Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managing Information Security In a Disruptive IT Landscape

Published byBeatrix Hall Modified over 6 years ago

Similar presentations

Presentation on theme: "Managing Information Security In a Disruptive IT Landscape"— Presentation transcript:

1 Managing Information Security In a Disruptive IT Landscape
A Presentation to ISACA Kenya Chapter Annual Conference, Mombasa By G. MURAGURI, CISM, CGEIT Ag. DC – ICT, KRA 25th May 2017

2 Content Introduction KRA Services The Changing IT Landscape
How We Approach Security Adopting to a Disruptive IT Landscape

3 1. Introductionp The vision of KRA ICT is to achieve fully integrated electronic customer service, self service KRA recognizes ICT as a “strategic business enabler and game changer in support of the Authority’s corporate mandate” KRA like other organizations embracing modernization is faced with challenges and opportunities presented by the changing IT landscape

4 2. KRA Services Filing of Tax Returns M-service – Enquiries & Payments Customs Online Payment Customs Clearance Real Time Cargo Monitoring PIN Applications & Enquiries TCC Applications & Enquiries WCO E-Learning Excisable Goods Management System Other ICT developments under implementation impacting on KRA’s operations include: Data Warehousing and BI Mobile phone services “Cash-lite” societies – No carrying physical cash Reengineering of business processes On-going Government automation/3rd party Data sharing ICT a ‘Game Changer’ in revenue administration

5 3. The Changing IT Landscape
Data is everywhere. Shared infrastructure/Storage Internet Everywhere Virtualization/Cloud Computing Need to support legacy while trying to be agile. Mobility & Smart Devices. BYOD/CYOD Technology Savvy Users & Curious generation – insider threats Shift from Device(PC) to user centric.

6 4. How Do We Approach Security?
IT Governance and best practice standards adoption – ITIL, COBIT 5 Information Security Management System Framework – based on ISO27001 People Dedicated & Committed Personnel. Staff awareness & training Competent resources (qualifications & skills) PROCESS Governance frameworks Best Practice & framework IT Audits Technology You can’t deploy technology without competent people, support processes IT Risk Management Business Continuity - Redundancy & Disaster Recovery/Alternate sites. IT Change Management/CAC Capacity Planning , testing Security Solutions in tandem with changing & sophisticated technology landscape

7 5. Adopting to a Disruptive IT Landscape
Institutionalized IT governance – reflected in IT org structure and practices Information security policies & practices Enterprise risk management - encompasses IT risk management Information System Security function Capabilities for monitoring , detecting and combating cyber threats – both technical and personnel Actively monitor global trends in technology and cyber threats and address the opportunities and challenges on a risk basis

8 5. Adopting to a Disruptive IT Landscape…contd
Awareness on the need of everyone’s “due diligence” in ensuring information security – including partners , staff and customers Collect insight on threat indicators & Monitor emerging threats Work with other government agencies and security experts in dealing with cyber threats Share information on IT security regularly

9

10

11 Please remember to file your 2016 tax returns before 30th June 2017
iTax ni rahisi!

Download ppt "Managing Information Security In a Disruptive IT Landscape"

Similar presentations

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
www.rra.gov.rw Taxes for Growth & Development RWANDA REVENUE AUTHORITY INTRODUCTION Rwanda Revenue Authority in its modernization program embarked on.

Taxes for Growth & Development RWANDA REVENUE AUTHORITY INTRODUCTION Rwanda Revenue Authority in its modernization program embarked on.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
Collaboration Oriented Architecture COA Position Paper An Overview Adrian Seccombe Board of Management, Jericho Forum ® CISO & Snr Enterprise Information.

Collaboration Oriented Architecture COA Position Paper An Overview Adrian Seccombe Board of Management, Jericho Forum ® CISO & Snr Enterprise Information.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Security Controls – What Works

Security Controls – What Works
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
The Role of Security & Privacy in EA Program

The Role of Security & Privacy in EA Program
1 Kuwait Central Agency for information technology.

1 Kuwait Central Agency for information technology.
Www.adira.org Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.

Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.
Tech Talk IT Guidance for Executives.  Information & Communications Technology is a key enabler to Customs reform and modernization  Already ubiquitous.

Tech Talk IT Guidance for Executives.  Information & Communications Technology is a key enabler to Customs reform and modernization  Already ubiquitous.
© 2007 ISACA ® All Rights Reserved DAMA-NCR Chapter Meeting March 11, 2008.

© 2007 ISACA ® All Rights Reserved DAMA-NCR Chapter Meeting March 11, 2008.
Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.

Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.
TTBIZLINK PROJECT MINISTRY OF TRADE, INDUSTRY, INVESTMENT & COMMUNICATIONS.

TTBIZLINK PROJECT MINISTRY OF TRADE, INDUSTRY, INVESTMENT & COMMUNICATIONS.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
Information Security Issues at Casinos and eGaming

Information Security Issues at Casinos and eGaming

Similar presentations

Ads by Google