Professional Documents
Culture Documents
NETS 1015 Lecture #1
NETS 1015 Lecture #1
SECURITY
MANAGEMENT
Lecture #1
COURSE
SHELL
REVIEW
Syllabus
Review
What is
Information Security Management (ISM) establishes
and manages the controls that an organization must
put in place to ensure that the confidentiality,
information availability, and integrity of assets are protected from
threats and vulnerabilities in a sensible manner .
/
Confidentiality
RESPONSIBILITIES
•Work with auditors to receive various security-related certifications/reports (eg. SOC 2 Type II, ISO
27001, PCI-DSS)
•Implement and enforce best practices and security standards for the organization
•Provide consultation to our product team regarding the security implications of new features
RESPONSIBILITIES
•Build standards, patterns, and tools that help engineers in other teams make effective and secure use of
infrastructure
•Partner with engineers and product teams across application development and data engineering teams to
strengthen security focused architectural approaches
•Consult with other engineering teams providing expertise on secure infrastructure design
•Perform security tasks including threat modeling, secure code review, training, static and dynamic
analysis, and automated and manual security testing
•Configure and manage our software defined networking capabilities including VPCs, firewalls, and
routing
•Help audit and harden our production monitoring and alerting systems
Retrieved from https://infosec-jobs.com/job/11107-head-of-information-security/
•Mentor less experienced members of the team through pair-programming and empathetic code review
Sample Job Description - Associate Security Analyst
RESPONSIBILITIES
•You will learn how to monitor and respond to notifications and alerts from security tools such as Lacework,
Tenable, Cylance, Google Workspace, etc.
•You will evaluate the security of third-party vendors and collaborating with them to develop corrective
action plans
•You will analyze security incident data to identify and document root causes
•You will perform routine security activities such as access review audits
•You will assist in the maintenance of the company ’s security governance documentation (policies, plans, and
standards)
•You will manage the security awareness training program, including designing and conducting internal
phishing campaigns
•You will manage the Risk Register including working with appropriate stakeholders to address identified
Retrieved from https://infosec-jobs.com/job/11107-head-of-information-security/
risks
NETS 1015:
SECURITY
MANAGEMENT
Lecture #2 An overview of
the information security
landscape in Canada
Cyber-dependent crimes are those which can only be
committed using a computer, a computer network, or other
Canadian technology.
cybercrime
s om e one posi ng a s a l e gi t i m a t e i ns t i t ut i on t o l ur e t hos e
i ndi vi dua l s i nt o pr ovi di ng pr i va t e da t a s uc h a s pe r s ona l l y
i de nt i f i a bl e i nf or m a t i on, ba nki ng a nd c r e di t c a r d de t a i l s , a nd
specific respectively.
Se c ur it y a nd R e s ilie nc e
Retrieved fromhttps://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/ntnl-cbr-scrt-strtg/index-en.aspx#s1
The Government of Canada and its partners will work
together across three themes:
Retrieved fromhttps://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/ntnl-cbr-scrt-strtg/index-en.aspx#s1
The Government of Canada and its partners will work
together across three themes:
Retrieved fromhttps://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/ntnl-cbr-scrt-strtg/index-en.aspx#s1
1. Phishing
6. Man-in-the-middle attacks
8. Spam
facing
security
conferences
information
security
certifications
information
Security+
certifications
Systems Security Certified Practitioner (SSCP)
The Canadian
Centre for
Cyber Security
Retrieved from:https://www.smartsheet.com/content/information-security-management
What is the
main The main objective of information security
management is to prevent data breaches .
objective of
ISM?
Retrieved from:https://www.itgovernance.co.uk/blog/what-is-information-security-management
Organizations need to consider the different
ways that information can be breached. This can
which data
to unauthorized people.
can be
completeness and accuracy of sensitive
information.
Retrieved from:https://www.itgovernance.co.uk/blog/what-is-information-security-management
T he main goal of information security systems is to guarantee
data protection from external and internal threats
Retrieved from:https://searchinform.com/challenges/information-security/information-security-basics/key-aspects-of-information-security
/goals-and-objectives-of-information-security/
How do I
The prevention of data breaches begins with
prevent a risk management, in which an organization
identifies its information assets, and the
data ways they can be compromised.
breach?
Retrieved from:https://www.itgovernance.co.uk/blog/what-is-information-security-management
To do this, organizations must split risk into
its constituent components:
Retrieved from:https://www.itgovernance.co.uk/blog/what-is-information-security-management
What are the 1 Employee negligence or abuse
concerns of IT
management
professionals?
Retrieved from:https://www.itworldcanada.com/article/what-keeps-security-professionals-up-at-night/19842
NETS 1015:
SECURITY
MANAGEMENT
Lecture #4 Categories of
information security
management
Cybersecurity controls are mechanisms used to
What are prevent, detect and mitigate cyber threats and
attacks. Mechanisms range from physical controls,
security such as security guards and surveillance cameras, to
technical controls, including firewalls and
controls? multifactor authentication.
Retrieved from:https://www.techtarget.com/searchsecurity/feature/Types-of-cybersecurity-controls
-and-how-to-place-them#:~:text=Cybersecurity%20controls%20are%20mechanisms%20used,inclu
%20firewalls%20and%20multifactor%20authentication.
What are • Physical
• Procedural
typical • Technical
categories • Compliance
• Regulatory
of security • Legal
• On-premise
controls?
Retrieved from:https://www.techtarget.com/searchsecurity/feature/Types-of-cybersecurity-controls
-and-how-to-place-them#:~:text=Cybersecurity%20controls%20are%20mechanisms%20used,inclu
%20firewalls%20and%20multifactor%20authentication.
• Cloud
What are • Administrative
• Network
categories • Database
• Purchased software
of security
• In-house developed software
controls? • Operational
Retrieved from:https://www.techtarget.com/searchsecurity/feature/Types-of-cybersecurity-controls
-and-how-to-place-them#:~:text=Cybersecurity%20controls%20are%20mechanisms%20used,inclu
%20firewalls%20and%20multifactor%20authentication.
How can
these
security • Preventative
controls • Detective
• Corrective
themselves
be
categorized?
Retrieved from:https://www.techtarget.com/searchsecurity/feature/Types-of-cybersecurity-controls
-and-how-to-place-them#:~:text=Cybersecurity%20controls%20are%20mechanisms%20used,inclu
%20firewalls%20and%20multifactor%20authentication.
NETS 1015:
SECURITY
MANAGEMENT
Lecture #5 Information
security breach
(incident)response plans
An incident response plan includes, but is not limited
What is an to, the processes, procedures, and documentation
related to how an organization detects, responds to,
incident and recovers from incidents.
Retrieved from:https://cyber.gc.ca/en/guidance/developing-your-incident-response-plan-itsap40003
What activities
should be
• Conduct a risk assessment
conducted • Develop the appropriate company
before policies
response
plan?
Retrieved from:https://cyber.gc.ca/en/guidance/developing-your-incident-response-plan-itsap40003
What are the • Prepare – defi ne the plan objectives,
develop incident response policies,
elements of an implement a reliable back up system,
create a HW update and SW patch
incident strategy, develop exercises to test your
response plan, revise your plan of ten
response
based upon test results and changing
Retrieved from:https://cyber.gc.ca/en/guidance/developing-your-incident-response-plan-itsap40003
What are the
• Observe – monitor all systems for
elements of an potential threats, produce /disseminate
plan?
Retrieved from:https://cyber.gc.ca/en/guidance/developing-your-incident-response-plan-itsap40003
What are the • Resolve – contain the threat and apply
eff ective mitigation measures, eradicate
elements of an the intrusion by restoring the system from
Retrieved from:https://cyber.gc.ca/en/guidance/developing-your-incident-response-plan-itsap40003
• Understand – identify the root cause of
Retrieved from:https://cyber.gc.ca/en/guidance/developing-your-incident-response-plan-itsap40003
Industry
incident
response plan
frameworks
Retrieved from:https://cyber.gc.ca/en/guidance/developing-your-incident-response-plan-itsap40003
NETS 1015:
SECURITY
MANAGEMENT
Lecture #6 Media
Sanitization
Sanitization is a non-destructive declassifying
sanitization?
Media and minimizes the threat of unauthorized
disclosure.
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
Media sanitization and disposal is done to:
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
The sanitization process allows for the
declassification of data storage media, permitting its
release outside the department.
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
Encryption throughout the life cycle of the Media,
facilitates fast and effective sanitization and eases
the destruction requirements at the end-of-life of the
Media.
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
GC Media
Sanitization
process
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
The clearing and declassification process utilizes a risk-management
approach that considers three broad ranges of sensitivity for data
that may persist on IT storage media.
1.M e d i a h a s l o w s e n s i t i v i t y w h e n i t c o n t a i n s o n l y U n c l a s s i f i e d o r
Protected A data. This level applies to the majority of networked
computers on unclassified systems where files are centrally stored
Levels of on servers.
Sensitivity 2.M e d i a h a s m e d i u m s e n s i t i v i t y w h e n i t c o n t a i n s a n y P r o t e c t e d B o r
Confidential data, even where the media might contain data of lower
sensitivities
3.M e d i a h a s h i g h s e n s i t i v i t y w h e n i t c o n t a i n s a n y d a t a t h a t i s
c l a s s i f i e d To p S e c r e t , S e c r e t o r P r o t e c t e d C , o r i f t h e M e d i a h a s
ever been attached or connected to a system that contains such data.
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
Sanitization is a non-destructive declassifying method to
make data non-recoverable while leaving the Media in a re-
usable condition in accordance with departmental and GC IT
security policy.
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
Shredding, Disintegration and Crushing
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
It is essential that the sanitization of the Media be
verified to ensure the confidentiality of departmental
data on the Media. There are two types of verification:
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006
https://cyber.gc.ca/en/guidance/it-media-sanitization-
itsp40006
Reference Links
https://nvlpubs.nist.gov/nistpubs /
SpecialPublications /NIST.SP.800-88r1.pdf
Retrieved fromhttps://cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006