Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Web Applications – It Starts at the Top A Holistic Approach.

Published byPhyllis Gilmore Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Web Applications – It Starts at the Top A Holistic Approach."— Presentation transcript:

1 Secure Web Applications – It Starts at the Top A Holistic Approach

2 Security Best Practices The Big Picture Challenge  An entities’ security program is intrinsic to the availability of its systems, accuracy of its information, and its reputation.  The security program is a complex - intertwining people, processes and technology into a set of complementary controls.  The security program requires validation for ROI, efficacy of controls and alignment to the business objectives and risk tolerances.  The security controls must be bound to the rest of the systems and yield its own metrics and information (the “system within the system”).

3 Where Does Application Security Fit? ComplianceThreats Risk Management Policies & Training StandardsGovernanceGapsPMOBusiness

4 How Does Application Security Fit into IT GRC?  Key Data points must be collected from live sources.  Data Modeling and system flow modeling must be done on this complex system.  Start by establishing the most valuable questions that could ideally be answered: What if funding levels were changed? What if development was partially done by a partner? What if business valuation changed on an asset? What if a totally new threat was introduced

Download ppt "Secure Web Applications – It Starts at the Top A Holistic Approach."

Similar presentations

Role, Responsibilities and Methodologies in the Next Decade.

Role, Responsibilities and Methodologies in the Next Decade.
Microsoft Operations Framework (MOF) 4.0

Microsoft Operations Framework (MOF) 4.0
Enabling traceability and transparency with standards-based regulatory reporting Dr. Said Tabet Senior Technologist and Industry Standards Strategist Office.

Enabling traceability and transparency with standards-based regulatory reporting Dr. Said Tabet Senior Technologist and Industry Standards Strategist Office.
Mergers and scale in an uncertain future “Everybody wants to go to heaven, but nobody wants to die”

Mergers and scale in an uncertain future “Everybody wants to go to heaven, but nobody wants to die”
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, 2007. This work is the intellectual property rights of the author.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Outcomes focused regulation and compliance in practice Peter Scott Peter Scott Consulting www.peterscottconsult.co.uk.

Outcomes focused regulation and compliance in practice Peter Scott Peter Scott Consulting
Social Media in the Physician Practice Setting. Objectives 1. Review the types of social media available for communication with patients. 2. Explain the.

Social Media in the Physician Practice Setting. Objectives 1. Review the types of social media available for communication with patients. 2. Explain the.
Move Through Life Inc strategic plan 2009-2012. The Big Picture vision To inspire and enable adults to sustain a love of dance throughout their lives,

Move Through Life Inc strategic plan The Big Picture vision To inspire and enable adults to sustain a love of dance throughout their lives,
Key National Indicators and Supreme Audit Institutions: U.S. and INTOSAI Perspectives Bernice Steinhardt Director, Strategic Issues U.S. Government Accountability.

Key National Indicators and Supreme Audit Institutions: U.S. and INTOSAI Perspectives Bernice Steinhardt Director, Strategic Issues U.S. Government Accountability.
W w w. f a c t i v a. c o m © 2002 Dow Jones Reuters Business Interactive LLC (trading as Factiva). All rights reserved. The Keys to Successful Strategic.

W w w. f a c t i v a. c o m © 2002 Dow Jones Reuters Business Interactive LLC (trading as Factiva). All rights reserved. The Keys to Successful Strategic.
May 2007Phase One Consulting Group, Inc. Applying NIST’s SOA Lifecycle Measures to NPS’ SOA Project October 2, 2007 Randy Leonard www.PhaseOneCG.com.

May 2007Phase One Consulting Group, Inc. Applying NIST’s SOA Lifecycle Measures to NPS’ SOA Project October 2, 2007 Randy Leonard
SOA with Progress Philipp Walther Consultant. © 2007 Progress Software Corporation2 Agenda  SOA  Enterprise Service Bus (ESB)  The Progress SOA Portfolio.

SOA with Progress Philipp Walther Consultant. © 2007 Progress Software Corporation2 Agenda  SOA  Enterprise Service Bus (ESB)  The Progress SOA Portfolio.
NetSuite Template Team: Make sure you run all 5 periods ending in 2012 – you should see “Congratulations, you have completed the simulation”

NetSuite Template Team: Make sure you run all 5 periods ending in 2012 – you should see “Congratulations, you have completed the simulation”
Presented by: G. Lawrence Buhl, CPA Retired Audit Partner at Ernst & Young 1 Risk Management & ERM: What Insurer Boards Need to Know.

Presented by: G. Lawrence Buhl, CPA Retired Audit Partner at Ernst & Young 1 Risk Management & ERM: What Insurer Boards Need to Know.
Choose the right picture. 1 2 3 4 5 6 7 8.

Choose the right picture
Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.

Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.
Asset Management Planning Overview Hierarchy – Where does an Asset Management Plan Fit: Organisation’s Business Plan Asset Management Policy / Strategy.

Asset Management Planning Overview Hierarchy – Where does an Asset Management Plan Fit: Organisation’s Business Plan Asset Management Policy / Strategy.
What is data quality? An introduction to the culture and philosophy of collecting and using accurate and useful data.

What is data quality? An introduction to the culture and philosophy of collecting and using accurate and useful data.

Similar presentations

Ads by Google