Security Track Day 1 Richard Stiennon Chief Research Analyst IT-Harvest Blog: ThreatChaos.com twitter.com/stiennon IT-Harvest Confidential.

Slides:



Advertisements
Similar presentations
Why Security? A Commitment for [the Agency’s] Executives [CIO’s name] EC Presentation [date]
Advertisements

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
© QinetiQ North America, Inc QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Massachusetts privacy law and your business  Jonathan Gossels, President, SystemExperts Corporation  Moderator: Illena Armstrong  Actual Topic: Intersecting.
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Boost your network security with NETASQ Vulnerability Manager.
SIEMs - Decoding The Mayhem Bill Dean Director of Computer Forensics Sword & Shield Enterprise Security Inc.
1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Computer Security: Principles and Practice
Stephen S. Yau CSE , Fall Security Strategies.
© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
Rodney Petersen Security Task Force Coordinator EDUCAUSE
1 Internet Security Threat Report X Internet Security Threat Report VI Figure 1.Distribution Of Attacks Targeting Web Browsers.
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
Unify and Simplify: Security Management
Managing and Securing Endpoints Bruce Hotte Chief Information Officer Jeff Swan Network Supervisor  The definition of “endpoint” used to be simple: a.
Enterprise Privacy Architectures Leveraging Encryption to Keep Data Private Karim Toubba VP of Product Management Ingrian Networks.
Dell Connected Security Solutions Simplify & unify.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Sensitive Metric Collection and Reporting System Michael Aiello Hanning Gao Martin Goldberg Michael Sosonkin Jason Woloz.
Enterprise Visibility & Security Analytics Rocky DeStefano, VP of Strategy & Technology.
Security at NCAR David Mitchell February 20th, 2007.
PAGE Intelligence Meets Vulnerability Management NYC ISSA January 24, 2013.
Auditing IT Vulnerabilities IT vulnerabilities are weaknesses or exposures in IT assets or processes that may lead to a business risk or security risk.
1 August 18, 2010 Disaster Recovery Coordinators’ Meeting.
Note1 (Admi1) Overview of administering security.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
1.1 1 Purpose of firewall : –Control access to or from a protected network; –Implements network access policy connections pass through firewall and are.
Scott Charney Cybercrime and Risk Management PwC.
Internal Audit Considerations for Cybersecurity Risks Posed by Vendors October th, 2015 Chicago IIA Chapter’s 2 nd Annual IIA Chicago IT Hacking.
EISA (Enterprise Information Security Architecture) - detailed description of security processes and procedures to develop compliance with strategic goals.
PARTNER CAMPAIGN PACK  2015 ObserveIT Campaign Roadmap  Introducing ObserveIT Partner Campaign Packs  Overview of Application User Campaign Pack.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.
Security Snapshot Assessment Maximizing Return on Security Investment What assets do we have? What is running on those assets? What is our risk level?
Cyber Security : Indian perspective. 22 Internet Infrastructure in INDIA.
Information Security Framework Regulatory Compliance and Reporting Auditing and Validation Metrics Definition and Collection Reporting (management, regulatory,
INNOVATE THROUGH MOTIVATION MSP Services Overview KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.
CYBER SECURITY PRACTICES: AN EXPERT PANEL DISCUSSION February 12, 2015 Harvard Business School Association of Boston.
HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.
Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Contingency Management Indiana University of Pennsylvania John P. Draganosky.
Telephone : +234 (0) | Website : Registered company : Telephone : +234.
WSU IT Risk Assessment Process
Team 1 – Incident Response
Rethinking Institution Security Approach
Managing Secure Network Systems
CCNET Managed Services
Module 1: Introduction to Designing Security
Bill Banks | Security Engineer
CMGT 431 Competitive Success/snaptutorial.com
CMGT 431 Education for Service-- snaptutorial.com.
CMGT 431 STUDY Lessons in Excellence--cmgt431study.com.
CMGT 431 Teaching Effectively-- snaptutorial.com.
Securing the Threats of Tomorrow, Today.
Contact Center Security Strategies
Drew Hunt Network Security Analyst Valley Medical Center
Cybersecurity Threat Assessment
Data Security and Privacy Techniques for Modern Databases
Presentation transcript:

Security Track Day 1 Richard Stiennon Chief Research Analyst IT-Harvest Blog: ThreatChaos.com twitter.com/stiennon IT-Harvest Confidential

Blog: twitter.com/cyberwar IT-Harvest Confidential

The Week’s Agenda Today, August 2, 2010 What CXOs consistently fail to grasp about enterprise security Day 2 Getting beyond vulnerabilities; resilience in security architectures Day 3 Threat and risk management Day 4 Security and ROI Day 5 Data protection: strategies inside and outside the enterprise IT-Harvest Confidential

What CXOs consistently fail to grasp about enterprise security IT-Harvest Confidential 1. The difference between good security operations and good security Good security operations keep your IT functions working. They include the mundane tasks of maintaining logs, blocking viruses and worms, fixing vulnerabilities, and incident recovery as well as compliance and audit.

Three simple rules of good security IT-Harvest Confidential 1. Secure networks assume that hosts are hostile 2. Secure hosts assume the network is hostile 3. Secure applications assume the user is hostile

Why security investments never end Every new technology evolution increases productivity, access to information, and reliance on the network. It also exposes operations to new threats. New requirements for security investment are NOT driven by vendors. Today's worry: targeted attacks IT-Harvest Confidential

Audit and compliance get in the way of good security IT-Harvest Confidential HIPPA, GLB, SOX, PCI are just the beginning. 40 bills pending in Congress, not to mention EU, India, China, and Australia Do not let compliance demands get in the way of protecting your critical information assets!

IT-Harvest Confidential Blog: twitter.com/cyberwar

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.