Session:How companies manage their security: Introduction into Information Security Management Systems
From 34C3_Wiki
Description | This talk is an introduction into Information Security Management Systems (ISMS) as based on ISO27001. ISMS are the way companies or organisations organize their IT security in a top-down approach. It is a beginner level talk for people who want to learn more about this topic or want to work with ISMS. |
---|---|
Website(s) | http://docdro.id/qRIyH1v |
Type | Talk |
Kids session | No |
Keyword(s) | security |
Tags | ISMS, ISO27001, information security |
Person organizing | |
Language | en - English |
Other sessions... |
Starts at | 2017/12/27 18:30 |
---|---|
Ends at | 2017/12/27 19:30 |
Duration | 60 minutes |
Location | Room:Seminar room 14-15 |
Contact: @tuikc
Lecture Slides: http://docdro.id/qRIyH1v
This talk is for:
- Those interested in learning how companies manage their IT-security
- System administrators, software developers, IT professionals or those who would like to work as such
- People who want to become Information Security Officers (CISO) or Data Privacy Officers
- Those who want to implement an Information Security Management System in their organisation/company
What is the talk about:
- What an Information Security Management System (ISMS) is, what it can and cannot do and why it may be important for your organisation
- Basics such as risk analysis, business impact analysis and setting information security goals
- What the job of an Information Security Officer is and how it different from a system administrator, software developer, head of IT or pentester
What do you need to understand this talk:
- Interest for IT security
- Basic knowledge of IT threats that companies, organizations, individuals face
- Curious to see what IT security looks like from a management perspective
This talk is maybe not interesting when:
- You are looking for technical details of how to securely configure Apache2
- You already are an experienced ISMS-professional (auditor, CISO)