Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Awareness – Essential Part of Security Management Ilze Murane.

Published byPhoebe Wilcox Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Awareness – Essential Part of Security Management Ilze Murane."— Presentation transcript:

1 Security Awareness – Essential Part of Security Management Ilze Murane

2 Agenda  Security management  Security awareness in organization  Security awareness for home user  Questions for discussion

3 ISF Standard  Information Security Forum  The Standard of Good Practice for Information Security  http://www.isfsecuritystandard.com

4 Security Management I  Management commitment  Security policy  Security organization –Information security function –Security awareness –Security classification –Ownership –Information risk analysis

5 Security Management II  Secure environment –Security architecture –Information privacy –Physical protection –Business continuity –Use of cryptography –Remote working

6 Security Management III  Malicious attack –Virus protection –Intrusion detection –Forensic investigations –Patch management  Management review –Security audit/review –Security monitoring

7 Security Awareness  Information security awareness is the degree to which every member of staff understands the importance of information security, their individual security responsibilities …and acts accordingly

8 Security Awareness in organization  Principle –Specific activities should be undertaken, such as a security awareness programme, to promote security awareness to all individuals who have access to the information and systems of the enterprise  Objective –To ensure all relevant individuals understand the key elements of information security and why it is needed, and understand their personal information security responsibilities

9 IT security lessons: example I  Passwords –Do not share passwords –Use ‘strong’ passwords –Don’t write passwords down

10 IT security lessons: example II  Viruses –Beware of viruses, particularly in e-mail attachments –Ensure that anti-virus software is installed and updated

11 IT security lessons: example III  E-mail and Internet use –Don’t send sensitive information over the Internet –Don’t publish your e-mail address in the Internet –Internet use must comply with corporate policies

12 Case study  Awareness “history” –IT security –Information security –Business Continuity Testing –Security including physical security  Regular seminars

13 From awareness to behaviour change  Security-positive behaviour should be encouraged by –making attendance at security awareness training compulsory –publicizing security successes and failures throughout the organization –linking security to personal performance objectives

14 Security Awareness for home user  No regulations  Personal risk experience  More electronic information –Internet banking  Everyone is in the Internet

15 Lessons for everybody  Main risks –Viruses –Spyware –Phishing –Spam  About –Safe e-mail usage –Safe internet browsing –Securing your computer

16 At school?  Other security (safety) –road traffic regulation –electricity (physics) –fire protection  IT security...

17 Questions? Discussion... ilze@latnet.lv

18 ?  Is IT security concerns everybody  How to educate society  Special software/game  What are our responsibilities ...

Download ppt "Security Awareness – Essential Part of Security Management Ilze Murane."

Similar presentations

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.
Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.

Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.

SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Issues Raised by ICT.

Issues Raised by ICT.
Online Safety 2.02 Remember the rules of online safety.

Online Safety 2.02 Remember the rules of online safety.
Security Issues: Phishing, Pharming, and Spam

Security Issues: Phishing, Pharming, and Spam
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Final Exam Part 1. Internet Regulation Internet regulation according to internet society states that it is about restricting or controlling certain pieces.

Final Exam Part 1. Internet Regulation Internet regulation according to internet society states that it is about restricting or controlling certain pieces.
Security for Seniors SeniorNet Help Desk 631.629.5426

Security for Seniors SeniorNet Help Desk

Similar presentations

Ads by Google