SlideShare une entreprise Scribd logo

How to minimize threats in your information system using network segregation?

PECB
PECB

We will discuss the importance of network infrastructure and how we can minimize risks of attacks in our IT by segregating and segmenting our network infrastructure. Main points that have been covered are: • Why it’s always a primary target for attacks? • What are the segmented networks? • How can it be used? Presenter: Our presenter for this webinar is Mohamed Tawfik, who is a qualified Technocrat, and a seasoned IT/Telecom Professional having over 20 years of solid experience with multi-national corporate organizations planning, deployment, governance, audit and enforcing policy on Information Security Practice, while having in-depth knowledge of IT/Telecom Infrastructure and with a proven record of customer satisfaction. Link of the recorded session published on YouTube:https://youtu.be/sKhihzgElH8

Formation
1  sur  25
1 Network Segregation
2 Mohamed M. Tawfik Job Positions Mohamed Tawfik is a qualified Technocrat, and a seasoned IT/Telecom Professional having over 20 years of solid experience with multi-national corporate organizations planning, deployment, governance, audit and enforcing policy on Information Security Practice, while having in-depth knowledge of IT/Telecom Infrastructure and with a proven record of customer satisfaction +201223189496 mohamed.tawfik1974@gmail.com www.globalknowledge.com https://sa.linkedin.com/in/mohamed-m-tawfik-a300211b Contact Information
33 3 Introduction Network infrastructure is the most critical backbone of business. Greater diversity and complexity of the enterprise IT infrastructure creates corresponding challenges to the enterprise's ability to maintain some sort of balance between functionality, performance and security.
44 4 Usage! Corporate end-users increasingly have huge dependency on network resources for: • access to enterprise email, calendar and contacts • Instant Messaging and VoIP • access to enterprise web-based apps • access to corporate network or Wi-Fi internet access • Increase in personal device usage (BYOD)
55 5 A common target Usually Network is the primary target for attacks, considering that all traffic it’s carrying, has a huge amount of useful information for the attacker. Some can just be satisfied by sniffing packets, and getting their hands on any information that can be used to achieve further control. Others simply aim to a DOS objective.
66 6 Let’s make it harder for the attacker? Once an attacker gains unauthorized access, network segmentation can provide effective controls to mitigate the next step of a network intrusion and to limit further movement across the network or propagation of a threat. By properly segregating the network, you are essentially minimizing the level of access to sensitive information or applications, servers, and people who don’t need it, while enabling access for those that do.
77 7 Traditional Networks Traditional flat networks present a single Attack surface to both internal and external threats
88 8 Segmented Networks By segmenting a network, and applying appropriate controls, we can break a network into a multiple attack surface that prevents threat agents from reaching our critical network resources
99 9 What is the difference between network segmentation and segregation? Network segmentation: is about partitioning the network into smaller networks. Network segregation: is developing and enforcing a ruleset controlling which computing devices are permitted to communicate with which other computing devices.
101010 Network segmentation and segregation Benefits When we implement network segmentation and segregation we minimize the level of access to corporate sensitive information, whilst not stopping our Business from operating effectively.
111111 Examples of multiple networks Many different networks can co-exist in a corporate that requires multiple networks. • Datacenter • VoIP • R&D / LAB / Test environment • Users LAN • Technical Management Network • DMZ • Dedicated networks ( handling secret / confidential information / special purposes) • WLAN • Territory / site LANs
121212 What’s the Risk? Enterprise risks include:  Loss or exposure of sensitive Information  Huge availability concerns  Introduction of malware and exploiting resources  Leakage of sensitive data including the inadvertent, the well intentioned and the malicious  Unauthorized access to resources  Increased pressure on existing resources by business processes (e.g., backups, increasing volumes of traffic, managing non-business related traffic, provisioning of access to supported applications, help desk support) to support a highly diverse population of resources.  Additional requirements for audit, reporting, e-discovery and forensics
131313 How to mitigate it? some of the common technologies and methods used include: i. Implementing demilitarized zones (DMZ) ii. Implementing server and domain isolation iii. Implementing storage based segmentation
141414 Implementing demilitarized zones (DMZ) Implementing demilitarized zones (DMZ) to segregate different security domains, utilizing technologies such as: i. Separate physical links and systems; ii. Traffic flow filters; iii. Virtual Local Area Networks (VLANs); iv. Network and host‐based Firewalls; v. Application Firewalls, Proxies; vi. Content based filtering. vii. AAA services viii. Network Access Control;
151515 Drawbacks Security comes with a price! Having multiple networks, means extra overheads for: i. Provisioning access ii. Administration iii. Configuration management iv. Support and implementation costs, v. Also additional HW costs
161616 What can we do to overcome the drawbacks? i. Maintain an up to date architecture diagrams of your network, and make sure they are always reflecting critical changes ii. Implement AAA solution, so you can reduce some of the administration overheads iii. Implement Network Access Control solution
171717 What is NAC? i. Network Access Control (NAC) also called network admission control, is a method of bolstering the security of a proprietary network by restricting the availability of network resources to endpoint devices that comply with a defined security policy ii. NAC restricts the data that each particular user can access iii. NAC can regulate and restrict the things individual subscribers can do once they are connected
181818 What are the benefits? i. Keeps rogue devices off our network ii. Ensures 100% of endpoints on your network are compliant or quarantined until they are remediated iii. Prevents vulnerabilities – security software (anti-virus, personal firewall, etc.) is compliant and up-to-date (OS and patches are current) iv. Lowers support costs – automatic remediation of non- compliant machines
191919 How it works?
202020 How is this addressed in ISO 27001:2013? introduction ISO/IEC 27002 defines 12 security domains, namely: security policy, asset management, organizing information security, human resources, physical and environment, communication and operations management, access control, information system acquisition, development and maintenance, information security incident management, business continuity management and compliance. Out of the 12 security domains, Communication Security is of great importance in order to protect critical network information.
212121 How is this addressed in ISO 27001? ISO 27002 13 Communications security 13.1 Network security management Objective: To ensure the protection of information in networks and its supporting information processing Facilities.
22222222 27001:2013 Annex A A.13 Communications Security A.13.1 Network Security Management Objective: To ensure the protection of information in networks and its supporting information processing facilities. How is this addressed in ISO 27001? A.13.1.1 Network controls Networks shall be managed and controlled to protect information in systems and applications. A.13.1.2 Security of network services Security mechanisms, service levels and management requirements of all network services shall be identified and included in network services agreements, whether these services are provided in-house or outsourced. A.13.1.3 Segregation in networks Groups of information services, users and information systems shall be segregated on networks.
232323 How is this addressed in ISO 27002? A.13.1.3 Segregation in networks Control Groups of information services, users and information systems should be segregated on networks. Implementation guidance One method of managing the security of large networks is to divide them into separate network domains. The domains can be chosen based on trust levels (e.g. public access domain, desktop domain, server domain), along organizational units (e.g. human resources, finance, marketing) or some combination (e.g. server domain connecting to multiple organizational units). The segregation can be done using either physically different networks or by using different logical networks (e.g.virtual private networking). The perimeter of each domain should be well defined. Access between network domains is allowed, but should be controlled at the perimeter using a gateway (e.g. firewall, filtering router). The criteria for segregation of networks into domains, and the access allowed through the gateways, should be based on an assessment of the security requirements of each domain. The assessment should be in accordance with the access control policy (see 9.1.1), access requirements, value and classification of information processed and also take account of the relative cost and performance impact of incorporating suitable gateway technology. Wireless networks require special treatment due to the poorly defined network perimeter. For sensitive environments, consideration should be made to treat all wireless access as external connections and to segregate this access from internal networks until the access has passed through a gateway in accordance with network controls policy (see 13.1.1) before granting access to internal systems. The authentication, encryption and user level network access control technologies of modern, standards based wireless networks may be sufficient for direct connection to the organization’s internal network when properly implemented. Other information Networks often extend beyond organizational boundaries, as business partnerships are formed that require the interconnection or sharing of information processing and networking facilities. Such extensions can increase the risk of unauthorized access to the organization’s information systems that use the network, some of which require protection from other network users because of their sensitivity or criticality.
24 ISO 27001 Training Courses  ISO/IEC 27001 Introduction 1 Day Course  ISO/IEC 27001 Foundation 2 Days Course  ISO/IEC 27001 Lead Implementer 5 Days Course  ISO/IEC 27001 Lead Auditor 5 Days Course Exam and certification fees are included in the training price. https://www.pecb.com/iso-iec-27001-training-courses| www.pecb.com/events
25 THANK YOU ? +201223189496 mohamed.tawfik1974@gmail.com www.globalknowledge.com https://sa.linkedin.com/in/mohamed-m-tawfik-a300211b Contact Information Questions?

Recommandé

Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
Mart Rovers
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
PECB
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
Hamed Moghaddam
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
Business Beam
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
Ãsħâr Ãâlâm
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guide
mfmurat
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
Reza Teynia ISMS, ITSM, MSc
 

Recommandé

Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
Mart Rovers
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
PECB
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
Hamed Moghaddam
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
Business Beam
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
Ãsħâr Ãâlâm
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guide
mfmurat
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
Reza Teynia ISMS, ITSM, MSc
 
How To Set Security Awareness Strategic Goals, KPIs and Metrics
How To Set Security Awareness Strategic Goals, KPIs and MetricsHow To Set Security Awareness Strategic Goals, KPIs and Metrics
How To Set Security Awareness Strategic Goals, KPIs and Metrics
Terranova Security
 
IT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation SlidesIT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation Slides
SlideTeam
 
Microsoft 365 recordsmanagement en governance - Od kennissessie keynote - eri...
Microsoft 365 recordsmanagement en governance - Od kennissessie keynote - eri...Microsoft 365 recordsmanagement en governance - Od kennissessie keynote - eri...
Microsoft 365 recordsmanagement en governance - Od kennissessie keynote - eri...
Eric Burger
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
n|u - The Open Security Community
 
SOC 2 Type 2 Checklist - Part 1 - V2.pdf
SOC 2 Type 2 Checklist - Part 1 - V2.pdfSOC 2 Type 2 Checklist - Part 1 - V2.pdf
SOC 2 Type 2 Checklist - Part 1 - V2.pdf
Infosectrain3
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...
Hernan Huwyler, MBA CPA
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0
Maganathin Veeraragaloo
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
ControlCase
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
Shankar Subramaniyan
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to know
PECB
 
ISO 27701
ISO 27701ISO 27701
ISO 27701
UtkarshDhiman4
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
Elkanouni Mohamed
 
Fortinet k
Fortinet kFortinet k
Fortinet k
mrehan2k2
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
Ahmed Riad .
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111
Patrick Soenen
 
Fortinet_ProductGuide_NOV2021_R127.pdf
Fortinet_ProductGuide_NOV2021_R127.pdfFortinet_ProductGuide_NOV2021_R127.pdf
Fortinet_ProductGuide_NOV2021_R127.pdf
AlonzoJames2
 
The influence of Deming's 14 points to ISO 9001:2015
The influence of Deming's 14 points to ISO 9001:2015The influence of Deming's 14 points to ISO 9001:2015
The influence of Deming's 14 points to ISO 9001:2015
PECB
 
How Climate Change is shaping the Future of Business?
How Climate Change is shaping the Future of Business?How Climate Change is shaping the Future of Business?
How Climate Change is shaping the Future of Business?
PECB
 

Contenu connexe

Tendances

IT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation SlidesIT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation Slides
SlideTeam
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to know
PECB
 
ISO 27701
ISO 27701ISO 27701
ISO 27701
UtkarshDhiman4
 

Tendances (20)

How To Set Security Awareness Strategic Goals, KPIs and Metrics
How To Set Security Awareness Strategic Goals, KPIs and MetricsHow To Set Security Awareness Strategic Goals, KPIs and Metrics
How To Set Security Awareness Strategic Goals, KPIs and Metrics
 
IT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation SlidesIT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation Slides
 
Microsoft 365 recordsmanagement en governance - Od kennissessie keynote - eri...
Microsoft 365 recordsmanagement en governance - Od kennissessie keynote - eri...Microsoft 365 recordsmanagement en governance - Od kennissessie keynote - eri...
Microsoft 365 recordsmanagement en governance - Od kennissessie keynote - eri...
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
 
SOC 2 Type 2 Checklist - Part 1 - V2.pdf
SOC 2 Type 2 Checklist - Part 1 - V2.pdfSOC 2 Type 2 Checklist - Part 1 - V2.pdf
SOC 2 Type 2 Checklist - Part 1 - V2.pdf
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to know
 
ISO 27701
ISO 27701ISO 27701
ISO 27701
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
 
Fortinet k
Fortinet kFortinet k
Fortinet k
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111
 
Fortinet_ProductGuide_NOV2021_R127.pdf
Fortinet_ProductGuide_NOV2021_R127.pdfFortinet_ProductGuide_NOV2021_R127.pdf
Fortinet_ProductGuide_NOV2021_R127.pdf
 

En vedette

The influence of Deming's 14 points to ISO 9001:2015
The influence of Deming's 14 points to ISO 9001:2015The influence of Deming's 14 points to ISO 9001:2015
The influence of Deming's 14 points to ISO 9001:2015
PECB
 
How Climate Change is shaping the Future of Business?
How Climate Change is shaping the Future of Business?How Climate Change is shaping the Future of Business?
How Climate Change is shaping the Future of Business?
PECB
 
Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301
PECB
 
Building Practical Risk Application into your QMS
Building Practical Risk Application into your QMSBuilding Practical Risk Application into your QMS
Building Practical Risk Application into your QMS
PECB
 
Leveraging Gap Assessments and Internal Audits in ISO 22301
Leveraging Gap Assessments and Internal Audits in ISO 22301Leveraging Gap Assessments and Internal Audits in ISO 22301
Leveraging Gap Assessments and Internal Audits in ISO 22301
PECB
 
Asignando roles, responsabilidad y autoridad en la seguridad de la información
Asignando roles, responsabilidad y autoridad en la seguridad de la informaciónAsignando roles, responsabilidad y autoridad en la seguridad de la información
Asignando roles, responsabilidad y autoridad en la seguridad de la información
PECB
 
Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...
Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...
Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...
PECB
 
Key considerations for an appropriate scope for all management systems
Key considerations for an appropriate scope for all management systemsKey considerations for an appropriate scope for all management systems
Key considerations for an appropriate scope for all management systems
PECB
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
PECB
 
Corporate Social Responsibility: Balancing the Risks and Rewards
Corporate Social Responsibility: Balancing the Risks and RewardsCorporate Social Responsibility: Balancing the Risks and Rewards
Corporate Social Responsibility: Balancing the Risks and Rewards
PECB
 
We've been hacked! Now, what's the BCP?
We've been hacked! Now, what's the BCP?We've been hacked! Now, what's the BCP?
We've been hacked! Now, what's the BCP?
PECB
 
ISO 50001 – Why EnMS is important for organizations?
ISO 50001 – Why EnMS is important for organizations?ISO 50001 – Why EnMS is important for organizations?
ISO 50001 – Why EnMS is important for organizations?
PECB
 
Integración entre la ISO 27001 y la certificación en continuidad de negocio I...
Integración entre la ISO 27001 y la certificación en continuidad de negocio I...Integración entre la ISO 27001 y la certificación en continuidad de negocio I...
Integración entre la ISO 27001 y la certificación en continuidad de negocio I...
PECB
 
Verification Planning of Food Safety System
Verification Planning of Food Safety SystemVerification Planning of Food Safety System
Verification Planning of Food Safety System
PECB
 
How to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety ExcellenceHow to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety Excellence
PECB
 

En vedette (17)

The influence of Deming's 14 points to ISO 9001:2015
The influence of Deming's 14 points to ISO 9001:2015The influence of Deming's 14 points to ISO 9001:2015
The influence of Deming's 14 points to ISO 9001:2015
 
How Climate Change is shaping the Future of Business?
How Climate Change is shaping the Future of Business?How Climate Change is shaping the Future of Business?
How Climate Change is shaping the Future of Business?
 
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
 
Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301
 
Building Practical Risk Application into your QMS
Building Practical Risk Application into your QMSBuilding Practical Risk Application into your QMS
Building Practical Risk Application into your QMS
 
Leveraging Gap Assessments and Internal Audits in ISO 22301
Leveraging Gap Assessments and Internal Audits in ISO 22301Leveraging Gap Assessments and Internal Audits in ISO 22301
Leveraging Gap Assessments and Internal Audits in ISO 22301
 
Asignando roles, responsabilidad y autoridad en la seguridad de la información
Asignando roles, responsabilidad y autoridad en la seguridad de la informaciónAsignando roles, responsabilidad y autoridad en la seguridad de la información
Asignando roles, responsabilidad y autoridad en la seguridad de la información
 
Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...
Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...
Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...
 
Key considerations for an appropriate scope for all management systems
Key considerations for an appropriate scope for all management systemsKey considerations for an appropriate scope for all management systems
Key considerations for an appropriate scope for all management systems
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
 
Corporate Social Responsibility: Balancing the Risks and Rewards
Corporate Social Responsibility: Balancing the Risks and RewardsCorporate Social Responsibility: Balancing the Risks and Rewards
Corporate Social Responsibility: Balancing the Risks and Rewards
 
We've been hacked! Now, what's the BCP?
We've been hacked! Now, what's the BCP?We've been hacked! Now, what's the BCP?
We've been hacked! Now, what's the BCP?
 
ISO 50001 – Why EnMS is important for organizations?
ISO 50001 – Why EnMS is important for organizations?ISO 50001 – Why EnMS is important for organizations?
ISO 50001 – Why EnMS is important for organizations?
 
Risk assessment techniques a critical success factor
Risk assessment techniques a critical success factorRisk assessment techniques a critical success factor
Risk assessment techniques a critical success factor
 
Integración entre la ISO 27001 y la certificación en continuidad de negocio I...
Integración entre la ISO 27001 y la certificación en continuidad de negocio I...Integración entre la ISO 27001 y la certificación en continuidad de negocio I...
Integración entre la ISO 27001 y la certificación en continuidad de negocio I...
 
Verification Planning of Food Safety System
Verification Planning of Food Safety SystemVerification Planning of Food Safety System
Verification Planning of Food Safety System
 
How to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety ExcellenceHow to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety Excellence
 

Similaire à How to minimize threats in your information system using network segregation?

Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
Cisco Service Provider
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Unisys Corporation
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
ams1ams11
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
ikirkton
 
HCSA-Presales-IP+Network+V3.0+Training+Material.pdf
HCSA-Presales-IP+Network+V3.0+Training+Material.pdfHCSA-Presales-IP+Network+V3.0+Training+Material.pdf
HCSA-Presales-IP+Network+V3.0+Training+Material.pdf
RayanneAguiar4
 
Approach of Data Security in Local Network Using Distributed Firewalls
Approach of Data Security in Local Network Using Distributed FirewallsApproach of Data Security in Local Network Using Distributed Firewalls
Approach of Data Security in Local Network Using Distributed Firewalls
International Journal of Science and Research (IJSR)
 
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxWWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
ericbrooks84875
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
inventionjournals
 

Similaire à How to minimize threats in your information system using network segregation? (20)

INT 1010 06-6.pdf
INT 1010 06-6.pdfINT 1010 06-6.pdf
INT 1010 06-6.pdf
 
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
 
Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
 
Zero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxZero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptx
 
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
 
Computer Networking for Small & Medium Businesses - Boney Maundu.pdf
Computer Networking for Small & Medium Businesses - Boney Maundu.pdfComputer Networking for Small & Medium Businesses - Boney Maundu.pdf
Computer Networking for Small & Medium Businesses - Boney Maundu.pdf
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
 
Block Armour Zero Trust Cybersecurity Mesh for Telcom
Block Armour Zero Trust Cybersecurity Mesh for TelcomBlock Armour Zero Trust Cybersecurity Mesh for Telcom
Block Armour Zero Trust Cybersecurity Mesh for Telcom
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
 
HCSA-Presales-IP+Network+V3.0+Training+Material.pdf
HCSA-Presales-IP+Network+V3.0+Training+Material.pdfHCSA-Presales-IP+Network+V3.0+Training+Material.pdf
HCSA-Presales-IP+Network+V3.0+Training+Material.pdf
 
Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences
 
SECURITY and PRINCIPLES IN 5G Technologies.pptx
SECURITY and PRINCIPLES IN 5G Technologies.pptxSECURITY and PRINCIPLES IN 5G Technologies.pptx
SECURITY and PRINCIPLES IN 5G Technologies.pptx
 
Approach of Data Security in Local Network Using Distributed Firewalls
Approach of Data Security in Local Network Using Distributed FirewallsApproach of Data Security in Local Network Using Distributed Firewalls
Approach of Data Security in Local Network Using Distributed Firewalls
 
Private sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodesPrivate sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodes
 
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxWWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
 
Mastering Enterprise Networking: Components, Strategies, and Trends | Enterp...
Mastering Enterprise Networking: Components, Strategies, and Trends | Enterp...Mastering Enterprise Networking: Components, Strategies, and Trends | Enterp...
Mastering Enterprise Networking: Components, Strategies, and Trends | Enterp...
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
 

Plus de PECB

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
PECB
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
PECB
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
PECB
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
PECB
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
PECB
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
PECB
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
PECB
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
PECB
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
PECB
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
PECB
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
PECB
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
PECB
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
PECB
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
PECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
 

Plus de PECB (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 

Dernier

Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
MateoGardella
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 

Dernier (20)

Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 

How to minimize threats in your information system using network segregation?

  • 2. 2 Mohamed M. Tawfik Job Positions Mohamed Tawfik is a qualified Technocrat, and a seasoned IT/Telecom Professional having over 20 years of solid experience with multi-national corporate organizations planning, deployment, governance, audit and enforcing policy on Information Security Practice, while having in-depth knowledge of IT/Telecom Infrastructure and with a proven record of customer satisfaction +201223189496 mohamed.tawfik1974@gmail.com www.globalknowledge.com https://sa.linkedin.com/in/mohamed-m-tawfik-a300211b Contact Information
  • 3. 33 3 Introduction Network infrastructure is the most critical backbone of business. Greater diversity and complexity of the enterprise IT infrastructure creates corresponding challenges to the enterprise's ability to maintain some sort of balance between functionality, performance and security.
  • 4. 44 4 Usage! Corporate end-users increasingly have huge dependency on network resources for: • access to enterprise email, calendar and contacts • Instant Messaging and VoIP • access to enterprise web-based apps • access to corporate network or Wi-Fi internet access • Increase in personal device usage (BYOD)
  • 5. 55 5 A common target Usually Network is the primary target for attacks, considering that all traffic it’s carrying, has a huge amount of useful information for the attacker. Some can just be satisfied by sniffing packets, and getting their hands on any information that can be used to achieve further control. Others simply aim to a DOS objective.
  • 6. 66 6 Let’s make it harder for the attacker? Once an attacker gains unauthorized access, network segmentation can provide effective controls to mitigate the next step of a network intrusion and to limit further movement across the network or propagation of a threat. By properly segregating the network, you are essentially minimizing the level of access to sensitive information or applications, servers, and people who don’t need it, while enabling access for those that do.
  • 7. 77 7 Traditional Networks Traditional flat networks present a single Attack surface to both internal and external threats
  • 8. 88 8 Segmented Networks By segmenting a network, and applying appropriate controls, we can break a network into a multiple attack surface that prevents threat agents from reaching our critical network resources
  • 9. 99 9 What is the difference between network segmentation and segregation? Network segmentation: is about partitioning the network into smaller networks. Network segregation: is developing and enforcing a ruleset controlling which computing devices are permitted to communicate with which other computing devices.
  • 10. 101010 Network segmentation and segregation Benefits When we implement network segmentation and segregation we minimize the level of access to corporate sensitive information, whilst not stopping our Business from operating effectively.
  • 11. 111111 Examples of multiple networks Many different networks can co-exist in a corporate that requires multiple networks. • Datacenter • VoIP • R&D / LAB / Test environment • Users LAN • Technical Management Network • DMZ • Dedicated networks ( handling secret / confidential information / special purposes) • WLAN • Territory / site LANs
  • 12. 121212 What’s the Risk? Enterprise risks include:  Loss or exposure of sensitive Information  Huge availability concerns  Introduction of malware and exploiting resources  Leakage of sensitive data including the inadvertent, the well intentioned and the malicious  Unauthorized access to resources  Increased pressure on existing resources by business processes (e.g., backups, increasing volumes of traffic, managing non-business related traffic, provisioning of access to supported applications, help desk support) to support a highly diverse population of resources.  Additional requirements for audit, reporting, e-discovery and forensics
  • 13. 131313 How to mitigate it? some of the common technologies and methods used include: i. Implementing demilitarized zones (DMZ) ii. Implementing server and domain isolation iii. Implementing storage based segmentation
  • 14. 141414 Implementing demilitarized zones (DMZ) Implementing demilitarized zones (DMZ) to segregate different security domains, utilizing technologies such as: i. Separate physical links and systems; ii. Traffic flow filters; iii. Virtual Local Area Networks (VLANs); iv. Network and host‐based Firewalls; v. Application Firewalls, Proxies; vi. Content based filtering. vii. AAA services viii. Network Access Control;
  • 15. 151515 Drawbacks Security comes with a price! Having multiple networks, means extra overheads for: i. Provisioning access ii. Administration iii. Configuration management iv. Support and implementation costs, v. Also additional HW costs
  • 16. 161616 What can we do to overcome the drawbacks? i. Maintain an up to date architecture diagrams of your network, and make sure they are always reflecting critical changes ii. Implement AAA solution, so you can reduce some of the administration overheads iii. Implement Network Access Control solution
  • 17. 171717 What is NAC? i. Network Access Control (NAC) also called network admission control, is a method of bolstering the security of a proprietary network by restricting the availability of network resources to endpoint devices that comply with a defined security policy ii. NAC restricts the data that each particular user can access iii. NAC can regulate and restrict the things individual subscribers can do once they are connected
  • 18. 181818 What are the benefits? i. Keeps rogue devices off our network ii. Ensures 100% of endpoints on your network are compliant or quarantined until they are remediated iii. Prevents vulnerabilities – security software (anti-virus, personal firewall, etc.) is compliant and up-to-date (OS and patches are current) iv. Lowers support costs – automatic remediation of non- compliant machines
  • 20. 202020 How is this addressed in ISO 27001:2013? introduction ISO/IEC 27002 defines 12 security domains, namely: security policy, asset management, organizing information security, human resources, physical and environment, communication and operations management, access control, information system acquisition, development and maintenance, information security incident management, business continuity management and compliance. Out of the 12 security domains, Communication Security is of great importance in order to protect critical network information.
  • 21. 212121 How is this addressed in ISO 27001? ISO 27002 13 Communications security 13.1 Network security management Objective: To ensure the protection of information in networks and its supporting information processing Facilities.
  • 22. 22222222 27001:2013 Annex A A.13 Communications Security A.13.1 Network Security Management Objective: To ensure the protection of information in networks and its supporting information processing facilities. How is this addressed in ISO 27001? A.13.1.1 Network controls Networks shall be managed and controlled to protect information in systems and applications. A.13.1.2 Security of network services Security mechanisms, service levels and management requirements of all network services shall be identified and included in network services agreements, whether these services are provided in-house or outsourced. A.13.1.3 Segregation in networks Groups of information services, users and information systems shall be segregated on networks.
  • 23. 232323 How is this addressed in ISO 27002? A.13.1.3 Segregation in networks Control Groups of information services, users and information systems should be segregated on networks. Implementation guidance One method of managing the security of large networks is to divide them into separate network domains. The domains can be chosen based on trust levels (e.g. public access domain, desktop domain, server domain), along organizational units (e.g. human resources, finance, marketing) or some combination (e.g. server domain connecting to multiple organizational units). The segregation can be done using either physically different networks or by using different logical networks (e.g.virtual private networking). The perimeter of each domain should be well defined. Access between network domains is allowed, but should be controlled at the perimeter using a gateway (e.g. firewall, filtering router). The criteria for segregation of networks into domains, and the access allowed through the gateways, should be based on an assessment of the security requirements of each domain. The assessment should be in accordance with the access control policy (see 9.1.1), access requirements, value and classification of information processed and also take account of the relative cost and performance impact of incorporating suitable gateway technology. Wireless networks require special treatment due to the poorly defined network perimeter. For sensitive environments, consideration should be made to treat all wireless access as external connections and to segregate this access from internal networks until the access has passed through a gateway in accordance with network controls policy (see 13.1.1) before granting access to internal systems. The authentication, encryption and user level network access control technologies of modern, standards based wireless networks may be sufficient for direct connection to the organization’s internal network when properly implemented. Other information Networks often extend beyond organizational boundaries, as business partnerships are formed that require the interconnection or sharing of information processing and networking facilities. Such extensions can increase the risk of unauthorized access to the organization’s information systems that use the network, some of which require protection from other network users because of their sensitivity or criticality.
  • 24. 24 ISO 27001 Training Courses  ISO/IEC 27001 Introduction 1 Day Course  ISO/IEC 27001 Foundation 2 Days Course  ISO/IEC 27001 Lead Implementer 5 Days Course  ISO/IEC 27001 Lead Auditor 5 Days Course Exam and certification fees are included in the training price. https://www.pecb.com/iso-iec-27001-training-courses| www.pecb.com/events