managing it it security in in e gp gp
play

Managing IT IT Security in in e-GP GP Alejandro Susel - PowerPoint PPT Presentation

Apr 21, 2023 •547 likes •781 views

Managing IT IT Security in in e-GP GP Alejandro Susel asusel@holos-consulting.com The evolu lution of power INDUSTRIAL REVOLUTION 02 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com The evolu lution of in

  1. Managing IT IT Security in in e-GP GP Alejandro Susel asusel@holos-consulting.com

  2. The evolu lution of power … INDUSTRIAL REVOLUTION 02 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  3. The evolu lution of in information … 03 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  4. In Information technology – So Some defin inition (busin iness perspective) • Technology • A way of doing something or performing an activity • Information • Any tool that allows us diminish the uncertainty in the decision making process • System • Collection of elements or components that are organized for a common purpose 04 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  5. In Information system vs. s. Com omputer system • Information System • System to provide information • Computer System • Total o partial automation of an Information System • Information and Communication Technology • Hardware + Software + Communications + Human Resources • Hardware: Everything that can be broken with a hammer • Software: Everything you just can insult or curse 05 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  6. Which is is th the sa safer computer? 06 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  7. The pill illars of of in information INFORMATION CONFIDENTIALITY AVAILABILITY INTEGRITY 07 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  8. TRU RUST How do do we we bu build ild it it? Its pillars: Confidentiality, Integrity and Availability … Very important!!! Objectives: • That the person or company that says to be on the other side of the network is who it claims to be • That the transmission through the network has not been modified • That the transmitted data are only seen by those authorized • That the transmitted data can not be repudiated or rejected 08 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  9. An in An information system is is a a GR GREAT Ass sset!!!! How do we protect this Great Asset?... Divide and rule!!!!! Concept Availability Confidentiality Integrity    Physical Dimension    Logical    People 09 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  10. Let’s understand ot other im important con oncepts ASSET VULNERABILITY THREAT 10 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  11. What is a Risk?? • • A risk is the uncertainty of Quantitatively this whether or not an event relationship is reflected in occurs, affecting the the function: achievement of Risk = ƒ ( Probability , Impact) institutional goals and objectives • • The level of risk may be Risks may be the result of measured according to its the effect of internal and impact and probability of external factors occurrence 11 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  12. How doe oes th the need of of man anage risk risks ap appear? "When someone asks me how I can describe my experience of almost forty years at sea, I simply say: placid ...... .. of course there have been winds, storms, fog .... but I never saw a shipwreck or I was shipwrecked, not even some Threat of a disastrous end " E.J. Smith, Captain of RMS Titanic, April 1912 12 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  13. Estrategias de respuestas REDUCE RISK Assume Risk • Aceptar • Planificar • Etc. EVITAR • Enajenar • Detener • Apuntar • Prohibir • Eliminar • Etc. TRANSFERIR • Asegurar • Limitar • Tercerizar Avoid - • Reasegurar Transfer • Indemnizar Ej: Controlar • Dividir • Etc. Alinear la estrategia a la TOLERANCIA al riesgo de la entidad. 13 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  14. Benefit its of of Ri Risk Man anagement 14 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  15. Evaluate tr treatment op options Balance the cost of implementing each option vs the associated benefits. Severity Risk Strategy 15 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  16. ocus TODAY … Publi lic Procurement!!! Our focu One purchase…….One transaction One bid invitation … One transaction One bid response … One transaction • Elements of a transaction • How do we ensure the security of a transaction • Using experience of e-commerce • TRUST, the BASE for developing e-procurement 16 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  17. Im Imple lementing Con onfidenciali lity • Double effect control access • Digital certificates and Digital signature • Encrypting 17 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  18. Identify Id fyin ing who is is of offerin ing • The importance of identifying who is offering, concepts such as authentication and its features would be interesting. Pros and Cons of the different authentication methods 18 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  19. The in integrit ity of of th the of offer itse itself • Also the integrity of the offer itself. How we validate it and provide legal certainty (access to documents and managing submission and opening dates, for example) • How do we know that the offer received is authentic and valid. The same applies to the rest of the documents (purchase orders, invoices, etc.) 19 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  20. Priv rivacy of of in information an and confidential data • Other área is about how we protect privacy of information and confidential data in the offers submitted 20 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  21. Key tak akeaways • Nothing is 100% safe • Find the balance between risk and control • Want to significantly reduce your organizations ’ IT security-related risks? Change the behavior of your users High Managing risks adds value Optimal Value Exposed and Control to destroying value Minimize risks Low Uninformed Managed Obssesed “No brakes – Out “Full brakes of control” Cannot move” 21 Managing IT Security in e-GP Alejandro Susel / asusel@holos-consulting.com

  22. Managing IT Security in e-GP THANK YOU! Alejandro Susel asusel@holos-consulting.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Managing Dependencies and Runtime Security ActiveState Deminar Managing Dependencies and

Managing Dependencies and Runtime Security ActiveState Deminar Managing Dependencies and

Managing Dependencies and Runtime Security ActiveState Deminar Managing Dependencies and Runtime Security About ActiveState Track-record: 97% of Fortune 1000, 20+ years open source Polyglot: 5 languages - Python, Perl, Tcl, Go, Ruby

727 views • 47 slides
MANAGING SOIL FOR MANAGING SOIL FOR MANAGING SOIL FOR MANAGING SOIL FOR ADVANCING FOOD

MANAGING SOIL FOR MANAGING SOIL FOR MANAGING SOIL FOR MANAGING SOIL FOR ADVANCING FOOD

MANAGING SOIL FOR MANAGING SOIL FOR MANAGING SOIL FOR MANAGING SOIL FOR ADVANCING FOOD ADVANCING FOOD SECURITY AND ADAPTING SECURITY AND ADAPTING TO CLIMATE CHANGE TO CLIMATE CHANGE R. Lal Carbon Management and Sequestration Center g q

582 views • 55 slides
Security Structures Beyond GOs Municipal Analysts Group of NY luncheon Amy Laskey, Managing

Security Structures Beyond GOs Municipal Analysts Group of NY luncheon Amy Laskey, Managing

Security Structures Beyond GOs Municipal Analysts Group of NY luncheon Amy Laskey, Managing Director September 8, 2017 Agenda Explain the relationship between the Issuer Default Rating (IDR) and security ratings Discuss the limited

235 views • 21 slides
Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity

Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity

Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity Framework (NIST CSF) A Business Case Agenda and Objectives The Digital Innovation Economy The Cyber Security Problem The Cyber Security Solution

260 views • 22 slides
DEVELOPMENT The Ports, Our Economy and National Security: Managing the Contours and Linkages A

DEVELOPMENT The Ports, Our Economy and National Security: Managing the Contours and Linkages A

PORT OPERATIONS AND SUSTAINABLE DEVELOPMENT The Ports, Our Economy and National Security: Managing the Contours and Linkages A Paper Presented By M.J. Khalil Nigerian Ports Authority To The Technical Committee for Maritime Security,

537 views • 25 slides
Managing Security Investment Part IV Tyler Moore Computer Science & Engineering Department,

Managing Security Investment Part IV Tyler Moore Computer Science & Engineering Department,

Notes Managing Security Investment Part IV Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX September 27, 2012 Baseline investment models Information security risk management Measuring the security level Notes

439 views • 6 slides
Managing Security Investment Part I Tyler Moore Computer Science & Engineering Department,

Managing Security Investment Part I Tyler Moore Computer Science & Engineering Department,

Notes Managing Security Investment Part I Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX September 18, 2012 Reading Market Failures Managing security investment Notes Outline 1 Reading Market Failures 2

315 views • 8 slides
Co-Founder, Managing Partner, SPiCE VC - Security Token Pioneers @AmiBenDavid 1 st Fully

Co-Founder, Managing Partner, SPiCE VC - Security Token Pioneers @AmiBenDavid 1 st Fully

P R E S E N T A T I O N B Y A M I B E N D A V I D Co-Founder, Managing Partner, SPiCE VC - Security Token Pioneers @AmiBenDavid 1 st Fully tokenized VC fund 4 th ever Security Token 1 st Regulation-enforcing Token (DS Protocol) Focused on

488 views • 21 slides
Preventing and Managing Overpayments: A Webinar for Social Security Beneficiaries Date:

Preventing and Managing Overpayments: A Webinar for Social Security Beneficiaries Date:

Preventing and Managing Overpayments: A Webinar for Social Security Beneficiaries Date: Wednesday, December 19, 2018 Time: 3 4:30 PM ET Produced at U.S. taxpayer expense. Accessing Todays Webinar (Slide 1 of 3) You can manage your

896 views • 51 slides
Managing Mountains for Ecological Services and Environmental Security Ruth Greenspan Bell

Managing Mountains for Ecological Services and Environmental Security Ruth Greenspan Bell

Managing Mountains for Ecological Services and Environmental Security Ruth Greenspan Bell Public Policy Scholar Woodrow Wilson International Center for Scholars The Challenge Control greenhouse gas emissions. Preserve functions we

76 views • 7 slides
Top 10 Things to Stay Out of the News Ron Schlecht Intro Ron Schlecht , Managing Partner

Top 10 Things to Stay Out of the News Ron Schlecht Intro Ron Schlecht , Managing Partner

Top 10 Things to Stay Out of the News Ron Schlecht Intro Ron Schlecht , Managing Partner 18 years of Information Security experience G Contracting, Law Enforcement, Consulting, CISO Founded BTB Security in 2006 Company Profile

291 views • 27 slides
YOUR CYBER SECURITY Ben Goodall PSC Griffiths Goodall, Managing Principal Nathaniel Barrs

YOUR CYBER SECURITY Ben Goodall PSC Griffiths Goodall, Managing Principal Nathaniel Barrs

YOUR CYBER SECURITY Ben Goodall PSC Griffiths Goodall, Managing Principal Nathaniel Barrs PSC Insurance Group, Director of Operations 19 May 2020 1 Agenda for Today Todays Environment Covid-19 Influences Types of Cyber

666 views • 21 slides
Managing Prometheus in a Security-focused Environment Linux Monitoring at HUK-COBURG PromCon 2019

Managing Prometheus in a Security-focused Environment Linux Monitoring at HUK-COBURG PromCon 2019

Managing Prometheus in a Security-focused Environment Linux Monitoring at HUK-COBURG PromCon 2019 | Christian Hoffmann Conways Law? 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 2 Introduction $ cat

605 views • 26 slides
Managing Crowdsourced Security RVAsec Mike Shema June 8, 2017 mike@cobalt.io You see, in

Managing Crowdsourced Security RVAsec Mike Shema June 8, 2017 mike@cobalt.io You see, in

Managing Crowdsourced Security RVAsec Mike Shema June 8, 2017 mike@cobalt.io You see, in this world theres two kinds of people, my friend: Those with loaded guns and those who dig. You dig. Clint Eastwood, The Good, the Bad,

792 views • 31 slides
visualizing security boundaries in docker swarm overlay networks Mode for managing a cluster

visualizing security boundaries in docker swarm overlay networks Mode for managing a cluster

Marcel Brouwers July 3, 2017 Master of System and Network Engineering University of Amsterdam Supervisor: Esan Wit visualizing security boundaries in docker swarm overlay networks Mode for managing a cluster of docker nodes The Swarm

743 views • 31 slides
Security Metrics, Security Investment Models and Intro to R Tyler Moore CSE 7338 Computer

Security Metrics, Security Investment Models and Intro to R Tyler Moore CSE 7338 Computer

Notes Security Metrics, Security Investment Models and Intro to R Tyler Moore CSE 7338 Computer Science & Engineering Department, SMU, Dallas, TX Lecture 2 Notes Outline Managing security investment 1 Security metrics 2 R 3

605 views • 16 slides
End of Life Care To Care is to Dare Salah Zeineldine, MD FACP American University of Beirut The

End of Life Care To Care is to Dare Salah Zeineldine, MD FACP American University of Beirut The

End of Life Care To Care is to Dare Salah Zeineldine, MD FACP American University of Beirut The End Points Differentiate between Good Death and Bad Death Recognize the modifiable dimensions in End Of Life Care

1.14k views • 47 slides
For personal use only 23 June 2016 ALTECH PRESENTATION 3 rd INTERNATIONAL SAPPHIRE INDUSTRY

For personal use only 23 June 2016 ALTECH PRESENTATION 3 rd INTERNATIONAL SAPPHIRE INDUSTRY

ASX ANNOUNCEMENT AND MEDIA RELEASE For personal use only 23 June 2016 ALTECH PRESENTATION 3 rd INTERNATIONAL SAPPHIRE INDUSTRY TECHNOLOGY EXPO Altech Chemicals Limited (Altech/the Company) (ASX: ATC) is pleased to provide a revised

700 views • 21 slides
Review of the FY 2015 May Revise and Recommended Revisions to the FY 2015 Budget Office of the

Review of the FY 2015 May Revise and Recommended Revisions to the FY 2015 Budget Office of the

Review of the FY 2015 May Revise and Recommended Revisions to the FY 2015 Budget Office of the Independent Budget Analyst June 9, 2014 Budget Review Steps Since Release of FY 2015 Proposed Budget April 14, 2014 Mayors Proposed

671 views • 38 slides
Vision Zero Insight A new approach to Roads Policing VISION ZERO 2 The Vision Zero Action Plan

Vision Zero Insight A new approach to Roads Policing VISION ZERO 2 The Vision Zero Action Plan

1 Vision Zero Insight A new approach to Roads Policing VISION ZERO 2 The Vision Zero Action Plan Vision Zero Action Plan is a plan to 2041 that focuses on intelligence led action to reduce risk on our streets , as part of the overall ambition

547 views • 12 slides
Improving Community Health & Economic Outcomes Through the Use of Technology in the

Improving Community Health & Economic Outcomes Through the Use of Technology in the

Improving Community Health & Economic Outcomes Through the Use of Technology in the Agricultural Sector GRANTMAKERS IN HEALTH 9 May 2014 | N ew York, New York Dr. Oran B. Hesterman FAIR FOOD NETWORK HEALTHY FOOD INCENTIVES FRUITS +

395 views • 21 slides
CLIENT VALUE & INDEX INSURANCE TARA STEINMETZ, ASSISTANT DIRECTOR FEED THE FUTURE INNOVATION

CLIENT VALUE & INDEX INSURANCE TARA STEINMETZ, ASSISTANT DIRECTOR FEED THE FUTURE INNOVATION

CLIENT VALUE & INDEX INSURANCE TARA STEINMETZ, ASSISTANT DIRECTOR FEED THE FUTURE INNOVATION LAB FOR ASSETS & MARKET ACCESS Fairview Hotel, Nairobi, Kenya 4 JULY 2017 basis.ucdavis.edu Photo Credit Goes Here PRESENTATION OVERVIEW 1.

601 views • 24 slides
Associate Professor Olga Koshevaliska Establishing the necessary framework for international

Associate Professor Olga Koshevaliska Establishing the necessary framework for international

Associate Professor Olga Koshevaliska Establishing the necessary framework for international cooperation in criminal matters the case of Republic of N. Macedonia Introduction to the international cooperation in criminal matters Law on

402 views • 17 slides
Why I Want To Attend Harvard University By: Jane Doe Location: Location: Location: Location:

Why I Want To Attend Harvard University By: Jane Doe Location: Location: Location: Location:

Why I Want To Attend Harvard University By: Jane Doe Location: Location: Location: Location: Harvard is located at: 1350 Massachusetts Ave. Cambridge, MA 02138 (617)495-1000 Why I Am Interested in Harvard University Why I Am Interested

429 views • 16 slides

More recommend