Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration...
-
Upload
angelica-douglas -
Category
Documents
-
view
222 -
download
0
Transcript of Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration...
Agenda
1. Aims: Reducing Cyber Risk 2. Information Risk Management3. Secure Configuration4. Network Security5. Managing User Access 6. Education & Awareness7. Incident Management8. Malware Prevention9. Monitoring10. Removable Media11. Mobile Working 12. Summary
Information Risk Management
• Adopt a framework • Determine baseline level of risk for organisation • Regularly discuss risk at board meetings • Treat risk as a lifecycle
Secure Configuration
• Implement hardware / software asset register • Baseline security builds for all network components • Daily updates / patches • Regularly scan for vulnerabilities
Managing User Access
• Limit admin accounts • Monitor & audit users• Establish account management process
Education & Awareness
• User security policy• Staff security induction • Refresher training on security threats • Formal assessment of staff knowledge
Malware Prevention
• Anti virus throughout organisation • Regular malware scans • Regularly update anti virus