National Information Assurance (NIA) Policy

Slides:

Advertisements

Similar presentations

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.

Advertisements

Cyber and Maritime Infrastructure

1 July 08, 2010 Information Security Officer Meeting.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

A project implemented by the HTSPE consortium This project is funded by the European Union GLOBAL EUROPE INSTRUMENT FOR STABILITY

12/12/2013 Cluster Workshop on Cybersecurity 1 Michele Bezzi (SAP) Kazim Hussain (ATOS) SecCord & CYSPA Projects.

Proposal of the World Rural Forum - WRF - Network to promote the International Year of Family Farming - IYFF.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

1 Table of Content 1.Business Diagnostic - Establishing a case for change –Changes in demand –New opportunities –Emerging threats 2.Vision Creation - Defining.

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

IT Security and Innovation. IT Security Regulatory compliance and ISO27001 –Public Service Network Code of Connection (PSN CoCo) –Payment Card Industry.

Prevention and Remediation in Selected Industrial Sectors, June 2005, Ottawa NATO’s Scientific Programme Thomas Strassburger Ottawa, Canada NATO’s.

NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion.

2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.

“The Resilient Economy: Integrating Competitiveness and Security” Council on Competiveness.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Hurdles in implementation of cyber security in India.

Ewan Donald Cyber Security FEEL FREE A NEW APPROACH TO CYBER SECURITY.

UNCLASSIFIED Homeland Security Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1.

NATIONAL CYBER SECURITY GOVERNANCE & EMERGING CYBER SECURITY THREATS

Homeland Security, First Edition © 2012 Pearson Education, Inc. All rights reserved. Overview of National Infrastructure Protection CHAPTER 3.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

Cyber Risks: Protecting confidential data against unauthorized access Vik Bansal Deloitte & Touche LLP John Reidhead State of Utah March 17, 2016.

Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

SEC 480 assist Expect Success/sec480assistdotcom FOR MORE CLASSES VISIT

Colonel Chaipun Nilvises Deputy Director, Office of ASEAN Affairs Office of Policy and Planning Ministry of Defence of Thailand.

April 19 th, 2016 Governors Homeland Security and All-Hazards Cyber Security Sub-Committee.

NANDHA ENGINEERING COLLEGE ERODE-52. CYBER WAR-A NEW FACE OF TERRORISM Guided byGuided by E.Kanimozhi,M.EE.Kanimozhi,M.E AP/Dept of ITAP/Dept of IT PRESENTED.

Surveillance and Security Systems Cyber Security Integration.

Information Security Officer Meeting

Security and resilience for Smart Hospitals Key findings

Information Security Program

Information Security – Current Challenges

Iowa Communications Alliance

Cybersecurity, competence and preparedness

NISF Objectives Conceptual structure for guiding IS activities

Cybersecurity - What’s Next? June 2017

Team 1 – Incident Response

Careers in Cyber Security

4th SG13 Regional Workshop for Africa on “Future Networks for a better Africa: IMT-2020, Trust, Cloud Computing and Big Data” (Accra, Ghana, March.

The Role of Financial Leadership in a Challenging Economic Climate “Financial Management from a Provincial Perspective” Presented by: Bruce L. Bennett.

Information Technology Sector

Cyber Security: State of the Nation

World Bank Group COUNTRY PARTNERSHIP FRAMEWORK with IRAQ

Business Transformation

8 Building Blocks of National Cyber Strategies

Kuwait – Germany Prospects for Cooperation

David Sayago EU Research Funding Team Valorisation Centre.

Securing the Threats of Tomorrow, Today.

PGE Chris Nolke, Director of Cybersecurity

Cybersecurity Threats and Opportunities in Latin America

Enhancing Gender Rights Online An Interactive Discussion

Cyber Risk & Cyber Insurance - Overview

The role of Supreme Audit Institutions in fragile situations: initial findings Research by David Goldsworthy and Silvia Stefanoni of Development Action.

Transforming Scenario Narratives into Study Cases

SOUTH AFRICAN INSURANCE ASSOCIATION

IS Risk Management Framework Overview

Securing Critical Chemical Assets: The Responsible Care® Security Code

THE CYBER LANDSCAPE UNCLASSIFIED CROSS DOMAIN NETWORK & INFO SHARING

Cyber Security in a Risk Management Framework

European energy policy

Scaling up of Renewable Energy for Power Generation in the Western Balkan countries

ECONOMIC SECURITY COMPONENT OF CIP: Roles of Industry and Government U

Adding security to your ICS environment? Fine! But how?!

What is Cybersecurity Office of Information Technology

Presentation transcript:

National Information Assurance (NIA) Policy

Current Scenario It is a connected world! More and More services are being provided online Continuous evolving and powerful technology available to everybody at a cheap price With every opportunity come Risk. Your business is at RISK!

Emerging Risks Changing Political Scenario Volatile political situation in the region Qatar’s prominent role in International Arena Changing Economic Scenario Country with highest per capita income International Sporting Events Hacktivism Sophisticated Attack Vectors Insider Threats Changing Legislative landscape Cyber Crime Law issued in 2014 Data Privacy and Protection Law issued in 2016 Proposed Critical Information Infrastructure Protection Law*

Real Incidents 2012: Main players in Oil & Gas industry in Qatar has been impacted by major destructive cyber attacks. 2013: Major attack targeting TLD “Top Level Domains” and interrupt huge e-commerce websites in Qatar 2014: Many DDOS attacks targeting Financial and Energy sectors in state of Qatar 2015: Major attacks involving Information Disclosure in CSOs 2016: Major Data leakage attacks in Financial sector and several organizations compromised through IT Supply Chain

The need of Information Security Management System

Challenges Business Model of Information Security Cultural Issues Pre-set Mindset: Peaceful and secure environment Lack of Awareness Lack of Support Lack of Resources

National Information Assurance Policy

What is NIA Policy

NIA Components

Assets Classification Step 1: Identify key processes and their owners in the organization. Step 2: Identity process dependencies: information, applications, systems, networks, etc. Step 3. Determine the security classification for each information asset using table Step 4: Apply the necessary controls

NIA Policy is.. Approved and vetted by Council of Ministers, National Information Security Council. Circular for Compliance issued by MoTC to Government Sector Formulated from most common international standards/best practices Allows straight forward path for certification against other standards e.g. ISO27001. Adopted by leading organizations in government, finance and energy sectors. Maps well with established standards such as ITIL, PCI DSS

Thank You www.qcert.org