SlideShare una empresa de Scribd logo

What is a cybersecurity assessment 20210813

Descargar como PPTX, PDF
K
Kinetic Potential

What is Cybersecurity Assessment

Empleo
1 de 10
What is a Cybersecurity Assessment? KINETIC POTENTIAL
Agenda  Cybersecurity Assessment Overview  Cybersecurity Framework  Assessment Strategy  Outcome
Cybersecurity Assessment Overview What is a cybersecurity assessment? • IT is an in-depth review of your organization’s ability to protect its information assets against relevant threats to include: • Assessing the entire organizational environment against rigorous security controls • Examining the effectiveness of an organization’s operating environment – people, processes and technology • Identifying areas of improvement that needs to be strengthened • Compiles a list of solutions and improvements to address risks and weaknesses
Cybersecurity Assessment Overview, cont. Who needs an assessment? • All organizations can benefit from a security assessment as it: • Provides valuable insights that allow you to see your security posture from an objective and independent perspective • Provides evidence of abiding by security best practices • Support after-the-fact-investigation when necessary • Can provide demonstrable evidence of security vulnerabilities to support budget requests. • Recommendation on how to mitigate areas that need improvement
Benefits of Cybersecurity Assessment • Enables organizations to: • Address gaps • Manage risks, • Allocate resources to better protect their organization. • The assessment can strengthen an organization’s security posture as well as reduce costs. • Repeatable processes • Automate processes
Cybersecurity Framework National Institute of Standards and Technology (NIST) 800-53 Control Families
Assessment Strategy Initial Scoping Planning: • Varying Documentation Requests (snapshot of environment) • System Security Plan • Contingency Plan • System Design Document • Configuration Management Plan, etc. • Formal Cybersecurity Assessment • Interview Questions • Review of existing documentation • GAP Analysis
Assessment Strategy, cont. • Interview Sessions • Based on job role • Technical testing • Vulnerability scanning or analyzing of current scans
Outcome • Final Deliverables • Final Meetings • Out-brief of Security Assessment • Security Assessment Report • Review and summarize security vulnerabilities from assessment • Review how to solve gaps
Questions

Recomendados

Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Kinetic Potential
 
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKSRISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKSChristina33713
 
NIST CSF Overview
NIST CSF OverviewNIST CSF Overview
NIST CSF OverviewPriyanka Aash
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
TrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTuan Phan
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 

Recomendados

Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Kinetic Potential
 
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKSRISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKS
RISK MANAGEMENT: 4 ESSENTIAL FRAMEWORKSChristina33713
 
NIST CSF Overview
NIST CSF OverviewNIST CSF Overview
NIST CSF OverviewPriyanka Aash
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
TrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTuan Phan
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationMonchai Phaichitchan
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Anshu Gupta
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Phil Agcaoili
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoTuan Phan
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...North Texas Chapter of the ISSA
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellenceErik Taavila
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Phil Agcaoili
 
Building Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & MetricsBuilding Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & MetricsRob Arnold
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...Cohesive Networks
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditingPiyush Jain
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015Health IT Conference – iHT2
 
IT Governance Roles and Data Governance - Hernan Huwyler
IT Governance Roles and Data Governance - Hernan HuwylerIT Governance Roles and Data Governance - Hernan Huwyler
IT Governance Roles and Data Governance - Hernan HuwylerHernan Huwyler, MBA CPA
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeDavid Ochel
 
QSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistQSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistTripwire
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxAbid Ur Rehman
 
Professional Designations IT Assurance
Professional Designations IT AssuranceProfessional Designations IT Assurance
Professional Designations IT Assurancea3virani
 

Más contenido relacionado

La actualidad más candente

Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationMonchai Phaichitchan
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Anshu Gupta
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Phil Agcaoili
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoTuan Phan
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...North Texas Chapter of the ISSA
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellenceErik Taavila
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Phil Agcaoili
 
Building Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & MetricsBuilding Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & MetricsRob Arnold
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...Cohesive Networks
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditingPiyush Jain
 
IT Governance Roles and Data Governance - Hernan Huwyler
IT Governance Roles and Data Governance - Hernan HuwylerIT Governance Roles and Data Governance - Hernan Huwyler
IT Governance Roles and Data Governance - Hernan HuwylerHernan Huwyler, MBA CPA
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeDavid Ochel
 
QSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistQSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistTripwire
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 

La actualidad más candente (20)

Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentation
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect Match
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quantico
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | Infosectrain
 
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellence
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best Practices
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6
 
Building Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & MetricsBuilding Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & Metrics
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015
 
IT Governance Roles and Data Governance - Hernan Huwyler
IT Governance Roles and Data Governance - Hernan HuwylerIT Governance Roles and Data Governance - Hernan Huwyler
IT Governance Roles and Data Governance - Hernan Huwyler
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best Practice
 
QSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistQSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & Checklist
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 

Similar a What is a cybersecurity assessment 20210813

UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxAbid Ur Rehman
 
Professional Designations IT Assurance
Professional Designations IT AssuranceProfessional Designations IT Assurance
Professional Designations IT Assurancea3virani
 
BRG_CSP_Study-Summary-nofees
BRG_CSP_Study-Summary-nofeesBRG_CSP_Study-Summary-nofees
BRG_CSP_Study-Summary-nofeesFaisal Amin
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Cmgt 430 cmgt430 cmgt 430 education for service uopstudy.com
Cmgt 430 cmgt430 cmgt 430 education for service uopstudy.comCmgt 430 cmgt430 cmgt 430 education for service uopstudy.com
Cmgt 430 cmgt430 cmgt 430 education for service uopstudy.comUOPCourseHelp
 
20 IT Auditor questions.pdf
20 IT Auditor questions.pdf20 IT Auditor questions.pdf
20 IT Auditor questions.pdfinfosec train
 
Security metrics
Security metrics Security metrics
Security metrics PRAYAGRAJ11
 
3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department 3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department Sandeep S Jaryal
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsJack Nichelson
 
InfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdf
InfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdfInfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdf
InfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdfpriyanshamadhwal2
 
Security metrics 2
Security metrics 2Security metrics 2
Security metrics 2Manish Kumar
 
Controls in Audit.pptx
Controls in Audit.pptxControls in Audit.pptx
Controls in Audit.pptxHardikKundra
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?IT Governance Ltd
 
crisc_wk_2a.pptx
crisc_wk_2a.pptxcrisc_wk_2a.pptx
crisc_wk_2a.pptxdotco
 
Internal Audit with Data Analytics
Internal Audit with Data AnalyticsInternal Audit with Data Analytics
Internal Audit with Data AnalyticsMitesh Katira
 

Similar a What is a cybersecurity assessment 20210813 (20)

UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
 
Professional Designations IT Assurance
Professional Designations IT AssuranceProfessional Designations IT Assurance
Professional Designations IT Assurance
 
BRG_CSP_Study-Summary-nofees
BRG_CSP_Study-Summary-nofeesBRG_CSP_Study-Summary-nofees
BRG_CSP_Study-Summary-nofees
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
Cmgt 430 cmgt430 cmgt 430 education for service uopstudy.com
Cmgt 430 cmgt430 cmgt 430 education for service uopstudy.comCmgt 430 cmgt430 cmgt 430 education for service uopstudy.com
Cmgt 430 cmgt430 cmgt 430 education for service uopstudy.com
 
20 IT Auditor questions.pdf
20 IT Auditor questions.pdf20 IT Auditor questions.pdf
20 IT Auditor questions.pdf
 
Security metrics
Security metrics Security metrics
Security metrics
 
3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department 3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department
 
Orientation in IT Audit
Orientation in IT AuditOrientation in IT Audit
Orientation in IT Audit
 
5548 isaca for-students
5548 isaca for-students5548 isaca for-students
5548 isaca for-students
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metrics
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security Metrics
 
InfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdf
InfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdfInfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdf
InfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdf
 
IT Audit - Evolve and Stay in the Game
IT Audit - Evolve and Stay in the GameIT Audit - Evolve and Stay in the Game
IT Audit - Evolve and Stay in the Game
 
Security metrics 2
Security metrics 2Security metrics 2
Security metrics 2
 
Controls in Audit.pptx
Controls in Audit.pptxControls in Audit.pptx
Controls in Audit.pptx
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
 
_CERT-IN Certification (1).pptx
_CERT-IN Certification (1).pptx_CERT-IN Certification (1).pptx
_CERT-IN Certification (1).pptx
 
crisc_wk_2a.pptx
crisc_wk_2a.pptxcrisc_wk_2a.pptx
crisc_wk_2a.pptx
 
Internal Audit with Data Analytics
Internal Audit with Data AnalyticsInternal Audit with Data Analytics
Internal Audit with Data Analytics
 

Más de Kinetic Potential

Career Exploration Week 3.pptx
Career Exploration Week 3.pptxCareer Exploration Week 3.pptx
Career Exploration Week 3.pptxKinetic Potential
 
Access Control and Maintenance.pptx
Access Control and Maintenance.pptxAccess Control and Maintenance.pptx
Access Control and Maintenance.pptxKinetic Potential
 
Quantum Leap Class 3 Slide.pptx
Quantum Leap Class 3 Slide.pptxQuantum Leap Class 3 Slide.pptx
Quantum Leap Class 3 Slide.pptxKinetic Potential
 
Quantum Leap Class 2 Slide.pptx
Quantum Leap Class 2 Slide.pptxQuantum Leap Class 2 Slide.pptx
Quantum Leap Class 2 Slide.pptxKinetic Potential
 
Quantum Leap Class 1 Slide.pptx
Quantum Leap Class 1 Slide.pptxQuantum Leap Class 1 Slide.pptx
Quantum Leap Class 1 Slide.pptxKinetic Potential
 
Cyber Families - Incident Response.pptx
Cyber Families - Incident Response.pptxCyber Families - Incident Response.pptx
Cyber Families - Incident Response.pptxKinetic Potential
 
Abuse Prevention, Identification and Reporting: Training & Education
Abuse Prevention, Identification and Reporting: Training & EducationAbuse Prevention, Identification and Reporting: Training & Education
Abuse Prevention, Identification and Reporting: Training & EducationKinetic Potential
 
Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Kinetic Potential
 

Más de Kinetic Potential (17)

Career Exploration Week 3.pptx
Career Exploration Week 3.pptxCareer Exploration Week 3.pptx
Career Exploration Week 3.pptx
 
Access Control and Maintenance.pptx
Access Control and Maintenance.pptxAccess Control and Maintenance.pptx
Access Control and Maintenance.pptx
 
Quantum Leap Class 3 Slide.pptx
Quantum Leap Class 3 Slide.pptxQuantum Leap Class 3 Slide.pptx
Quantum Leap Class 3 Slide.pptx
 
Quantum Leap Class 2 Slide.pptx
Quantum Leap Class 2 Slide.pptxQuantum Leap Class 2 Slide.pptx
Quantum Leap Class 2 Slide.pptx
 
Quantum Leap Class 1 Slide.pptx
Quantum Leap Class 1 Slide.pptxQuantum Leap Class 1 Slide.pptx
Quantum Leap Class 1 Slide.pptx
 
Cyber Families - Incident Response.pptx
Cyber Families - Incident Response.pptxCyber Families - Incident Response.pptx
Cyber Families - Incident Response.pptx
 
DRHA KPLIFE BOOTCAMP.pptx
DRHA KPLIFE BOOTCAMP.pptxDRHA KPLIFE BOOTCAMP.pptx
DRHA KPLIFE BOOTCAMP.pptx
 
Financial Literacy
Financial LiteracyFinancial Literacy
Financial Literacy
 
Abuse Prevention, Identification and Reporting: Training & Education
Abuse Prevention, Identification and Reporting: Training & EducationAbuse Prevention, Identification and Reporting: Training & Education
Abuse Prevention, Identification and Reporting: Training & Education
 
CAPM study session 4
CAPM study session 4CAPM study session 4
CAPM study session 4
 
CAPM Study Session 3
CAPM Study Session 3CAPM Study Session 3
CAPM Study Session 3
 
CAPM Study Session 2
CAPM Study Session 2CAPM Study Session 2
CAPM Study Session 2
 
CAPM Exam Study Session 1
CAPM Exam Study Session 1CAPM Exam Study Session 1
CAPM Exam Study Session 1
 
Lesson 2 making rules
Lesson 2 making rulesLesson 2 making rules
Lesson 2 making rules
 
Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813
 
Lesson 8 safety
Lesson 8 safetyLesson 8 safety
Lesson 8 safety
 
My career interest
My career interestMy career interest
My career interest
 

Último

CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual serviceanilsa9823
 
(Call Girls) in Lucknow Real photos of Female Escorts 👩🏼‍❤️‍💋‍👩🏻 8923113531 ➝...
(Call Girls) in Lucknow Real photos of Female Escorts 👩🏼‍❤️‍💋‍👩🏻 8923113531 ➝...(Call Girls) in Lucknow Real photos of Female Escorts 👩🏼‍❤️‍💋‍👩🏻 8923113531 ➝...
(Call Girls) in Lucknow Real photos of Female Escorts 👩🏼‍❤️‍💋‍👩🏻 8923113531 ➝...gurkirankumar98700
 
Get To Know About "Lauren Prophet-Bryant''
Get To Know About "Lauren Prophet-Bryant''Get To Know About "Lauren Prophet-Bryant''
Get To Know About "Lauren Prophet-Bryant''Lauren Prophet-Bryant
 
Escorts Service Cambridge Layout ☎ 7737669865☎ Book Your One night Stand (Ba...
Escorts Service Cambridge Layout ☎ 7737669865☎ Book Your One night Stand (Ba...Escorts Service Cambridge Layout ☎ 7737669865☎ Book Your One night Stand (Ba...
Escorts Service Cambridge Layout ☎ 7737669865☎ Book Your One night Stand (Ba...amitlee9823
 
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call GirlsDelhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girlsshivangimorya083
 
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
OSU毕业证留学文凭,制做办理
OSU毕业证留学文凭,制做办理OSU毕业证留学文凭,制做办理
OSU毕业证留学文凭,制做办理cowagem
 
Delhi Call Girls Nehru Place 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Nehru Place 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Nehru Place 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Nehru Place 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
CALL ON ➥8923113531 🔝Call Girls Nishatganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Nishatganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Nishatganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Nishatganj Lucknow best sexual serviceanilsa9823
 
Virgin Call Girls Delhi Service-oriented sexy call girls ☞ 9899900591 ☜ Rita ...
Virgin Call Girls Delhi Service-oriented sexy call girls ☞ 9899900591 ☜ Rita ...Virgin Call Girls Delhi Service-oriented sexy call girls ☞ 9899900591 ☜ Rita ...
Virgin Call Girls Delhi Service-oriented sexy call girls ☞ 9899900591 ☜ Rita ...poojakaurpk09
 
VIP Call Girls Service Film Nagar Hyderabad Call +91-8250192130
VIP Call Girls Service Film Nagar Hyderabad Call +91-8250192130VIP Call Girls Service Film Nagar Hyderabad Call +91-8250192130
VIP Call Girls Service Film Nagar Hyderabad Call +91-8250192130Suhani Kapoor
 
Production Day 1.pptxjvjbvbcbcb bj bvcbj
Production Day 1.pptxjvjbvbcbcb bj bvcbjProduction Day 1.pptxjvjbvbcbcb bj bvcbj
Production Day 1.pptxjvjbvbcbcb bj bvcbjLewisJB
 
Motilal Oswal Gift City Fund PPT - Apr 2024.pptx
Motilal Oswal Gift City Fund PPT - Apr 2024.pptxMotilal Oswal Gift City Fund PPT - Apr 2024.pptx
Motilal Oswal Gift City Fund PPT - Apr 2024.pptxMaulikVasani1
 
Delhi Call Girls Preet Vihar 9711199171 ☎✔👌✔ Whatsapp Body to body massage wi...
Delhi Call Girls Preet Vihar 9711199171 ☎✔👌✔ Whatsapp Body to body massage wi...Delhi Call Girls Preet Vihar 9711199171 ☎✔👌✔ Whatsapp Body to body massage wi...
Delhi Call Girls Preet Vihar 9711199171 ☎✔👌✔ Whatsapp Body to body massage wi...shivangimorya083
 
Call Girls Alandi Road Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Alandi Road Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Alandi Road Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Alandi Road Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Internship Report].pdf iiwmoosmsosmshkssmk
Internship Report].pdf iiwmoosmsosmshkssmkInternship Report].pdf iiwmoosmsosmshkssmk
Internship Report].pdf iiwmoosmsosmshkssmkSujalTamhane
 
Personal Brand Exploration - Fernando Negron
Personal Brand Exploration - Fernando NegronPersonal Brand Exploration - Fernando Negron
Personal Brand Exploration - Fernando Negronnegronf24
 
PM Job Search Council Info Session - PMI Silver Spring Chapter
PM Job Search Council Info Session - PMI Silver Spring ChapterPM Job Search Council Info Session - PMI Silver Spring Chapter
PM Job Search Council Info Session - PMI Silver Spring ChapterHector Del Castillo, CPM, CPMM
 

Último (20)

CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
 
(Call Girls) in Lucknow Real photos of Female Escorts 👩🏼‍❤️‍💋‍👩🏻 8923113531 ➝...
(Call Girls) in Lucknow Real photos of Female Escorts 👩🏼‍❤️‍💋‍👩🏻 8923113531 ➝...(Call Girls) in Lucknow Real photos of Female Escorts 👩🏼‍❤️‍💋‍👩🏻 8923113531 ➝...
(Call Girls) in Lucknow Real photos of Female Escorts 👩🏼‍❤️‍💋‍👩🏻 8923113531 ➝...
 
Get To Know About "Lauren Prophet-Bryant''
Get To Know About "Lauren Prophet-Bryant''Get To Know About "Lauren Prophet-Bryant''
Get To Know About "Lauren Prophet-Bryant''
 
Escorts Service Cambridge Layout ☎ 7737669865☎ Book Your One night Stand (Ba...
Escorts Service Cambridge Layout ☎ 7737669865☎ Book Your One night Stand (Ba...Escorts Service Cambridge Layout ☎ 7737669865☎ Book Your One night Stand (Ba...
Escorts Service Cambridge Layout ☎ 7737669865☎ Book Your One night Stand (Ba...
 
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call GirlsDelhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
 
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
OSU毕业证留学文凭,制做办理
OSU毕业证留学文凭,制做办理OSU毕业证留学文凭,制做办理
OSU毕业证留学文凭,制做办理
 
Delhi Call Girls Nehru Place 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Nehru Place 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Nehru Place 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Nehru Place 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
CALL ON ➥8923113531 🔝Call Girls Nishatganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Nishatganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Nishatganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Nishatganj Lucknow best sexual service
 
Virgin Call Girls Delhi Service-oriented sexy call girls ☞ 9899900591 ☜ Rita ...
Virgin Call Girls Delhi Service-oriented sexy call girls ☞ 9899900591 ☜ Rita ...Virgin Call Girls Delhi Service-oriented sexy call girls ☞ 9899900591 ☜ Rita ...
Virgin Call Girls Delhi Service-oriented sexy call girls ☞ 9899900591 ☜ Rita ...
 
VIP Call Girls Service Film Nagar Hyderabad Call +91-8250192130
VIP Call Girls Service Film Nagar Hyderabad Call +91-8250192130VIP Call Girls Service Film Nagar Hyderabad Call +91-8250192130
VIP Call Girls Service Film Nagar Hyderabad Call +91-8250192130
 
VVVIP Call Girls In East Of Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In East Of Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In East Of Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In East Of Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Production Day 1.pptxjvjbvbcbcb bj bvcbj
Production Day 1.pptxjvjbvbcbcb bj bvcbjProduction Day 1.pptxjvjbvbcbcb bj bvcbj
Production Day 1.pptxjvjbvbcbcb bj bvcbj
 
Motilal Oswal Gift City Fund PPT - Apr 2024.pptx
Motilal Oswal Gift City Fund PPT - Apr 2024.pptxMotilal Oswal Gift City Fund PPT - Apr 2024.pptx
Motilal Oswal Gift City Fund PPT - Apr 2024.pptx
 
Delhi Call Girls Preet Vihar 9711199171 ☎✔👌✔ Whatsapp Body to body massage wi...
Delhi Call Girls Preet Vihar 9711199171 ☎✔👌✔ Whatsapp Body to body massage wi...Delhi Call Girls Preet Vihar 9711199171 ☎✔👌✔ Whatsapp Body to body massage wi...
Delhi Call Girls Preet Vihar 9711199171 ☎✔👌✔ Whatsapp Body to body massage wi...
 
Call Girls Alandi Road Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Alandi Road Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Alandi Road Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Alandi Road Call Me 7737669865 Budget Friendly No Advance Booking
 
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Greater Noida 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Internship Report].pdf iiwmoosmsosmshkssmk
Internship Report].pdf iiwmoosmsosmshkssmkInternship Report].pdf iiwmoosmsosmshkssmk
Internship Report].pdf iiwmoosmsosmshkssmk
 
Personal Brand Exploration - Fernando Negron
Personal Brand Exploration - Fernando NegronPersonal Brand Exploration - Fernando Negron
Personal Brand Exploration - Fernando Negron
 
PM Job Search Council Info Session - PMI Silver Spring Chapter
PM Job Search Council Info Session - PMI Silver Spring ChapterPM Job Search Council Info Session - PMI Silver Spring Chapter
PM Job Search Council Info Session - PMI Silver Spring Chapter
 

What is a cybersecurity assessment 20210813

  • 1. What is a Cybersecurity Assessment? KINETIC POTENTIAL
  • 2. Agenda  Cybersecurity Assessment Overview  Cybersecurity Framework  Assessment Strategy  Outcome
  • 3. Cybersecurity Assessment Overview What is a cybersecurity assessment? • IT is an in-depth review of your organization’s ability to protect its information assets against relevant threats to include: • Assessing the entire organizational environment against rigorous security controls • Examining the effectiveness of an organization’s operating environment – people, processes and technology • Identifying areas of improvement that needs to be strengthened • Compiles a list of solutions and improvements to address risks and weaknesses
  • 4. Cybersecurity Assessment Overview, cont. Who needs an assessment? • All organizations can benefit from a security assessment as it: • Provides valuable insights that allow you to see your security posture from an objective and independent perspective • Provides evidence of abiding by security best practices • Support after-the-fact-investigation when necessary • Can provide demonstrable evidence of security vulnerabilities to support budget requests. • Recommendation on how to mitigate areas that need improvement
  • 5. Benefits of Cybersecurity Assessment • Enables organizations to: • Address gaps • Manage risks, • Allocate resources to better protect their organization. • The assessment can strengthen an organization’s security posture as well as reduce costs. • Repeatable processes • Automate processes
  • 6. Cybersecurity Framework National Institute of Standards and Technology (NIST) 800-53 Control Families
  • 7. Assessment Strategy Initial Scoping Planning: • Varying Documentation Requests (snapshot of environment) • System Security Plan • Contingency Plan • System Design Document • Configuration Management Plan, etc. • Formal Cybersecurity Assessment • Interview Questions • Review of existing documentation • GAP Analysis
  • 8. Assessment Strategy, cont. • Interview Sessions • Based on job role • Technical testing • Vulnerability scanning or analyzing of current scans
  • 9. Outcome • Final Deliverables • Final Meetings • Out-brief of Security Assessment • Security Assessment Report • Review and summarize security vulnerabilities from assessment • Review how to solve gaps