Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understand Risks to IT Security

Published byAshley Patrick Modified over 6 years ago

Similar presentations

Presentation on theme: "Understand Risks to IT Security"— Presentation transcript:

1 Understand Risks to IT Security
Unit 48 I.T. Security Management HND in Computing and Systems Development

2 Last week Organisational security procedures An operational model:
Prevention Detection Response Definitions: Policies, Procedures, Standards, Guidelines Policy life-cycle: Aspects to consider Questions to ask Plan (adjust) for security Evaluate the effectiveness Implement the plans Monitor the implementation

3 Organisational Security Procedures
Need to consider: data, network, systems, operational impact of security breaches, web systems, wireless systems

4 Data What is the data? Where is it stored?
What format is it stored in? Some data may still be stored in paper-form. Who has access to the data? Where can they access the data? What systems can access the data? Who owns the data? Who can change the data? Where is the data backed-up?

5 Procedures So you know about the data…
What procedures will you implement to protect it? Influenced by: Computer Misuse Act 1990 Data Protection Act 1998 (principle 7) “Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.”

6 Guidance from the ICO What needs to be protected?
What level of security? What measures? protection/principle-7-security/

7 First line of Defence? Not overly burdensome
prevent breaches from occurring lay out the proper procedures should a breach occur. 

8 Money Security as a cost Creating value from security

9 Task Draw up a list of procedures that you will implement to protect the systems at MWS. Explain the rationale behind the choice of the various procedures with reference to: The data The company objectives The appropriate legislation

Download ppt "Understand Risks to IT Security"

Similar presentations

Jisc Legal. John X Kelly - Mobile Devices - BYOD.

Jisc Legal. John X Kelly - Mobile Devices - BYOD.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Getting data sharing right for every child

Getting data sharing right for every child
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Computer Security Fundamentals

Computer Security Fundamentals
Unit 2 – Principles of Health and Social Care

Unit 2 – Principles of Health and Social Care
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.

CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.
The Information Commissioner’s Office David Evans.

The Information Commissioner’s Office David Evans.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
Overview Of Information Security Management By BM RAO Senior Technical Director National Informatics Centre Ministry of Communications and Information.

Overview Of Information Security Management By BM RAO Senior Technical Director National Informatics Centre Ministry of Communications and Information.
Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October 2012 1.

Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October
Health & Social Care Apprenticeships & Diploma

Health & Social Care Apprenticeships & Diploma
David N. Wozei Systems Administrator, IT Auditor.

David N. Wozei Systems Administrator, IT Auditor.
The Data Protection Act 1998 The Eight Principles.

The Data Protection Act 1998 The Eight Principles.
Information Sharing Sheila Logan Information Commissioner’s Office Employability Partnership Event Glasgow 13 August 2009.

Information Sharing Sheila Logan Information Commissioner’s Office Employability Partnership Event Glasgow 13 August 2009.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Similar presentations

Ads by Google