Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Cerification Presentation to IA practitioners`conference v2

Cyber Security & Critical
Controls
Chris Few
Industry Enabling Services
CESG
February 2011
© Crown Copyright. All rights reserved.
Cyber Essentials
• An HMG scheme for testing security controls to defeat
common Internet based threats
• Covers five control areas:
– Internet Gateways; Secure configuration; User access control;
Malware protection; Patch management
• Includes a two tier assurance framework:
– Cyber Essentials: verified self-assessment
• Organisation completes self assessment questionnaire
• Responses reviewed as reasonable by assessor
– Cyber Essentials PLUS: independently tested
• Tests whether controls implemented are sufficient to defeat
common Internet based attacks
February 2011
© Crown Copyright. All rights reserved.
Relevance of Cyber Essentials to LMN
• Policing of connections to shared academic
networks
• Criterion for selecting suppliers accessing
academic data
• Demonstrating commitment to cyber security
• Incorporation into ESISS penetration testing
improves clarity of scope of testing
February 2011
© Crown Copyright. All rights reserved.
The Assurance Landscape
Products
CESG
&
industry
partners
Consumers
Standards
Systems
Certify
Cyber
Security
Industry
Buy
Services
People
Education &
Training
Organisations
February 2011
Information
risk owning
organisations
© Crown Copyright. All rights reserved.
Employ
In the public
sector, industry
or academia
CESG Service Catalogue
Organisations Training &
Education
People
Products
Systems
Services
Information
Assurance
Maturity Model
Certified
Training
Certified
Professional
Assisted
Products
Scheme
Cyber
Essentials
Cyber
Incident
Response
MSc in
Cyber
Security
Listed
Advisors
Commercial
Product
Assurance
Tailored
Advice
Service
CHECK
penetration
testing
Common
Criteria
Technical
Design
Review
Secure
Destruction
Academic
Centres of
Excellence
TEMPEST
Further details at www.cesg.gov.uk
GovCertUK
Contact us at Enquiries@cesg.gsi.gov.uk
Questions for LMN
• Which parts of the CESG service catalogue are
most relevant to you?
• How can CESG develop its portfolio of schemes
to meet your needs?
• Can CESG facilitate closer relationships between
academia and industry on the topic of cyber
security?
February 2011
© Crown Copyright. All rights reserved.
Related documents
apdf nov 4 - 0910 sakada
apdf nov 4 - 0910 sakada
solving national security challenges with information technology by
solving national security challenges with information technology by
Need for New Approaches to Security PowerPoint
Need for New Approaches to Security PowerPoint
Internet SafetyK5
Internet SafetyK5
Cyber-Security Awareness PowerPoint
Cyber-Security Awareness PowerPoint
“Current Cyber Security Landscape” Dr. Josh Pauli Presentation
“Current Cyber Security Landscape” Dr. Josh Pauli Presentation
RADM Day (USCG Cyber) - Feb 2013
RADM Day (USCG Cyber) - Feb 2013
tamil tiger credit card scam spreads to chennai, india
tamil tiger credit card scam spreads to chennai, india
8_Bay - CSIAC Cyber metrics
8_Bay - CSIAC Cyber metrics
Download