Upload File

practical insights in the day-to-day routine of an information security officer

  • Home
  • Technology
  • Practical insights in the day-to-day routine of an information security officer
18
How to be realistic about information security and don’t stress out. Practical tips that will help any organization. Practical insights in the day-to-day routine of an information security officer

Upload: amis-friends-of-oracle-and-java

Post on 06-Jul-2015

413 views

Category:

Technology


0 download

Report

Tags:

DESCRIPTION

Douwe Pieter van den Bos Practical insights in the day-to-day routine of an information security officer How to be realistic about information security and don’t stress out. Practical tips that will help any organization.

TRANSCRIPT

Page 1: Practical insights in the day-to-day routine of an information security officer

How to be realistic about information security and don’t stress out.

Practical tips that will help any organization.

Practical insights in the

day-to-day routine of an

information security officer

Page 2: Practical insights in the day-to-day routine of an information security officer

Douwe Pieter van den Bos

Page 3: Practical insights in the day-to-day routine of an information security officer

Plan

Do

Check

Act

• Risk Appetite

• Maturity

• Risk Analysis

• Secure Software Development

• Project Management

• Security Advise

• Security Testing

• Security Audits

• Red-teaming

• Risk Management

• Improvement Planning

Information Security Management

Page 4: Practical insights in the day-to-day routine of an information security officer

Information Security in a fast moving world

Gaining threads

Legislation

Privacy concerns

Customer awareness

Information Security is

becoming a larger issue

for all organizations,

including Oracle

customers.

Page 5: Practical insights in the day-to-day routine of an information security officer

Risk Maturity

Ad Hoc Opportunistic Systematic Managed Optimized

Plan

Do

Check

Act

Page 6: Practical insights in the day-to-day routine of an information security officer

Be realistic Plan

Do

Check

Act

Page 7: Practical insights in the day-to-day routine of an information security officer

Risk Appetite Plan

Do

Check

Act

Page 8: Practical insights in the day-to-day routine of an information security officer

Risk Analysis

Confidentiality

Integrity

Availability

Fra

ud

Dete

cti

on

Com

pliance

Report

ing

Page 9: Practical insights in the day-to-day routine of an information security officer

Risk Classification Plan

Do

Check

Act

Risk ClassificationImpact

Chance

Page 10: Practical insights in the day-to-day routine of an information security officer

Secure Software Development

Best Practices

Plan

Do

Check

Act

https://www.ncsc.nl/dienstverlening/expertise-

advies/kennisdeling/whitepapers/ict-beveiligingsrichtlijnen-voor-

webapplicaties.html

http://www.oracle.com/technetwork/topics/entarch/itso-165161.html

http://www.nist.gov/cyberframework/

http://www.cip-overheid.nl/downloads/grip-op-ssd/

https://www.ncsc.nl/dienstverlening/expertise-advies/kennisdeling/whitepapers/ict-beveiligingsrichtlijnen-voor-webapplicaties.html
http://www.oracle.com/technetwork/topics/entarch/itso-165161.html
http://www.nist.gov/cyberframework/
http://www.cip-overheid.nl/downloads/grip-op-ssd/
Page 11: Practical insights in the day-to-day routine of an information security officer

Security Advices Plan

Do

Check

Act

https://www.ncsc.nl/dienstverlening/response-op-dreigingen-en-

incidenten/beveiligingsadviezen

https://www.ncsc.nl/dienstverlening/response-op-dreigingen-en-incidenten/beveiligingsadviezen
Page 12: Practical insights in the day-to-day routine of an information security officer

Learn and Act Fast! Plan

Do

Check

Act

An audit is not scary. It’s just a quick

way to investigate what you’re

doing right and where you might

improve.

Page 13: Practical insights in the day-to-day routine of an information security officer

Red Team! Plan

Do

Check

Act

Page 14: Practical insights in the day-to-day routine of an information security officer

Who is the owner of risk?

http://www.taskforcebid.nl/producten/instrumenten-informatieveiligheid/

Plan

Do

Check

Act

http://www.taskforcebid.nl/producten/instrumenten-informatieveiligheid/
Page 15: Practical insights in the day-to-day routine of an information security officer

Risk Management

Risk

Quick Win Plan Accept

Low costs Low impact / chance

Just do it.

These risks are

easily

mitigated. Low

cost, despite of

the impact or

chance.

Make a project

out of it. You

will have to

plan and

prioritize.

The impact is

so low, or the

chance of

occurrence is

so low that you

can decide to

accept the risk.

Plan

Do

Check

Act

Page 16: Practical insights in the day-to-day routine of an information security officer

Improvement Planning

Target 1

Target 2

Target 3

Target 4Target 5

Plan

Do

Check

Act

Page 17: Practical insights in the day-to-day routine of an information security officer
Page 18: Practical insights in the day-to-day routine of an information security officer

Douwe Pieter van den Bos

[email protected]

+31 6 149 143 43

mailto:[email protected]

10 minute a day social media routine

DAY TO DAY PROBLEMS IN ROUTINE IMMUNIZATION

LV Thrombus Detection by Routine Echocardiography · LV Thrombus Detection by Routine Echocardiography Insights Into Performance Characteristics Using Delayed Enhancement CMR Jonathan

Possible Daily Routine€¦ · Possible Daily Routine We have included a daily routine that could be used as a guide to help with the routine of the day. Time Suggested Activity Ideas

20 Day Reboot Supplement Routine - Amazon S3Day... 20-DAY HOLLYWOOD REBOOTSUPPLEMENT ROUTINE In the 20-Day Reboot, I wanted to accompany the amazing training and nutrition plan with

Date Day Class Breakup (EQUIP Approach ... - INSIGHTS IAS

Chapter 20 Section 1. Routine care that you give to your car ◦ Day to day care Changing oil Filling tires with air Checking fluid levels Routine

Our Week Day Routine - The Mom Edit | Style. MomLife

#SBJSMS Day 2 Recap of #Sportsbiz Insights

#SBJSMS Day 1 Recap of #Sportsbiz Insights

Life, Death and Careful Routine Fill the Day at a Liberian

4 Day Hypertrophy Workout Routine 2003 File

Mother’s Day Insights for Digital Marketers

Dynamics Day 2017 Perth: Data Insights

Insights into God ~ A 26 day Devotional book.pdf

My day routine carolina

Three Day Split RPT' Routine _ RippedBody

A Day of Social Media Insights

Dr. Harivansh Chopra DAY TO DAY PROBLEMS IN ROUTINE IMMUNIZATION

Doug's 5 Day High Definition Routine _ Muscle & Strength

Sweet Valentine's Day Insights for Digital Marketers

World Population Day- Some Insights

New Insights in Routine Procedure for Mathematical

SuperRugby - 100 day Social Media Insights

UK Mother’s Day Insights

EXTREME TRAINING PLAN 5 DAY MASS PLAN - USN · #CHALLENGEYOURSELF 5 DAY MASS PLAN EXTREME TRAINING PLAN The following 5 day workout routine is based on a 5 day split. Using this routine,

Manage Your Day-to-Day: Build Your Routine, Find Your Focus, and Sharpen Your Creative Mind

12-Week 2c 3-Day Total Body Routine

5 day workout routine

Going Green Might End Up Being A Day-To-Day Part Of Your Day-To-Day Routine

EXTREME TRAINING PLAN 5 DAY MASS PLAN - USN · EXTREME TRAINING PLAN The following 5 day workout routine is based on a 5 day split. Using this routine, you will train one bodypart

Mother’s Day Consumer Insights - Microsoft · PDF fileMother’s Day Consumer Insights March 2013 . ... According to NRF Survey Aboutflowers.com, Mother’s Day Floral Statistics

Manage Your Day-to-Day: Build Your Routine, Find Your ... · by Leo Babauta Key Takeaways - Building a Rock-Solid Routine CHAPTER TWO - FINDING FOCUS IN A DISTRACTED WORLD Scheduling

Microsoft Word - Day to day stretches 2-8-06.doc · Web viewStretching. ROUTINE ONE. ROUTINE TWO. Neck Side– Arm Behind. Shoulder Roll. Elbow Pull - Hands Up. Carpal Tunnel Stretch

Content Marketing World 2015: Insights from day one