2. Index.
1.General concepts of Information Security
2.CISO (Chief Information Security Officer)
3.Certifications related to Information Security
3.1. CISSP
3.2. CISA,
3.3. Security+
3. What is security?
Information security is defined as
“protecting information and information systems
from unauthorized access, use, disclosure,
disruption, modification, or destruction”
4. When Are We Secure?
Are we secure if our systems are properly patched?
Are we secure if we use strong passwords?
Are we secure if we are disconnected from the
Internet entirely?
5. When Are We Secure?
From a certain point of view, all of these questions
can be answered with a “NO”
6. Confidentiality, Integrity, and Availability Triad
When we discuss security issues, it is often helpful to
have a model that we can use as a foundation or a
baseline. This model is Confidentiality, Integrity, and
Availability (CIA) triad model.
8. CISO
Chief Information Security Officer (CISO) is the
senior-level executive within
an organization responsible for establishing and
maintaining the enterprise vision, strategy and
program to ensure information assets are adequately
protected.
9. Certifications related to Information Security
1) CISSP - The Certified ISS Professional
2) CISM - Certified Information Security Manager
3) CSSLP - Certified Secure Software Lifecycle
Professional
4) SSCP - Systems Security Certified Practitioner
5) ISSAP – ISS Architecture Professional
6) ISSEP - ISS Engineering Professional
7) ISSMP - ISS Management Professional
10. CISSP
•The CISSP is known as the "gold standard" of
security certifications.
•It is governed by the International ISS Certification
Consortium or (ISC)2.
11. (ISC)2
The International Information Systems Security
Certification Consortium, also known as(ISC)2, is a
global, not-for-profit leader in educating and
certifying information security professionals.