Download presentation
Presentation is loading. Please wait.
Published byColin Crawford Modified over 9 years ago
1
Information Stewardship: Systems Perspectives, Systems Solutions David Pym University of Aberdeen Information Security Leaders, Edinburgh, 10/02/2011
2
Information Stewardship Information stewardship is one of the next two big challenges for security/assurance research Stewardship goes beyond protecting CIA Adding/protecting value; complying with and upholding values; obligation; trust The other one is the convergence of physical and information security concepts in the Internet of Things (airport security as an information processor)
3
Information Stewardship Lifecycle Security Analytics Environment: threat, economic, investment Policy: people, process, technology, operations (Trusted) infrastructureAssurance/situational awareness Governanc e Design Analysis Revise
4
Stewardship Economics It’s all about trade-offs For example, confidentiality and availability trade off, just like inflation and unemployment Cost also trades off Use utility theory to understand security trade-offs and system design This is done for real in Security Analytics: utility theory and mathematical systems modelling yield predictive simulations in security management
5
Satisficing Cloud Stewardship Sharing Service level Due diligence Target zone
6
Summary We’re making security management into a science HP’s Security Analytics is the first (commercial) step Stewardship presents huge challenges, in the Cloud, in the Internet of Things, … Getting it right means doing the math, doing the economics, capturing behaviour, predicting design/investment consequences
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.