Difference between revisions of "Session:How companies manage their security: Introduction into Information Security Management Systems"

From 34C3_Wiki
Jump to: navigation, search
(Created page with "{{Session |Has session tag=ISMS, ISO27001, information security |Is for kids=No |Has description=This talk is an introduction into Information Security Management Systems (ISM...")
 
Line 2: Line 2:
 
|Has session tag=ISMS, ISO27001, information security
 
|Has session tag=ISMS, ISO27001, information security
 
|Is for kids=No
 
|Is for kids=No
|Has description=This talk is an introduction into Information Security Management Systems (ISMS) as based on ISO27001. ISMS are the way companies or organisations organize their IT security in a top-down approach. It is a beginner level talk for people who want to learn more about this topic or want or have to work with ISMS.
+
|Has description=This talk is an introduction into Information Security Management Systems (ISMS) as based on ISO27001. ISMS are the way companies or organisations organize their IT security in a top-down approach. It is a beginner level talk for people who want to learn more about this topic or want to work with ISMS.
 
|Has session keywords=security
 
|Has session keywords=security
 
|Held in language=en - English
 
|Held in language=en - English
Line 14: Line 14:
 
}}
 
}}
 
This talk is for:
 
This talk is for:
System administrators, software developers, IT professionals or those who would like to workas such
+
* Those interested in learning how companies ''manage'' their IT-security
People who want to become Information Security Officers (CISO) or Data Privacy Officers  
+
* System administrators, software developers, IT professionals or those who would like to work as such
Those who want to implement an Information Security Management System in their organisation/company
+
* People who want to become Information Security Officers (CISO) or Data Privacy Officers  
 +
* Those who want to implement an Information Security Management System in their organisation/company
 
What is the talk about:
 
What is the talk about:
What an Information Security Management System (ISMS) is, what it can and cannot do and why it may be important for your organisation
+
* What an Information Security Management System (ISMS) is, what it can and cannot do and why it may be important for your organisation
Basics such as risk analysis, business impact analysis and setting information security goals
+
* Basics such as risk analysis, business impact analysis and setting information security goals
What the job of an Information Security Officer is and how it different from a system administrator, software developer, head of IT or pentester
+
* What the job of an Information Security Officer is and how it different from a system administrator, software developer, head of IT or pentester
 
 
 
What do you need to understand this talk:
 
What do you need to understand this talk:
Interest for IT security  
+
* Interest for IT security  
Basic knowledge of IT threats that companies, organizations, individuals face
+
* Basic knowledge of IT threats that companies, organizations, individuals face
Curious to see what IT security looks like from a management perspective
+
* Curious to see what IT security looks like from a management perspective
 
 
 
This talk is maybe not interesting when:
 
This talk is maybe not interesting when:
You are looking for technical details of how to securely configure Apache2
+
* You are looking for technical details of how to securely configure Apache2
You already are an experienced ISMS-professional (auditor, CISO)
+
* You already are an experienced ISMS-professional (auditor, CISO)

Revision as of 21:31, 20 December 2017

Description This talk is an introduction into Information Security Management Systems (ISMS) as based on ISO27001. ISMS are the way companies or organisations organize their IT security in a top-down approach. It is a beginner level talk for people who want to learn more about this topic or want to work with ISMS.
Website(s)
Type
Kids session No
Keyword(s) security
Tags ISMS, ISO27001, information security
Person organizing
Language en - English
en - English
Other sessions...

refresh

Starts at 2017/12/28 17:30
Ends at 2017/12/28 18:30
Duration 60 minutes
Location Room:Lecture room 12

This talk is for:

  • Those interested in learning how companies manage their IT-security
  • System administrators, software developers, IT professionals or those who would like to work as such
  • People who want to become Information Security Officers (CISO) or Data Privacy Officers
  • Those who want to implement an Information Security Management System in their organisation/company

What is the talk about:

  • What an Information Security Management System (ISMS) is, what it can and cannot do and why it may be important for your organisation
  • Basics such as risk analysis, business impact analysis and setting information security goals
  • What the job of an Information Security Officer is and how it different from a system administrator, software developer, head of IT or pentester

What do you need to understand this talk:

  • Interest for IT security
  • Basic knowledge of IT threats that companies, organizations, individuals face
  • Curious to see what IT security looks like from a management perspective

This talk is maybe not interesting when:

  • You are looking for technical details of how to securely configure Apache2
  • You already are an experienced ISMS-professional (auditor, CISO)