《国际信息安全技术标准发展》由会员分享,可在线阅读,更多相关《国际信息安全技术标准发展(20页珍藏版)》请在金锄头文库上搜索。
1、国际信息安全技术标准发展 ISO/IEC JTC 1/SC 27/WG 4,江明灶 Meng-Chow Kang, CISSP, CISAConvener, Security Controls & Services Working Group (WG 4), ISO/IEC JTC 1 SC 27 (Security Techniques)Chief Security AdvisorMicrosoft Great China Region,WG1 ISMS StandardsChair Ted HumphreysVice-Chair Angelika Plate,WG4 Security Co
2、ntrols & ServicesChair Meng-Chow Kang,WG2Security TechniquesChair Prof. K Naemura,WG3Security EvaluationChair Mats Ohlin,WG5Privacy Technology, ID management and BiometricsChair Kai Rannenberg,ISO/IEC JTC 1 SC 27Chair Walter FumyVice Chair Marijike de SoeteSecretary Krystyna Passia,27000Fundamental
3、& Vocabulary,27004ISMS Measurement,27005ISMS Risk Management,27006Accreditation Requirements,27001ISMS Requirements,27003ISMS Implementation Guidance,Information Security Management Systems (ISMS),27002Code of Practice,ISMSFamily,Risk manage; Prevent occurrence; Reduce impact of occurrence,Prepare t
4、o respond; eliminate or reduce impact,SC27 WG4 Roadmap Framework,Investigate to establish facts about breaches; identify who done it and what went wrong,Unknown and emerging security issues,Known security issues,Security breaches and compromises,Network Security (27033),TTP Services Security,ICT Rea
5、diness for Business Continuity (27031),SC27 WG4 Roadmap,Application Security (27034),Forensic Investigation,Cybersecurity (27032),Includes ISO/IEC 24762, Vulnerability Mgmt, IDS, & Incident Response related standards,Anti-Spyware, Anti-SPAM, Anti-Phishing, Cybersecurity-event coordination & informat
6、ion sharing,ISO 18028 revision; WD for new Part 1, 2 New Study Period on Home Network Security,1st WD available for comments,Future NP,New Study Period proposed; Includes outsourcing and off-shoring security,6,Gaps between Readiness & ResponseIT Security, BCP, and DRP Planning & Execution,Protect,De
7、tect,React/Response,IT Security Planning,ActivateBCP,Activate DCRP,Plan,Prepare & Test,Plan,Prepare & Test,Business Continuity Planning,Disaster Contingency & Recovery Planning,DisasterEvents,IT SystemsFailures,ICT Readiness for Business Continuity,What is ICT Readiness?Prepare organization ICT tech
8、nology (infrastructure, operation, applications), process, and people against unforeseeable focusing events that could change the risk environmentLeverage and streamline resources among traditional business continuity, disaster recovery, emergency response, and IT security incident response and mana
9、gementWhy ICT Readiness focus on Business Continuity?ICT systems are prevalent in organizationsICT systems are necessary to support incident, business continuity, disaster, and emergency response and management needsBusiness continuity is incomplete without considering ICT systems readinessRespondin
10、g to security incident, disasters, and emergency situations are about business continuity,Implications of ICT Readiness,Operational Status,Time,Incident,Current IHM, BCM and DRP focus on shortening period of disruption and reducing the impact of an incident by risk mitigation and recovery planning.,
11、T=0,T=i,T=k,T=l,T=j,100%,x%,y%,z%,Early detection and response capabilities to prevent sudden and drastic failure, enable gradual deterioration of operational status and further shorten recovery time.,Before implementation of IHM, BCM, and/or DRP,After implementation of IHM, BCM, and/or DRP,After im
12、plementation of ICT Readiness for BC,ICT Readiness for Business Continuity,Re-proposed as single-part standard (Nov 07)Structure (DRAFT, Document SC27N6274)IntroductionScopeNormative ReferencesTerms and DefinitionsOverview (of ICT Readiness for Business Continuity)ApproachBased on PDCA cyclical mode
13、lExtend BCP approach (using RA, and BIA)Introduce Failure Scenario Assessment (with FMEA)Focus on Triggering EventsManagement of IRBC Program,P2P File Sharing,Instant Messaging,Blogging,Web 2.0 Cybersecurity Issues,Splogs, SPAM,Search Engine Poisoning,SpywareTrojansVirus/Worms,SPAMExploit URLsPhishi
14、ngTrojans,VoIP/Video,Privacy &Information Breach,Global Threat Landscape,Prevalence of Malicious Software by Category,What is Cybersecurity,Definition of Cybersecurity overlaps Internet/network securityNature Cybersecurity issuesOccurs on the Internet (Cyberspace)Global nature, multiple countries, d
15、ifferent policy and regulations, different focusMultiple entities, simple client system to complex infrastructureWeakest link and lowest common denominator prevailHighly creative landscape always changing,Cybersecurity,Cybersecurity concerns the protection of assets belonging to both organizations a
16、nd users in the cyber environment. The cyber environment in this context is defined as the public on-line environment (generally the Internet) as distinct from “enterprise cyberspace” (closed internal networks specific to individual organizations or groups of organizations).,Guidelines for Cybersecu
17、rity,“Best practice” guidance in achieving and maintaining security in the cyber environment for audiences as defined below.Address the requirement for a high level of co-operation, information-sharing and joint action in tackling the technical issues involved in cybersecurity. This needs to be achi
18、eved both between individuals and organizations at a national level and internationally.The primary audiences for the standard are:Cyberspace service providers such as Internet Service Providers (ISPs), web service providers, outsourcing and data back-up service providers, on-line payment bureaux, o
19、n-line commerce operators, entertainment service providers and others.Enterprises including not only commercial organizations but also non-profit bodies and other organizations in fields such as healthcare and education.Governments.End users, while highly important, are not seen as a key target audience as they are not in general direct users of international standards.The standard will not offer technical solutions to individual cybersecurity issues, which are already being developed by other bodies as described below.,
