Session:How companies manage their security: Introduction into Information Security Management Systems

From 34C3_Wiki
Revision as of 21:26, 20 December 2017 by Tuiui (talk | contribs) (Created page with "{{Session |Has session tag=ISMS, ISO27001, information security |Is for kids=No |Has description=This talk is an introduction into Information Security Management Systems (ISM...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Description This talk is an introduction into Information Security Management Systems (ISMS) as based on ISO27001. ISMS are the way companies or organisations organize their IT security in a top-down approach. It is a beginner level talk for people who want to learn more about this topic or want or have to work with ISMS.
Website(s)
Type
Kids session No
Keyword(s) security
Tags ISMS, ISO27001, information security
Person organizing
Language en - English
en - English
Other sessions...

refresh

Starts at 2017/12/28 17:30
Ends at 2017/12/28 18:30
Duration 60 minutes
Location Room:Lecture room 12

This talk is for: • System administrators, software developers, IT professionals or those who would like to workas such • People who want to become Information Security Officers (CISO) or Data Privacy Officers • Those who want to implement an Information Security Management System in their organisation/company What is the talk about: • What an Information Security Management System (ISMS) is, what it can and cannot do and why it may be important for your organisation • Basics such as risk analysis, business impact analysis and setting information security goals • What the job of an Information Security Officer is and how it different from a system administrator, software developer, head of IT or pentester

What do you need to understand this talk: • Interest for IT security • Basic knowledge of IT threats that companies, organizations, individuals face • Curious to see what IT security looks like from a management perspective

This talk is maybe not interesting when: • You are looking for technical details of how to securely configure Apache2 • You already are an experienced ISMS-professional (auditor, CISO)