Difference between revisions of "Session:How companies manage their security: Introduction into Information Security Management Systems"

From 34C3_Wiki
Jump to: navigation, search
 
(5 intermediate revisions by 2 users not shown)
Line 3: Line 3:
 
|Is for kids=No
 
|Is for kids=No
 
|Has description=This talk is an introduction into Information Security Management Systems (ISMS) as based on ISO27001. ISMS are the way companies or organisations organize their IT security in a top-down approach. It is a beginner level talk for people who want to learn more about this topic or want to work with ISMS.
 
|Has description=This talk is an introduction into Information Security Management Systems (ISMS) as based on ISO27001. ISMS are the way companies or organisations organize their IT security in a top-down approach. It is a beginner level talk for people who want to learn more about this topic or want to work with ISMS.
 +
|Has website=http://docdro.id/qRIyH1v
 +
|Has session type=Talk
 
|Has session keywords=security
 
|Has session keywords=security
 
|Held in language=en - English
 
|Held in language=en - English
Line 8: Line 10:
 
}}
 
}}
 
{{Event
 
{{Event
|Has start time=2017/12/28 17:30
+
|Has start time=2017/12/27 18:30
 
|Has duration=60
 
|Has duration=60
|Has session location=Room:Lecture room 12
+
|Has session location=Room:Seminar room 14-15
 
|GUID=b7a26940-9f6e-43ad-b0ce-b90b23ee6a74
 
|GUID=b7a26940-9f6e-43ad-b0ce-b90b23ee6a74
 
}}
 
}}
 +
'''Contact:''' [https://twitter.com/tuikc @tuikc]
 +
 +
'''Lecture Slides:''' http://docdro.id/qRIyH1v
 +
 
This talk is for:
 
This talk is for:
 
* Those interested in learning how companies ''manage'' their IT-security
 
* Those interested in learning how companies ''manage'' their IT-security

Latest revision as of 10:34, 28 December 2017

Description This talk is an introduction into Information Security Management Systems (ISMS) as based on ISO27001. ISMS are the way companies or organisations organize their IT security in a top-down approach. It is a beginner level talk for people who want to learn more about this topic or want to work with ISMS.
Website(s) http://docdro.id/qRIyH1v
Type Talk
Kids session No
Keyword(s) security
Tags ISMS, ISO27001, information security
Person organizing
Language en - English
en - English
Other sessions...

refresh

Starts at 2017/12/27 18:30
Ends at 2017/12/27 19:30
Duration 60 minutes
Location Room:Seminar room 14-15

Contact: @tuikc

Lecture Slides: http://docdro.id/qRIyH1v

This talk is for:

  • Those interested in learning how companies manage their IT-security
  • System administrators, software developers, IT professionals or those who would like to work as such
  • People who want to become Information Security Officers (CISO) or Data Privacy Officers
  • Those who want to implement an Information Security Management System in their organisation/company

What is the talk about:

  • What an Information Security Management System (ISMS) is, what it can and cannot do and why it may be important for your organisation
  • Basics such as risk analysis, business impact analysis and setting information security goals
  • What the job of an Information Security Officer is and how it different from a system administrator, software developer, head of IT or pentester

What do you need to understand this talk:

  • Interest for IT security
  • Basic knowledge of IT threats that companies, organizations, individuals face
  • Curious to see what IT security looks like from a management perspective

This talk is maybe not interesting when:

  • You are looking for technical details of how to securely configure Apache2
  • You already are an experienced ISMS-professional (auditor, CISO)