Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Data Security @ the personal level
Search
Arnon Rotem-Gal-Oz
April 20, 2017
Technology
0
27
Data Security @ the personal level
personal security briefing to employees (e.g for ISO 27001 compliance)
Arnon Rotem-Gal-Oz
April 20, 2017
Tweet
Share
More Decks by Arnon Rotem-Gal-Oz
See All by Arnon Rotem-Gal-Oz
Coding with AI
arnonrgo
0
31
Brownfield Architecture transformations
arnonrgo
0
130
Software architecture 101
arnonrgo
0
1.6k
Apache Spark - Overview
arnonrgo
0
45
Taking ML to production - a journey
arnonrgo
0
120
Topics in Distributed Systems
arnonrgo
0
31
Docker & Kubernetes
arnonrgo
0
25
Microservices it's deja vu all over again
arnonrgo
0
25
Big Data in the Cloud - Welcome to cost oriented design
arnonrgo
0
21
Other Decks in Technology
See All in Technology
『バイトル』CTOが語る! AIネイティブ世代と切り拓くモノづくり組織
dip_tech
PRO
1
100
ユーザーの声とAI検証で進める、プロダクトディスカバリー
sansantech
PRO
1
100
業務効率化をさらに加速させる、ノーコードツールとStep Functionsのハイブリッド化
smt7174
2
110
OCI Network Firewall 概要
oracle4engineer
PRO
1
7.8k
綺麗なデータマートをつくろう_データ整備を前向きに考える会 / Let's create clean data mart
brainpadpr
3
370
「AI駆動PO」を考えてみる - 作る速さから価値のスループットへ:検査・適応で未来を開発 / AI-driven product owner. scrummat2025
yosuke_nagai
3
800
from Sakichi Toyoda to Agile
kawaguti
PRO
1
100
Wasmのエコシステムを使った ツール作成方法
askua
0
100
英語は話せません!それでも海外チームと信頼関係を作るため、対話を重ねた2ヶ月間のまなび
niioka_97
0
130
How to achieve interoperable digital identity across Asian countries
fujie
0
140
Uncle Bobの「プロフェッショナリズムへの期待」から学ぶプロの覚悟
nakasho
2
100
自動テストのコストと向き合ってみた
qa
0
210
Featured
See All Featured
Automating Front-end Workflow
addyosmani
1371
200k
Raft: Consensus for Rubyists
vanstee
139
7.1k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.6k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
32
2.3k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Visualization
eitanlees
148
16k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
132
19k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
We Have a Design System, Now What?
morganepeng
53
7.8k
Gamification - CAS2011
davidbonilla
81
5.5k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
Transcript
Data Security (@ the personal level) Arnon Rotem-Gal-Oz
So what’s so important about “information security”?
Security is a real problem www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Information security? Not MY problem - IT should figure
it out
We’ve met the enemy and he is us
• Hardware • Software • People • Procedur es •
Data
Formal threat analysis The STRIDE model
Also see • OWASP https://www.owasp.org/ • https://www.owasp.org/index.php/Threat_Risk_Modeling#STRIDE • Common Criteria https://www.commoncriteriaportal.org/
Spoofing (of user identity) Tampering Repudiation Information
disclosure Denial of service Elevation of privilege
None
None
On the other hand…
None
None
Passwords
None
2016 is just as bad
None
None
Physical theft/loss
Protect your assets
Pay attention to email/text recipient address
Malware
It is up to you!
•Be mindful •Be careful who you trust •Secure your devices
•Report problems
arnonrgo
dip_tech
sansantech
smt7174
oracle4engineer
brainpadpr
yosuke_nagai
kawaguti
askua
niioka_97
fujie
nakasho
qa
addyosmani
vanstee
reverentgeek
marcduiker
samlambert
eitanlees
cassininazir
morganepeng
afnizarnur
davidbonilla
pedronauck
