Scribd Logo
Upload

Welcome to Scribd!

  • Cyber Security - Risk-Based Approach

    Uploaded by

    Pramod Parajuli
    13 views14 pages
    An overview of risk-based approach towards cyber security. Presented during AGM of Information Security Emergency Response Team.

    Original Title

    Cyber Security - Risk-based Approach

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    An overview of risk-based approach towards cyber security. Presented during AGM of Information Security Emergency Response Team.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views14 pages

    Cyber Security - Risk-Based Approach

    Uploaded by

    Pramod Parajuli
    An overview of risk-based approach towards cyber security. Presented during AGM of Information Security Emergency Response Team.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    Cyber Security:

    Risk-based Approach for Organizations

    Pramod Parajuli
    Consultant
    Information Security, Compliance, and S/W
    Development
    Datum Systems Pvt. Ltd.
    2
    WHY WOULD WE CARE?

    Source
    Rising to the challenge of securing mobile and cloud, IBM Security for Mobile and Cloud, 2015, IBM.com/security 3
    PROBLEM AND SOLUTION

    Source
    2015 Global Cybersecurity Megatrends with U.S. Spotlight, 2015, Raytheon.com/cyber 4
    SCENARIO RISE IN
    AWARENESS
    Security controls
    Cost-based approach and ROI
    Frameworks
    Compliance-based approach

    Source: Blue Lava Consulting 5


    SECURITY
    A balance between the need to protect the
    organization from security threats and the need to
    operate the business.

    The security activities must support the business


    growth!

    Source
    Information Security - 2015 Trends, Topics & Research, Gartner.com 6
    Will security really help the
    businesses to grow?
    TO BE, OR NOT TO BE: THAT IS THE QUESTION
    Hamlet, Act III, Scene I

    Risk-Based Approach

    7
    CYBER SECURITY AND BUSINESS
    PROCESS

    Business
    Business
    Process Cyber Security Monitoring and
    Process
    Standardizatio Parameterization Control
    Parameterization
    n

    8
    EXAMPLE - Services delivery
    What is at the stake if service is not delivered?
    What will happen if wrong service is delivered?
    What will happen if Quality of Service is
    compromised?
    Who will be affected?
    How will it affect overall business objectives?

    9
    EXAMPLE - Procurement

    Does the procurement policy compromise


    quality of product or service that were
    procuring?
    Is the vendor able to comply with our security
    requirements?

    10
    RISKS
    Information not available to right person/entity in
    right time
    Service not available to right person/entity in
    right time
    Difficulty in meeting business-level QoS
    assurance
    Non-compliance
    11
    RISKS-BASED APPROACH
    Factors
    Human the stakeholders, human firewalls
    Documentation established procedures
    Business processes critical business process and their
    impact
    Data where is the data?
    Technology tuning configurations
    Physical security controls
    12
    FURTHER MORE

    Rigorous risk assessment


    Maturity models in cyber security (C2M2)

    13
    WRITE TO ME:
    pramodparajuli@gmail.com

    THANK YOU.

    14

    You might also like