICT as a “strategic business enabler and game changer in support of the Authority’s corporate mandate” KRA like other organizations embracing modernization is faced with challenges and opportunities presented by the changing IT landscape

2. KRA Services Filing of Tax Returns M-service – Enquiries & Payments Customs Online Payment Customs Clearance Real Time Cargo Monitoring PIN Applications & Enquiries TCC Applications & Enquiries WCO E-Learning Excisable Goods Management System Other ICT developments under implementation impacting on KRA’s operations include: Data Warehousing and BI Mobile phone services “Cash-lite” societies – No carrying physical cash Reengineering of business processes On-going Government automation/3rd party Data sharing ICT a ‘Game Changer’ in revenue administration

3. The Changing IT Landscape Data is everywhere. Shared infrastructure/Storage Internet Everywhere Virtualization/Cloud Computing Need to support legacy while trying to be agile. Mobility & Smart Devices. BYOD/CYOD Technology Savvy Users & Curious generation – insider threats Shift from Device(PC) to user centric.

4. How Do We Approach Security? IT Governance and best practice standards adoption – ITIL, COBIT 5 Information Security Management System Framework – based on ISO27001 People Dedicated & Committed Personnel. Staff awareness & training Competent resources (qualifications & skills) PROCESS Governance frameworks Best Practice & framework IT Audits Technology You can’t deploy technology without competent people, support processes IT Risk Management Business Continuity - Redundancy & Disaster Recovery/Alternate sites. IT Change Management/CAC Capacity Planning , testing Security Solutions in tandem with changing & sophisticated technology landscape

5. Adopting to a Disruptive IT Landscape Institutionalized IT governance – reflected in IT org structure and practices Information security policies & practices Enterprise risk management - encompasses IT risk management Information System Security function Capabilities for monitoring , detecting and combating cyber threats – both technical and personnel Actively monitor global trends in technology and cyber threats and address the opportunities and challenges on a risk basis

5. Adopting to a Disruptive IT Landscape…contd Awareness on the need of everyone’s “due diligence” in ensuring information security – including partners , staff and customers Collect insight on threat indicators & Monitor emerging threats Work with other government agencies and security experts in dealing with cyber threats Share information on IT security regularly

Please remember to file your 2016 tax returns before 30th June 2017 iTax ni rahisi!