Read Achieving Information Security Governance though ISMS Implementation text version

Securing e-city through ISMS implementation

Prof. Edward Humphreys

(Hagenberg University of Applied Sciences, Austria & Beijing Institute of Technology)

public private users

community

clients

applications platforms infrastructur e servers hybri d

cloud services

users

clients

Data breaches Social engineering Crimes against children Social networking

applications

platforms

infrastructure

servers

Criminal acts on business and ecommerce INSIDER threats Copyright crimes

Cyber war

down side risk

Single points of failure or the failure of an individual infrastructure element

Long-term interruption of a critical information system and/or information flow

Complete interruption of the public/private or community system and services

Serious impact

Critical impact

Medium impact Low impact

Long-term interruption of a critical information public/private or community process, services or activity Longer-term local interruption affecting a public/private or community system

Hi Resilience

Low Resilience

Impact

Everyone is at Risk without proper protect in the e-city ... infrastructure, systems, processes and people are all vulnerable and at risk ... Citizens (especially children), consumers and SMEs are at RISK­ they are likely to be hit harder than large businesses covering all levels of impact - medium, serious and critical ...

Businesses Government Consumers Citizens - adults - children

In an e-city when someone is affected by cybersecurity all are affected (San Diego SoEC)

27002 (code of practice)

27003 (implementation guide)

users

clients

27001 (ISMS)

27004 (metrics & measurements) 27005 (risk management)

applications

platforms

infrastructure

servers

ISMS protective framework

ISO/IEC 27031 ISO/IEC 27032 ISO/IEC 27033 ISO/IEC 27034 ISO/IEC 27035

· Guidelines for ICT readiness for business continuity · Guidelines for cybersecurity

27002 (code of practice) 27003 (implementation guide)

· Network security · Applications security

27001 (ISMS)

27004 (metrics and measurements) 27005 (risk management)

· Information security incident management

· Guidelines for security of outsourcing

ISO/IEC 27036

ISO/IEC 27037

· Guidelines for the identification, collection and/or acquisition and preservation of digital evidence · Specification for digital redaction

ISO/IEC 27038

Prof. Edward Humphreys

(Hagenberg University of Applied Sciences, Austria & Beijing Institute of Technology)

Information

Achieving Information Security Governance though ISMS Implementation

10 pages

Report File (DMCA)

Our content is added by our users. We aim to remove reported files within 1 working day. Please use this link to notify us:

Report this file as copyright or inappropriate

395556