A4 to A10 security journey assessing risks with metrics
•
4 j'aime•1,146 vues
This document discusses security frameworks and concepts. It introduces the 4As, 5As, 6As, and 10As of security which refer to different aspects of security such as assess, architect, apply, administer, awareness, agility, appetite, alignment, assumption, and authorization. It emphasizes that security requires layers and integration across physical, information, management, and telecommunications security. Effective security also requires business alignment, risk appetite, assumption updates, authorization understanding, and continuous measurement and improvement.
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (17)
En vedette
Similaire à A4 to A10 security journey assessing risks with metrics
Similaire à A4 to A10 security journey assessing risks with metrics (20)
Plus de Jorge Sebastiao
Plus de Jorge Sebastiao (20)
Dernier
Dernier (20)
A4 to A10 security journey assessing risks with metrics
- 1. A4 to A10 of Security A journey in Security…
- 2. How do we secure this?
- 3. Security need is everywhere…
- 4. Putting in layers, is not Trust?
- 5. Are your barriers effective?
- 6. Effective Security is hidden deep underneath… Technology ProcessPeople
- 7. 4As A4 of Security Assess Evaluate, Audit, Check Architect Plan, Design Apply Build, Implement, Do Administer Operate, Act
- 8. 5As A5 of Security Assess Evaluate, Audit, Check Architect Plan, Design Apply Build, Implement, Do Administer Operate, Act Awareness Intelligence, User
- 9. 6As A6 of Security Assess Evaluate, Audit, Check Architect Plan, Design Apply Build, Implement, Do Administer Operate, Act Awareness Intelligence, User Agility Timeliness of Response
- 10. Agility is all about time…
- 11. TBS = Time Based Security Protection DetectionResponse SECURITY P>D+R Anti-virus, Firewall VPN, Quantum Door, Gates Access Control Grid Time Response Remediation, Disaster Recovery Incidence Response Guards Response Vulnerability Testing SIEM, Correlation Quantum Photons CCTV, Access Control Alarms
- 12. Security is about maturity… Business Risk Mature Controls
- 13. 10As A10 of Security Assess Evaluate, Audit, Check Architect Plan, Design Apply Build, Implement, Do Administer Operate, Act, Respond Awareness Intelligence, User Agility Timeliness of Response Appetite How much Risk can you take? Alignment Business focus Assumption Something is wrong? Authorization Right to access, authentication
- 14. Align Security to your Business…
- 15. What is you Appetite for Risk?
- 19. Layer your security to reduce Risk
- 20. Integrate security for Effectiveness… Total Integrated Security Physical Security Management Information Security Management Telecom Security Management
- 21. Measure everything!!! Security Metrics Key Performance Indicators CoBiT, Compliance ITIL ISO20000 ISMS ISO27001 BCMS ISO22301 Time Based Security
- 22. Think outside the box!!!
- 23. “…Security is a continuous skilled process…”… Jorge Sebastiao http://linkedin.com/in/sebastiao