Menu
Log in

  International
  Institute of
  Business
  Analysis

  TORONTO

Business Analysis Everywhere

Log in

June Speaker Series - John Wang - Security Requirements - 21-June 6:30 pm

  • 21 Jun 2017
  • 6:30 PM - 8:00 PM
  • George Brown College Casa Loma Campus, 146 Kendall Avenue, Toronto, ON (Dupont TTC Subway Station)

Registration

  • Enter code to attend this Speaker Series
  • Member in good standing of the IIBA Toronto Chapter
  • Not currently an IIBA Toronto Member. $25 if pre registered. $35 at the door. Online registration closes at 3 PM on the day of the event.

Registration is closed

Assessing and Managing Security Risk in IT Systems

A Structured Methodology
John Wang


“An increasing number of software organizations recognize that developing security requirements is more important than designing protections because paying attention to security requirements in the early stages of the software lifecycle potentially saves millions of dollars.”

~Qian Gao


Building Security Requirements


Security is not about features. 

It is typically difficult (or impossible) to patch bad software, and nearly always costly to do so. Early consideration of security makes it part of the standard SDLC, and places it on a par with functional requirements. You can’t test what you don’t specify.


"75% of all attacks today occur at the application layer and bypass traditional firewalls."
  ~Gartner


1.  Information States
Transmission
Storage
Processing

2.  Countermeasures
Human Factors
Policy and Practices
Technology

3.  Security Goals
Confidentiality
Integrity
Availability

4.  Anatomy of A Breach


Why security requirements matter


SECURITY NEWS THIS WEEK: MICROSOFT’S PATCHING OLD VERSIONS OF WINDOWS BECAUSE THINGS ARE THAT BAD


INTEREST IN NORTH Korean hacking comes and goes, but this week experts cautioned that the US shouldn't underestimate or ignore this persistent and growing threat. The FBI and DHS even officially attributed the destructive WannaCry ransomware to the reclusive nation.


Meanwhile, new analysis from the cybersecurity firms ESET and Dragos Inc. offered details on the advanced, grid-sabotaging malware hackers used to attack a Ukrainian electrical power station last December. Incarceration rates are rising in the rural US. And Georgia's voting systems have no backup means of audit if the state's digital systems malfunction (or are, say, hacked).


At least the Department of Defense is still on the cutting edge. Its Strategic Capabilities Office is working on developing ways to weaponize video games. And special prosecutor Robert Mueller has put together an all-star investigatory team.

Plus the CIA could be lurking on basically every router out there, according to documents released by WikiLeaks. So here's a list of everyone President Donald Trump has blocked on Twitter to take your mind off things.


And there's more. Each Saturday we round up the news stories that we didn’t break or cover in depth but that still deserve your attention. As always, click on the headlines to read the full story in each link posted. And stay safe out there.


MICROSOFT PUSHED PATCHES FOR OLD WINDOWS SYSTEMS TO AVOID ANOTHER WANNACRY SITUATION


In May, Microsoft released patches for the virulent WannaCry ransomware for Windows XP even though that operating system is no longer officially supported. This week, the company followed up with a dozen additional patches that cover no-longer-supported versions including Windows XP, Windows Vista, Windows 8, Windows Server 2003, and Windows Server 2003 R2. Microsoft said that though it is not reinstating support for these aging OSes, it does want to take "action to provide additional critical security updates to address vulnerabilities that are at heightened risk of exploitation due to past nation-state activity and disclosures." While working to anticipate and preempt the next WannaCry-type incident is important, some experts worry that making too much of a habit of patching old systems will give stragglers an excuse to hold out on these dangerously insecure platforms even longer instead of being forced to upgrade. On the other hand, security pressure hasn't really created that urgency so far.


Source: https://www.wired.com/story/microsoft-windows-xp-security-patch/



Event Particulars


ROOM  E430
George Brown College 
Casa Loma Campus
146 Kendal Avenue, Toronto
May 24, 2017.  6:30 pm

Map



Wednesday, June 21, 2017
Time: 6:30 – 8:00 pm
Registration & Networking: 6:00 – 6:30 pm
Presentation: 6:30 – 8:00 pm

Networking: 8:00 - 

Room E430


Event Partner


IIBA Toronto
Summer Collaboration


Get Certified
This Summer




George Brown College Casa Loma Campus


146 Kendal Avenue, Toronto, ON M5R 1M3

Map


Transportation

Dupont TTC Subway Station
400 Meters from entrance.
Paid parking and street
parking in area



About the Speaker



John Wang
Professor
George Brown College


Intelligent Connections Inc.






Secondary navigation G - Navigation links, Secondary menu.


This website is being
modified to a new look and functionality. Keep scrolling. 

Powered by Wild Apricot Membership Software