Information Security Update - Summer 2019 Plans & Direction
Explore the Summer 2019 plans and goals of the Information Security Office, focusing on key areas like SecOps, risk & compliance, and the practice of information security. Learn about the four main goals of information security and the big changes in tools planned for the future.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
INFORMATION SECURITY UPDATE - ISO 2019 Summer Plans and Direction 1
THE ISO Information Security Office - 2
The Practice of Information Security Two main divisions of professional practice in the ISO Security Operations (SecOps): Technical security controls (plus physical ) Risk & Compliance: Administrative security controls (Plus everyone does Response, TEA, Office functions, etc.) - SecOps examples SIEM, vulnerability scanner, firewalls, anti-virus, penetration testing tools, 2-factor authentication, remote access gateways, IDS/IPS, login IDs and passwords, data recovery/forensics, etc. Risk & Compliance examples Policies, procedures, risk assessments, security plans, security-email-lists, investigations, HIPAA/PCI/FISMA/NIST/DUAs , etc. 3
THE FOUR THINGS OF INFOSEC Goals or principles - 4
The Four Things (Goals) of Information Security Keep the Bad Actors Out Edge firewall, controlled remote access and control, datacenter and network closet safeguards, SIEM & IDS/IPS Verify the Trusts UBIDs and passwords, MultiFactor Authentication, SIEM & IDS/IPS (logging and alerts, impossible login detection, etc.) - Support creation and sharing of knowledge and information as intended Keep UB safe by protecting our systems, data, and users Security standards, etc.. 5
Summer 2019 Plans IV Big Changes/Tools (see top 2 goals) I. - Fully staff the ISO, improve the presence and communications (ISO Blog, etc.) II. -Transition to SPLUNK Logs and logging of all things needed (server security standards!) Security dashboards, standard reports (Pivots: UBID -> IP -> UBIDs > IPs ->Activities, etc.) (Impossible travel: login here and from Russia within 10 minutes of each other) - III. - NGFW Firewall tuning and changes reduce attack surface (integration with Dept. Firewalls) Control & Monitor Remote Access/Remote Control for attacks (RDP, SSH, etc.) IV. - MFA??? (Next Fall opt-in, 2020 required (protect W2)? Students? Etc.) Plus ongoing Category 2 data and principles of protection (Minimum Necessary, Least Privilege ) Desktop Security Standard revisited and revisited email controls/DLP?... 6
QUESTIONS? - 7
