1 / 19

National Technology & Business Conference

Certification Europe. Michael Brophy. Certification Strategies. National Technology & Business Conference. 30 November 2005. Introduction. Update on some of the standards… what is going on Information security. What is coming down the line….

makaio
Télécharger la présentation

National Technology & Business Conference

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CertificationEurope Michael Brophy Certification Strategies National Technology & Business Conference 30 November 2005

  2. Introduction • Update on some of the standards… • what is going on • Information security What is coming down the line… Benefits of the information security standards… Why do it? National Technology & Business Conference 30 November 2005

  3. Update – what is going on in standards • ISO 9001:2000 – Quality Management System • TickIT • ITIL • BS 15000 BS 7799 / IS 17799 – Information Security Management System Standards National Technology & Business Conference 30 November 2005

  4. ISO 27001 ISO 27002 Update on BS 7799 & IS 17799 Information Security Management System Standards BS 7799 IS 17799 ISO 17799 What is the implication if you are considering certification…? National Technology & Business Conference 30 November 2005

  5. Update on BS 7799 – Global Numbers 1,400 1,200 1,000 800 600 400 200 0 June 2003 June 2005 Jan 2001 Jan 2002 Jan 2003 Jan 2004 Jan 2005 June 2001 June 2002 June 2004 National Technology & Business Conference 30 November 2005

  6. Update on BS 7799 - Ireland 20 15 10 5 0 Dec 2001 Dec 2002 Dec 2003 Dec 2004 Dec 2005 National Technology & Business Conference 30 November 2005

  7. Who is using it – the IT sector National Technology & Business Conference 30 November 2005

  8. Who is using it – the Pharma sector National Technology & Business Conference 30 November 2005

  9. Who is using it – the telco sector National Technology & Business Conference 30 November 2005

  10. Who is using it – the public sector National Technology & Business Conference 30 November 2005

  11. What is coming down the line in relation to information security standards SoX ITIL / BS 15000 Tendering Mandatory requirement Growth in public sector National Technology & Business Conference 30 November 2005

  12. The benefits of information security standards – why do it? What is information security… C onfidentiality I ntegrity A vailability National Technology & Business Conference 30 November 2005

  13. “Australian authorities have ordered an urgent review of security at Sydney's international airport after the theft of two mainframe computers from a restricted customs area….. The federal government is investigating the security breach, but has denied media reports in Australia that the computers held thousands of confidential files. The theft is an embarrassment for the authorities at Sydney Airport, the busiest in Australia. The two suspected thieves told guards they were employees of the airport's computer department. They were allowed to enter the customs division mainframe room, which is a high-security zone. The men spent two hours disconnecting the computers, before calmly walking out, pushing the machines on trolleys. The Sydney Morning Herald newspaper had claimed that top security communications between customs investigators, the federal police and Australia's main domestic spy agency ASIO had been lost.” August 2003 National Technology & Business Conference 30 November 2005

  14. March 2005 Police in London say they have foiled one of the biggest attempted bank thefts in Britain. The plan was to steal £220m ($423m) from the London offices of the Japanese bank Sumitomo Mitsui. Computer experts are believed to have tried to transfer the money electronically after hacking into the bank's systems. A man has been arrested by police in Israel after the plot was uncovered by the National Hi-Tech Crime Unit. The investigation was started in October 2004 after it was discovered that computer hackers had gained access to the bank's computer system in London. They managed to infiltrate the system with keylogging software that would have enabled them to track every button pressed on computer keyboards. From that they could learn account numbers, passwords and other sensitive information. Yeron Bolondi, 32, was seized in Israel after an attempt to transfer £13.9m into an account there. National Technology & Business Conference 30 November 2005

  15. Aer Lingus web-site. Tickets to the USA went on sale through the company’s web-site on Friday 10th October. They offered return fares to New York, Boston and other destinations for Euro 148. It was only discovered later that day that the tickets were restricted to Aer Lingus employees but had mistakenly been made available to the public through the web-site. Within a few hours it is reported that hundreds of tickets were sold, costing the company tens of thousands of Euro. The company blamed human error, and stated that it would stand over the purchases National Technology & Business Conference 30 November 2005

  16. Friday, 11 March, 2005 The Sudanese government had a nasty shock earlier this year, when it read on a US Congress website that the Americans had conducted nuclear tests in the country. A House of Representatives committee report mentioned tests conducted in Sudan between 1962 and 1970. However, when alarmed Foreign Minister (Mustafa Osman Ismail) raised it with US officials in Khartoum, it turned out to be a typing error. The report should have said Sedan, a test site in the US state of Nevada, rather than Sudan. "There is nothing that makes us so far doubt the explanations we have received from the US Administration," said Mr Ismail. He said he was very relieved to find that it was a simple error. "Our first concern of course was for the people of Sudan," he said. The American embassy in Khartoum issued a statement confirming that the US had never conducted nuclear tests in Sudan. The minister, however, remains determined to make completely sure. National Technology & Business Conference 30 November 2005

  17. The benefits of information security standards – why do it? What is information security… C onfidentiality I ntegrity A vailability C ompliance National Technology & Business Conference 30 November 2005

  18. The benefits of information security standards – why do it? In summary, the benefits of certification to the international standard on information security… C onfidentiality I ntegrity A vailability C ompliance National Technology & Business Conference 30 November 2005

  19. Thank you…. Now Set Your Standards info@certificationeurope.com National Technology & Business Conference 30 November 2005

More Related