Presentation is loading. Please wait.

Presentation is loading. Please wait.

National Information Assurance (NIA) Policy

Published byJunior Singleton Modified over 5 years ago

Similar presentations

Presentation on theme: "National Information Assurance (NIA) Policy"— Presentation transcript:

1 National Information Assurance (NIA) Policy

2 Current Scenario It is a connected world!
More and More services are being provided online Continuous evolving and powerful technology available to everybody at a cheap price With every opportunity come Risk. Your business is at RISK!

3 Emerging Risks Changing Political Scenario
Volatile political situation in the region Qatar’s prominent role in International Arena Changing Economic Scenario Country with highest per capita income International Sporting Events Hacktivism Sophisticated Attack Vectors Insider Threats Changing Legislative landscape Cyber Crime Law issued in 2014 Data Privacy and Protection Law issued in 2016 Proposed Critical Information Infrastructure Protection Law*

4 Real Incidents 2012: Main players in Oil & Gas industry in Qatar has been impacted by major destructive cyber attacks. 2013: Major attack targeting TLD “Top Level Domains” and interrupt huge e-commerce websites in Qatar 2014: Many DDOS attacks targeting Financial and Energy sectors in state of Qatar 2015: Major attacks involving Information Disclosure in CSOs 2016: Major Data leakage attacks in Financial sector and several organizations compromised through IT Supply Chain

5 The need of Information Security Management System

6 Challenges Business Model of Information Security Cultural Issues
Pre-set Mindset: Peaceful and secure environment Lack of Awareness Lack of Support Lack of Resources

7 National Information Assurance Policy

8 What is NIA Policy

9 NIA Components

10 Assets Classification
Step 1: Identify key processes and their owners in the organization. Step 2: Identity process dependencies: information, applications, systems, networks, etc. Step 3. Determine the security classification for each information asset using table Step 4: Apply the necessary controls

11 NIA Policy is.. Approved and vetted by Council of Ministers, National Information Security Council. Circular for Compliance issued by MoTC to Government Sector Formulated from most common international standards/best practices Allows straight forward path for certification against other standards e.g. ISO27001. Adopted by leading organizations in government, finance and energy sectors. Maps well with established standards such as ITIL, PCI DSS

12 Thank You

Download ppt "National Information Assurance (NIA) Policy"

Similar presentations

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.
Cyber and Maritime Infrastructure

Cyber and Maritime Infrastructure
1 July 08, 2010 Information Security Officer Meeting.

1 July 08, 2010 Information Security Officer Meeting.
Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
A project implemented by the HTSPE consortium This project is funded by the European Union GLOBAL EUROPE INSTRUMENT FOR STABILITY 2014-2020.

A project implemented by the HTSPE consortium This project is funded by the European Union GLOBAL EUROPE INSTRUMENT FOR STABILITY
12/12/2013 Cluster Workshop on Cybersecurity 1 Michele Bezzi (SAP) Kazim Hussain (ATOS) SecCord & CYSPA Projects.

12/12/2013 Cluster Workshop on Cybersecurity 1 Michele Bezzi (SAP) Kazim Hussain (ATOS) SecCord & CYSPA Projects.
Proposal of the World Rural Forum - WRF - Network to promote the International Year of Family Farming - IYFF.

Proposal of the World Rural Forum - WRF - Network to promote the International Year of Family Farming - IYFF.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.
Isdefe ISXXXX-090000-1XX 5.10.2010 Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.
1 Table of Content 1.Business Diagnostic - Establishing a case for change –Changes in demand –New opportunities –Emerging threats 2.Vision Creation - Defining.

1 Table of Content 1.Business Diagnostic - Establishing a case for change –Changes in demand –New opportunities –Emerging threats 2.Vision Creation - Defining.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
IT Security and Innovation. IT Security Regulatory compliance and ISO27001 –Public Service Network Code of Connection (PSN CoCo) –Payment Card Industry.

IT Security and Innovation. IT Security Regulatory compliance and ISO27001 –Public Service Network Code of Connection (PSN CoCo) –Payment Card Industry.
Prevention and Remediation in Selected Industrial Sectors, 12-16 June 2005, Ottawa NATO’s Scientific Programme Thomas Strassburger Ottawa, Canada NATO’s.

Prevention and Remediation in Selected Industrial Sectors, June 2005, Ottawa NATO’s Scientific Programme Thomas Strassburger Ottawa, Canada NATO’s.
NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion.

NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion.
2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.

2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.
“The Resilient Economy: Integrating Competitiveness and Security” Council on Competiveness.

“The Resilient Economy: Integrating Competitiveness and Security” Council on Competiveness.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Similar presentations

Ads by Google