SlideShare a Scribd company logo

BCS ITNow 201309 - Holistic Security

Gareth Niblett
Gareth Niblett

When it comes to information assurance you need to take a wide view of the issues, says Gareth Niblett, Chairman of the BCS Information Security Specialist Group.

Technology
1 of 1
Download to read offline
Information assurance (IA) is what information security people do to try and manage risks associated with information and data. This covers the people, processes and systems that might access, store, process, and transmit it. It should be holistic, and focus on more than just technical security controls, taking on board strategic and organisational issues too. IA should consider governance and compliance issues alongside the risk ones, paying due regard to legal, regulatory and contractual compliance. It is not simply an IT or technical discipline where techies can work in isolation from the real world; often it requires a delicate balance when people and cultural conflict are possible, e.g. with BYOD. Other balances must be struck when considering aspects of privacy and transparency, weighing obligations against benefits and risks. A good IA professional tries to rarely say no, preferring to understand what the business is trying to achieve and then working collaboratively with it to arrive at a suitable method of getting the desired result. Those working in IA must continue to stay on top of standards and good practice, advances in technologies and emerging issues that may impact particular approaches and change risk profiles (e.g. online communications and cloud computing being targeted by foreign governments). INFORMATION SECURITY Most of all, they must engage positively with their business. Working in this space is both challenging, with everything continually developing, and rewarding, especially when playing a part in defending your organisation, client or country. www.bcs.org/security When it comes to information assurance you need to take a wide view of the issues, says Gareth Niblett, Chairman of the BCS Information Security Specialist Group. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION HOLISTIC SECURITY doi:10.1093/itnow/bwt043©2013TheBritishComputerSocietyImage:iStockPhoto/168767483 24 ITNOW September 2013 Agile Certified Professionals across the business can now demonstrate their ability to deliver greater value from their projects – with the global benchmark in agile capability. BCS Agile Certification pushes the boundaries in agile thinking and delivers the why, not just the how, of agile by bringing people together in an agile learning environment to tackle real-world business issues. It’s method-neutral, leaving you to decide on the agile approach that works best in your organisation. Enjoy successful agile projects and transform the way you do business. bcs.org/agilecertified BC291/LD/AD/0713 © BCS, The Chartered Institute for IT, is the business name of the British Computer Society (Registered charity no. 292786) 2013

Recommended

BCS ITNow 201312 - 2014 Threats
BCS ITNow 201312 - 2014 ThreatsBCS ITNow 201312 - 2014 Threats
BCS ITNow 201312 - 2014 ThreatsGareth Niblett
 
BCS ITNow 201512 - Cyber Innovation
BCS ITNow 201512 - Cyber InnovationBCS ITNow 201512 - Cyber Innovation
BCS ITNow 201512 - Cyber InnovationGareth Niblett
 
BCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionBCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionGareth Niblett
 
12 Top Talks from the 2016 R-CISC Summit
12 Top Talks from the 2016 R-CISC Summit12 Top Talks from the 2016 R-CISC Summit
12 Top Talks from the 2016 R-CISC SummitTripwire
 
HOW TO RETALIATE AGAINST CYBER THREATS WITH PAYMENT-OVER-TIME MODELS
HOW TO RETALIATE AGAINST CYBER THREATS WITH PAYMENT-OVER-TIME MODELS HOW TO RETALIATE AGAINST CYBER THREATS WITH PAYMENT-OVER-TIME MODELS
HOW TO RETALIATE AGAINST CYBER THREATS WITH PAYMENT-OVER-TIME MODELS Marie-Neige Roux
 
Cyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchCyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchLaVerne Kemp
 
Cyber intelligence sharing and protect act research
Cyber intelligence sharing and protect act researchCyber intelligence sharing and protect act research
Cyber intelligence sharing and protect act researchLaVerne Kemp
 
Find the best cyebersecurity services
Find the best cyebersecurity servicesFind the best cyebersecurity services
Find the best cyebersecurity serviceswilsonconsulting1
 

Recommended

BCS ITNow 201312 - 2014 Threats
BCS ITNow 201312 - 2014 ThreatsBCS ITNow 201312 - 2014 Threats
BCS ITNow 201312 - 2014 ThreatsGareth Niblett
 
BCS ITNow 201512 - Cyber Innovation
BCS ITNow 201512 - Cyber InnovationBCS ITNow 201512 - Cyber Innovation
BCS ITNow 201512 - Cyber InnovationGareth Niblett
 
BCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionBCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionGareth Niblett
 
12 Top Talks from the 2016 R-CISC Summit
12 Top Talks from the 2016 R-CISC Summit12 Top Talks from the 2016 R-CISC Summit
12 Top Talks from the 2016 R-CISC SummitTripwire
 
HOW TO RETALIATE AGAINST CYBER THREATS WITH PAYMENT-OVER-TIME MODELS
HOW TO RETALIATE AGAINST CYBER THREATS WITH PAYMENT-OVER-TIME MODELS HOW TO RETALIATE AGAINST CYBER THREATS WITH PAYMENT-OVER-TIME MODELS
HOW TO RETALIATE AGAINST CYBER THREATS WITH PAYMENT-OVER-TIME MODELS Marie-Neige Roux
 
Cyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchCyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchLaVerne Kemp
 
Cyber intelligence sharing and protect act research
Cyber intelligence sharing and protect act researchCyber intelligence sharing and protect act research
Cyber intelligence sharing and protect act researchLaVerne Kemp
 
Find the best cyebersecurity services
Find the best cyebersecurity servicesFind the best cyebersecurity services
Find the best cyebersecurity serviceswilsonconsulting1
 
Wilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity CompanyWilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity Companywilsonconsulting1
 
Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)JISC.AM
 
What retailers want you to know about data security
What retailers want you to know about data securityWhat retailers want you to know about data security
What retailers want you to know about data securityNational Retail Federation
 
Ccpa compliance services in usa
Ccpa compliance services in usaCcpa compliance services in usa
Ccpa compliance services in usawilsonconsulting1
 
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditCyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditNationalUnderwriter
 
Speaker - InfoSecWorld 2017
Speaker - InfoSecWorld 2017Speaker - InfoSecWorld 2017
Speaker - InfoSecWorld 2017Dominic Vogel
 
IDC - Security : From Pain To Empowerment
IDC - Security : From Pain To EmpowermentIDC - Security : From Pain To Empowerment
IDC - Security : From Pain To EmpowermentBee_Ware
 
Mitre: People in Progress
Mitre: People in ProgressMitre: People in Progress
Mitre: People in ProgressSoCo Partners
 
A Focus on Data, Best's Review, September 2018
A Focus on Data, Best's Review, September 2018A Focus on Data, Best's Review, September 2018
A Focus on Data, Best's Review, September 2018Gates Ouimette
 
BCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, SecureBCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, SecureGareth Niblett
 
Can we keep your data please?
Can we keep your data please?Can we keep your data please?
Can we keep your data please?Paul Bernal
 
Privacy_Trends
Privacy_TrendsPrivacy_Trends
Privacy_TrendsDesmond Israel
 
ASIS International Collaborating on Security Awareness Standard
ASIS International Collaborating on Security Awareness StandardASIS International Collaborating on Security Awareness Standard
ASIS International Collaborating on Security Awareness StandardEmblez Longoria
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
 
A practical approach to the internet of things by Kristian Foss
A practical approach to the internet of things by Kristian FossA practical approach to the internet of things by Kristian Foss
A practical approach to the internet of things by Kristian FossKristian Foss
 
brochure
brochurebrochure
brochureAri Järvinen
 
Wayne Schepens: CyberMaryland Hosts Cybersecurity Meeting
Wayne Schepens: CyberMaryland Hosts Cybersecurity MeetingWayne Schepens: CyberMaryland Hosts Cybersecurity Meeting
Wayne Schepens: CyberMaryland Hosts Cybersecurity MeetingWayne Schepens
 
Building the Next Generation ISAC-- A Blueprint for Success
Building the Next Generation ISAC-- A Blueprint for SuccessBuilding the Next Generation ISAC-- A Blueprint for Success
Building the Next Generation ISAC-- A Blueprint for SuccessBooz Allen Hamilton
 
Olaf Kolkman - FIRST Keynote on Collaborative Security
Olaf Kolkman - FIRST Keynote on Collaborative SecurityOlaf Kolkman - FIRST Keynote on Collaborative Security
Olaf Kolkman - FIRST Keynote on Collaborative SecurityInternet Technology Matters (Internet Society)
 
ICO Presentation - Data Protection
ICO Presentation - Data ProtectionICO Presentation - Data Protection
ICO Presentation - Data ProtectionNICVA
 
BCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletBCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletGareth Niblett
 
I-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarI-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarClaudia Warwar
 

More Related Content

What's hot

Wilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity CompanyWilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity Companywilsonconsulting1
 
Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)JISC.AM
 
What retailers want you to know about data security
What retailers want you to know about data securityWhat retailers want you to know about data security
What retailers want you to know about data securityNational Retail Federation
 
Ccpa compliance services in usa
Ccpa compliance services in usaCcpa compliance services in usa
Ccpa compliance services in usawilsonconsulting1
 
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditCyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditNationalUnderwriter
 
Speaker - InfoSecWorld 2017
Speaker - InfoSecWorld 2017Speaker - InfoSecWorld 2017
Speaker - InfoSecWorld 2017Dominic Vogel
 
IDC - Security : From Pain To Empowerment
IDC - Security : From Pain To EmpowermentIDC - Security : From Pain To Empowerment
IDC - Security : From Pain To EmpowermentBee_Ware
 
Mitre: People in Progress
Mitre: People in ProgressMitre: People in Progress
Mitre: People in ProgressSoCo Partners
 
A Focus on Data, Best's Review, September 2018
A Focus on Data, Best's Review, September 2018A Focus on Data, Best's Review, September 2018
A Focus on Data, Best's Review, September 2018Gates Ouimette
 
BCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, SecureBCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, SecureGareth Niblett
 
Can we keep your data please?
Can we keep your data please?Can we keep your data please?
Can we keep your data please?Paul Bernal
 
ASIS International Collaborating on Security Awareness Standard
ASIS International Collaborating on Security Awareness StandardASIS International Collaborating on Security Awareness Standard
ASIS International Collaborating on Security Awareness StandardEmblez Longoria
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
 
A practical approach to the internet of things by Kristian Foss
A practical approach to the internet of things by Kristian FossA practical approach to the internet of things by Kristian Foss
A practical approach to the internet of things by Kristian FossKristian Foss
 
Wayne Schepens: CyberMaryland Hosts Cybersecurity Meeting
Wayne Schepens: CyberMaryland Hosts Cybersecurity MeetingWayne Schepens: CyberMaryland Hosts Cybersecurity Meeting
Wayne Schepens: CyberMaryland Hosts Cybersecurity MeetingWayne Schepens
 
Building the Next Generation ISAC-- A Blueprint for Success
Building the Next Generation ISAC-- A Blueprint for SuccessBuilding the Next Generation ISAC-- A Blueprint for Success
Building the Next Generation ISAC-- A Blueprint for SuccessBooz Allen Hamilton
 
ICO Presentation - Data Protection
ICO Presentation - Data ProtectionICO Presentation - Data Protection
ICO Presentation - Data ProtectionNICVA
 

What's hot (20)

Wilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity CompanyWilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity Company
 
Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)
 
What retailers want you to know about data security
What retailers want you to know about data securityWhat retailers want you to know about data security
What retailers want you to know about data security
 
Ccpa compliance services in usa
Ccpa compliance services in usaCcpa compliance services in usa
Ccpa compliance services in usa
 
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditCyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
 
Speaker - InfoSecWorld 2017
Speaker - InfoSecWorld 2017Speaker - InfoSecWorld 2017
Speaker - InfoSecWorld 2017
 
IDC - Security : From Pain To Empowerment
IDC - Security : From Pain To EmpowermentIDC - Security : From Pain To Empowerment
IDC - Security : From Pain To Empowerment
 
Mitre: People in Progress
Mitre: People in ProgressMitre: People in Progress
Mitre: People in Progress
 
A Focus on Data, Best's Review, September 2018
A Focus on Data, Best's Review, September 2018A Focus on Data, Best's Review, September 2018
A Focus on Data, Best's Review, September 2018
 
BCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, SecureBCS ITNow 201303 - Cope, Educate, Secure
BCS ITNow 201303 - Cope, Educate, Secure
 
Can we keep your data please?
Can we keep your data please?Can we keep your data please?
Can we keep your data please?
 
Privacy_Trends
Privacy_TrendsPrivacy_Trends
Privacy_Trends
 
ASIS International Collaborating on Security Awareness Standard
ASIS International Collaborating on Security Awareness StandardASIS International Collaborating on Security Awareness Standard
ASIS International Collaborating on Security Awareness Standard
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7
 
A practical approach to the internet of things by Kristian Foss
A practical approach to the internet of things by Kristian FossA practical approach to the internet of things by Kristian Foss
A practical approach to the internet of things by Kristian Foss
 
brochure
brochurebrochure
brochure
 
Wayne Schepens: CyberMaryland Hosts Cybersecurity Meeting
Wayne Schepens: CyberMaryland Hosts Cybersecurity MeetingWayne Schepens: CyberMaryland Hosts Cybersecurity Meeting
Wayne Schepens: CyberMaryland Hosts Cybersecurity Meeting
 
Building the Next Generation ISAC-- A Blueprint for Success
Building the Next Generation ISAC-- A Blueprint for SuccessBuilding the Next Generation ISAC-- A Blueprint for Success
Building the Next Generation ISAC-- A Blueprint for Success
 
Olaf Kolkman - FIRST Keynote on Collaborative Security
Olaf Kolkman - FIRST Keynote on Collaborative SecurityOlaf Kolkman - FIRST Keynote on Collaborative Security
Olaf Kolkman - FIRST Keynote on Collaborative Security
 
ICO Presentation - Data Protection
ICO Presentation - Data ProtectionICO Presentation - Data Protection
ICO Presentation - Data Protection
 

Similar to BCS ITNow 201309 - Holistic Security

BCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletBCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletGareth Niblett
 
I-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarI-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarClaudia Warwar
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991Jim Romeo
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessibleCharmaine Servado
 
For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10David X Martin
 
Security Strategies for Success
Security Strategies for SuccessSecurity Strategies for Success
Security Strategies for SuccessCitrix
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityRahul Tyagi
 
Whitepaper Pro-active Security Management 2006.pdf
Whitepaper Pro-active Security Management 2006.pdfWhitepaper Pro-active Security Management 2006.pdf
Whitepaper Pro-active Security Management 2006.pdfserve&solve
 
CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonPatricia M Watson
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence reportSimon Clements FIRP DipRP
 
Advisory from Professionals Preparing Information .docx
Advisory from Professionals Preparing Information .docxAdvisory from Professionals Preparing Information .docx
Advisory from Professionals Preparing Information .docxkatherncarlyle
 
Advisory from Professionals Preparing Information .docx
Advisory from Professionals Preparing Information .docxAdvisory from Professionals Preparing Information .docx
Advisory from Professionals Preparing Information .docxdaniahendric
 
Discussion 1 Importance of Technology Security EducationToday t.docx
Discussion 1 Importance of Technology Security EducationToday t.docxDiscussion 1 Importance of Technology Security EducationToday t.docx
Discussion 1 Importance of Technology Security EducationToday t.docxcuddietheresa
 
News letter June 11
News letter June 11News letter June 11
News letter June 11captsbtyagi
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber securitynsheel
 

Similar to BCS ITNow 201309 - Holistic Security (20)

BCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletBCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver Bullet
 
I-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarI-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia Warwar
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
 
For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10
 
Security Strategies for Success
Security Strategies for SuccessSecurity Strategies for Success
Security Strategies for Success
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
The Future of Cybersecurity
The Future of CybersecurityThe Future of Cybersecurity
The Future of Cybersecurity
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe Security
 
Whitepaper Pro-active Security Management 2006.pdf
Whitepaper Pro-active Security Management 2006.pdfWhitepaper Pro-active Security Management 2006.pdf
Whitepaper Pro-active Security Management 2006.pdf
 
CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 Watson
 
Looking into the future of security
Looking into the future of securityLooking into the future of security
Looking into the future of security
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence report
 
Advisory from Professionals Preparing Information .docx
Advisory from Professionals Preparing Information .docxAdvisory from Professionals Preparing Information .docx
Advisory from Professionals Preparing Information .docx
 
Advisory from Professionals Preparing Information .docx
Advisory from Professionals Preparing Information .docxAdvisory from Professionals Preparing Information .docx
Advisory from Professionals Preparing Information .docx
 
Discussion 1 Importance of Technology Security EducationToday t.docx
Discussion 1 Importance of Technology Security EducationToday t.docxDiscussion 1 Importance of Technology Security EducationToday t.docx
Discussion 1 Importance of Technology Security EducationToday t.docx
 
How Cyber Resilient are we?
How Cyber Resilient are we?How Cyber Resilient are we?
How Cyber Resilient are we?
 
News letter June 11
News letter June 11News letter June 11
News letter June 11
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber security
 

More from Gareth Niblett

Preventing Predictable Problems (Possibly)
Preventing Predictable Problems (Possibly)Preventing Predictable Problems (Possibly)
Preventing Predictable Problems (Possibly)Gareth Niblett
 
BCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsBCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsGareth Niblett
 
BCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsBCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsGareth Niblett
 
BCS ITNow 201603 - Cyber Response
BCS ITNow 201603 - Cyber ResponseBCS ITNow 201603 - Cyber Response
BCS ITNow 201603 - Cyber ResponseGareth Niblett
 
BCS ITNow 201306 - Share Securely
BCS ITNow 201306 - Share SecurelyBCS ITNow 201306 - Share Securely
BCS ITNow 201306 - Share SecurelyGareth Niblett
 
BCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessBCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessGareth Niblett
 
BCS ITNow 201409 - What's Going On
BCS ITNow 201409 - What's Going OnBCS ITNow 201409 - What's Going On
BCS ITNow 201409 - What's Going OnGareth Niblett
 
BCS ITNow 201412 - Stay Alert
BCS ITNow 201412 - Stay AlertBCS ITNow 201412 - Stay Alert
BCS ITNow 201412 - Stay AlertGareth Niblett
 
BCS ITNow 201509 - Identity
BCS ITNow 201509 - IdentityBCS ITNow 201509 - Identity
BCS ITNow 201509 - IdentityGareth Niblett
 
Why the Private Sector is Key to Cyber Defence
Why the Private Sector is Key to Cyber DefenceWhy the Private Sector is Key to Cyber Defence
Why the Private Sector is Key to Cyber DefenceGareth Niblett
 
RIPA: Perception and Practice
RIPA: Perception and PracticeRIPA: Perception and Practice
RIPA: Perception and PracticeGareth Niblett
 

More from Gareth Niblett (11)

Preventing Predictable Problems (Possibly)
Preventing Predictable Problems (Possibly)Preventing Predictable Problems (Possibly)
Preventing Predictable Problems (Possibly)
 
BCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsBCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest Threats
 
BCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsBCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider Threats
 
BCS ITNow 201603 - Cyber Response
BCS ITNow 201603 - Cyber ResponseBCS ITNow 201603 - Cyber Response
BCS ITNow 201603 - Cyber Response
 
BCS ITNow 201306 - Share Securely
BCS ITNow 201306 - Share SecurelyBCS ITNow 201306 - Share Securely
BCS ITNow 201306 - Share Securely
 
BCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessBCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk Business
 
BCS ITNow 201409 - What's Going On
BCS ITNow 201409 - What's Going OnBCS ITNow 201409 - What's Going On
BCS ITNow 201409 - What's Going On
 
BCS ITNow 201412 - Stay Alert
BCS ITNow 201412 - Stay AlertBCS ITNow 201412 - Stay Alert
BCS ITNow 201412 - Stay Alert
 
BCS ITNow 201509 - Identity
BCS ITNow 201509 - IdentityBCS ITNow 201509 - Identity
BCS ITNow 201509 - Identity
 
Why the Private Sector is Key to Cyber Defence
Why the Private Sector is Key to Cyber DefenceWhy the Private Sector is Key to Cyber Defence
Why the Private Sector is Key to Cyber Defence
 
RIPA: Perception and Practice
RIPA: Perception and PracticeRIPA: Perception and Practice
RIPA: Perception and Practice
 

Recently uploaded

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 

Recently uploaded (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 

BCS ITNow 201309 - Holistic Security

  • 1. Information assurance (IA) is what information security people do to try and manage risks associated with information and data. This covers the people, processes and systems that might access, store, process, and transmit it. It should be holistic, and focus on more than just technical security controls, taking on board strategic and organisational issues too. IA should consider governance and compliance issues alongside the risk ones, paying due regard to legal, regulatory and contractual compliance. It is not simply an IT or technical discipline where techies can work in isolation from the real world; often it requires a delicate balance when people and cultural conflict are possible, e.g. with BYOD. Other balances must be struck when considering aspects of privacy and transparency, weighing obligations against benefits and risks. A good IA professional tries to rarely say no, preferring to understand what the business is trying to achieve and then working collaboratively with it to arrive at a suitable method of getting the desired result. Those working in IA must continue to stay on top of standards and good practice, advances in technologies and emerging issues that may impact particular approaches and change risk profiles (e.g. online communications and cloud computing being targeted by foreign governments). INFORMATION SECURITY Most of all, they must engage positively with their business. Working in this space is both challenging, with everything continually developing, and rewarding, especially when playing a part in defending your organisation, client or country. www.bcs.org/security When it comes to information assurance you need to take a wide view of the issues, says Gareth Niblett, Chairman of the BCS Information Security Specialist Group. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION HOLISTIC SECURITY doi:10.1093/itnow/bwt043©2013TheBritishComputerSocietyImage:iStockPhoto/168767483 24 ITNOW September 2013 Agile Certified Professionals across the business can now demonstrate their ability to deliver greater value from their projects – with the global benchmark in agile capability. BCS Agile Certification pushes the boundaries in agile thinking and delivers the why, not just the how, of agile by bringing people together in an agile learning environment to tackle real-world business issues. It’s method-neutral, leaving you to decide on the agile approach that works best in your organisation. Enjoy successful agile projects and transform the way you do business. bcs.org/agilecertified BC291/LD/AD/0713 © BCS, The Chartered Institute for IT, is the business name of the British Computer Society (Registered charity no. 292786) 2013