Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.

Published byCallie Hollinger Modified over 9 years ago

Similar presentations

Presentation on theme: "Www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most."— Presentation transcript:

1 www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most Important Assets Ernest Doring QinetiQ-North America Ernest.doring@QinetiQ-NA.com 619-321-6164 14 September 2010

2 www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. Several factors make information security a growing concern for today’s organizations … Increased Automation: With significant reductions in the size of government, organizations are increasingly conducting business processes through network- based information environments. More critical information is being put on-line and is potentially exposed to greater risk. Increased network vulnerability: IT environments in many organizations are evolving into relatively open architectures. This potentially simplifies an attacker’s problem and increases system vulnerability. Increased cyber threat: Burgeoning technology has given rise to a new generation of computer intruders possessing a wide array of advanced intrusion tools which can inflict damage to a degree that formerly was the exclusive purview of nations. This means more chances for unauthorized users to successfully attack your systems. 2

3 www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. … Add to that the Demands on IT & Security … Increased Competitive Pressures Better Efficiency and Consistency Increased Demand from Stakeholders More Regulations Eliminate Redundancy Increase Transparency and Accountability Increasing Demands on IT and Security 3

4 www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. …Resulting in Organizations Asking the following Questions 4  Are our Information security initiatives aligned with our business needs?  Are our customers’ and business partners’ information security initiatives and requirements compliant and compatible with ours?  Are our information security practices providing adequate assurance to meet regulation or compliance requirements?  Are we perceived as a responsive organization meeting the needs of our stakeholders, our customers, and trading partners?  Do our information security controls align with industry-related and internationally accepted guidelines?  Are we aware of our security risks and are they being effectively managed?  Are we measuring the effectiveness of our information security Investments?

5 www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. … But There is No Silver Bullet Solution SECURE SYSTEMS PROCESSTECHNOLOGY PEOPLE Systems Expert Security Expert Systems IA Expert 5

6 www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. … So What Can Be Done? … Enterprise Security Framework Framework leads to an effective and efficient means to evaluate, design, implement, and sustain your security program 6

7 www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. Enterprise Security Framework Benefits Provides increased efficiency and economy of security throughout the organization Provides the ability to ensure centralized enforcement and oversight and decentralized management The central level element helps to coordinate and manage use of limited security-related resources throughout the organization Ensure that mechanisms are in place to provide coordination and unity of action between the central and the system level components Ensures appropriate and cost-effective security for each system Together, the multilevel components of an enterprise-wide IT security program will protect an organization’s valuable information resources 7

Download ppt "Www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most."

Similar presentations

Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.

Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.
U.Va.’s IT Security Risk Management Program (ITS-RM) April 2004 LSP Conference Brian Davis OIT, Security and Policy.

U.Va.’s IT Security Risk Management Program (ITS-RM) April 2004 LSP Conference Brian Davis OIT, Security and Policy.
Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.

Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Information Security Governance

Information Security Governance
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Information Security Policies Larry Conrad September 29, 2009.

Information Security Policies Larry Conrad September 29, 2009.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
Boost your network security with NETASQ Vulnerability Manager.

Boost your network security with NETASQ Vulnerability Manager.
WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.

WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
NIST framework vs TENACE Protect Function (Sestriere, 21-23 Gennaio 2015)

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Computer Security: Principles and Practice

Computer Security: Principles and Practice
COBIT Framework Introduction. Problems with IT? – Increasing pressure to leverage technology in business strategies – Growing complexity of IT environments.

COBIT Framework Introduction. Problems with IT? – Increasing pressure to leverage technology in business strategies – Growing complexity of IT environments.
McGraw-Hill/Irwin © 2005 The McGraw-Hill Companies, Inc. All rights reserved. 13 - 1 13 Chapter The Future of Training and Development.

McGraw-Hill/Irwin © 2005 The McGraw-Hill Companies, Inc. All rights reserved Chapter The Future of Training and Development.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Enterprise Architecture

Enterprise Architecture
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Information Technology Audit

Information Technology Audit
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Similar presentations

Ads by Google