SlideShare ist ein Scribd-Unternehmen logo

Embedding Security in IT Projects

Als PPTX, PDF herunterladen
Kaali Dass PMP, PhD.
Kaali Dass PMP, PhD.

Security is an important factor in IT project management. This presentation highlights security implications in delivering IT projects by focusing on project management processes, and Software Development Life Cycle. This also highlights how to implement security in Waterfall and Agile delivery methods. In addition, this presentation details delivering quality software by aligning project level strategies with organization’s security strategy and process. Presented on June 2015 at ISSA, Durham, NC, USA.

Business
1 von 21
Embedding Security in IT Projects Dr. Kaali Dass, PMP, PhD. Program Manager Cisco Systems, Inc. June 2015 © 2014-2015 Dr. Kaali Dass
Enterprise IT Security & Maturity…! To Be Hacked!!! Ref: http://www.heritage.org/research/reports/2014/10/cyber-attacks-on-us-companies-in-2014 24 Large Organizations Hacked in 2014
Project Management Institute  Founded in 1969  185 Countries  628,363 PMI Certification Holders  Certifications: PMP, PgMP, CAPM, PfMP, PMI-ACP, PMP-PBA, PMI- RMP, PMI-SP  Chaptered in 1985  14th Largest - Over 2800 Members  Community / Monthly Meetings & Annual Conference  Agile, Leadership, Pharma, Healthcare, Program Mgt, Public Sector NC Chapter Ref: pmi.org
Enterprise Wide IT Projects Large number of Stakeholders Complex Dependencies Multiple Tier Architecture Diverse Technologies In-house development and Vendor Products Open Source Products Lack of Security Awareness Image Ref: http://www.carnegiemuseums.org/
PMI Process Initiation Planning Execution Monitoring and Controlling Closing
About PMI Knowledge Areas Reference: PMBOK Guide 5th Edition Integration Management  Cost Management  Time Management  Scope Management  Risk Management  Human Resource Management  Stakeholder Management  Communications Management  Quality Management  Procurement Management
Project Structure Organization’s Initiatives (Portfolio) Programs Projects 1…N Programs Project 1…N Programs Projects 1..N
Strategy and Planning Programs and Initiatives Projects & Dev Teams IT Security: Organization
IT Security: Projects Initiation Planning Execution Monitoring and Controlling Closing Enterprise Level Review Business and IT Review Infra / Network / Data / Third-party Code and Access Vulnerabilities Lessons Learned
Waterfall Requirements Design Development Testing Implementation Support Delivery Time: Many Months to Years
Agile Manifesto - Values Individuals and Interactions over process and tools Working Software over Comprehensive Documentation Customer Collaboration over Contract Negotiation Responding to Change over Following a Plan Reference: http://agilemanifesto.org/
Agile Product Owner + Scrum Master + Scrum Team Plan and Commit Sprint(s) Demo and Deliver Inspect and Adapt Incremental Capability Continuous Integration Delivered in Weeks Accept Changes Fail Fast, Learn, and Improve
IT Security Layer: IT and Business Business Roles Responsibilities Access Policies Data Retention PCI Compliance SOX and other Privacy Laws Audits & More… IT ACL AuthC / AuthZ Encryption Mobility & IOT Social Media Data Classification Data Access Data at Rest & Transit Virus / Malware Business Continuity & More…
IT Ecosystems, Agility, and Security IAAS / PAAS Semi Automated, Orchestrated, Public / Private Cloud Public Cloud Automated, Elastic, Scalable, Orchestrated Apps / Services PaaS DB VMs Services SaaS Data Centers / Servers Manual Discrete Process Discrete to Continuous Simple to Complex Manual to Automated
Enabling Security in Waterfall Projects Requirements Design Development Testing Implementation Support  Project Plan with Security Focus  Evaluate Third-party Products  Identify and document Security Risks  Business and IT, Internal and External  Security Architecture and design review  Code Review – Automated / Deep Dive  Monitor Risks closely throughout the SDLC and Project life cycle
Enabling Security in Agile Projects  Security Review during Product backlog, and Sprint planning  Definition of Done for Security (Compliance and Security)  Create Security Awareness and training  Automated Code Scan for Security Vulnerabilities  Standardized and Secured Platform  Retrospective after every Sprint specifically for Security
Key Takeaways: Org Level Plan: IT Leadership, IT Security Strategies Prepare: Governance and Policies Predict: Analyze and Predict Prevent: Real time Monitoring, Alerts Security at Project Planning Business & IT collaboration Focus on People, Process, and Technology Security awareness and training Key Takeaways: Project Level
IT Security - Future Plan Predict Prepare Prevent
kdass@cisco.com dassconnect@gmail.com https://www.linkedin.com/in/kaalidass

Empfohlen

Leading Enterprise Wide Projects
Leading Enterprise Wide ProjectsLeading Enterprise Wide Projects
Leading Enterprise Wide ProjectsKaali Dass PMP, PhD.
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSridhar Karnam
 
Digital Outsourcing: Risks, Pitfalls, and Security Considerations
Digital Outsourcing: Risks, Pitfalls, and Security Considerations Digital Outsourcing: Risks, Pitfalls, and Security Considerations
Digital Outsourcing: Risks, Pitfalls, and Security Considerations Peter1020
 
Leveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and ComplexityLeveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and ComplexityNetIQ
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended CutMike Spaulding
 
Ruben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security InitiativesRuben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security Initiativescentralohioissa
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 

Empfohlen

Leading Enterprise Wide Projects
Leading Enterprise Wide ProjectsLeading Enterprise Wide Projects
Leading Enterprise Wide ProjectsKaali Dass PMP, PhD.
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSridhar Karnam
 
Digital Outsourcing: Risks, Pitfalls, and Security Considerations
Digital Outsourcing: Risks, Pitfalls, and Security Considerations Digital Outsourcing: Risks, Pitfalls, and Security Considerations
Digital Outsourcing: Risks, Pitfalls, and Security Considerations Peter1020
 
Leveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and ComplexityLeveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and ComplexityNetIQ
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended CutMike Spaulding
 
Ruben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security InitiativesRuben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security Initiativescentralohioissa
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Casescentralohioissa
 
I Own Your Building (Management System)
I Own Your Building (Management System)I Own Your Building (Management System)
I Own Your Building (Management System)Zero Science Lab
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesDell EMC World
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certificationdanb02
 
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709Windows 10 webinar: What’s new for IT pros Windows 10 v 1709
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709Flexera
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...centralohioissa
 
Cloud Software - Cloud-based System Security
Cloud Software - Cloud-based System SecurityCloud Software - Cloud-based System Security
Cloud Software - Cloud-based System SecurityNet at Work
 
MT85 Challenges at the Edge: Dell Edge Gateways
MT85 Challenges at the Edge: Dell Edge GatewaysMT85 Challenges at the Edge: Dell Edge Gateways
MT85 Challenges at the Edge: Dell Edge GatewaysDell EMC World
 
Midway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteMidway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteIgnyte Assurance Platform
 
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry CollaborationHelen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaborationcentralohioissa
 
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...Flexera
 
Webinar: Maximizing the ROI of IT by Simplifying Technology Complexity
Webinar: Maximizing the ROI of IT by Simplifying Technology ComplexityWebinar: Maximizing the ROI of IT by Simplifying Technology Complexity
Webinar: Maximizing the ROI of IT by Simplifying Technology ComplexityFlexera
 
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointStay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointMarcoTechnologies
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageCitrix
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Интуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаИнтуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаCisco Russia
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Four Trends of Next Generation ECM
Four Trends of Next Generation ECMFour Trends of Next Generation ECM
Four Trends of Next Generation ECMJohn Newton
 
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...DevOps.com
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security BattlegroundWatchful Software
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 

Weitere ähnliche Inhalte

Was ist angesagt?

Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Casescentralohioissa
 
I Own Your Building (Management System)
I Own Your Building (Management System)I Own Your Building (Management System)
I Own Your Building (Management System)Zero Science Lab
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesDell EMC World
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certificationdanb02
 
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709Windows 10 webinar: What’s new for IT pros Windows 10 v 1709
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709Flexera
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...centralohioissa
 
Cloud Software - Cloud-based System Security
Cloud Software - Cloud-based System SecurityCloud Software - Cloud-based System Security
Cloud Software - Cloud-based System SecurityNet at Work
 
MT85 Challenges at the Edge: Dell Edge Gateways
MT85 Challenges at the Edge: Dell Edge GatewaysMT85 Challenges at the Edge: Dell Edge Gateways
MT85 Challenges at the Edge: Dell Edge GatewaysDell EMC World
 
Midway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteMidway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteIgnyte Assurance Platform
 
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry CollaborationHelen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaborationcentralohioissa
 
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...Flexera
 
Webinar: Maximizing the ROI of IT by Simplifying Technology Complexity
Webinar: Maximizing the ROI of IT by Simplifying Technology ComplexityWebinar: Maximizing the ROI of IT by Simplifying Technology Complexity
Webinar: Maximizing the ROI of IT by Simplifying Technology ComplexityFlexera
 
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointStay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointMarcoTechnologies
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageCitrix
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Интуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаИнтуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаCisco Russia
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Four Trends of Next Generation ECM
Four Trends of Next Generation ECMFour Trends of Next Generation ECM
Four Trends of Next Generation ECMJohn Newton
 
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...DevOps.com
 

Was ist angesagt? (20)

Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Cases
 
I Own Your Building (Management System)
I Own Your Building (Management System)I Own Your Building (Management System)
I Own Your Building (Management System)
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT Initiatives
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certification
 
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709Windows 10 webinar: What’s new for IT pros Windows 10 v 1709
Windows 10 webinar: What’s new for IT pros Windows 10 v 1709
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...
 
Cloud Software - Cloud-based System Security
Cloud Software - Cloud-based System SecurityCloud Software - Cloud-based System Security
Cloud Software - Cloud-based System Security
 
MT85 Challenges at the Edge: Dell Edge Gateways
MT85 Challenges at the Edge: Dell Edge GatewaysMT85 Challenges at the Edge: Dell Edge Gateways
MT85 Challenges at the Edge: Dell Edge Gateways
 
Midway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteMidway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
 
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry CollaborationHelen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaboration
 
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...
Software Distribution, Customer Experience and the IoT: Get Ready for Fast, S...
 
Webinar: Maximizing the ROI of IT by Simplifying Technology Complexity
Webinar: Maximizing the ROI of IT by Simplifying Technology ComplexityWebinar: Maximizing the ROI of IT by Simplifying Technology Complexity
Webinar: Maximizing the ROI of IT by Simplifying Technology Complexity
 
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointStay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check Point
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
Интуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаИнтуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнеса
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Four Trends of Next Generation ECM
Four Trends of Next Generation ECMFour Trends of Next Generation ECM
Four Trends of Next Generation ECM
 
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
 

Ähnlich wie Embedding Security in IT Projects

The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security BattlegroundWatchful Software
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)danb02
 
ITU GATE Startup Acceleration Program Silicon-Valley-Grade IT Strategy - IT a...
ITU GATE Startup Acceleration Program Silicon-Valley-Grade IT Strategy - IT a...ITU GATE Startup Acceleration Program Silicon-Valley-Grade IT Strategy - IT a...
ITU GATE Startup Acceleration Program Silicon-Valley-Grade IT Strategy - IT a...Hasan Basri AKIRMAK, MSc,ExecMBA
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
Security and Compliance with SharePoint and Office 365
Security and Compliance with SharePoint and Office 365Security and Compliance with SharePoint and Office 365
Security and Compliance with SharePoint and Office 365Richard Harbridge
 
Business value of Enterprise Security Architecture
Business value of Enterprise Security Architecture Business value of Enterprise Security Architecture
Business value of Enterprise Security Architecture Ajay Kumar Uppal
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
Succeeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalSucceeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalrkadayam
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?rbrockway
 
Enterprise Architecture - Information Security
Enterprise Architecture - Information SecurityEnterprise Architecture - Information Security
Enterprise Architecture - Information SecurityAjay Kumar Uppal
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked inJohn Masiliunas
 
Guardium Suite_seguridad de los datos...
Guardium Suite_seguridad de los datos...Guardium Suite_seguridad de los datos...
Guardium Suite_seguridad de los datos...EdiverLadino
 
Silicon Valley Grade IT and Cloud Maturity Assessment for Startup Ecosystem i...
Silicon Valley Grade IT and Cloud Maturity Assessment for Startup Ecosystem i...Silicon Valley Grade IT and Cloud Maturity Assessment for Startup Ecosystem i...
Silicon Valley Grade IT and Cloud Maturity Assessment for Startup Ecosystem i...Engin Deveci, Ph.D.
 
Security of the future - Adapting Approaches to What We Need
Security of the future - Adapting Approaches to What We NeedSecurity of the future - Adapting Approaches to What We Need
Security of the future - Adapting Approaches to What We Needsimplyme12345
 
David Adams - Linkedin Information Architect Business Analyst - Web / Social ...
David Adams - Linkedin Information Architect Business Analyst - Web / Social ...David Adams - Linkedin Information Architect Business Analyst - Web / Social ...
David Adams - Linkedin Information Architect Business Analyst - Web / Social ...David Adams
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentationdanhsmith
 

Ähnlich wie Embedding Security in IT Projects (20)

The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security Battleground
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
ITU GATE Startup Acceleration Program Silicon-Valley-Grade IT Strategy - IT a...
ITU GATE Startup Acceleration Program Silicon-Valley-Grade IT Strategy - IT a...ITU GATE Startup Acceleration Program Silicon-Valley-Grade IT Strategy - IT a...
ITU GATE Startup Acceleration Program Silicon-Valley-Grade IT Strategy - IT a...
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
Security and Compliance with SharePoint and Office 365
Security and Compliance with SharePoint and Office 365Security and Compliance with SharePoint and Office 365
Security and Compliance with SharePoint and Office 365
 
Business value of Enterprise Security Architecture
Business value of Enterprise Security Architecture Business value of Enterprise Security Architecture
Business value of Enterprise Security Architecture
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
Succeeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalSucceeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps final
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?
 
Enterprise Architecture - Information Security
Enterprise Architecture - Information SecurityEnterprise Architecture - Information Security
Enterprise Architecture - Information Security
 
InsiderAttack_p3.ppt
InsiderAttack_p3.pptInsiderAttack_p3.ppt
InsiderAttack_p3.ppt
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked in
 
Guardium Suite_seguridad de los datos...
Guardium Suite_seguridad de los datos...Guardium Suite_seguridad de los datos...
Guardium Suite_seguridad de los datos...
 
Silicon Valley Grade IT and Cloud Maturity Assessment for Startup Ecosystem i...
Silicon Valley Grade IT and Cloud Maturity Assessment for Startup Ecosystem i...Silicon Valley Grade IT and Cloud Maturity Assessment for Startup Ecosystem i...
Silicon Valley Grade IT and Cloud Maturity Assessment for Startup Ecosystem i...
 
Security of the future - Adapting Approaches to What We Need
Security of the future - Adapting Approaches to What We NeedSecurity of the future - Adapting Approaches to What We Need
Security of the future - Adapting Approaches to What We Need
 
David Adams - Linkedin Information Architect Business Analyst - Web / Social ...
David Adams - Linkedin Information Architect Business Analyst - Web / Social ...David Adams - Linkedin Information Architect Business Analyst - Web / Social ...
David Adams - Linkedin Information Architect Business Analyst - Web / Social ...
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentation
 

Mehr von Kaali Dass PMP, PhD.

Effective Delivery Strategies to handle predictable and unpredictable project...
Effective Delivery Strategies to handle predictable and unpredictable project...Effective Delivery Strategies to handle predictable and unpredictable project...
Effective Delivery Strategies to handle predictable and unpredictable project...Kaali Dass PMP, PhD.
 
Delight Your Customers with Four Eyes of Quality: Agile Quality Improvement S...
Delight Your Customers with Four Eyes of Quality: Agile Quality Improvement S...Delight Your Customers with Four Eyes of Quality: Agile Quality Improvement S...
Delight Your Customers with Four Eyes of Quality: Agile Quality Improvement S...Kaali Dass PMP, PhD.
 
Enterprise IT Projects: Agile Release Planning Strategies
Enterprise IT Projects: Agile Release Planning StrategiesEnterprise IT Projects: Agile Release Planning Strategies
Enterprise IT Projects: Agile Release Planning StrategiesKaali Dass PMP, PhD.
 
Level Up Your Skills to Lead IT Projects Successfully
Level Up Your Skills to Lead IT Projects SuccessfullyLevel Up Your Skills to Lead IT Projects Successfully
Level Up Your Skills to Lead IT Projects SuccessfullyKaali Dass PMP, PhD.
 
Next Generation Project Management: Evolving, Transforming and Adapting to th...
Next Generation Project Management: Evolving, Transforming and Adapting to th...Next Generation Project Management: Evolving, Transforming and Adapting to th...
Next Generation Project Management: Evolving, Transforming and Adapting to th...Kaali Dass PMP, PhD.
 
Critical Success Factors in Leading Healthcare IT Projects
Critical Success Factors in Leading Healthcare IT ProjectsCritical Success Factors in Leading Healthcare IT Projects
Critical Success Factors in Leading Healthcare IT ProjectsKaali Dass PMP, PhD.
 
Portfolio Planning in Higher Education Industry
Portfolio Planning in Higher Education IndustryPortfolio Planning in Higher Education Industry
Portfolio Planning in Higher Education IndustryKaali Dass PMP, PhD.
 
Foundational Skills to Lead Enterprise Programs
Foundational Skills to Lead Enterprise ProgramsFoundational Skills to Lead Enterprise Programs
Foundational Skills to Lead Enterprise ProgramsKaali Dass PMP, PhD.
 
Leading Transformation Programs in Large / Global Organizations
Leading Transformation Programs in Large / Global OrganizationsLeading Transformation Programs in Large / Global Organizations
Leading Transformation Programs in Large / Global OrganizationsKaali Dass PMP, PhD.
 
Building Quality Culture In Agile Software Development
Building Quality Culture In Agile Software DevelopmentBuilding Quality Culture In Agile Software Development
Building Quality Culture In Agile Software DevelopmentKaali Dass PMP, PhD.
 
Quality strategies in Agile Transformation
Quality strategies in Agile TransformationQuality strategies in Agile Transformation
Quality strategies in Agile TransformationKaali Dass PMP, PhD.
 
Resilience: The Key to Leadership Success
Resilience: The Key to Leadership SuccessResilience: The Key to Leadership Success
Resilience: The Key to Leadership SuccessKaali Dass PMP, PhD.
 
Cloud Computing and the Changing IT Model
Cloud Computing and the Changing IT ModelCloud Computing and the Changing IT Model
Cloud Computing and the Changing IT ModelKaali Dass PMP, PhD.
 
Applying Quality to the Project and Product Management Process
Applying Quality to the Project and Product Management ProcessApplying Quality to the Project and Product Management Process
Applying Quality to the Project and Product Management ProcessKaali Dass PMP, PhD.
 
Building a culture of collaborative innovation
Building a culture of collaborative innovation Building a culture of collaborative innovation
Building a culture of collaborative innovation Kaali Dass PMP, PhD.
 

Mehr von Kaali Dass PMP, PhD. (18)

Effective Delivery Strategies to handle predictable and unpredictable project...
Effective Delivery Strategies to handle predictable and unpredictable project...Effective Delivery Strategies to handle predictable and unpredictable project...
Effective Delivery Strategies to handle predictable and unpredictable project...
 
Delight Your Customers with Four Eyes of Quality: Agile Quality Improvement S...
Delight Your Customers with Four Eyes of Quality: Agile Quality Improvement S...Delight Your Customers with Four Eyes of Quality: Agile Quality Improvement S...
Delight Your Customers with Four Eyes of Quality: Agile Quality Improvement S...
 
Enterprise IT Projects: Agile Release Planning Strategies
Enterprise IT Projects: Agile Release Planning StrategiesEnterprise IT Projects: Agile Release Planning Strategies
Enterprise IT Projects: Agile Release Planning Strategies
 
Level Up Your Skills to Lead IT Projects Successfully
Level Up Your Skills to Lead IT Projects SuccessfullyLevel Up Your Skills to Lead IT Projects Successfully
Level Up Your Skills to Lead IT Projects Successfully
 
Next Generation Project Management: Evolving, Transforming and Adapting to th...
Next Generation Project Management: Evolving, Transforming and Adapting to th...Next Generation Project Management: Evolving, Transforming and Adapting to th...
Next Generation Project Management: Evolving, Transforming and Adapting to th...
 
Critical Success Factors in Leading Healthcare IT Projects
Critical Success Factors in Leading Healthcare IT ProjectsCritical Success Factors in Leading Healthcare IT Projects
Critical Success Factors in Leading Healthcare IT Projects
 
Research to Realworld Projects
Research to Realworld ProjectsResearch to Realworld Projects
Research to Realworld Projects
 
Portfolio Planning in Higher Education Industry
Portfolio Planning in Higher Education IndustryPortfolio Planning in Higher Education Industry
Portfolio Planning in Higher Education Industry
 
Managing Government Projects
Managing Government ProjectsManaging Government Projects
Managing Government Projects
 
Foundational Skills to Lead Enterprise Programs
Foundational Skills to Lead Enterprise ProgramsFoundational Skills to Lead Enterprise Programs
Foundational Skills to Lead Enterprise Programs
 
Leading Transformation Programs in Large / Global Organizations
Leading Transformation Programs in Large / Global OrganizationsLeading Transformation Programs in Large / Global Organizations
Leading Transformation Programs in Large / Global Organizations
 
Building Quality Culture In Agile Software Development
Building Quality Culture In Agile Software DevelopmentBuilding Quality Culture In Agile Software Development
Building Quality Culture In Agile Software Development
 
Quality strategies in Agile Transformation
Quality strategies in Agile TransformationQuality strategies in Agile Transformation
Quality strategies in Agile Transformation
 
Resilience: The Key to Leadership Success
Resilience: The Key to Leadership SuccessResilience: The Key to Leadership Success
Resilience: The Key to Leadership Success
 
Cloud Computing and the Changing IT Model
Cloud Computing and the Changing IT ModelCloud Computing and the Changing IT Model
Cloud Computing and the Changing IT Model
 
Applying Quality to the Project and Product Management Process
Applying Quality to the Project and Product Management ProcessApplying Quality to the Project and Product Management Process
Applying Quality to the Project and Product Management Process
 
Leading through change
Leading through changeLeading through change
Leading through change
 
Building a culture of collaborative innovation
Building a culture of collaborative innovation Building a culture of collaborative innovation
Building a culture of collaborative innovation
 

Kürzlich hochgeladen

GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowGUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowkapoorjyoti4444
 
New 2024 Cannabis Edibles Investor Pitch Deck Template
New 2024 Cannabis Edibles Investor Pitch Deck TemplateNew 2024 Cannabis Edibles Investor Pitch Deck Template
New 2024 Cannabis Edibles Investor Pitch Deck TemplateCannaBusinessPlans
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAITim Wilson
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1kcpayne
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting
 
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableBerhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Availablepr788182
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Falcon Invoice Discounting
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...meghakumariji156
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsIndeedSEO
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentationuneakwhite
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxRoofing Contractor
 
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service AvailableNashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Availablepr788182
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistanvineshkumarsajnani12
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizharallensay1
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPanhandleOilandGas
 
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...NadhimTaha
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfAdmir Softic
 
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon investment
 

Kürzlich hochgeladen (20)

GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book nowGUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
GUWAHATI 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
New 2024 Cannabis Edibles Investor Pitch Deck Template
New 2024 Cannabis Edibles Investor Pitch Deck TemplateNew 2024 Cannabis Edibles Investor Pitch Deck Template
New 2024 Cannabis Edibles Investor Pitch Deck Template
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableBerhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
 
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service AvailableNashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
 
WheelTug Short Pitch Deck 2024 | Byond Insights
WheelTug Short Pitch Deck 2024 | Byond InsightsWheelTug Short Pitch Deck 2024 | Byond Insights
WheelTug Short Pitch Deck 2024 | Byond Insights
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business Potential
 

Embedding Security in IT Projects

  • 1. Embedding Security in IT Projects Dr. Kaali Dass, PMP, PhD. Program Manager Cisco Systems, Inc. June 2015 © 2014-2015 Dr. Kaali Dass
  • 2. Enterprise IT Security & Maturity…! To Be Hacked!!! Ref: http://www.heritage.org/research/reports/2014/10/cyber-attacks-on-us-companies-in-2014 24 Large Organizations Hacked in 2014
  • 3.
  • 4. Project Management Institute  Founded in 1969  185 Countries  628,363 PMI Certification Holders  Certifications: PMP, PgMP, CAPM, PfMP, PMI-ACP, PMP-PBA, PMI- RMP, PMI-SP  Chaptered in 1985  14th Largest - Over 2800 Members  Community / Monthly Meetings & Annual Conference  Agile, Leadership, Pharma, Healthcare, Program Mgt, Public Sector NC Chapter Ref: pmi.org
  • 5. Enterprise Wide IT Projects Large number of Stakeholders Complex Dependencies Multiple Tier Architecture Diverse Technologies In-house development and Vendor Products Open Source Products Lack of Security Awareness Image Ref: http://www.carnegiemuseums.org/
  • 6. PMI Process Initiation Planning Execution Monitoring and Controlling Closing
  • 7. About PMI Knowledge Areas Reference: PMBOK Guide 5th Edition Integration Management  Cost Management  Time Management  Scope Management  Risk Management  Human Resource Management  Stakeholder Management  Communications Management  Quality Management  Procurement Management
  • 8. Project Structure Organization’s Initiatives (Portfolio) Programs Projects 1…N Programs Project 1…N Programs Projects 1..N
  • 9.
  • 10. Strategy and Planning Programs and Initiatives Projects & Dev Teams IT Security: Organization
  • 11. IT Security: Projects Initiation Planning Execution Monitoring and Controlling Closing Enterprise Level Review Business and IT Review Infra / Network / Data / Third-party Code and Access Vulnerabilities Lessons Learned
  • 13. Agile Manifesto - Values Individuals and Interactions over process and tools Working Software over Comprehensive Documentation Customer Collaboration over Contract Negotiation Responding to Change over Following a Plan Reference: http://agilemanifesto.org/
  • 14. Agile Product Owner + Scrum Master + Scrum Team Plan and Commit Sprint(s) Demo and Deliver Inspect and Adapt Incremental Capability Continuous Integration Delivered in Weeks Accept Changes Fail Fast, Learn, and Improve
  • 15. IT Security Layer: IT and Business Business Roles Responsibilities Access Policies Data Retention PCI Compliance SOX and other Privacy Laws Audits & More… IT ACL AuthC / AuthZ Encryption Mobility & IOT Social Media Data Classification Data Access Data at Rest & Transit Virus / Malware Business Continuity & More…
  • 16. IT Ecosystems, Agility, and Security IAAS / PAAS Semi Automated, Orchestrated, Public / Private Cloud Public Cloud Automated, Elastic, Scalable, Orchestrated Apps / Services PaaS DB VMs Services SaaS Data Centers / Servers Manual Discrete Process Discrete to Continuous Simple to Complex Manual to Automated
  • 17. Enabling Security in Waterfall Projects Requirements Design Development Testing Implementation Support  Project Plan with Security Focus  Evaluate Third-party Products  Identify and document Security Risks  Business and IT, Internal and External  Security Architecture and design review  Code Review – Automated / Deep Dive  Monitor Risks closely throughout the SDLC and Project life cycle
  • 18. Enabling Security in Agile Projects  Security Review during Product backlog, and Sprint planning  Definition of Done for Security (Compliance and Security)  Create Security Awareness and training  Automated Code Scan for Security Vulnerabilities  Standardized and Secured Platform  Retrospective after every Sprint specifically for Security
  • 19. Key Takeaways: Org Level Plan: IT Leadership, IT Security Strategies Prepare: Governance and Policies Predict: Analyze and Predict Prevent: Real time Monitoring, Alerts Security at Project Planning Business & IT collaboration Focus on People, Process, and Technology Security awareness and training Key Takeaways: Project Level
  • 20. IT Security - Future Plan Predict Prepare Prevent

Hinweis der Redaktion

  1. http://map.ipviking.com/
  2. http://www.heritage.org/research/reports/2014/10/cyber-attacks-on-us-companies-in-2014
  3. Map.ipviking.com