Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Why information security is becoming the most important for mid size business to large size business
1. innovateinfosec.com
Why Information Security is
becoming the most important for
Mid-size Business to Large size
Business
Ajay Porus
Director & Principal Consultant Innovate InfoSec
CISA, ITIL, ISO27001, CPISI, RSA certified Analyst, CCNA Security,
Qualysguard certified specialist
Digital forensics & Cyber crime expert- US DOD Cyber crime center
2. innovateinfosec.com
Disclaimer
• Information used to create the training has been
taken from various sources and books. Credit for
the information remains with the original authors
and registered brands and trademarks belongs to
their legitimate owners and does not violate any of
Licenses and intellectual property rights
• This training material either in hard or soft forms
contains my personal opinion and has nothing to
do with my any current or past employers.
3. innovateinfosec.com
My Profile
• I am an Information Security and
technology Enthusiast.
• I do Consulting and training – A startup –
Innovate InfoSec Pvt. Ltd.
• More Than 15 certification in Information
security, cyber Security, Risk & Compliance
• Publications: Cloud Computing and its
Security Benefits – Enterprise IT Security
Magazine
Senior Cyber Leadership - Why a Technically
Competent Cyber Workforce is Not Enough –
Cyber Security Forum Initiative (CSFI)
• Volunteer work: Honeynet Project India
• Cloud Security Alliance – Founder
Hyderabad Chapter
4. innovateinfosec.com
Agenda
• Security industry history
• Arrival of Information age & associated risks
• Today’s world of information
• Major attacks on corporates and aftermaths
• Current Threat landscape Risk assessment
• Major Issues
• What we do?
18. innovateinfosec.com
Reasons of Successful Attacks
• Technical Vulnerabilities:
Web App vulnerabilities
Network Vulnerabilities
OS Vulnerabilities
Configuration Vulnerabilities
Architectural Vulnerabilities
Missed patches
Miscellaneous Vulnerabilities
• Process Vulnerabilities
No or Lack of Information Security Awareness
Non Skilled Workforce
Non-Standardization & Lack of well written Documentation
Human Psychology
Unorganized & unethical Organization culture
Improper or no implementation of Security Controls
Lack of Employee Satisfaction
22. innovateinfosec.com
IIS Service Portfolio
• Information Security Architecture Assessment and
Assurance Service
• Application Security Services
• Data Security Services
• Identity & Access Management Services
• Network Security
• Cloud Security
• Security Reviews Services
• Sustenance Services for Security Compliance
• Physical Security
23. innovateinfosec.com
IIS Service Portfolio
• Cyber Hygiene Services
• Due Diligence Services
• Digital Forensics & Investigation Services
• Offensive Services: For Law Enforcement Only
• Training Services
• Web App & Mobile App development
• Managed Security Services