Information security[277]
•Transferir como PPTX, PDF•
1 gostou•646 visualizações
Infosec preso
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Destaque
Destaque (18)
Semelhante a Information security[277]
Semelhante a Information security[277] (20)
Último
Último (20)
Information security[277]
- 2. Tim Warren Company: Neuberger Berman Industry: Financial Services We manage investments for people and institutions Located: New York Title: Lead Engineer/Vice President
- 3. What my office looks like
- 4. What Is Information Security Information Security is the process of keeping information secure: maintaining Confidentiality Integrity Availability The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them.
- 5. Information Security Programs Companies build programs to run their Infosec departments Infosec programs are built around the core objectives of the CIA triad: Confidentiality Integrity Availability of IT systems and business data. These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality) prevent unauthorized modification of data (integrity) guarantee the data can be accessed by authorized parties (availability).
- 6. What are the subject mater areas of Information Security
- 7. Information Security Organizations Large enterprises create a dedicated security group to implement and maintain the organization's InfoSec program. The security group is generally for conducting risk management, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective controls are decided on and applied. The goal in part is to protect the organization from Ransom warePhishing Attacks Identity TheftMalware
- 8. Information Security Organizations Jobs within the information security field vary in their titles, but some common designations include : Chief Information Security Officer (CISO) $103,071 - $214,236 Chief Security Officer (CSO) $64,735 - $200,000 Security Engineer 57,254 - $125,073 Information Security Analyst $49,478 - $102,185 Security Systems Administrator $41,197 - $97,375 IT Security Consultant $53,206 - $108,696
- 10. Driver of Increased Demand
- 11. What do I do?
- 12. Information Security Identity Management(IdM) In computer security, identity and access management (IdM) is the security and business discipline that "enables the right individuals to access the right resources at the right times and for the right reasons". It addresses the need to ensure appropriate access to resources across increasingly heterogeneous technology environments and to meet increasingly rigorous compliance requirements.[1] IdM covers issues such as how users: gain an identity the protection of that identity the technologies supporting that protection (e.g., network protocols, digital certificates, passwords, etc.).
- 13. What does my day look like?
- 14. Daily Ensure that User records where processed in over night batch jobs Communicate to hiring mangers their users status Check application logs for errors Update project status Plan for afterhours and weekend changes New project initiation Engineering for new integrations Level 3 support
- 15. Systems Active Directory – For authentication and group membership Virtual Directories for authentication and attribute extension Secure Token – Token for 2nd factor authentication Public Key Infrastructure PKI, SSL/TLS Certificates and encryption Single Sign On(SSO) User Onboarding systems Help Desk management of users Employee Information systems
- 16. Additional Questions Education requirements after high school? A minimum of an Bachelors Degree for entry level positions For advance positions at least 5+ years of additional experience What should students take to prepare themselves for this career? Mathematics Programming Psychology Advice The security landscape changes day to day. Ground yourself in the basic concepts you need to know such as Fundamental computer science or how a computer works. CPU’s, RAM, registers, gates, etc TCP/IP networking and routing
- 17. Resources Your Librarian – Yes your library Security Now – Podcast/Webcast https://twit.tv/shows/security-now How the Internet works https://twit.tv/shows/security-now/episodes/309 How SSL/TLS Works https://twit.tv/shows/security-now/episodes/195 SANS Institute – Information Security Resources https://www.sans.org/security-resources/
Notas do Editor
- Information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take People confuse Information with computer security and cyber security
- Companies develop information security programs around a model know as the CIA Confidentiality Integrity Availability of IT systems and business data. These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality) prevent unauthorized modification of data (integrity) guarantee the data can be accessed by authorized parties (availability).
- What are the subject that make up Information security? Network Security Access Controls Business Continuity Confidentiality Risk Assessment Compliance
- To deter attackers and mitigate vulnerabilities at various points, multiple security controls are implemented and coordinated as part of a layered defense in depth strategy. This should minimize the impact of an attack. To be prepared for a security breach, security groups develop incident response plan (IRP). This should allow them to contain and limit the damage, remove the cause and apply updated defense controls.