August 1999 Mr. Mike Finley, CISSP Senior Security Engineer Computer Science Corporation.

Slides:



Advertisements
Similar presentations
Incident Response Managing Security at Microsoft Published: April 2004.
Advertisements

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
David A. Brown Chief Information Security Officer State of Ohio
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
An Introduction to System Administration Chapter 1.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
MSIA Introduction to Information Systems Security Training and Policy Week 1 Live Session Presentation.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Security Controls – What Works
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
Computer Security: Principles and Practice
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Stephen S. Yau CSE , Fall Security Strategies.
Fraud Prevention and Risk Management
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,
SEC835 Database and Web application security Information Security Architecture.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
Kholoud AlSafadi Ethical Issues in Information Systems and the Internet.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Web Security for Network and System Administrators1 Chapter 2 Security Processes.
K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.
INCIDENT RESPONSE IMPLEMENTATION David Basham University of Advancing Technology Professor: Robert Chubbuck NTS435.
OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.
Appendix C: Designing an Operations Framework to Manage Security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Service Level Agreements Service Level Statements NO YES The process of negotiating and defining the levels of user service (service levels) required.
Eleventh National HIPAA Summit 5.04 Security Incident Response – What to do if a breach occurs and how to mitigate damages Chris Apgar, CISSP.
Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &
Introduction to Information Security
Scott Charney Cybercrime and Risk Management PwC.
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Pro-active Security Measures
HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Assuring Reliable and Secure IT Services Chapter 6.
INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Information Security tools for records managers Frank Rankin.
AUDITING BUSINESS CONTINUITY PROGRAMS AND PLANS What to Look For Presented by: Tommye White, CBCP, DRP Chuck Walts, CBCP, CRP.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Cybersecurity - What’s Next? June 2017
Team 1 – Incident Response
Security Standard: “reasonable security”
Team 2 – understand vulnerabilities
Joe, Larry, Josh, Susan, Mary, & Ken
NYBA 2017 Technology, Compliance &
Securing Information Systems
General Counsel and Chief Privacy Officer
Security week 1 Introductions Class website Syllabus review
IT OPERATIONS Session 7.
The Survival Plan.
Presentation transcript:

August Mr. Mike Finley, CISSP Senior Security Engineer Computer Science Corporation

Why do you need a CERT Security Breaches Employee access abuse Unauthorized access by outsiders Leak of proprietary data Theft/destruction of computing resources Viruses Access abuse by nonemployee authorized users

Building a response team Senior Management Support Right mix of people with right skill sets Intrusion-Detection Systems Work area Training SW/HW new technologies Funding

Building a response team Establish Policies and Procedures Have a Concept of Operations Internal / External Coordination Be Flexible Establish Trust Know your users/customers Know your limits

Building a response team Test your response procedures against critical business functions Do you have proper plans in place Personnel notification plan Disaster recovery plan Contingency plan Processing agreement plan

Typical CERT duties Monitor, audit, and test systems and networks for possible security problems Provide investigation, coordination, reporting, and follow up of network security incidents Test and install security infrastructure to tools Test and install patches and fixes for security vulnerabilities in vendor software Stay current on security technology Advocate corporate computer security policy

Incident response Determine the nature and scope of the incident Contact key management personnel Solve problem and get system back to normal operations Execute nontechnical actions Learn from the incident

Where can you go for help Incident response centers CERT coordination center ( Computer Incident Advisory Capability CIAC ( Forum of Incident Response and Security Teams FIRST (

Security Web Sites

Security mailing list Best-of Coast security archive The risk forum- Intrusion NT Bugtraq- listserv.ntbugtraq.com

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.