SlideShare a Scribd company logo

Security & Risk Management

Ahmed Sayed-
Ahmed Sayed-

This Presentation Small Brief about Security Concept and how to Manage your risks inside your organization .

Technology
1 of 31
BY : Ahmed Abdel Hamid Security & Risk Management
Your Presenter in few Bullets Points 14 Years of Experience in Information Technology Security , Management and Administration . Technical Certificate : Systems & Storage  Microsoft Certified System Engineer (MCSE)  SAP Basis Administration (TDM10, 12)  IBM Midrange Storage Specialist.  Information Technology Infrastructure Library Foundation (ITIL v3)  VMware Certificated Data Center Virtualization (VCP-DCV)  Veeam Certified Engineer (VMCE) • Network & Wireless  Cisco Certified Network Associate(CCNA R&S).  Aruba Certified Mobility Professional (ACMP) • Information Security & Penetration Testing  CompTIA Security (Sys401)  Certified of Ethical Hacking CEH v9  E-learn Security Junior Penetration Tester (EJPT)  E-learn Security Certified Professional Penetration Tester(eCCPT)  Certified Information Systems Security Professional (CISSP)  Fortinet Network Security Expert 1, 2, 4, (NSE 1, 2, 4)
Outlines • Security Concept Overview • Security Threats • Risk Management • Risk Assessment Approaches • How to Handle Risks • Personal Security Policies • Business Continuity Planning • Disaster Recovery • Business Impact Analysis.
What Happens Online in 60 Sec?
Security Concept Overview
Security Concept Overview
Security Threats
Security Threats Classification
Top 10 Threats
Threat Modeling
Hackers Classes
Information Security Management
Risk Management
Risks RISKs 14
Risk Assessment • The Process of Identifying the Threats , Vulnerabilities and the Impacts of loss of the Data or the ability to Process Data . • How to Determine the Risks Prioritization: -Based on Cost of Assets or Threat to organization . -Based on Likelihood of Occurrence . -Coordination with BIA (Business Impact Analysis)
Practical Risk Assessment You’ve been asked to do a quick assessment of the risks your company faces from a security perspective. What steps might you take to develop an overview of your company’s problems? 1. Interview the department heads and the data owners to determine what information they feel requires additional security and to identify the exist ing vulnerabilities from their perspective. 2. Evaluate the network infrastructure to determine known vulnerabilities and how you might counter them. 3. Perform a physical assessment of the facility to evaluate what physical risks must be countered Armed with this information, you have a place to start, and you can determine which countermeasures may be approp riate for the company to mitigate risk.
Risk Assessment Approaches Qualitative Assessment • Non-numerical values, levels, or categories (low, medium, high) • Assign numerical values for relative calculations, but they are not meanin gful outside of the assessment use Quantitative Assessment • Based on the use of numbers Values remain con sistent regardless of context – Financial costs – Time measurements
Quantitative Risk Assessment Calculation steps: • Assign Asset Value (AV) • Calculate the Exposure Factor (EF) • Single-Loss Expectancy (SLE) for each threat = AV * EF • Calculate the likelihood of each threat being realized in a single year, the Annualized Rate of Occurrence (ARO) • Calculate Annualized Loss Expectancy (ALE), the overall loss potential per threat = SLE * ARO • EEAKSA Website is Seeking DDOS Attack one every 4 Year Website Revenue is 400,000 SAR and Attack May Cause 1 % from the production of the Website what’s the Annual Loss Expectancy for the EEAKSA ? 1- AV = 400,000 SAR 2- EV= 1 % = .01 3- SLE = AV * EF = 400,00 * .01 = 4000 4- ARO = ¼ = .25 5- ALE = ARO * SLE = 4000 * .25 = 1000 SAR
Qualitative Risk Assessment
How to Handle Risks ?
Personnel Security Policy • Hiring  Background checks: – Credit history – Driving record – Criminal record – Substance testing – References – Education/certification verification  Job descriptions  Employment agreements (NDA , AUP) • Termination  How are employee resources handled – Collection of computer, phone, badges – Permission changes  Schedule of activities
Personal Security Policies Least Privilege Requires that each perso n or process be able to a ccess only the information and resourc es that are necessary for their legitimate Purpose • Ex. IT manager does no t require physical access to data center Separation of duties(SOD) Requires more than one person to complete a task. Two methods to implement are: 1. Split-knowledge: No one person has sufficient knowledge or capability to complete a task 2. Dual-control: Two people are required to accomplish a task; e.g., two locks on a safe and each person only has one key Job rotation Assigns employees to various jobs or departments over time to detect errors and frauds. Reduces the risk of collusion between individuals Mandatory vacations Forced time off to allow for audits and potential discovery of illicit Activities Should not be planned or announced in advance
Business Continuity Planning The process of implementing policies, controls, and procedures to counteract the effects of losses, outages, or failures of critical business processes. BCP is primarily a management tool that ensures that critical business functions can be performed when nor mal business operations are disrupted
Business Continuity Planning
Disaster Recovery A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure ,and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses. DR Plan is Part of Larger Plan : Business continuity planning (BCP)
Disaster Recovery Strategies System design -Redundancy. -Resilience. Protect the data -Backup processing strategies. -Data backup strategy. -Use of RAID Recovery considerations -Recovery strategies -Recovery sites
Recovery Sites
Recovery Sites
Incident Management
Business Impact Analysis (BIA) Identifying Critical Functions Any Function Critical for the Continuity of the Business Ex : Webserver for Souq.com Prioritizing Critical Business Functions List of Functions based on Priority to Business . Ex : Media Server , Active Directory , ERP System what’s the priority Calculating a Timeframe for Critical Systems Loss: MTD : Maximum Tolerable Downtime RTO : Recovery Time Objective determines the maximum tolerable amount of time needed to bring all critical sy stems back online. RPO : Recovery Point Objective determines the maximum acceptable amount of data loss measured in time. Estimate the Tangible and intangible impact on organizations Tangible Losses : Lost Income , Production Downtime Intangible : Loss of Customers , Damage to Company Image .
Security & Risk Management

Recommended

PTX12_Presentation_George Delikouras AIA
PTX12_Presentation_George Delikouras AIAPTX12_Presentation_George Delikouras AIA
PTX12_Presentation_George Delikouras AIAGeorge Delikouras
 
Business Continuity & Disaster Recovery
Business Continuity & Disaster RecoveryBusiness Continuity & Disaster Recovery
Business Continuity & Disaster RecoveryEC-Council
 
Its time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerIts time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerEnclaveSecurity
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016EnterpriseGRC Solutions, Inc.
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offeringeeaches
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
Understanding the security_organization
Understanding the security_organizationUnderstanding the security_organization
Understanding the security_organizationDan Morrill
 
Ca world 2007 SOC integration
Ca world 2007 SOC integrationCa world 2007 SOC integration
Ca world 2007 SOC integrationMichael Nickle
 

Recommended

PTX12_Presentation_George Delikouras AIA
PTX12_Presentation_George Delikouras AIAPTX12_Presentation_George Delikouras AIA
PTX12_Presentation_George Delikouras AIAGeorge Delikouras
 
Business Continuity & Disaster Recovery
Business Continuity & Disaster RecoveryBusiness Continuity & Disaster Recovery
Business Continuity & Disaster RecoveryEC-Council
 
Its time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerIts time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerEnclaveSecurity
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016EnterpriseGRC Solutions, Inc.
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offeringeeaches
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
Understanding the security_organization
Understanding the security_organizationUnderstanding the security_organization
Understanding the security_organizationDan Morrill
 
Ca world 2007 SOC integration
Ca world 2007 SOC integrationCa world 2007 SOC integration
Ca world 2007 SOC integrationMichael Nickle
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk ManagementTudor Damian
 
SOC for Cybersecurity Overview
SOC for Cybersecurity OverviewSOC for Cybersecurity Overview
SOC for Cybersecurity OverviewBrian Matteson, CISSP CISA
 
Chapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessChapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessnewbie2019
 
Rapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementRapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementEnergySec
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...at MicroFocus Italy ❖✔
 
Ch4 cism 2014
Ch4 cism 2014Ch4 cism 2014
Ch4 cism 2014Aladdin Dandis
 
ISACA Belgium CERT view 2011
ISACA Belgium CERT view 2011ISACA Belgium CERT view 2011
ISACA Belgium CERT view 2011Marc Vael
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Aladdin Dandis
 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOHappy Sad
 
Security operation center
Security operation centerSecurity operation center
Security operation centerMuthuKumaran267
 
Planning for security and security audit process
Planning for security and security audit processPlanning for security and security audit process
Planning for security and security audit processDivya Tiwari
 
Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Aladdin Dandis
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1securityAnne Starr
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 
security_assessment_slides
security_assessment_slidessecurity_assessment_slides
security_assessment_slidesSteve Arnold
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)April Mardock CISSP
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 

More Related Content

What's hot

IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk ManagementTudor Damian
 
Chapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessChapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessnewbie2019
 
Rapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementRapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementEnergySec
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...at MicroFocus Italy ❖✔
 
ISACA Belgium CERT view 2011
ISACA Belgium CERT view 2011ISACA Belgium CERT view 2011
ISACA Belgium CERT view 2011Marc Vael
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Aladdin Dandis
 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOHappy Sad
 
Security operation center
Security operation centerSecurity operation center
Security operation centerMuthuKumaran267
 
Planning for security and security audit process
Planning for security and security audit processPlanning for security and security audit process
Planning for security and security audit processDivya Tiwari
 
Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Aladdin Dandis
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1securityAnne Starr
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 
security_assessment_slides
security_assessment_slidessecurity_assessment_slides
security_assessment_slidesSteve Arnold
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 

What's hot (20)

IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk Management
 
SOC for Cybersecurity Overview
SOC for Cybersecurity OverviewSOC for Cybersecurity Overview
SOC for Cybersecurity Overview
 
Chapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessChapter 12 iso 27001 awareness
Chapter 12 iso 27001 awareness
 
Rapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementRapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk Management
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity Audit
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...
 
Ch4 cism 2014
Ch4 cism 2014Ch4 cism 2014
Ch4 cism 2014
 
ISACA Belgium CERT view 2011
ISACA Belgium CERT view 2011ISACA Belgium CERT view 2011
ISACA Belgium CERT view 2011
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0
 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
 
Security operation center
Security operation centerSecurity operation center
Security operation center
 
Planning for security and security audit process
Planning for security and security audit processPlanning for security and security audit process
Planning for security and security audit process
 
Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1security
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | Infosectrain
 
security_assessment_slides
security_assessment_slidessecurity_assessment_slides
security_assessment_slides
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 

Similar to Security & Risk Management

NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)April Mardock CISSP
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE360 BSI
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWPICPE
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniyaseraljohani
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniYaser Alrefai
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
iDEAFest Enteprise InfoSec Program Lessons Learned
iDEAFest Enteprise InfoSec Program Lessons LearnediDEAFest Enteprise InfoSec Program Lessons Learned
iDEAFest Enteprise InfoSec Program Lessons LearnedMichael King
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientAccenture Operations
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity CapabilityRod Davis
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
CERTIFIED DATA CENTRE RISK PROFESSIONAL
CERTIFIED DATA CENTRE RISK PROFESSIONALCERTIFIED DATA CENTRE RISK PROFESSIONAL
CERTIFIED DATA CENTRE RISK PROFESSIONALDee Smith & Associates
 
Cyber crime with privention
Cyber crime with privention Cyber crime with privention
Cyber crime with privention Manish Dixit Ceh
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdfBronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdfThomasBronack
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Tammy Clark
 
CONTEXTUAL ARCHITECTURE.pptx
CONTEXTUAL ARCHITECTURE.pptxCONTEXTUAL ARCHITECTURE.pptx
CONTEXTUAL ARCHITECTURE.pptxPandiya Rajan
 

Similar to Security & Risk Management (20)

NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity Risk
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
iDEAFest Enteprise InfoSec Program Lessons Learned
iDEAFest Enteprise InfoSec Program Lessons LearnediDEAFest Enteprise InfoSec Program Lessons Learned
iDEAFest Enteprise InfoSec Program Lessons Learned
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber Resilient
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity Capability
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
CERTIFIED DATA CENTRE RISK PROFESSIONAL
CERTIFIED DATA CENTRE RISK PROFESSIONALCERTIFIED DATA CENTRE RISK PROFESSIONAL
CERTIFIED DATA CENTRE RISK PROFESSIONAL
 
Cyber crime with privention
Cyber crime with privention Cyber crime with privention
Cyber crime with privention
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdfBronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
 
CRISC Course Preview
CRISC Course PreviewCRISC Course Preview
CRISC Course Preview
 
BiznetGio Presentation Business Continuity
BiznetGio Presentation Business ContinuityBiznetGio Presentation Business Continuity
BiznetGio Presentation Business Continuity
 
CONTEXTUAL ARCHITECTURE.pptx
CONTEXTUAL ARCHITECTURE.pptxCONTEXTUAL ARCHITECTURE.pptx
CONTEXTUAL ARCHITECTURE.pptx
 

Recently uploaded

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 

Recently uploaded (20)

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 

Security & Risk Management

  • 1. BY : Ahmed Abdel Hamid Security & Risk Management
  • 2. Your Presenter in few Bullets Points 14 Years of Experience in Information Technology Security , Management and Administration . Technical Certificate : Systems & Storage  Microsoft Certified System Engineer (MCSE)  SAP Basis Administration (TDM10, 12)  IBM Midrange Storage Specialist.  Information Technology Infrastructure Library Foundation (ITIL v3)  VMware Certificated Data Center Virtualization (VCP-DCV)  Veeam Certified Engineer (VMCE) • Network & Wireless  Cisco Certified Network Associate(CCNA R&S).  Aruba Certified Mobility Professional (ACMP) • Information Security & Penetration Testing  CompTIA Security (Sys401)  Certified of Ethical Hacking CEH v9  E-learn Security Junior Penetration Tester (EJPT)  E-learn Security Certified Professional Penetration Tester(eCCPT)  Certified Information Systems Security Professional (CISSP)  Fortinet Network Security Expert 1, 2, 4, (NSE 1, 2, 4)
  • 3. Outlines • Security Concept Overview • Security Threats • Risk Management • Risk Assessment Approaches • How to Handle Risks • Personal Security Policies • Business Continuity Planning • Disaster Recovery • Business Impact Analysis.
  • 4. What Happens Online in 60 Sec?
  • 15. Risk Assessment • The Process of Identifying the Threats , Vulnerabilities and the Impacts of loss of the Data or the ability to Process Data . • How to Determine the Risks Prioritization: -Based on Cost of Assets or Threat to organization . -Based on Likelihood of Occurrence . -Coordination with BIA (Business Impact Analysis)
  • 16. Practical Risk Assessment You’ve been asked to do a quick assessment of the risks your company faces from a security perspective. What steps might you take to develop an overview of your company’s problems? 1. Interview the department heads and the data owners to determine what information they feel requires additional security and to identify the exist ing vulnerabilities from their perspective. 2. Evaluate the network infrastructure to determine known vulnerabilities and how you might counter them. 3. Perform a physical assessment of the facility to evaluate what physical risks must be countered Armed with this information, you have a place to start, and you can determine which countermeasures may be approp riate for the company to mitigate risk.
  • 17. Risk Assessment Approaches Qualitative Assessment • Non-numerical values, levels, or categories (low, medium, high) • Assign numerical values for relative calculations, but they are not meanin gful outside of the assessment use Quantitative Assessment • Based on the use of numbers Values remain con sistent regardless of context – Financial costs – Time measurements
  • 18. Quantitative Risk Assessment Calculation steps: • Assign Asset Value (AV) • Calculate the Exposure Factor (EF) • Single-Loss Expectancy (SLE) for each threat = AV * EF • Calculate the likelihood of each threat being realized in a single year, the Annualized Rate of Occurrence (ARO) • Calculate Annualized Loss Expectancy (ALE), the overall loss potential per threat = SLE * ARO • EEAKSA Website is Seeking DDOS Attack one every 4 Year Website Revenue is 400,000 SAR and Attack May Cause 1 % from the production of the Website what’s the Annual Loss Expectancy for the EEAKSA ? 1- AV = 400,000 SAR 2- EV= 1 % = .01 3- SLE = AV * EF = 400,00 * .01 = 4000 4- ARO = ¼ = .25 5- ALE = ARO * SLE = 4000 * .25 = 1000 SAR
  • 20. How to Handle Risks ?
  • 21. Personnel Security Policy • Hiring  Background checks: – Credit history – Driving record – Criminal record – Substance testing – References – Education/certification verification  Job descriptions  Employment agreements (NDA , AUP) • Termination  How are employee resources handled – Collection of computer, phone, badges – Permission changes  Schedule of activities
  • 22. Personal Security Policies Least Privilege Requires that each perso n or process be able to a ccess only the information and resourc es that are necessary for their legitimate Purpose • Ex. IT manager does no t require physical access to data center Separation of duties(SOD) Requires more than one person to complete a task. Two methods to implement are: 1. Split-knowledge: No one person has sufficient knowledge or capability to complete a task 2. Dual-control: Two people are required to accomplish a task; e.g., two locks on a safe and each person only has one key Job rotation Assigns employees to various jobs or departments over time to detect errors and frauds. Reduces the risk of collusion between individuals Mandatory vacations Forced time off to allow for audits and potential discovery of illicit Activities Should not be planned or announced in advance
  • 23. Business Continuity Planning The process of implementing policies, controls, and procedures to counteract the effects of losses, outages, or failures of critical business processes. BCP is primarily a management tool that ensures that critical business functions can be performed when nor mal business operations are disrupted
  • 25. Disaster Recovery A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure ,and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses. DR Plan is Part of Larger Plan : Business continuity planning (BCP)
  • 26. Disaster Recovery Strategies System design -Redundancy. -Resilience. Protect the data -Backup processing strategies. -Data backup strategy. -Use of RAID Recovery considerations -Recovery strategies -Recovery sites
  • 30. Business Impact Analysis (BIA) Identifying Critical Functions Any Function Critical for the Continuity of the Business Ex : Webserver for Souq.com Prioritizing Critical Business Functions List of Functions based on Priority to Business . Ex : Media Server , Active Directory , ERP System what’s the priority Calculating a Timeframe for Critical Systems Loss: MTD : Maximum Tolerable Downtime RTO : Recovery Time Objective determines the maximum tolerable amount of time needed to bring all critical sy stems back online. RPO : Recovery Point Objective determines the maximum acceptable amount of data loss measured in time. Estimate the Tangible and intangible impact on organizations Tangible Losses : Lost Income , Production Downtime Intangible : Loss of Customers , Damage to Company Image .