william list ca fbcs¾if so fix ©wm. list & co 2005 objective ©wm. list & co 2005 thank you tc11...
TRANSCRIPT
-
©Wm. List & Co 2005
William List CA FBCS
-
©Wm. List & Co 2005
Where we were
-
©Wm. List & Co 2005
Security - Then
-
©Wm. List & Co 2005
Computers arrive
Automate processes
Present results - familiar format
Create programs - with bugs
-
©Wm. List & Co 2005
Consequences
Users do not understand ITFailure to communicatePoor specifications of requirementsIT (junior) staff decide everythingFamiliar words have new meanings (confusion)
Traditional controls abolishedNot required?
Errors occur people fix (and fix and fix)
-
©Wm. List & Co 2005
And the IT security was
-
©Wm. List & Co 2005
Then came communications
-
©Wm. List & Co 2005
Who are you?
-
©Wm. List & Co 2005
What are the systems?
-
©Wm. List & Co 2005
Meanwhile the software
-
©Wm. List & Co 2005
A secure network?
-
©Wm. List & Co 2005
Manager’s view of IT Security
-
©Wm. List & Co 2005
And we have regulators
-
©Wm. List & Co 2005
Where we are
-
©Wm. List & Co 2005
Now
Every computer connects to all othersNo idea what is really going on in systemsAbuse of required functionalityBugs still abound in softwareAll worldwide: better market for scams!Two systems
IT systemUsers system - ?based on IT output
-
©Wm. List & Co 2005
Objectives for future
Help managers manageHelp home users be secure
-
©Wm. List & Co 2005
Information security today
-
©Wm. List & Co 2005
A new paradigm
Assume that all is OKMake controls to find if assumption untrueBuild preventive controls to keep volumes
of failures to manageable levelsPriority given to clearing identified issues
Repair the dataDecide if fix to system neededIf so fix
-
©Wm. List & Co 2005
Objective
-
©Wm. List & Co 2005
Thank You TC11
for this award
William List CA FBCSWhere we wereSecurity - ThenComputers arriveConsequencesAnd the IT security wasThen came communicationsWho are you?What are the systems?Meanwhile the softwareA secure network?Manager’s view of IT SecurityAnd we have regulatorsWhere we areNowObjectives for futureInformation security todayA new paradigmObjective