Download - A view on cyber security
![Page 1: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/1.jpg)
A view on cyber security
Image source: Ministry of Defence: http://www.flickr.com/photos/defenceimages/6892189807/
Commenting on the UK government’s “ten steps to cyber security” advicehttp://www.bis.gov.uk/assets/biscore/business-sectors/docs/0-9/12-1120-10-steps-to-cyber-security-executive
![Page 2: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/2.jpg)
@markwilsonit
Imag
e ©
John
Cas
sidy
Hea
dsho
ts/M
ark
Wils
on. A
ll rig
hts
Rese
rved
![Page 3: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/3.jpg)
Image source: CA Technologies: http://www.flickr.com/photos/cainc/6690581435/
Last year it was BYOD…
![Page 4: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/4.jpg)
“Cyber”“Cyberspace”“Cyber security”
Image source: Ministry of Defence: http://www.flickr.com/photos/defenceimages/6892189807/
![Page 5: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/5.jpg)
Cybermen?
Image source: BBC: http://www.bbc.co.uk/doctorwho/classic/gallery/cybermen/6t_12.shtml
![Page 6: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/6.jpg)
People switch off
Image source: Andrew Huff: http://www.flickr.com/photos/deadhorse/367716072/
![Page 7: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/7.jpg)
Not just the CIO’s problem
Image source: The_Warfield: http://www.flickr.com/photos/the_warfield/4992455554/
![Page 8: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/8.jpg)
10 steps
Image source: Seite-3: http://www.flickr.com/photos/seite-3/437418799/
![Page 9: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/9.jpg)
Home and mobile working
Image source: Simon Collison: http://www.flickr.com/photos/collylogic/5739130295/
Home and mobile working“Develop a mobile working policy and train staff to adhere to it. Apply the secure baseline build to all devices. Protect data both in transit and at rest.”
![Page 10: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/10.jpg)
User education and awareness
Image source: Kaptain Kobold: http://www.flickr.com/photos/kaptainkobold/5181464194/
User education and awareness“Produce user security policies covering acceptable use of the organisation’s systems. Establish a staff training programme. Maintain user awareness of the cyber risks.”
![Page 11: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/11.jpg)
Incident Management
Image source: kenjonbro: http://www.flickr.com/photos/kenjonbro/6289681274/
Incident Management“Establish an incident management response and disaster recovery capability. Produce and test incident management plans. Provide specialist training to the incident management team. Report criminal incidents to law enforcement.”
![Page 12: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/12.jpg)
Information Risk Management Regime
Image source: Aidan Morgan: http://www.flickr.com/photos/aidanmorgan/5589187752/
Information Risk Management Regime“Establish an effective governance structure and determine your risk appetite – just like you would for any other risk. Maintain the Board’s engagement with the cyber risk. Produce supporting information risk management policies.”
![Page 13: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/13.jpg)
Managing User Privileges
Image source: Angus Kingston: http://www.flickr.com/photos/kingo/4051530414/
Managing user privileges“Establish account management processes and limit the number of privileged accounts. Limit user privileges monitor user activity. Control access to activity and audit logs.”
![Page 14: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/14.jpg)
Removable Media Controls
Image source: Thana Thaweeskulchai: http://www.flickr.com/photos/sparkieblues/3971234819/
Removable Media Controls“Produce a policy to control all access to removable media. Limit media types and use. Scan all media for malware before importing on to corporate system.”
![Page 15: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/15.jpg)
Monitoring
Image source: Bun Lovin’ Criminal: http://www.flickr.com/photos/myxi/4129235610/
Monitoring“Establish a monitoring strategy and produce supporting policies. Continuously monitor all ICT systems and networks. Analyse logs for unusual activity that could indicate an attack.”
![Page 16: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/16.jpg)
Secure Configuration
Image source: brunotto: http://www.flickr.com/photos/brunauto/4359223723/
Secure configuration “Apply security patches and ensure that the secure configuration of all ICT systems is maintained. Create a system inventory and define a baseline build for all ICT devices.”
![Page 17: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/17.jpg)
Malware Protection
Image source: Martin Cathrae: http://www.flickr.com/photos/suckamc/271222157/
Malware Protection“Produce relevant policy and establish anti-malware defences that are applicable and relevant to all business areas. Scan for malware across the organisation.”
![Page 18: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/18.jpg)
Network Security
Image source: photosteve101: http://www.flickr.com/photos/42931449@N07/6088751332/
Network Security “Protect your networks against external and internal attack. Manage the network perimeter. Filter out unauthorised access and malicious content. Monitor and test security controls.”
![Page 19: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/19.jpg)
In summary
Image source: UK Government: http://www.bis.gov.uk/assets/biscore/business-sectors/docs/0-9/12-1120-10-steps-to-cyber-security-executive
![Page 20: A view on cyber security](https://reader036.vdocuments.us/reader036/viewer/2022062404/554c4413b4c9056b648b5198/html5/thumbnails/20.jpg)
CThis work is licensed under a Creative Commons Licence.
For further details, please visit http://creativecommons.org/licenses/by-nc-nd/2.0/uk/
cbnd
© 2013, Mark Wilson.Some rights reserved.