Network Security Policy Why do I need a network security policy? Dr. Charles T. Wunker.

Slides:

Advertisements

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Advertisements

Tomorrows Technology For Todays Business. McAfee.com Background Internets largest consumer ASP Online security, privacy and PC management services Largest.

No 1 IT Governance – how to get the right and secured IT services Bjorn Undall and Bengt E W Andersson The Swedish National Audit Office Oman

© fedict All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.

HIPAA AWARENESS TRAINING

Mark Levene, An Introduction to Search Engines and Web Navigation © Pearson Education Limited 2005 Slide 4.1 Chapter 4 : Searching the Web The mechanics.

Welcome Cyber Defense Bootcamp for High School Teacher

Security and Control Soetam Rizky. Why Systems Are Vulnerable ?

Digital Citizenship in the Classroom

Copyright © Houghton Mifflin Company. All rights reserved.Lecture Outlines, 8–1 “If you know neither yourself nor your enemy, you will succumb in every.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Competitive Dynamics.

Microsoft Security Development Lifecycle for IT Rob Labbé Security Engagement Manager MSIT Infosec – ACE

Kneeling to Victory. Three steps to gaining positive forward momentum in the spiritual life.

Global Forum V on Fighting Corruption and Safeguarding Integrity (GF V) 2-5 April, 07 Strengthening actions for effective implementation of anti-corruption.

The Art of War was written over 2500 years ago, but the principles of it are still utilized by the military, government and businesses. Read the quotes.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

Chapter 1 – Introduction

Computing Computing Ethics And policies that enforce behavior.

Computing Computing Ethics And policies that enforce behavior.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 Introduction. Art of War  If you know the enemy and know yourself, you need not fear the result of a hundred battles.  If you know yourself.

Lecture 11 Reliability and Security in IT infrastructure.

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

We build strong children strong families strong communities Presented By: Brad Lawrence Kent Starling Treasa McLean Why Secure the Y?

Kegel Network Security Presented by: Walter Ramirez Kyla Williamson Brent Sims.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Export Marketing Veikko Laine Information, what ? Definition: … generally accepted (well established) true belief … Information paradox : The more information.

Herradura, Costa Rica WELCOMES YOU TO. Reminders The 5 Laws that determine all of Life’s Outcomes Look for your transfer information RSPA Certification.

Acceptable Use Policies, Online Safety, and Photo Permission Forms Elizabeth White Tara Dykes Julie Howe.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

World Future Society Washington, DC Executive Office of the President of the United States: The Need for New Capabilities Lessons From Singapore and the.

2015 Safety Action Plan & Regulatory Strategy California Public Utilities Commission January 29, 2015.

Database Administration

CC3020N Fundamentals of Security Management CC3020N Fundamentals of Security Management Lecture 2 Risk Identification and Risk Assessment.

Lecture 31 Risk Management. Introduction Information security departments are created primarily to manage IT risk Managing risk is one of the key responsibilities.

Computer and Network Security Rabie A. Ramadan. Organization of the Course (Cont.) 2 Textbooks William Stallings, “Cryptography and Network Security,”

JMU GenCyber Boot Camp Summer, Welcome Cyber Defense Boot camp for High School Teachers Cyber Defense Lab (ISAT/CS Room 140) Department of Computer.

Training of Information Security for Common Users Dr. Francisco Eduardo Rivera FAA SALT Conference, February 18, 2004.

Best Practices to Prevent Internet Fraud Presented by: Ori Eisen Founder & Chief Innovation Officer.

T.A 2013/2014. Wake Up Call! Malware hijacks your , sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.

DIGITAL CITIZENSHIP. Digital Citizenship covers 9 areas according to Mike Ribble, an expert in the field.  Etiquette  Communication  Literacy  Access.

Introduction to Security Dr. John P. Abraham Professor UTPA.

Mapping web applications Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.

INFRASTRUCTURE SELF-ASSESSMENT (ISA) For public and private stakeholders Chad Fullmer Critical Infrastructure Protection (CIP) Office: (907)

Implementing a Security Policy JISC – ICT Security Threats & Promises, April 2002 Mick Ismail ICT Services Manager City of Wolverhampton College.

Competitive Dynamics In the Marketplace EMBA Class of 2017.

Best Cyber Security Practices for Counties An introduction to cybersecurity framework.

Philip J. Beyer, Information Security Officer John P. Skaarup, Sr. Security Engineer Texas Education Agency Information Security.

JMU GenCyber Boot Camp Summer, 2016

Unit 1: Marketing Competitor analysis 05/02/2018.

Risk management «Once we know our weaknesses, they cease to do us any harm.» G.C. Lichtenberg.

Information Security, Theory and Practice.

Presented by : - Ankit kumar Mishra Rohit gir

Steven Hartman State Information Security Officer State of Nebraska

Risk Management: Principles of risk, Types of risk and Risk strategies

Understanding your enemy!

Edvinas Pranculis MM, CISA, CISM

CSC348 – Data Security and Encryption

Game Planning If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every.

IS Risk Management Framework Overview

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory.

3 Week A: May 1 – 19 3 Week B: May 22 – June 9

LO1 - Know about aspects of cyber security

Presentation transcript:

Network Security Policy Why do I need a network security policy? Dr. Charles T. Wunker

Network Security Policy “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” Excerpt from The Art of War by Sun Tzu ( Retrieved July 13, 2006, from

Network Security Policy “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” Excerpt from The Art of War by Sun Tzu ( Retrieved July 13, 2006, from

Network Security Policy Know Your Enemy Why would someone want to attack you? What do you have that they want? What is the value to the attacker? How could they attack you? What are the chances of an attack? System failure or natural disaster? Is the enemy also within?

Network Security Policy Know Yourself What needs to be protected? What is the value to you? What is the effect on the organization if assets are accessed, stolen, damaged, or made public? How can these assets be protected? What protection is in place? Is it adequate?

Network Security Policy List assets that needs to be protected Identify those that may access the information (level of access) Security tools to prevent unauthorized access (general strategies) Rules & regulations. (can and cannot do) Backup & recovery policy Penalties & punishment Who has the responsibilities What should be in the policy?

Network Security Policy Sufficient depth Written in clear, unambiguous language Concise (to the point) Include version number and date Enforceable How should it be written?

Network Security Policy Your system is only as strong as the weakest link! Dr. Charles Wunker Is your system secure?

Network Security Policy

Avolio, F. (2000, March 20). Best Practices in Network Security, Network Computing. Retrieved July 2, 2002, from Business Source Premier.Business Source Premier Ellis, C. (2003, Feb) '7 Steps' for network security, Communications News. Retrieved June 24, 2003, from Business Source Premier.Business Source Premier Jacobs, J.; Pearl, M.; Irvine, S. (2001, March). Protecting Online Privacy to Avoid Liability. Association Management. Retrieved on Nov 9, 2002 from Business Source Premier.Business Source Premier Luzadder, D; Bryce, R; Gohring, N; Ploskina, B; Scanlon, B; Smetannikov, M; Spangler, T. (2001, Oct 22). Feeling Insecure, Interactive Week. Retrieved July 2, 2002, from Business Source Premier.Business Source Premier Palmer, M. (2001, May/June) Information Security Policy Framework: Best Practices for Security Policy in the E-commerce Age, Information Systems Security. Retrieved July 2, 2002, from Business Source Premier.Business Source Premier References

Network Security Policy