Information Security: An Overview - PowerPoint PPT Presentation

1 / 21

About This Presentation

Title:

Information Security: An Overview

Description:

Protecting information and information systems from unauthorized access, use, ... Popular algorithms: AES, 3DES, Blowfish. Corporate Security Services ... – PowerPoint PPT presentation

Number of Views:22

Avg rating:3.0/5.0

Slides: 22

Provided by: peter831

Category:

Tags: blowfish | information | overview | security

Transcript and Presenter's Notes

Title: Information Security: An Overview

1

Information Security An Overview
MISA 11/7/2007
Chris Clymer

2
Information Security An Overview

What is Information Security?
Protecting information and information systems
from unauthorized access, use, disclosure,
disruption, modification, or destruction.

3
Information Security An Overview

Three primary goals of information security
Confidentiality
Integrity
Availability

4
Information Security An Overview

How does the industry do this?
Access Control
Application Security
Business Continuity/Disaster Recovery
Cryptography
Risk Management
Compliance/Regulations
Operations Security
Physical Security
Security Architecture
Network Security

5
Information Security An Overview

These are the ten domains of information security
as defined by the International Information
Systems Security Certification Consortium (ISC)2
These domains form the basis of their Certified
Information Systems Security Professional
certification
The CISSP is widely considered the standard for
information security professionals

6
Information Security An Overview

National Citys take on this
We have over 200 employees in CSS responsible for
each of those 10 areas
Physical and Information Security are both part
of the same department, reporting to the same
executive
Security is completely separate from traditional
Information Technology resources
Because of this, much like auditors, we form a
check on the rest of the corporation

7
Information Security An Overview

Access Control
This can mean a swipe card to enter a building,
or a password on a computer
Authentication, Authorization, and Accountability
Principle of Least Privilege

8
Information Security An Overview

Application Security
Buffer Overflows
Cross Site Scripting
SQL Injection
Man-in-the-Middle
Directory Traversal
Session Hijacking
Denial of Service

9
Information Security An Overview

Business Continuity/Disaster Recovery
What do you do when a tornado hits? Blackout?
Fire?
Your data is useless if you cannot access it
availability is big part of BCP/DR

10
Information Security An Overview

Cryptography
The practice of hiding information
Uses mathematic algorithms to obscure information
All internet commerce is vitally dependent on
cryptography
Popular algorithms AES, 3DES, Blowfish

11
Information Security An Overview

Risk Management
Identify the risk
Plan out the process
Map out stakeholders and scope
Define a framework
Analyze the risks
Mitigation

12
Information Security An Overview

Compliance/Regulations
Sarbanes Oxley (SOX)
Health Insurance Portability and Accountability
Act (HIPAA)
Gramm Leach Bliely Act
PCI Data Security Standard
ISO17799

13
Information Security An Overview

Operations Security
Identification of critical information
Analysis of threats
Analysis of vulnerabilities
Assessment of risk
Application of appropriate measures
Goal is to prevent adversary from exploiting
unclassified, but useful information

14
Information Security An Overview

Physical Security
Environmental Design (signs, fences, barriers,
lights)
Mechanical (gates, doors, locks)
Intrusion Detection (sensors, alarms)
Video Monitoring

15
Information Security An Overview

Security Architecture
Access Control Lists
Role Based Access Control
Bell-LaPadula Model
Biba Model
Clark-Wilson Model
Graham-Denning Model

16
Information Security An Overview

Network Security
Firewalls
Intrusion Detection Systems
Intrusion Prevention Systems
Honeypots

17
Information Security An Overview

Certifications
GSEC entry-level cert from SANS
CISSP mid-level cert from (ISC)2
GIAC senior-level cert from SANS

18
Information Security An Overview

Resources Web
http//www.sans.org
http//www.cccure.org
http//www.securityfocus.com
http//www.schneier.com

19
Information Security An Overview

Resources Books
19 Deadly Sins of Software Security
The Art of Intrusion Kevin Mitnick
The Art of Deception Kevin Mitnick
Secrets and Lies Bruce Schneier
Practical Cryptography Bruce Schneier
CISSP Certification Shon Harris

20
Information Security An Overview

Resources Events
Information Security Summit http//www.informati
onsecuritysummit.org
Northeast Ohio Information Security Forum
http//www.neoinfosecforum.org
SANS http//www.sans.org
Blackhat http//www.blackhat.com
Shmoocon http//www.shmoocon.org
Defcon http//www.defcon.org

21
Were Done!

Questions?

Write a Comment

User Comments (0)

About PowerShow.com

Recommended Relevance Latest Highest Rated Most Viewed

Sort by:

Related More from user

CrystalGraphics Presentations

World's Best PowerPoint Templates PowerPoint PPT Presentation

World's Best PowerPoint Templates - CrystalGraphics offers more PowerPoint templates than anyone else in the world, with over 4 million to choose from. Winner of the Standing Ovation Award for “Best PowerPoint Templates” from Presentations Magazine. They'll give your presentations a professional, memorable appearance - the kind of sophisticated look that today's audiences expect. Boasting an impressive range of designs, they will support your presentations with inspiring background photos or videos that support your themes, set the right mood, enhance your credibility and inspire your audiences.

CrystalGraphics 3D Character Slides for PowerPoint PowerPoint PPT Presentation

CrystalGraphics 3D Character Slides for PowerPoint - CrystalGraphics 3D Character Slides for PowerPoint

Chart and Diagram Slides for PowerPoint PowerPoint PPT Presentation

Chart and Diagram Slides for PowerPoint - Beautifully designed chart and diagram s for PowerPoint with visually stunning graphics and animation effects. Our new CrystalGraphics Chart and Diagram Slides for PowerPoint is a collection of over 1000 impressively designed data-driven chart and editable diagram s guaranteed to impress any audience. They are all artistically enhanced with visually stunning color, shadow and lighting effects. Many of them are also animated. And they’re ready for you to use in your PowerPoint presentations the moment you need them. – PowerPoint PPT presentation

Related Presentations

Security Orchestration Market Size, Share, Growth, Market Overview and Highlights PowerPoint PPT Presentation

Security Orchestration Market Size, Share, Growth, Market Overview and Highlights - The security orchestration market is expected to witness market growth at a rate of 13.8% in the forecast period of 2021 to 2028. Data Bridge Market Research report on security orchestration market provides analysis and insights regarding the various factors expected to be prevalent throughout the forecast period while providing their impacts on the market's growth. https://www.databridgemarketresearch.com/reports/global-security-orchestration-market | PowerPoint PPT presentation | free to view

Information Technology & Security Services - Harshwal & Company LLP PowerPoint PPT Presentation

Information Technology & Security Services - Harshwal & Company LLP - Harshwal & Company LLP offers comprehensive IT security solutions. We provide end-to-end cyber security solutions covering advanced malware protection, data centre & perimeter protection. Contact us to know more today. | PowerPoint PPT presentation | free to view

Overview of Information Security Market Report - 2018 PowerPoint PPT Presentation

Overview of Information Security Market Report - 2018 - Large and medium sized businesses, as well as governments, are exposed to the greatest risk from breaches of Information Security. This new report examines, analyses, and predicts the evolution of technologies, markets, and outlays (expenditures) for Information Security (InfoSec) infrastructure products over the next six years. | PowerPoint PPT presentation | free to view

CISA Certification - An Overview PowerPoint PPT Presentation

CISA Certification - An Overview - Certified Information Systems Auditor, Certification by ISACA® is a very popular and sought after certification in the field of Information Security. "CISA Certification: An Overview" gives useful information on CISA Certification and answers various questions. To help candidates in their CISA Certification, iAthena.com (a Navitus Education Venture) offers self-paced and instructor-led (online classroom) courses in CISA Exam Preparation. Online self-paced courses allow students to learn from the comfort of home or office or any other place of without impacting work or precious time that could be spent with families. Students can decide their own pace of learning without the need to rush through with the rest of the class and miss out key concepts or wait boringly for the laggards in the class to complete their learning. Our experienced and qualified mentors guide and answer questions in live online classroom sessions. Visit us at iAthena.com and keep learning! | PowerPoint PPT presentation | free to view

DSOC Product and Services Overview PowerPoint PPT Presentation

DSOC Product and Services Overview - The DS Security Operations Centre (DSOC) is a specialist security and risk management company providing professional services to individuals, businesses, and organisations wherever they are based. The DS-SOC contains an Alarm Receiving Centre (ARC) as well as a Security Operations Centre (SOC) meaning we can action real time threats to your organisation, whether it be due to an alarm being activated or your brand being mentioned on the dark web in a derogatory way. Our specialist operators and analysts are able to remotely monitor, investigate and response effectively. | PowerPoint PPT presentation | free to view

ISA 662 Information System Security PowerPoint PPT Presentation

ISA 662 Information System Security - ISA 662 Information System Security Security Protocols Overview Background PEM SSL IPSEC Network Model ISO/OSI model vs TCP/IP suite Network Model (Cont d ... | PowerPoint PPT presentation | free to view

OISPP Project Overview PowerPoint PPT Presentation

OISPP Project Overview - OISPP Project Overview Presented by Wayne Evans OISPP Project Overview Feasibility of Online Enterprise Incident Management System. Online Cyber Security ... | PowerPoint PPT presentation | free to view

Healthcare Cyber Security Market Report PowerPoint PPT Presentation

Healthcare Cyber Security Market Report - Healthcare Cyber Security Market: By Solution Type, and By End user - Forecast 2027 | PowerPoint PPT presentation | free to view

Autonomous Vehicle Security Market Growth Status and Outlook 2019 2024 PowerPoint PPT Presentation

Autonomous Vehicle Security Market Growth Status and Outlook 2019 2024 - Autonomous Vehicle Security Market presents a comprehensive overview, market shares and growth opportunities of Autonomous Vehicle Security market by product type, application, key companies and key regions. | PowerPoint PPT presentation | free to view

sap security online training PowerPoint PPT Presentation

sap security online training - SAP Security Online Training Course Details Authorization Types Users and Roles Setting Up General Authorization Checks Indirect Role Assignment Determining Period of responsibility Authorization objects for Payroll Authorization check for Evaluations Structural Authorization Checks Context Solution SAP BI Security SAP BI Overview Security Components in BI Security Data access for Reporting users Saving Bex Objects to BI roles Securing Data Access for Administration users Maintaining Authorizations Analysis Authorizations Transporting Authorizations Dynamic Authorization Concept in BI For More Details Contact Us call : 09533456356 Email : info@spectoittraining.com website : saponlinetraining.in | PowerPoint PPT presentation | free to view

India Physical Security Information Management Market PowerPoint PPT Presentation

India Physical Security Information Management Market - “India Physical Security Information Management (PSIM) Market”, has been broadly segmented into three categories, Security Integration Platform Software, Advanced Video Management Software, and Command and Control Platform Software. http://www.marketreportsonindia.com/technology-media-market-research-reports-14898/india-physical-security-information-management-software-service-competition-forecast-opportunities.html | PowerPoint PPT presentation | free to view

Cyber security Market GCC, Cyber security market UAE, Network security market Saudi Arabia - Ken Research PowerPoint PPT Presentation

Cyber security Market GCC, Cyber security market UAE, Network security market Saudi Arabia - Ken Research - Cyber-attacks on government owned enterprises have forced them to formulate well thought strategies to counter the cyber security threats. | PowerPoint PPT presentation | free to view

Social Networking Security PowerPoint PPT Presentation

Social Networking Security - Social Networking Security Adam C. Champion and Dong Xuan CSE 4471: Information Security Outline Overview of Social Networking On-line Social Networking Mobile Social ... | PowerPoint PPT presentation | free to view

Information Systems Security PowerPoint PPT Presentation

Information Systems Security - Information Systems Security IS 460 Notes by Thomas Hilton Overview What is an Information System Personnel Security Procedural Security Facilities Security Technical ... | PowerPoint PPT presentation | free to view

Management Information Systems By Effy Oz PowerPoint PPT Presentation

Management Information Systems By Effy Oz - Management Information Systems By Effy Oz & Andy Jones Chapter 1: Business Information Systems: An Overview www.cengage.co.uk/oz Objectives Explain why information ... | PowerPoint PPT presentation | free to view

Security Protocol Specification Languages PowerPoint PPT Presentation

Security Protocol Specification Languages - Security Protocol Specification Languages Iliano Cervesato iliano@itd.nrl.navy.mil ITT Industries, Inc @ NRL Washington DC http://www.cs.stanford.edu/~iliano/ | PowerPoint PPT presentation | free to view

Security of Health Care Information Systems PowerPoint PPT Presentation

Security of Health Care Information Systems - Threats to Health Care Information. HIPAA Security ... A health care provider who transmits protected health information (phi) in an electronic form ... | PowerPoint PPT presentation | free to view

cyber security institute in india PowerPoint PPT Presentation

cyber security institute in india - Are you searching for a network security course near your place, then ICSS is the best institute for learning network security courses in india. They have small batch sizes weekdays and weekend batches both are available as per requirements . | PowerPoint PPT presentation | free to view

2015-2020 Market Research Study on China Information Security Market PowerPoint PPT Presentation

2015-2020 Market Research Study on China Information Security Market - In recent years, the global network threat continues to grow, and network attacks and network crimes are increasing and characterized by more professional tools, commercial purposes, organized behaviors, diverse means, etc. Due to the internet without borders, losses caused by network threats to global users spread rapidly. The continuous growth of network threats drives the rapid development of global information security market, i.e. the product structures are increasingly rich, and the manufacturer number, the market size and information security investment proportion constantly expand. In 2014, the size of the global information security market exceeded $100 billion. Read more details @ http://www.bigmarketresearch.com/development-prospect-forecast-report-of-china-information-security-2015-2020-market | PowerPoint PPT presentation | free to view

Worldwide Commercial Cyber security Market PowerPoint PPT Presentation

Worldwide Commercial Cyber security Market - Global Commercial Cyber Security Market Report brings in divers insights and analysis on cyber security across the world | PowerPoint PPT presentation | free to view

Global Hardware Security Module Market Segment Analysis, Opportunity Assessment, Competitive Intelligence and Industry Outlook, 2016-2023 PowerPoint PPT Presentation

Global Hardware Security Module Market Segment Analysis, Opportunity Assessment, Competitive Intelligence and Industry Outlook, 2016-2023 - The global Hardware Security Module Market is expected to reach US$ 1020.1 Mn during the forecast period. | PowerPoint PPT presentation | free to view

Managed Security Services Market Segmentation, Forecast 2013 - 2020 PowerPoint PPT Presentation

Managed Security Services Market Segmentation, Forecast 2013 - 2020 - Managed Security Services (MSS) refers to the remote monitoring and management of IT security functions by third-party service providers in order to effectively protect the sensitive data of the organizations. The task of information security is becoming more complex with the growth of the business in terms of size and structure, and utilization of mobile devices, social media, cloud services and big data. | PowerPoint PPT presentation | free to view

Global Homeland Security Market overview and Business Research Report to 2021 PowerPoint PPT Presentation

Global Homeland Security Market overview and Business Research Report to 2021 - Gens report, Global Homeland Security Market - Industry Analysis, Size, Share, Growth, Trends, and Forecast 2016-2021 provides detailed market and segment level data on the Global and Chinese consumption of Homeland Security | PowerPoint PPT presentation | free to view

Cognitive Security Market Analysis by Industry Trends, Share, Company Overview, Growth Development and Forecast By 2025 PowerPoint PPT Presentation

Cognitive Security Market Analysis by Industry Trends, Share, Company Overview, Growth Development and Forecast By 2025 - The aim of the report is to estimate the size of the market for Cognitive Security and the future growth potential of the market for Cognitive Security across various segments, such as base service type, Deployment and industry vertical industry. | PowerPoint PPT presentation | free to view

Implementation AI in Middle East Manned security - Ken Research PowerPoint PPT Presentation

Implementation AI in Middle East Manned security - Ken Research - The report provides a comprehensive analysis on the Middle East manned guard security market. The report covers various aspects including introduction, market size, Major Players, Market Overview, Market Segmentation by regions.. | PowerPoint PPT presentation | free to view

Tamino Technical Overview PowerPoint PPT Presentation

Tamino Technical Overview - Title: Tamino Overview Author: Frank Jung Last modified by: US Department of the Interior Created Date: 9/5/2005 9:52:51 AM Document presentation format | PowerPoint PPT presentation | free to view

World Managed Security Services - Market Opportunities and Forecasts, 2014 - 2020 PowerPoint PPT Presentation

World Managed Security Services - Market Opportunities and Forecasts, 2014 - 2020 - Managed Security Services (MSS) refers to the remote monitoring and management of IT security functions by third-party service providers in order to effectively protect the sensitive data of the organizations. | PowerPoint PPT presentation | free to view