The philosophical thinking on information security governance of - - PowerPoint PPT Presentation

the philosophical
SMART_READER_LITE
LIVE PREVIEW

The philosophical thinking on information security governance of - - PowerPoint PPT Presentation

Jun 14, 2023 453 likes •605 views

The philosophical thinking on information security governance of the board and senior executives. HSIN-CHIH HUANG, EC-Council Certified Incident Handler (ECIH)

slide-1
SLIDE 1

董事會與高階主管於 資安治理應有之哲學性思考 The philosophical thinking on information security governance of the board and senior executives.

黃信智 HSIN-CHIH HUANG, EC-Council Certified Incident Handler (ECIH) 全球試題命題委員

slide-2
SLIDE 2

Statement & Disclaimer

  • In order to be accurate and strive for the authentication of the source of the data,

some texts or images of the material are presented in the original language.

  • Should the content provided in this course involves concepts, methods, tools, etc.

related to hacking techniques or cyber attacks, it is intended to be used for course lecturing, knowledge transfer, or security deployment. Should the information receiving party conducts network attacks or hacking in this way, they shall bear their own legal responsibility and have nothing to do with the lecturer and the service unit of the lecturer.

  • The subject of historical cases mentioned in this session may be de-identified with

“organization” or other pronoun, which may refer to public sector, private sector, NGO, or NPO.

slide-3
SLIDE 3

PERSPECTIVE FROM WARFARE

slide-4
SLIDE 4

If you take cyber as a part of warfare

  • It’s a new territory with “potential”.
  • It’s a new battlefield, and you may be besieged.
  • It becomes a political tool.
  • Should establish the defense unit and intelligence unit.
  • Even need a more aggressive one to fight.
  • Should know espionage is ubiquitous.
  • It may need sovereignty.
  • To fight, or not to fight?
  • To fight back, or not to fight back?
  • Defense, defense, and defense
  • Dominance, dominance, and dominance
slide-5
SLIDE 5

PERSPECTIVE FROM MULTI-DIMENSION

slide-6
SLIDE 6

Triad of Info Sec

integrity

slide-7
SLIDE 7

When you think on a dot, line or plane

slide-8
SLIDE 8

The reality is a multi-dimension

slide-9
SLIDE 9

So you may omit a holistic view

  • National development issue
  • Culture aspect
  • Industry discrepancy
  • The timeframe
  • Religious issue
  • Industrial espionage
  • Your “neighbor”
slide-10
SLIDE 10

PERSPECTIVE FROM HISTORY

slide-11
SLIDE 11

Historical cases

  • Georgia from 2008 to 2020
  • Revenge operation / insider
  • Stock price from 140 to 100 ( >28%)
  • Stock price plunged 5%
  • M&A from 2015 to 2020
  • Senior managements step down
  • Leaving information system unused for tunneling.
  • And finally, history repeats itself.
  • After GDPR, there will be some sort of “pan-states security regulation” with high
  • possibility. And it’s not a matter of why, it’s a matter of time.
slide-12
SLIDE 12

PERSPECTIVE FROM ABSTRACTION

slide-13
SLIDE 13
  • Who am I ?
  • Why am I here ?
  • What am I doing?
  • What should I do ?
  • What’s the next ?
  • Where am I going ?
  • Which way am I taking ?
slide-14
SLIDE 14