Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Stewardship: Systems Perspectives, Systems Solutions David Pym University of Aberdeen Information Security Leaders, Edinburgh, 10/02/2011.

Similar presentations


Presentation on theme: "Information Stewardship: Systems Perspectives, Systems Solutions David Pym University of Aberdeen Information Security Leaders, Edinburgh, 10/02/2011."— Presentation transcript:

1 Information Stewardship: Systems Perspectives, Systems Solutions David Pym University of Aberdeen Information Security Leaders, Edinburgh, 10/02/2011

2 Information Stewardship Information stewardship is one of the next two big challenges for security/assurance research Stewardship goes beyond protecting CIA Adding/protecting value; complying with and upholding values; obligation; trust The other one is the convergence of physical and information security concepts in the Internet of Things (airport security as an information processor)

3 Information Stewardship Lifecycle Security Analytics Environment: threat, economic, investment Policy: people, process, technology, operations (Trusted) infrastructureAssurance/situational awareness Governanc e Design Analysis Revise

4 Stewardship Economics It’s all about trade-offs For example, confidentiality and availability trade off, just like inflation and unemployment Cost also trades off Use utility theory to understand security trade-offs and system design This is done for real in Security Analytics: utility theory and mathematical systems modelling yield predictive simulations in security management

5 Satisficing Cloud Stewardship Sharing Service level Due diligence Target zone

6 Summary We’re making security management into a science HP’s Security Analytics is the first (commercial) step Stewardship presents huge challenges, in the Cloud, in the Internet of Things, … Getting it right means doing the math, doing the economics, capturing behaviour, predicting design/investment consequences


Download ppt "Information Stewardship: Systems Perspectives, Systems Solutions David Pym University of Aberdeen Information Security Leaders, Edinburgh, 10/02/2011."

Similar presentations


Ads by Google