Chapter

Information Security Governance Collection

Introduction to Cyber Forensics

This presentation provides an overview of cyber forensics – what is forensics? what is cyber forensics? who uses cyber forensics? what are the skills needed for cyber forensics?

Security Risk Assessment

This paper discusses security risk analysis – what is security risk analysis? why perform a security risk assessment? how to conduct a security risk assessment? when to perform a security risk analysis?

How Does Visa Secure its Payment System?

This presentation paints a picture of the emerging threats to the worldwide payment processing systems and discusses how a major payment processor – Visa – works to keep its payment network secure from increasingly sophisticated attacks.

Incident Response Program

This presentation discusses the imperatives for and the framework and process needed to setup an incident response program.

ITIL Security Management

This presentation discusses security management within the context of ITIL. The author’s basic premise is the ITIL is not used to implement security but its processes may lead to enhanced security controlled processes.<br />

IT Security Basics

An overview of information technology security – define information security, detail functional areas, discuss security standards and regulations, describe testing techniques for IT security audits, and information security organization maturity levels. This presentation also presents case studies to illustrate theory being practiced.

Automating ISO 27002

This presentation discusses technologies for implementing ISO 27002 processes and controls – which technologies to use? where to start?

Creating a Security Baseline for Windows

Security baselines allow companies to stay in compliance with industry standards and maintain a reasonable level of security assurance. This presentation discusses the creation of a security baseline for a windows based environment.

Performing an Information Security Assessment

This presentation describes the steps in performing an information security assessment – what are the critical security goals and objectives? what are the documentation requirements? how to incorporate regulatory requirements? how to gather data to support a security assessment? how to perform a gap analysis? how to create a security road map? – and discusses the lessons learnt.