Security Risk Mitigation Bob Wright Director - PowerPoint PPT Presentation

1 / 8
About This Presentation
Title:

Security Risk Mitigation Bob Wright Director

Description:

Security Risk Mitigation. Bob Wright. Director Enterprise Information Security. BellSouth ... Reduce Security Risks to Critical National Infrastructures ... – PowerPoint PPT presentation

Number of Views:121
Avg rating:3.0/5.0
Slides: 9
Provided by: ncs88
Category:

less

Transcript and Presenter's Notes

Title: Security Risk Mitigation Bob Wright Director


1
Security Risk Mitigation Bob WrightDirector
Enterprise Information SecurityBellSouth
2
Why Have Security?
  • Reduce Business Risks
  • Financial
  • Strategic
  • Legal
  • Reduce Security Risks to Critical National
    Infrastructures

3
Balancing Security Decisions
Functionality Ease of Use Cost
Security Level
4
What Are The Security Risks
  • Attacks on e-Business sites
  • Attacks on internal IT community sites
  • Virus attacks
  • Attacks on Public Network Infrastructure
  • Internet abuse
  • Legal implications - sex, gambling, etc.
  • Productivity implications - online stock trading,
    etc.
  • Compromise of Company Proprietary Information or
    Customer Information
  • Accidental compromise
  • Intentional compromise
  • Compromise using stolen privileges

5
Where Do The Risks Originate
  • Unsophisticated hackers (Script Kiddies)
  • Malicious, loosely organized hackers
  • Employees
  • Contractors, Sourcing Partners, Vendors,
    Customers, Competitors
  • Terrorists
  • Cyber Warfare

6
Mitigation Strategy
  • Policy, Standards, Awareness
  • Layered Defenses
  • Focus on critical systems
  • Leverage Partners and Prime Vendors
  • Proactive Security Audit Scans
  • Corporate and External Audits
  • Create Security Processes
  • Contracting
  • Variances
  • Application and Infrastructure development
  • Industry Partnerships

7
Layered Security Defenses
Network Scan for vulnerabilities
PC
Monitor for intrusions and virus
Monitor for intrusions and virus
Public Internet
Corporate Network
Data
Access Controls
Access Controls
Host based - Access - Vulnerability - Real time

8
Summary
  • Security is easy ONLY if you have no customers,
    no vendors, and no employees
  • Otherwise, security requires
  • Senior Management attention
  • Strategies, resources, and processes
  • Focus
  • There are no silver bullets, but there are many
    mitigation tools available
Write a Comment
User Comments (0)
About PowerShow.com