Why security
Download
1 / 18

Why Security? - PowerPoint PPT Presentation


  • 200 Views
  • Updated On :

Why Security?. A Commitment for [ the Agency’s ] Executives. [CIO’s name] EC Presentation [date]. [ the Agency ] Today. [ the Agency’s ] mission and vision The way we do business is changing Increased reliance on systems and technology Increased threats to information and systems.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Why Security?' - milo


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Why security l.jpg

Why Security?

A Commitment for [the Agency’s] Executives

[CIO’s name]

EC Presentation [date]


The agency today l.jpg
[the Agency] Today

  • [the Agency’s] mission and vision

  • The way we do business is changing

  • Increased reliance on systems and technology

  • Increased threats to information and systems


Slide3 l.jpg

Enterprise Security Risks

Threats

Attempts to Access Sensitive Information

Sabotage

Natural Disaster

Malicious Acts

User Error

Pranks

Industrial

Espionage

[the Agency’s]Systems

Integrity of

[Agency]Data

& Reports

Corrupted

Public,

Partner,

Legislative Trust

Lost

Sensitive

Data

Disclosed

Failed

CFO

Audit

Services &

Benefits

Interrupted

Critical

Operations

Halted

Assets

Lost

Potential Damage


Slide4 l.jpg

Enterprise Security Risks

Unauthorized Access to Sensitive Information

Threats

Sabotage

Natural Disaster

User Error

[the Agency’s] Systems

Public,

Partner,

Legislative Trust

Lost

Integrity of

[Agency] Data

& Reports

Corrupted

Sensitive

Data

Disclosed

Failed

CFO

Audit

Services &

Benefits

Interrupted

Critical

Operations

Halted

Assets

Lost

Potential Damage


Slide5 l.jpg

Enterprise Security Risks

Industrial Espionage

Threats

Sabotage

Natural Disaster

User Error

[the Agency’s] Systems

Public,

Partner,

Legislative Trust

Lost

Integrity of

[Agency] Data

& Reports

Corrupted

Sensitive

Data

Disclosed

Failed

CFO

Audit

Services &

Benefits

Interrupted

Critical

Operations

Halted

Assets

Lost

Potential Damage


Slide6 l.jpg

Enterprise Security Risks

Threats

Attempts to Access Sensitive Information

Sabotage

Natural Disaster

Malicious Acts

User Error

Pranks

Industrial

Espionage

[the Agency’s] Systems

Public,

Partner,

Legislative Trust

Lost

Integrity of

[Agency’ Data

& Reports

Corrupted

Sensitive

Data

Disclosed

Failed

CFO

Audit

Services &

Benefits

Interrupted

Critical

Operations

Halted

Assets

Lost

Potential Damage


Slide7 l.jpg

Enterprise Security Risks

Threats

Attempts to Access Sensitive Information

Sabotage

Natural Disaster

Malicious Acts

User Error

Pranks

Industrial

Espionage

[the Agency’s] Systems

Failed

CFO

Audit

Public,

Partner,

Legislative Trust

Lost

Sensitive

Data

Disclosed

Services &

Benefits

Interrupted

Critical

Operations

Halted

Assets

Lost

Potential Damage


Why is security important to the agency s l.jpg
Why is Security Important to [the Agency’s]?

  • Protect privacy information

  • Protect processes and corporate assets

  • Provide continuity of services

  • Provide accessibility of information

It is a prudent business practice to reduce risks to [the Agency’s]


Why is security important to us l.jpg
Why is Security Important to US?

Each One Of Us Is Accountable!


Laws and regulations l.jpg
Laws and Regulations

  • Computer Security Act of 1987

  • Privacy Act of 1974

  • Freedom of Information Act

  • Presidential Decision Directive (PDD) 63

  • OMB A-130, Appendix III, Revised

  • Health Insurance Portability and Accountability Act

  • FISMA of 2002


Audit s point of weaknesses l.jpg
Audit’s Point of Weaknesses

  • General Accounting Office

  • Internal Revenue Service

  • Office of the Inspector General

  • Chief Financial Officer

  • Office of Information Services


The agency s enterprise security program l.jpg

[the Agency’s] Enterprise Security Program

Policy, Training, Engineering, and Management Oversight

for

all [the Agency’s] employees, contractors, and agents


Security program elements l.jpg
Security Program Elements

Personnel and Physical Security

Security Awareness, Training, & Education

Risk Management

Integrating Security into the SDLC

Security Determinations and Requirements

Security Plans & Certification

Systems Access Security

Acquisitions & Contracts

Remote Access Security

Audit Systems

Business Contingency Planning

Workstation Security

LAN Security

Security Incidents

E-Mail & Facsimile Security

Internet / Intranet Security

Virus Prevention, Detection, & Reporting

Medicare Contractor Oversight


Current enterprise security initiatives l.jpg
Current Enterprise Security Initiatives

  • GPRA Goal of Zero Material Weaknesses for the Year 2000 and Beyond

  • [the Agency’s] Enterprise Security Handbook

  • Information Technology Architecture

    • IT Council Security Committee

  • HIPAA Compliance


Immediate next steps l.jpg
Immediate Next Steps

  • Designation of Information Systems Security Officers

  • Re-certification of User Access Privileges

  • Corrective Action Plans to Audit Findings

  • [the Agency’s] Contractor Oversight

  • Security Awareness and Training


Summary l.jpg
Summary

  • Recognize that security risks in [the Agency’s] environment impact [the Agency’s] Mission.

  • Security is a management responsibility.

  • Security is everybody’s business.


We ask you to l.jpg
We ask you to:

  • Encourage and support [the Agency’s] security initiative activities!

  • Lead by example!

  • Be proactive!