Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rethinking Institution Security Approach

Published byMegan Wilkins Modified over 6 years ago

Similar presentations

Presentation on theme: "Rethinking Institution Security Approach"— Presentation transcript:

1 Rethinking Institution Security Approach
Sergio Vicente & Sergi Blanch

2 Overview What is a CISO and his/her main functions?
2 What is a CISO and his/her main functions? The IT security coordination group Example project: ISPyB / MXCuBE

3 IT security coordination group
3 A chief information security officer (CISO) is the senior-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. Ref: Typically, the CISO's influence reaches the entire organization. Responsibilities may include, but not be limited to: Computer emergency response team/computer security incident response team Cybersecurity Disaster recovery and business continuity management Identity and access management Information privacy Information regulatory compliance (e.g., US PCI DSS, FISMA, GLBA, HIPAA; UK Data Protection Act 1998; Canada PIPEDA) Information risk management Information security and information assurance Information security operations center (ISOC) Information technology controls for financial and other systems IT investigations, digital forensics, eDiscovery Security architecture 3

4 IT security coordination group
4 Definition The IT security coordination group at ALBA is a consultancy Inter-section group in the Computing Division Objectives Afford cybersecurity from a multidisciplinary point of view Avoid collisions among different section interests. Propose the measures to be deployed to the section heads in the Computing Division

5 IT security coordination group
5 Current team members Sergi Blanch Torné Controls Systems Alfonso Burgos Olanda Management Information Systems Sergio Vicente Molina IT Systems Controls responsible for the control system of both Accelerators and beam lines. Equipment Protection (EPS), Personal Safety System (PSS), vacuum control, as well as synoptic and Graphical User Interfaces are among its duties. Management Information Systems (MIS) Section inside the Computing Section has the responsability of the Managament and administrative applications in ALBA synchrotron, covering the following services: Analyze and specify the functional requirements of administrative applications. Develop, implement, and maintain administrative applications and all tools required for optimal exploitation of the corporate information. Support users of these applications, prepare user documentation and provide training. 5

6 IT security coordination group
6 Tasks already performed since 2016 Development of a checklist to enable remote Internet access to specific applications. Description of the main concerns and IT security risks for each section in Computing. Evaluation of different proposals of IT security audits. The chosen will be performed in the following weeks.

7 IT security coordination group
7 MIS Controls Systems

8 IT security coordination group
8 MIS Controls Systems

9 IT security coordination group
9 MIS Controls Systems

10 IT security coordination group
10 MIS Controls DMZ Systems

11 IT security coordination group
11 MIS Controls DMZ Field Systems

12 IT security coordination group
12 MIS Controls DMZ Field Systems

13 IT security coordination group
13 MIS Controls DMZ Field Systems

14 IT security coordination group
14 MIS WebService Controls DMZ Field Systems

15 IT security coordination group
15 MIS WebService Controls DMZ Field Ldap Systems

16 IT security coordination group
16 MIS WebService Controls DMZ Field Ldap Network Systems

17 Thanks, any question? For further contact:
17 Thanks, any question? For further contact: ISPyB: MXCuBE:

Download ppt "Rethinking Institution Security Approach"

Similar presentations

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
1 Safety Management Systems A Transport Canada Civil Aviation Program Update.

1 Safety Management Systems A Transport Canada Civil Aviation Program Update.
Security Controls – What Works

Security Controls – What Works
Incidence Response & Computer Forensics, Second Edition Chris Prosise Kevin Mandia.

Incidence Response & Computer Forensics, Second Edition Chris Prosise Kevin Mandia.
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.

NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
By Collin Smith http://techinitiatives.blogspot.com COBIT Introduction By Collin Smith http://techinitiatives.blogspot.com.

By Collin Smith COBIT Introduction By Collin Smith
OPM Cybersecurity Competencies by Occupation (Technical Competencies) 2210085508540391 Information Technology Management Series Electronics Engineering.

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Information Systems Security Officer

Information Systems Security Officer
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.

Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.

Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.

Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.
By Drudeisha Madhub Data Protection Commissioner Date: 12.08.14.

By Drudeisha Madhub Data Protection Commissioner Date:
Patch Management Strategy

Patch Management Strategy
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Similar presentations

Ads by Google