osr/aug 02 data security e2002, lecture 1 august 30, 2002 000-015 history background - batch -...
Post on 21-Dec-2015
214 views
TRANSCRIPT
OSR/Aug 02
Data SecurityE2002, Lecture 1 August 30, 2002
000-015 History Background
- Batch
- Remote access, DB, RACF
- Orange Book
- ITSec, Common Criteria
- Code of Practice
- BS 7799, ISO 17799
- ISO TR 13335
- DS 484
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
015-030 What is Information Security ?
Why do we need Information Security ? - Commercial Image
- Loss of Reputation, Trust, Confidence
Examples
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
TrustTrust
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
030-090 Security Requirements
- Risk Assessment
¤ Exercise: Five most serious threats
¤ KPMG Security Survey
¤ Traffic Light Analysis
¤ Risk Model
¤ Vulnerability Analysis
Threats – BSI List
- Legal Requirements
¤ FSR Vejl. 14 + 17
¤ SysTrust
- Good Practice
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
Exercise
Which are the five most serious IT-security threats to an
organization ?
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
Risk model
0
0,5
1
1,5
2
2,5
3
High Medium Low
LowMedium
High
LowMediumHigh
Vulnerability
Impact
Th
reat
OSR/Aug 02
Legal, statutory, regulatory and contractual requirements
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
Principles and objectives
VisionEthicalGood PracticeIT Security Policy
OSR/Aug 02
090-105 Controls
- Preventive
- Detective
- Corrective
105-135 Critical Success Factors
- Examples
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
Trafiklysanalyse
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02
OSR/Aug 02