Upload
anil-chiplunkar
View
220
Download
0
Embed Size (px)
Citation preview
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 1/14
© Infocounselors ISMS Implementer Course (V 1.0)
ISMS Implementer Course
Module 1Introduction to Information Security
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 2/14
Introduction to InformationSecurity
What is Information?
Information is stimuli that has meaning insome context for its receiver. When
information is entered into and stored ina computer, it is generally referred to asdata. After processing output data canagain be perceived as information.
(Source: SearchSQLServer.com Definitions)
ISMS Implementer Course(V 1.0)
© Infocounselors 22
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 3/14
Introduction to InformationSecurity
What is Information?
“Information” is an asset which,like other important business
assets, has value to anorganization and consequentlyneeds to be suitably protected.
(Source: ISO 27002)
ISMS Implementer Course(V 1.0)
© Infocounselors 33
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 4/14
Information – Life Cycle
Creation
Storage
Processing
Access
Modification TransmissionPrintingDestructio
n
Introduction to InformationSecurity
© Infocounselors 44ISMS Implementer Course(V 1.0)
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 5/14
Data storagedevices◦
Hard disks◦ CDs / Floppies◦ Pen drives◦ Zip drives◦ Tapes / DATs ……
Physical copies◦ Printed reports,
documents, graphs…
Accessed through◦ Desktop / Laptop◦
File server◦ Internet / Webserver
◦ Mail server (mailboxes)…
Accessed by◦ Employees◦ Contractors◦ Business partners◦
Vendors ………© Infocounselors ISMS Implementer Course(V 1.0)
55
Introduction to InformationSecurityWhere the ‘Information’ islocated?
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 6/14
Introduction to InformationSecurity
What are information risks?
Risks present at each and every step in theinformation life cycle
Risks such as● Theft
● Misuse
● Corruption
●
Denial● Destruction
● ………………………
© Infocounselors ISMS Implementer Course(V 1.0)
66
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 7/14
Introduction to InformationSecurity
Information Security Components
Availability : Authorized users shall have access
to the information as and when required for thebusiness use
Integrity : Accuracy and completeness of information
and information processing methods
Confidentiality : Information shall be accessible onlyto the users based on need-to-know, need-to-use
© Infocounselors 77ISMS Implementer Course(V 1.0)
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 8/14
Introduction to InformationSecurity
Information Security:
Preservation of confidentiality,integrity and availability of information; in addition, otherproperties such as authenticity,
accountability, non-repudiation andreliability can also be involved(ISO27001)
© Infocounselors 88ISMS Implementer Course(V 1.0)
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 9/14
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 10/14
Introduction to InformationSecurity
Goal is to protect ‘Information’
3 components : A – I - C
3 pillars: People – Process – Technology
© Infocounselors ISMS Implementer Course(V 1.0)
1010
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 11/14
Introduction to InformationSecurity
A holistic or enterprise informationsecurity approach is required
Proper identification of information
to be protected
Assessment of risks to information
Risk mitigation measuresProcess based approach
Management system
© Infocounselors ISMS Implementer Course(V 1.0)
1111
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 12/14
Introduction to InformationSecurity
Approach towards enterprisesecurity:
Layered defense
© Infocounselors ISMS Implementer Course(V 1.0)
1212
PersonnelPersonnel
PhysicalPhysical
TechnologyTechnology
InformationInformation
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 13/14
Introduction to InformationSecurity
How to proceed with implementationof a structured Information SecurityManagement System (ISMS)?
Proceed to Module 2 of thiscourse……..
The complete course consists of 15modules
© Infocounselors ISMS Implementer Course(V 1.0)
1313
8/8/2019 Anil_ISMS Implementer Course - Module 1 - Introduction to Information Security
http://slidepdf.com/reader/full/anilisms-implementer-course-module-1-introduction-to-information-security 14/14
Introduction to InformationSecurity
For Feedback / Queries mail to:
www.infocounselors.com
Course designed and delivered by:
Mumbai – India
© Infocounselors ISMS Implementer Course(V 1 0)
1414