using cobit 5 framework for cybersecurity assessment
play

Using COBIT 5 Framework for Cybersecurity Assessment Hugh Burley, - PowerPoint PPT Presentation

Jan 25, 2024 •282 likes •551 views

Conference 2018 Conference 2018 Using COBIT 5 Framework for Cybersecurity Assessment Hugh Burley, Trevor Hurst, and Ivor MacKay Speakers Trevor Hurst, Chief Information Officer Ministry of Advanced Education, Skills & Training Hugh

  1. Conference 2018 Conference 2018 Using COBIT 5 Framework for Cybersecurity Assessment Hugh Burley, Trevor Hurst, and Ivor MacKay

  2. Speakers Trevor Hurst, Chief Information Officer Ministry of Advanced Education, Skills & Training Hugh Burley, Manager of Information Security/Information Security Officer Thompson Rivers University/BCNET Ivor MacKay, Manager, Information Technology BCNET Conference 2018

  3. Agenda 1. COBIT 5 Refresher 2. Why COBIT 5 3. Assessments 4. Q & A Conference 2018

  4. COBIT 5 Refresher Conference 2018

  5. COBIT PRINCIPLES Conference 2018

  6. Meeting Stakeholder Needs Conference 2018

  7. COBIT 5 ENABLERS Conference 2018

  8. GOVERNANCE VS MANAGEMENT Conference 2018

  9. Conference 2018

  10. Why COBIT 5? Conference 2018

  11. Alignment “How do I ensure all of our Digital investments contribute to Stakeholder Value and enable the strategy of my Institution? Tell a better Audit preparation story (funding) (Risk Management) “How do I ensure benefits are “How do I better realized and IT risks are communicate the gaps in our mitigated? How can I prepare environment and achieve for upcoming Audit and/or better funding? review activity? Conference 2018

  12. OAGBC General Computing Controls Report http://www.bcauditor.com/sites/default/files/publications/reports/OAGBC %20General%20Computing%20Controls%20Report_FINAL.pdf Conference 2018

  13. COBIT Maturity Conference 2018

  14. COBIT Maturity Conference 2018

  15. Assessments Conference 2018

  16. Assessment vs Audit Or is it really Gap Analysis vs. Internal Audit vs. Pre-Assessment Conference 2018

  17. Differences Between the COBIT 4.1 and the COBIT 5 Conference 2018

  18. APO12 Manage Risk APO13 Manage Security BAI06 Manage Changes DSS02 Manage Service Requests and Incidents

  19. Assessment Methodology Conference 2018

  20. KEY AREA: RISK a) Level of risk acceptance b) Risk review c) Risk approval KEY AREA: MANAGING SECURITY Conference 2018

  21. Risk Assessment Consequence Table Conference 2018

  22. KEY AREA: MANAGING CHANGE a) Methods of assessing change and its risks b) Approval process KEY AREA: MANAGE SERVICE REQUESTS AND INCIDENTS a) Problem tracking b) Evidence of reviewing Incidents and Requests Conference 2018

  23. Self-Assessment Conference 2018

  24. Self-Assessment http://www.isaca.org/COBIT/Pages/Self-Assessment-Guide.aspx Conference 2018

  25. Self-Assessment http://www.isaca.org/COBIT/Pages/COBIT-5-PAM.aspx Conference 2018

  26. Info~Tech Conference 2018

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to COBIT Presentation for the ISACA Kansas City Chapter ISACA Kansas City Chapter

Introduction to COBIT Presentation for the ISACA Kansas City Chapter ISACA Kansas City Chapter

Introduction to COBIT Presentation for the ISACA Kansas City Chapter ISACA Kansas City Chapter Presentation 10/12/2008 1 Agenda Introduction IT Challenges Governance Overview The COBIT Framework COBIT Mappings to Various Frameworks Closing

1.32k views • 84 slides
Elaborating and Verifying RBAC Policies Conforming with CobiT Framework Requirements Christophe

Elaborating and Verifying RBAC Policies Conforming with CobiT Framework Requirements Christophe

Third International Workshop on Requirements Engineering and Law (RELAW 10) - September 28 th 2010 Conceptualizing a Responsibility based Approach for Elaborating and Verifying RBAC Policies Conforming with CobiT Framework Requirements

429 views • 27 slides
NIST Cybersecurity Framework Sean Sweeney, Information Security Officer 5/20/2015 Overview

NIST Cybersecurity Framework Sean Sweeney, Information Security Officer 5/20/2015 Overview

NIST Cybersecurity Framework Sean Sweeney, Information Security Officer 5/20/2015 Overview The University of Pittsburgh NIST Cybersecurity Framework Pitt NIST Cybersecurity Framework Program Wrap Up Questions The

472 views • 33 slides
INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

Section 1 Dr. Bruce Burton California Cybersecurity INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and implications Learn from past attacks Understand the NIST Cybersecurity Framework (CSF) &

368 views • 33 slides
SPF, DKIM and DMARC SPF stands for Sender Policy Framework, a record on the DNS which

SPF, DKIM and DMARC SPF stands for Sender Policy Framework, a record on the DNS which

4/30/2019 (515) 229-5674 kkothari@sgcsecure.com Cheap Solutions to Cybersecurity Kaushal Kothari Audit Secure Guard Consulting Internal Security Assessment (515) 229-5674 External Security Assessment and External Penetration Testing

62 views • 3 slides
National Cybersecurity Workforce Framework Benjamin Scribner Department of Homeland Security

National Cybersecurity Workforce Framework Benjamin Scribner Department of Homeland Security

Federal Information Systems Security Educators March 19, 2014 National Cybersecurity Workforce Framework Benjamin Scribner Department of Homeland Security (DHS) National Cybersecurity Education & Awareness Branch (CE&A) T HE CYBER THREAT

315 views • 13 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Cybersecurity Capacity Assessment of the Republic of Kosovo

Cybersecurity Capacity Assessment of the Republic of Kosovo

Cybersecurity Capacity Assessment of the Republic of Kosovo Lara Pace Kosovo June 2015 CMM - Five Dimensions Levels of Maturity

898 views • 23 slides
A Legal Framework for Cybersecurity Deirdre K. Mulligan Fred B. Schneider School of Information

A Legal Framework for Cybersecurity Deirdre K. Mulligan Fred B. Schneider School of Information

A Legal Framework for Cybersecurity Deirdre K. Mulligan Fred B. Schneider School of Information Computer Science UC Berkeley Cornell University Outline of Talk Brief background Why shift in legal framework is appropriate

764 views • 27 slides
Assessment and reporting within an A-E framework Go to https://janiceatkin.com/assessment-

Assessment and reporting within an A-E framework Go to https://janiceatkin.com/assessment-

Assessment and reporting within an A-E framework Go to https://janiceatkin.com/assessment- workshop-NSW/ Watch video for prior viewing Fill out the assessment reflection on page 3. i n . c o m j a n i c e a t k

994 views • 74 slides
Cybersecurity What you need to know Agenda Introduction Kevin Bobroske What is

Cybersecurity What you need to know Agenda Introduction Kevin Bobroske What is

Cybersecurity What you need to know Agenda Introduction Kevin Bobroske What is cybersecurity? Why should I care? What can I do about it? High level cyber framework overview Summary + QA Fun stuff BIO Kevin

546 views • 32 slides
National Cybersecurity a multi-stakeholder approach Wednesday, 11 th April 2018 By: Vincent

National Cybersecurity a multi-stakeholder approach Wednesday, 11 th April 2018 By: Vincent

ISACA-KENYA ANNUAL CONFERENCE 2018 National Cybersecurity a multi-stakeholder approach Wednesday, 11 th April 2018 By: Vincent Ngundi HEAD OF NATIONAL KE-CIRT/CC & CYBERSECURITY CONTENT National Cybersecurity Policy Framework 1)

364 views • 21 slides
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order 13636 Improving Critical Infrastructure Cybersecurity Kevin Stine National Institute of Standards and Technology Executive Order 13636:

128 views • 11 slides
and Bank Examinations Leveraging FFIEC Cybersecurity Assessment, Navigating Board of Director

and Bank Examinations Leveraging FFIEC Cybersecurity Assessment, Navigating Board of Director

Presenting a live 90-minute webinar with interactive Q&A Cyber Threats to Banks and Financial Institutions: Regulatory Requirements and Bank Examinations Leveraging FFIEC Cybersecurity Assessment, Navigating Board of Director Risks and

960 views • 39 slides
French view on the NIS Diretcive transposition Cybersecurity Framework in France - ANSSI >

French view on the NIS Diretcive transposition Cybersecurity Framework in France - ANSSI >

French view on the NIS Diretcive transposition Cybersecurity Framework in France - ANSSI > The Agence Nationale de la Scurit des Systmes dInformation (ANSSI) was created on July 7 th 2009 by a decree (2009-834) of the Prime Minister,

341 views • 17 slides
CYBERSECURITY RISK ASSESSMENT AND PENETRATION TESTING FOR BOCES PARTICIPATING SCHOOL DISTRICTS

CYBERSECURITY RISK ASSESSMENT AND PENETRATION TESTING FOR BOCES PARTICIPATING SCHOOL DISTRICTS

CYBERSECURITY RISK ASSESSMENT AND PENETRATION TESTING FOR BOCES PARTICIPATING SCHOOL DISTRICTS RFP #2416 OUR DIFFERENTIATORS Global Risk Atlantic has a deep understanding of Risk Assessment and Penetration Testing on a Assessment global

519 views • 7 slides
The Office of Infrastructure Protection National Protection and Programs Directorate Department

The Office of Infrastructure Protection National Protection and Programs Directorate Department

The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Regional Resiliency Assessment Program 2015 State Energy Risk Assessment Workshop April 29, 2015 Department of Homeland

362 views • 14 slides
National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National

National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National

National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National Cybersecurity Student Association Agenda Introductions Association Overview Vision Mission Objectives Benefits

498 views • 30 slides
Workshop on Amendments to the Nuclear Security Regulations Patrick Adams Team Leader Nuclear

Workshop on Amendments to the Nuclear Security Regulations Patrick Adams Team Leader Nuclear

Workshop on Amendments to the Nuclear Security Regulations Patrick Adams Team Leader Nuclear Security Division Kevin Lee Senior Regulatory Policy Officer Regulatory Policy Analysis Division January 31, 2017 e-Doc: 5113970 nuclearsafety.gc.ca

729 views • 40 slides
Company Introduction Improving the security and performance of your data centres, networks and

Company Introduction Improving the security and performance of your data centres, networks and

SOLUTIONS & SUPPORT PROFESSIONAL & MANAGED SERVICES Company Introduction Improving the security and performance of your data centres, networks and applications Network Data Cyber Application Network Test www.phoenixdatacom.com

476 views • 10 slides
Five Questions to Evaluate any Privacy or Security Program Wyoming Cybersecurity Symposium August

Five Questions to Evaluate any Privacy or Security Program Wyoming Cybersecurity Symposium August

Five Questions to Evaluate any Privacy or Security Program Wyoming Cybersecurity Symposium August 6 & 7, 2019 October 23, 2019 SPEAKER BIO CISO at Holland & Hart Past President, Denver Chapter ISSA 18 years of Computer &

597 views • 20 slides
Lock-in-Pop : Securing Privileged Operating System Kernels by Keeping on the Beaten Path Yiwen

Lock-in-Pop : Securing Privileged Operating System Kernels by Keeping on the Beaten Path Yiwen

Lock-in-Pop : Securing Privileged Operating System Kernels by Keeping on the Beaten Path Yiwen Li, Brendan Dolan-Gavitt, Sam Weber, Justin Cappos New York University Tandon School of Engineering Motivation 1. Many vulnerabilities exist in

299 views • 19 slides
Ret2dir: Rethinking Kernel Isolation Kermerlis et al. Columbia University Presented by Lucas Copi

Ret2dir: Rethinking Kernel Isolation Kermerlis et al. Columbia University Presented by Lucas Copi

Ret2dir: Rethinking Kernel Isolation Kermerlis et al. Columbia University Presented by Lucas Copi Introduction ! In the past attackers have focused efforts on server and client applications ! Due to lesser complexities and simpler

501 views • 26 slides
Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG,

Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG,

Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG, 7 December 2016 Michael Boelen Open Source Lynis, Rootkit Hunter Business and Community Founder of CISOfy Board member and

454 views • 18 slides

More recommend