introduction to information systems security 365 765
DESCRIPTION
TRANSCRIPT
Information Systems 365/765 Security and Strategy
September 2, 2008
IntroductionLecture 1
First Things First…Today’s Chocolate Bar
• EVERY lecture should start with chocolate!• I will bring a different type for each lecture• Today’s Chocolate bar is the Kit Kat• Created in 1935• Best selling chocolate bar in the UK• in Japan, it is called “kitto katsu”, which
roughly translates to "You will surely win!"
Student Information Cards
• Your first name• Your last name• Where are you from?• What would you like to learn from this
class? • List any specific topics you would like to
see covered in this class• Any special needs or accommodations
that you feel I should know about
Today’s Agenda
• Introduction
• Course overview
• Assignments and grading
• Skills you will gain from this course
• My commitment to you
• Expectations
Introduction
• My name is Nicholas Davis. Please just call me Nick.
• MBA, Information Systems, 1998
• I have been employed by:
Introduction
My area of specialization is• Cryptographic Systems• Strong Authentication Technologies• Digital Identity ManagementAreas of interest include:• National Digital ID• Proximity Based AuthenticationI’ve seen lots of things, but I have not seeneverything!
Course Overview
• Focused on the business analysis and application of IS Security Principles in the enterprise
• Provide a background in specific security related technologies
• Give you hands on experience with some security related tools
• Teach you how to perform a Security Audit and craft a Disaster Recovery Plan
• Spend time each lecture talking about a IS Security current event
Course Overview
• Students taking this class should have an interest in technology as well as audit, compliance, regulation and current events in these areas
• Students will not be writing software code in this class
• Students will not be learning how to perform “hacking” in this class
The Five Pillars of Information Security
The foundation on which a secure
enterprise computing environment is
Built.
Keep these in mind as we work our
way through the technology portion of
our course.
ProtectionUnderstand what we are protecting
and what the value of protecting it
really is.
How much would you invest in insurance
on these two cars?
Detection
Knowing where the
vulnerabilities are
and how to identify
when a
compromise of
information might be
taking place.
Reaction
How do you address breaches that
have occurred? What procedures and
plans are in place?
Documentation
Solid record keeping is critical to
understanding vulnerability trends!
Prevention
Is 100% prevention of aproblem really possible?.Effective prevention isboth the implementationof lessons learned andThe application ofKnowledge gained toavoid the same fate inthe future..
Keep the Five Pillars Of Information Security in Mind Throughout the
Course
• Protection• Detection• Reaction• Documentation• Prevention
Course Benefits
• Gain an understanding of the current and upcoming challenges of safely doing business in a technology driven business environment
• Acquire a strong command of major security technologies and practices
• Possess tangible IT Security audit and planning skills, which you can actually talk about in a job interview
Course Roadmap
• Information Security Background and terminology
• Information Security Technologies
• Laws, Ethics and Investigations
• Security Audits and Disaster Recovery (team presentations)
Course Topics OutlineIntroductionBackground, Information Security ManagementAuthentication technologiesAccess Control SystemsPublic Key Encryption technologyPhysical securityEnterprise Security ArchitectureTelecommunications, Network and InternetSecuritySocial EngineeringLaws, Investigations and EthicsOperations SecuritySecurity Audits and Disaster Recovery Planning
Course Assignments
• Exam (25%) – October 30th
• 6 quick in class easy quizzes (25%) 5% each, but I will drop your lowest quiz
• In class team presentation on Security Audit and Disaster Recovery (25%)
• 2 Homework Assignments (10%)
• In class participation (15%)
Next Class…
• Current event discussion
• Distribution of reading for Assignment #1
• Short lecture
• Watch Spying on the Home Front video
• Discussion of Assignment #1
How Can I Help You?
You are my customerI need to know if:• You are malcontent with anything related to the
course, so we can make changes• You don’t understand the material or assignment
requirements
Please make use of office hours, even if it just is tostop in and say hello.
Nicholas (Nick) Davis [email protected]. 347-2486