Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • 10 Steps To Cyber Security: Information Risktmanagement Regime

    Enviado por

    Maria Eugenia Casco
    4 visualizações1 página
    This document outlines 10 steps that organizations can take to improve their cyber security as recommended by CESG (UK National Technical Authority for Information Assurance). The 10 steps are: 1) establish an effective governance structure and determine risk appetite, 2) produce supporting information risk management policies, 3) maintain board engagement with cyber risk, 4) establish network security, 5) implement malware protection, 6) establish monitoring strategies, 7) educate and raise awareness of users, 8) implement secure mobile and home working, 9) ensure secure system configurations, and 10) establish incident response and management plans.

    Descrição original:

    10 steps cyber security

    Título original

    10 Steps Infographic

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    This document outlines 10 steps that organizations can take to improve their cyber security as recommended by CESG (UK National Technical Authority for Information Assurance). The 10 steps are: 1) establish an effective governance structure and determine risk appetite, 2) produce supporting information risk management policies, 3) maintain board engagement with cyber risk, 4) establish network security, 5) implement malware protection, 6) establish monitoring strategies, 7) educate and raise awareness of users, 8) implement secure mobile and home working, 9) ensure secure system configurations, and 10) establish incident response and management plans.

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    4 visualizações1 página

    10 Steps To Cyber Security: Information Risktmanagement Regime

    Enviado por

    Maria Eugenia Casco
    This document outlines 10 steps that organizations can take to improve their cyber security as recommended by CESG (UK National Technical Authority for Information Assurance). The 10 steps are: 1) establish an effective governance structure and determine risk appetite, 2) produce supporting information risk management policies, 3) maintain board engagement with cyber risk, 4) establish network security, 5) implement malware protection, 6) establish monitoring strategies, 7) educate and raise awareness of users, 8) implement secure mobile and home working, 9) ensure secure system configurations, and 10) establish incident response and management plans.

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 1

    10 Steps To Cyber Security

    DefiningTandTcommunicatingTyourTBoardsTInformationTRiskTManagementTRegimeTisT
    centralTtoTyourTorganisationsToverallTcyberTsecurityTstrategyjTCESGTrecommendTyouT
    reviewTthisTregimeTGTtogetherTwithTtheTnineTassociatedTsecurityTareasTdescribedTbelowTGT
    inTorderTtoTprotectTyourTbusinessTagainstTtheTmajorityTofTcyberTthreatsj

    ProtectTyourTnetworksTagainstTexternalTandT
    internalTattackjTManageTtheTnetworkTperimeterjT
    FilterToutTunauthorisedTaccessTandTmaliciousT
    contentjTMonitorTandTtestTsecurityTcontrolsj

    MalwareTProtection

    Monitoring

    UserTEducationTandTAwareness

    ProduceTuserTsecurityTpoliciesTcoveringT

    acceptableTandTsecureTuseTofTtheTorganisationsT
    systemsjTEstablishTaTstaffTtrainingTprogrammejT
    MaintainTuserTawarenessTofTtheTcyberTrisksjT

    HomeTandTMobileTWorking

    NetworkTSecurity

    ProduceTrelevantTpolicyTandTestablishTantiG
    malwareTdefencesTthatTareTapplicableTandT
    relevantTtoTallTbusinessTareasjTScanTforT
    malwareTacrossTtheTorganisationj

    CESG

    EstablishTanTeffectiveT
    governanceTstructure
    andTdetermineTyour
    riskTappetitejT

    Information
    RiskTManagement
    Regime

    MaintainTtheT
    BoardsTengagementT
    withTthe
    cyberTriskj

    EstablishTaTmonitoringTstrategyTandTproduceT
    supportingTpoliciesjTContinuouslyTmonitorTallT
    ICTTsystemsTandTnetworksjTAnalyseTlogsTforT
    unusualTactivityTthatTcouldTindicateTanTattackjT

    TProduceT
    supportingT
    informationTriskT
    managementTT
    policiesj

    DevelopTaTmobileTworkingTpolicyTandT
    trainTstaffTtoTadhereTtoTitjTApplyTtheT
    secureTbaselineTTbuildTtoTallTdevicesjT
    ProtectTdataTbothTinTtransitTandTatTrestjT

    SecureTConfiguration

    ApplyTsecurityTpatchesTandTensureTthatTtheT
    secureTconfigurationTofTallTICTTsystemsTisT
    maintainedjTCreateTaTsystemTinventoryTandT
    defineTaTbaselineTbuildTforTallTICTTdevicesj

    RemovableTMediaTControls

    ProduceTaTpolicyTtoTcontrolTallTaccessTtoT
    removableTmediajTLimitTmediaTtypesTandTusejT
    ScanTallTmediaTforTmalwareTbeforeTimportingT
    onTtoTtheTcorporateTsystemj

    ManagingTUserTPrivileges
    IncidentTManagement

    EstablishTanTincidentTresponseTandTdisasterTrecoverT
    capabilityjTProduceTandTtestTincidentTmanagementTplansjT
    ProvideTspecialistTtrainingTtoTtheTincidentTmanagementT
    teamjTReportTcriminalTincidentsTtoTlawTenforcementjT

    EstablishTaccountTmanagementTprocessesTandT
    limitTtheTnumberTofTprivilegedTaccountsjTLimitT
    userTprivilegesTandTmonitorTuserTactivityjT
    ControlTaccessTtoTactivityTandTauditTlogsjT

    Você também pode gostar