Presenter: Eli the Computer Guy
Date Created: October 12, 2010
Length of Class: 57 Minutes
Computer Security /Integrity
Purpose of Class
This class teaches students the basic concepts behind Risk Assessments.
Defining Risk, Threat and Vulnerability
Types of Protections
Business Rational for Risk Assessment and Management
The better you know technology the better you will do with Risk Assessment/ Management.
Risk = Treat x Vulnerability
Overview of Risk
Risk is defined as the likelihood of financial loss.
Risk is a business concepts not a technological one.
Legal data loss issues
Hacking -- Attacks from your network
Data Theft (Trade Secrets)
Overview of Threat
i. Natural Disatser
ii. Malicious Human
iii. Accidental Human
iv. System Failure
Overview of Vulnerability
Theft of Systems
Overview of Protections Technoloigical Safe Guards
Physical/ Operational Security
Technological Safeguards (Firewalls, Antivirus)
Concepts of Mitigation
Incident - Response - Debrief - Mitigation
Making Bad not so bad
You will never be safe
Security Buy In and Quantifying Risk
The business leaders will make the final decision on Risk Management
The better your BUSINESS argument the more likely you are to get the go ahead.
What is the cost of downtime
What is the legal cost
Cost of Security vs. Benefit
Risk is a BUSINESS concept! The more you understand about business and can talk about financial ramifications the more likely you are to get you fancy new security equipment.
US Computer Emergency Readiness Team