A Defense-in-Depth Strategy

Slides:



Advertisements
Similar presentations
Training Guide. `
Advertisements

Purchasing Assets with a P-CARD Presented by: David Bonola Tom Vaughan.
3SKey 3SKey.
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.
Security and Personnel
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
ISA 562 Summer Information Security Management CISSP Topic 1 ISA 562 Internet Security Theory and Practice.
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
Exam : Developing and Implementing Web Applications with Microsoft Visual C#.NET and Microsoft Visual Studio.NET Neoh Kee Lin,
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Access Controls Supervised by: Dr.Lo’ai Tawalbeh Prepared by: Abeer Saif.
IT Governance: Simultaneously Empowers and Controls Source: IT Governance, Chapter 1.
Stephen S. Yau CSE , Fall Security Strategies.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Secure Knowledge Management: and.
Microsoft Office Project Training Materials Jon Jaffe Information Worker Product Managent Group Microsoft Corporation.
Introduction to Security Architecture
Principles of Information Security, 2nd Edition1 Introduction.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Maintaining a Microsoft SQL Server 2008 Database SQLServer-Training.com.
Defense-in-Depth What Is It?
Systems and Software Consortium | 2214 Rock Hill Road, Herndon, VA Phone: (703) | FAX: (703) Best.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Unit 4 IT 484 Networking Security Course Name – IT Networking Security 1203C Term Instructor.
Security Standards and Threat Evaluation. Main Topic of Discussion  Methodologies  Standards  Frameworks  Measuring threats –Threat evaluation –Certification.
Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.
Single Sign-On
Ronnie Mullins By: Ronnie Mullins. History Developed by the U.S. Military Prevents (or at least delays) an attacker Also implemented in Fire Prevention.
Playing Safely in the Cloud Marie Greenberg, CISSP, IAM, IEM Information Security Manager Virginia State Corporation Commission.
E-Business Project - Strategy Carl Arrowsmith
Delivering Assured Services John Weigelt National Technology Officer Microsoft Canada.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 4 Helpful Tips and Navigation. OBJECTIVES Identify the common elements on a MedTrak screen Use the function keys Use the Tab key Select an item.
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
Information Marketing Group, Inc. Preparing to Open iParent.
1.  1. Introduction  2. Policy  3. Why Policy should be developed.  4. www policies 2.
Energy Management System (EnMS) Standard Certification Documentation Kit.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.
Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 1: Why Study Information Security?
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.
Principles of Information Security, Fourth Edition Chapter 1 Introduction to Information Security Part I.
SSCP: A High-Speed Introduction to the Exam Domains
BUS 508 Week 4 Assignment Internet Technology, Marketing, and Security (Sony Corp) Check this A+ tutorial guideline at
On-Line Meeting 2 October 25, 2016.
UNIT I INTRODUCTION Growing IT Security Importance and New Career Opportunities – Becoming an Information Security Specialist – Conceptualizing.
Recommendation 6: Using ‘cloud computing’ to meet the societal need ‘Faster and transparent access to public sector services’ Cloud computing Faster and.
Module 1: Introduction to Designing Security
Columbus State University
Protecting the Enterprise while lowering the bottom line.
E-Commerce
E-Commerce
E-Commerce
E-Commerce
E-Commerce
E-Commerce
Cisco Dumps Braindumps Dumps4download.us
Data and Applications Security Developments and Directions
Preparing for the Windows 8.1 MCSA
Data and Applications Security Developments and Directions
Track 3 Security.
norton.com/setup - Considering the requirement of antivirus and anti-malware on all web-enabled devices in today's.
Chapter 4: Security Policies
Presentation transcript:

A Defense-in-Depth Strategy Presented by Richard Gancze

Information Assurance Information security What does every Internet user who uses the web to make purchases, bank online or utilize services of an application service provider (e.g. salesforce.com) want? Information Assurance

What is information assurance? A proportional balance of Data Confidentiality + Data Availability + Data Integrity = Information assurance

Achieve information assurance? Defense-in-depth strategy

Layers Multiple layers of security are better than a single protection mechanism If one layer fails there are multiple layers behind it to protect the organization If all layers fail, then the organization must be able to react

Defense-in-breadth Multiple layers of protection with different configuration mechanisms

3 Key Elements People are the first line of defense and the most important asset in an organization

A Defense-in-Depth implementation

References Official (ISC)2 Guide to the CISSP Exam, Susan Hansche and John Berti, Chris Hare, Auerbach Publications, 2004 Security+ Certification Training Kit, Microsoft Corporation with Andy Ruth and Kurt Hudson, Microsoft Press, 2003 “Defense in Depth”, National Security Agency, http://www.nsa.gov/snac/support/defenseindepth.pdf

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.