SlideShare ist ein Scribd-Unternehmen logo

3 focus areas for any organisation's IT & Security department

S
Sandeep S Jaryal

This presentation is focus on 3 areas - Improving the overall security posture of the company, Effective management of outsource service providers and work prioritization. Hope some of these ideas will help someone...

Technologie
1 von 10
Prepared by Sandeep Jaryal 3 Focus areas for any organisation’s IT & Security department
3 Focus Areas • Improve Overall Security Posture of the Company • Effective Management of Outsource Service Provider • Prioritisation between the Strategic and the BAU activities
• Top management buy-in (Top- down approach) – Good governance and support from Top Management is a key • Organisational structure – Clearly defined roles and responsibilities of each individual, appoint a CISO, InfoSec Manager who can partner with top management to develop security program and drive this cultural change • Security controls – Do the risk calculation and implement effective Technical, Operational and Management controls accordingly • Effective communication – Educate your employees • Readiness – Are we ready to respond to an incident effectively? We’ll cover that in the next slide • Last but not the least, patience – don’t expect perfect posture overnight! Its Not Too Late To Improve Your Security Posture!!!
• Establish a Team – key members from each business unit to make quick and right decisions • Identify tools and requirements • Fine-tune alerting mechanism • Define standard operating procedures – How are incidents reported? Classification, declaration criteria, escalation tree, who to involve and when? • Agree authority of IRT • Establish external relationships – Hosting providers, Forensic, Legal, Suppliers etc. • Test your Incident response plan • Review, measure and improve Readiness – Incident Response Plan
Industry Standard – Security Incident Process Flow Chart
Identification of your Crown Jewel’s
• Self-auditing program (conduct regular internal audit) • Pay attention to any IT legacy systems or applications • Ensure DR and BCP are up-to-date and reviewed regularly • Keep your documents up-to-date • Be aware of any regulatory changes in your industry Meeting Compliance and Audit Needs
• Share your business vision and goals with your outsourced service provider • Sync up regularly – conf calls, video chats or visiting their office • Treat outsourced member of your team with respect • Ensure skill and knowledge transfer • Clearly define targets and SLAs • Establish performance measurement metrics Effective Management of Outsource Service Provider
• Identify goals/activities • Classify into strategic and day-to-day (BAU) activities • Develop prioritisation criteria (Can use SWOT analysis to prioritise) - Mission-critical: Most deserving of precious resources at this time - Important: Will pursue now but with less emphasis than initiatives deemed mission- critical - Wait-listed: Will tackle as soon as resources are freed up from initiatives in categories 1 and 2 - On hold: Will not undertake or plan for this time • Evaluate Prioritisation between the strategic and the day-to- day activities
Thank you!!!

Empfohlen

ITIL Change Management - Plan and deploy changes with confidence
ITIL Change Management - Plan and deploy changes with confidence ITIL Change Management - Plan and deploy changes with confidence
ITIL Change Management - Plan and deploy changes with confidence Freshservice
 
Internal audit and control system reviews
Internal audit and control system reviewsInternal audit and control system reviews
Internal audit and control system reviewsHLB Hamt
 
Business Impact Analysis and DR The Hutt Valley DHB Experience
Business Impact Analysis and DR The Hutt Valley DHB ExperienceBusiness Impact Analysis and DR The Hutt Valley DHB Experience
Business Impact Analysis and DR The Hutt Valley DHB ExperienceHealth Informatics New Zealand
 
Hitesh Thakkar.resume
Hitesh Thakkar.resumeHitesh Thakkar.resume
Hitesh Thakkar.resumeHitesh Thakkar
 
History & Trends in Workforce Management
History & Trends in Workforce ManagementHistory & Trends in Workforce Management
History & Trends in Workforce ManagementSynerion North America Inc.
 
Shruti ppt
Shruti pptShruti ppt
Shruti pptSHRUTI SAGAR
 
Best practices in pharmacovigilance Services by HySynth biotechnologies
Best practices in pharmacovigilance Services by HySynth biotechnologiesBest practices in pharmacovigilance Services by HySynth biotechnologies
Best practices in pharmacovigilance Services by HySynth biotechnologiesSaravanan Subramanian (SAS)
 
02 Practical Strategies of Conducting BIA
02 Practical Strategies of Conducting BIA02 Practical Strategies of Conducting BIA
02 Practical Strategies of Conducting BIABCM Institute
 

Empfohlen

ITIL Change Management - Plan and deploy changes with confidence
ITIL Change Management - Plan and deploy changes with confidence ITIL Change Management - Plan and deploy changes with confidence
ITIL Change Management - Plan and deploy changes with confidence Freshservice
 
Internal audit and control system reviews
Internal audit and control system reviewsInternal audit and control system reviews
Internal audit and control system reviewsHLB Hamt
 
Business Impact Analysis and DR The Hutt Valley DHB Experience
Business Impact Analysis and DR The Hutt Valley DHB ExperienceBusiness Impact Analysis and DR The Hutt Valley DHB Experience
Business Impact Analysis and DR The Hutt Valley DHB ExperienceHealth Informatics New Zealand
 
Hitesh Thakkar.resume
Hitesh Thakkar.resumeHitesh Thakkar.resume
Hitesh Thakkar.resumeHitesh Thakkar
 
History & Trends in Workforce Management
History & Trends in Workforce ManagementHistory & Trends in Workforce Management
History & Trends in Workforce ManagementSynerion North America Inc.
 
Shruti ppt
Shruti pptShruti ppt
Shruti pptSHRUTI SAGAR
 
Best practices in pharmacovigilance Services by HySynth biotechnologies
Best practices in pharmacovigilance Services by HySynth biotechnologiesBest practices in pharmacovigilance Services by HySynth biotechnologies
Best practices in pharmacovigilance Services by HySynth biotechnologiesSaravanan Subramanian (SAS)
 
02 Practical Strategies of Conducting BIA
02 Practical Strategies of Conducting BIA02 Practical Strategies of Conducting BIA
02 Practical Strategies of Conducting BIABCM Institute
 
PAWS - Pentana Audit Work System software
PAWS - Pentana Audit Work System softwarePAWS - Pentana Audit Work System software
PAWS - Pentana Audit Work System softwareMantala
 
Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification OverviewAl Imran, CISA
 
Business continuity - 5 key steps to effective business impact analysis
Business continuity - 5 key steps to effective business impact analysisBusiness continuity - 5 key steps to effective business impact analysis
Business continuity - 5 key steps to effective business impact analysismoranjustin
 
BIA - Example of Business Impact Analysis and Dependencies
BIA - Example of Business Impact Analysis and DependenciesBIA - Example of Business Impact Analysis and Dependencies
BIA - Example of Business Impact Analysis and DependenciesRamiro Cid
 
Risk management & compliance with xyea october 2012
Risk management & compliance with xyea october 2012Risk management & compliance with xyea october 2012
Risk management & compliance with xyea october 2012Xyea
 
ClockworkISMS
ClockworkISMSClockworkISMS
ClockworkISMSDelaney
 
GAP Analysis
GAP AnalysisGAP Analysis
GAP AnalysisLakshmi-BA
 
RIMS: Remote Infrastructure Management Services
RIMS: Remote Infrastructure Management Services RIMS: Remote Infrastructure Management Services
RIMS: Remote Infrastructure Management Services Abhishek Agnihotry
 
Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information Systemarif prasetyo
 
Ibrahim alamri cv 20199 new
Ibrahim alamri cv 20199 newIbrahim alamri cv 20199 new
Ibrahim alamri cv 20199 newAlamer Omani
 
Change Management - ITIL
Change Management - ITILChange Management - ITIL
Change Management - ITILconnorsmaureen
 
Benchmarking Your Policy & Procedure Management Program in 2017
Benchmarking Your Policy & Procedure Management Program in 2017Benchmarking Your Policy & Procedure Management Program in 2017
Benchmarking Your Policy & Procedure Management Program in 2017NAVEX Global
 
New approaches in internal audit
New approaches in internal auditNew approaches in internal audit
New approaches in internal auditSalih Islam
 
Resume - Sanjit Mitra
Resume - Sanjit MitraResume - Sanjit Mitra
Resume - Sanjit MitraSanjit Mitra
 
Risk Management Software
Risk Management SoftwareRisk Management Software
Risk Management SoftwareCorporater
 
Business continuity overview slideshare
Business continuity overview slideshareBusiness continuity overview slideshare
Business continuity overview slideshareChris Greenhill
 
Software Project Management 4
Software Project Management 4Software Project Management 4
Software Project Management 4Sheikh Khawar Qayyum
 
2 Day MOSTI Workshop
2 Day MOSTI Workshop2 Day MOSTI Workshop
2 Day MOSTI WorkshopCondition Zebra (CONZebra)
 
CISM_WK_2.pptx
CISM_WK_2.pptxCISM_WK_2.pptx
CISM_WK_2.pptxdotco
 
Vinan Softech_Presentation
Vinan Softech_PresentationVinan Softech_Presentation
Vinan Softech_PresentationRujuta Joshi
 
CISO's first 100 days
CISO's first 100 daysCISO's first 100 days
CISO's first 100 daysMichaelSadeghiPhDABD
 
crisc_wk_2a.pptx
crisc_wk_2a.pptxcrisc_wk_2a.pptx
crisc_wk_2a.pptxdotco
 

Weitere ähnliche Inhalte

Was ist angesagt?

PAWS - Pentana Audit Work System software
PAWS - Pentana Audit Work System softwarePAWS - Pentana Audit Work System software
PAWS - Pentana Audit Work System softwareMantala
 
Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification OverviewAl Imran, CISA
 
Business continuity - 5 key steps to effective business impact analysis
Business continuity - 5 key steps to effective business impact analysisBusiness continuity - 5 key steps to effective business impact analysis
Business continuity - 5 key steps to effective business impact analysismoranjustin
 
BIA - Example of Business Impact Analysis and Dependencies
BIA - Example of Business Impact Analysis and DependenciesBIA - Example of Business Impact Analysis and Dependencies
BIA - Example of Business Impact Analysis and DependenciesRamiro Cid
 
Risk management & compliance with xyea october 2012
Risk management & compliance with xyea october 2012Risk management & compliance with xyea october 2012
Risk management & compliance with xyea october 2012Xyea
 
ClockworkISMS
ClockworkISMSClockworkISMS
ClockworkISMSDelaney
 
RIMS: Remote Infrastructure Management Services
RIMS: Remote Infrastructure Management Services RIMS: Remote Infrastructure Management Services
RIMS: Remote Infrastructure Management Services Abhishek Agnihotry
 
Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information Systemarif prasetyo
 
Ibrahim alamri cv 20199 new
Ibrahim alamri cv 20199 newIbrahim alamri cv 20199 new
Ibrahim alamri cv 20199 newAlamer Omani
 
Change Management - ITIL
Change Management - ITILChange Management - ITIL
Change Management - ITILconnorsmaureen
 
Benchmarking Your Policy & Procedure Management Program in 2017
Benchmarking Your Policy & Procedure Management Program in 2017Benchmarking Your Policy & Procedure Management Program in 2017
Benchmarking Your Policy & Procedure Management Program in 2017NAVEX Global
 
New approaches in internal audit
New approaches in internal auditNew approaches in internal audit
New approaches in internal auditSalih Islam
 
Resume - Sanjit Mitra
Resume - Sanjit MitraResume - Sanjit Mitra
Resume - Sanjit MitraSanjit Mitra
 
Risk Management Software
Risk Management SoftwareRisk Management Software
Risk Management SoftwareCorporater
 
Business continuity overview slideshare
Business continuity overview slideshareBusiness continuity overview slideshare
Business continuity overview slideshareChris Greenhill
 

Was ist angesagt? (17)

PAWS - Pentana Audit Work System software
PAWS - Pentana Audit Work System softwarePAWS - Pentana Audit Work System software
PAWS - Pentana Audit Work System software
 
Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification Overview
 
Business continuity - 5 key steps to effective business impact analysis
Business continuity - 5 key steps to effective business impact analysisBusiness continuity - 5 key steps to effective business impact analysis
Business continuity - 5 key steps to effective business impact analysis
 
BIA - Example of Business Impact Analysis and Dependencies
BIA - Example of Business Impact Analysis and DependenciesBIA - Example of Business Impact Analysis and Dependencies
BIA - Example of Business Impact Analysis and Dependencies
 
Risk management & compliance with xyea october 2012
Risk management & compliance with xyea october 2012Risk management & compliance with xyea october 2012
Risk management & compliance with xyea october 2012
 
ClockworkISMS
ClockworkISMSClockworkISMS
ClockworkISMS
 
GAP Analysis
GAP AnalysisGAP Analysis
GAP Analysis
 
RIMS: Remote Infrastructure Management Services
RIMS: Remote Infrastructure Management Services RIMS: Remote Infrastructure Management Services
RIMS: Remote Infrastructure Management Services
 
Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information System
 
Ibrahim alamri cv 20199 new
Ibrahim alamri cv 20199 newIbrahim alamri cv 20199 new
Ibrahim alamri cv 20199 new
 
Change Management - ITIL
Change Management - ITILChange Management - ITIL
Change Management - ITIL
 
Benchmarking Your Policy & Procedure Management Program in 2017
Benchmarking Your Policy & Procedure Management Program in 2017Benchmarking Your Policy & Procedure Management Program in 2017
Benchmarking Your Policy & Procedure Management Program in 2017
 
New approaches in internal audit
New approaches in internal auditNew approaches in internal audit
New approaches in internal audit
 
Resume - Sanjit Mitra
Resume - Sanjit MitraResume - Sanjit Mitra
Resume - Sanjit Mitra
 
Risk Management Software
Risk Management SoftwareRisk Management Software
Risk Management Software
 
Business continuity overview slideshare
Business continuity overview slideshareBusiness continuity overview slideshare
Business continuity overview slideshare
 
Software Project Management 4
Software Project Management 4Software Project Management 4
Software Project Management 4
 

Ähnlich wie 3 focus areas for any organisation's IT & Security department

CISM_WK_2.pptx
CISM_WK_2.pptxCISM_WK_2.pptx
CISM_WK_2.pptxdotco
 
Vinan Softech_Presentation
Vinan Softech_PresentationVinan Softech_Presentation
Vinan Softech_PresentationRujuta Joshi
 
crisc_wk_2a.pptx
crisc_wk_2a.pptxcrisc_wk_2a.pptx
crisc_wk_2a.pptxdotco
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsJack Nichelson
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business ContinuityStephen Cobb
 
Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarAli Zeeshan
 
Assuring Digital Strategic Initiatives by
Assuring Digital Strategic Initiatives by Assuring Digital Strategic Initiatives by
Assuring Digital Strategic Initiatives by FirstMutualHoldings
 
Security Organization/ Infrastructure
Security Organization/ InfrastructureSecurity Organization/ Infrastructure
Security Organization/ InfrastructurePriyank Hada
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...Global Business Events
 
From Chaos to Order: Building a Business Architecture
From Chaos to Order: Building a Business ArchitectureFrom Chaos to Order: Building a Business Architecture
From Chaos to Order: Building a Business ArchitectureMichael King
 

Ähnlich wie 3 focus areas for any organisation's IT & Security department (20)

2 Day MOSTI Workshop
2 Day MOSTI Workshop2 Day MOSTI Workshop
2 Day MOSTI Workshop
 
CISM_WK_2.pptx
CISM_WK_2.pptxCISM_WK_2.pptx
CISM_WK_2.pptx
 
Vinan Softech_Presentation
Vinan Softech_PresentationVinan Softech_Presentation
Vinan Softech_Presentation
 
CISO's first 100 days
CISO's first 100 daysCISO's first 100 days
CISO's first 100 days
 
crisc_wk_2a.pptx
crisc_wk_2a.pptxcrisc_wk_2a.pptx
crisc_wk_2a.pptx
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
BiznetGio Presentation Business Continuity
BiznetGio Presentation Business ContinuityBiznetGio Presentation Business Continuity
BiznetGio Presentation Business Continuity
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metrics
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security Metrics
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business Continuity
 
CISSP Chapter 1 BCP
CISSP Chapter 1 BCPCISSP Chapter 1 BCP
CISSP Chapter 1 BCP
 
Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - Webinar
 
Assuring Digital Strategic Initiatives by
Assuring Digital Strategic Initiatives by Assuring Digital Strategic Initiatives by
Assuring Digital Strategic Initiatives by
 
Security Organization/ Infrastructure
Security Organization/ InfrastructureSecurity Organization/ Infrastructure
Security Organization/ Infrastructure
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
 
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
 
From Chaos to Order: Building a Business Architecture
From Chaos to Order: Building a Business ArchitectureFrom Chaos to Order: Building a Business Architecture
From Chaos to Order: Building a Business Architecture
 
PM Tool Meetup
PM Tool MeetupPM Tool Meetup
PM Tool Meetup
 
PM Tool Meetup
PM Tool MeetupPM Tool Meetup
PM Tool Meetup
 
PM Tool Meetup
PM Tool MeetupPM Tool Meetup
PM Tool Meetup
 

Kürzlich hochgeladen

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 

Kürzlich hochgeladen (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 

3 focus areas for any organisation's IT & Security department

  • 1. Prepared by Sandeep Jaryal 3 Focus areas for any organisation’s IT & Security department
  • 2. 3 Focus Areas • Improve Overall Security Posture of the Company • Effective Management of Outsource Service Provider • Prioritisation between the Strategic and the BAU activities
  • 3. • Top management buy-in (Top- down approach) – Good governance and support from Top Management is a key • Organisational structure – Clearly defined roles and responsibilities of each individual, appoint a CISO, InfoSec Manager who can partner with top management to develop security program and drive this cultural change • Security controls – Do the risk calculation and implement effective Technical, Operational and Management controls accordingly • Effective communication – Educate your employees • Readiness – Are we ready to respond to an incident effectively? We’ll cover that in the next slide • Last but not the least, patience – don’t expect perfect posture overnight! Its Not Too Late To Improve Your Security Posture!!!
  • 4. • Establish a Team – key members from each business unit to make quick and right decisions • Identify tools and requirements • Fine-tune alerting mechanism • Define standard operating procedures – How are incidents reported? Classification, declaration criteria, escalation tree, who to involve and when? • Agree authority of IRT • Establish external relationships – Hosting providers, Forensic, Legal, Suppliers etc. • Test your Incident response plan • Review, measure and improve Readiness – Incident Response Plan
  • 5. Industry Standard – Security Incident Process Flow Chart
  • 6. Identification of your Crown Jewel’s
  • 7. • Self-auditing program (conduct regular internal audit) • Pay attention to any IT legacy systems or applications • Ensure DR and BCP are up-to-date and reviewed regularly • Keep your documents up-to-date • Be aware of any regulatory changes in your industry Meeting Compliance and Audit Needs
  • 8. • Share your business vision and goals with your outsourced service provider • Sync up regularly – conf calls, video chats or visiting their office • Treat outsourced member of your team with respect • Ensure skill and knowledge transfer • Clearly define targets and SLAs • Establish performance measurement metrics Effective Management of Outsource Service Provider
  • 9. • Identify goals/activities • Classify into strategic and day-to-day (BAU) activities • Develop prioritisation criteria (Can use SWOT analysis to prioritise) - Mission-critical: Most deserving of precious resources at this time - Important: Will pursue now but with less emphasis than initiatives deemed mission- critical - Wait-listed: Will tackle as soon as resources are freed up from initiatives in categories 1 and 2 - On hold: Will not undertake or plan for this time • Evaluate Prioritisation between the strategic and the day-to- day activities