SlideShare une entreprise Scribd logo

ISO 27001 - information security user awareness training presentation - Part 1

Télécharger en tant que PPTX, PDF
T
Tanmay Shinde

This document provides an overview of information security and introduces ISO27k. It defines information security as preserving the confidentiality, integrity and availability of information. The document outlines that information exists in many forms and goes through various stages of its lifecycle. It also discusses the importance of security for people, processes, and technology in protecting the valuable information assets of an organization.

Technologie
1  sur  13
iFour Consultancy Security awareness seminar An introduction to ISO27k Part - 1
Agenda  Information  Information Types  Information Lifecycle  What is information security?  Security elements  People  Processes  Technology  Information security is valuable because it  Information security definition http://www.ifour-consultancy.com Software outsourcing company in India
Information  Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected http://www.ifour-consultancy.com Software outsourcing company in India
Information Types Information exists in many forms:  Printed or written on paper  Stored electronically  Transmitted by post or electronic means  Visual e.g. videos, diagrams  Published on the Web  Verbal/oral e.g. conversations, phone calls  Intangible e.g. knowledge, experience, expertise, ideas http://www.ifour-consultancy.com Software outsourcing company in India
Information Lifecycle Information Can be:  Created  Owned (it is an asset)  Stored  Processed  Transmitted/communicated  Used (for proper or improper purposes)  Modified or corrupted  Shared or disclosed (whether appropriately or not)  Destroyed or lost  Stolen  Controlled, secured and protected throughout its existence http://www.ifour-consultancy.com Software outsourcing company in India
What is information security?  Information security is what keeps valuable information ‘free of danger’ (protected, safe from harm)  It is not something you buy, it is something you do  It’s a process not a product  It is achieved using a combination of suitable strategies and approaches:  Determining the risks to information and treating them accordingly (proactive risk management)  Protecting CIA (Confidentiality, Integrity and Availability)  Avoiding, preventing, detecting and recovering from incidents  Securing people, processes and technology … not just IT! http://www.ifour-consultancy.com Software outsourcing company in India
Security elements http://www.ifour-consultancy.com Software outsourcing company in India
People People who use or have an interest in our information security include:  Shareholders / owners  Management & staff  Customers / clients, suppliers & business partners  Service providers, contractors, consultants & advisors  Authorities, regulators & judges Our biggest threats arise from people (social engineers, unethical competitors, hackers, fraudsters, careless workers, bugs, flaws …), yet our biggest asset is our people (e.g. security-aware employees who spot trouble early) http://www.ifour-consultancy.com Software outsourcing company in India
Processes  Processes are work practices or workflows, the steps or activities needed to accomplish business objectives  Processes are described in procedures.  Virtually all business processes involve and/or depend on information making information a critical business asset.  Information security policies and procedures define how we secure information appropriately and repeatedly. http://www.ifour-consultancy.com Software outsourcing company in India
Technology  Cabling, data/voice networks and equipment  Telecommunications services (PABX, VoIP, ISDN, videoconferencing)  Phones, cellphones, PDAs  Computer servers, desktops and associated data storage devices (disks, tapes)  Operating system and application software  Paperwork, files  Pens, ink  Security technologies  Locks, barriers, card-access systems, CCTV http://www.ifour-consultancy.com Software outsourcing company in India
Information security is valuable because it  Protects information against various threats  Ensures business continuity  Minimizes financial losses and other impacts  Optimizes return on investments  Creates opportunities to do business safely  Maintains privacy and compliance We all depend on information security http://www.ifour-consultancy.com Software outsourcing company in India
Information security is defined as the preservation of: Confidentiality Making information accessible only to those authorized to use it Integrity Safeguarding the accuracy and completeness of information and processing methods Availability Ensuring that information is available when required http://www.ifour-consultancy.com Software outsourcing company in India
http://www.ifour-consultancy.com Software outsourcing company in India

Recommandé

ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
Tanmay Shinde
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
Tanmay Shinde
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
SAROJ BEHERA
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
n|u - The Open Security Community
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
Pranay Kumar
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
Dr Madhu Aman Sharma
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
Imran Ahmed
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001
PECB
 

Recommandé

ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
Tanmay Shinde
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
Tanmay Shinde
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
SAROJ BEHERA
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
n|u - The Open Security Community
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
Pranay Kumar
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
Dr Madhu Aman Sharma
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
Imran Ahmed
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001
PECB
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
Dr Madhu Aman Sharma
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
Business Beam
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 Benefits
Dejan Kosutic
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013
scttmcvy
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
Naresh Rao
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
Ralf Braga
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001
technakama
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMS
Akhil Garg
 
27001.pptx
27001.pptx27001.pptx
27001.pptx
AvniJain836319
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
PECB
 
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdfISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
Shankar Subramaniyan
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
Operational Excellence Consulting
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
PECB
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
Uppala Anand
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
Ahmed Riad .
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard Requirements
Uppala Anand
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_List
SriramITISConsultant
 

Contenu connexe

Tendances

Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
PECB
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
Operational Excellence Consulting
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
PECB
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
Uppala Anand
 

Tendances (20)

ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 Benefits
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMS
 
27001.pptx
27001.pptx27001.pptx
27001.pptx
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
 
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdfISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
 

En vedette

Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
Atlantic Training, LLC.
 
Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certification
tschraider
 

En vedette (13)

Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard Requirements
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_List
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changes
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013 03202014Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013 03202014
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
 
ISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and Developments
 
Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certification
 

Similaire à ISO 27001 - information security user awareness training presentation - Part 1

FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
DataExchangeAgency
 
Ethnosit.net
Ethnosit.netEthnosit.net
Ethnosit.net
ethnos
 

Similaire à ISO 27001 - information security user awareness training presentation - Part 1 (20)

Intro to Information Security.ppt
Intro to Information Security.pptIntro to Information Security.ppt
Intro to Information Security.ppt
 
Chapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessChapter 12 iso 27001 awareness
Chapter 12 iso 27001 awareness
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planet
 
Information security
Information securityInformation security
Information security
 
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - English
 
Data security strategies and drivers
Data security strategies and driversData security strategies and drivers
Data security strategies and drivers
 
Hki tsecuritysolutionsv1.1
Hki tsecuritysolutionsv1.1Hki tsecuritysolutionsv1.1
Hki tsecuritysolutionsv1.1
 
information security
information securityinformation security
information security
 
An Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityAn Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to Security
 
Information security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation security: importance of having defined policy & process
Information security: importance of having defined policy & process
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptx
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadays
 
Ethnosit.net
Ethnosit.netEthnosit.net
Ethnosit.net
 
ISMS User_Awareness Training.pptx
ISMS User_Awareness Training.pptxISMS User_Awareness Training.pptx
ISMS User_Awareness Training.pptx
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
 
Security Awareness
Security AwarenessSecurity Awareness
Security Awareness
 
Take the First Steps Toward Endpoint Security Protection
Take the First Steps Toward Endpoint Security ProtectionTake the First Steps Toward Endpoint Security Protection
Take the First Steps Toward Endpoint Security Protection
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware an
 
Unit 1 Information Security.docx
Unit 1 Information Security.docxUnit 1 Information Security.docx
Unit 1 Information Security.docx
 

Dernier

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Dernier (20)

MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

ISO 27001 - information security user awareness training presentation - Part 1

  • 1. iFour Consultancy Security awareness seminar An introduction to ISO27k Part - 1
  • 2. Agenda  Information  Information Types  Information Lifecycle  What is information security?  Security elements  People  Processes  Technology  Information security is valuable because it  Information security definition http://www.ifour-consultancy.com Software outsourcing company in India
  • 3. Information  Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected http://www.ifour-consultancy.com Software outsourcing company in India
  • 4. Information Types Information exists in many forms:  Printed or written on paper  Stored electronically  Transmitted by post or electronic means  Visual e.g. videos, diagrams  Published on the Web  Verbal/oral e.g. conversations, phone calls  Intangible e.g. knowledge, experience, expertise, ideas http://www.ifour-consultancy.com Software outsourcing company in India
  • 5. Information Lifecycle Information Can be:  Created  Owned (it is an asset)  Stored  Processed  Transmitted/communicated  Used (for proper or improper purposes)  Modified or corrupted  Shared or disclosed (whether appropriately or not)  Destroyed or lost  Stolen  Controlled, secured and protected throughout its existence http://www.ifour-consultancy.com Software outsourcing company in India
  • 6. What is information security?  Information security is what keeps valuable information ‘free of danger’ (protected, safe from harm)  It is not something you buy, it is something you do  It’s a process not a product  It is achieved using a combination of suitable strategies and approaches:  Determining the risks to information and treating them accordingly (proactive risk management)  Protecting CIA (Confidentiality, Integrity and Availability)  Avoiding, preventing, detecting and recovering from incidents  Securing people, processes and technology … not just IT! http://www.ifour-consultancy.com Software outsourcing company in India
  • 7. Security elements http://www.ifour-consultancy.com Software outsourcing company in India
  • 8. People People who use or have an interest in our information security include:  Shareholders / owners  Management & staff  Customers / clients, suppliers & business partners  Service providers, contractors, consultants & advisors  Authorities, regulators & judges Our biggest threats arise from people (social engineers, unethical competitors, hackers, fraudsters, careless workers, bugs, flaws …), yet our biggest asset is our people (e.g. security-aware employees who spot trouble early) http://www.ifour-consultancy.com Software outsourcing company in India
  • 9. Processes  Processes are work practices or workflows, the steps or activities needed to accomplish business objectives  Processes are described in procedures.  Virtually all business processes involve and/or depend on information making information a critical business asset.  Information security policies and procedures define how we secure information appropriately and repeatedly. http://www.ifour-consultancy.com Software outsourcing company in India
  • 10. Technology  Cabling, data/voice networks and equipment  Telecommunications services (PABX, VoIP, ISDN, videoconferencing)  Phones, cellphones, PDAs  Computer servers, desktops and associated data storage devices (disks, tapes)  Operating system and application software  Paperwork, files  Pens, ink  Security technologies  Locks, barriers, card-access systems, CCTV http://www.ifour-consultancy.com Software outsourcing company in India
  • 11. Information security is valuable because it  Protects information against various threats  Ensures business continuity  Minimizes financial losses and other impacts  Optimizes return on investments  Creates opportunities to do business safely  Maintains privacy and compliance We all depend on information security http://www.ifour-consultancy.com Software outsourcing company in India
  • 12. Information security is defined as the preservation of: Confidentiality Making information accessible only to those authorized to use it Integrity Safeguarding the accuracy and completeness of information and processing methods Availability Ensuring that information is available when required http://www.ifour-consultancy.com Software outsourcing company in India

Notes de l'éditeur

  1. Software outsourcing company in India
  2. Software outsourcing company in India
  3. Software outsourcing company in India
  4. Software outsourcing company in India
  5. Software outsourcing company in India
  6. Software outsourcing company in India
  7. Software outsourcing company in India
  8. Software outsourcing company in India
  9. Software outsourcing company in India
  10. Software outsourcing company in India
  11. Software outsourcing company in India
  12. Software outsourcing company in India
  13. Software outsourcing company in India