Description: In this video the author Rick Ensenbach talks about proactive lifecycle security management.He starts by presenting some statistics on how cyber crime has impacted the current IT sector .Using these stats he shows how a security bug can lead to major losses if it is let out .He discusses on a process called security authorization that ensures that the people understand security and accept damages since it was their own fault . He then tells why it is necessary. He then discusses the key process players in this process and their duties thereby telling the difference between authorization,system and data owner. He then discusses the advantages of this process and how it helps in savings and standardization. He categorizes the security system into various processes like monitoring,authorization and reauthorization.He talks about preparation phase in which u create boundaries and helps us build a security authorization system for the entire network.He then discusses these various steps involved in the preparation phase in detail . He then gives a brief idea about the system security plan.In preparation phase we implement security controls In authorization phase , he tells us how the authorization information system works.The authorization package goes to authorization official who signs it .It goes to continuous monitoring phase after it is approved which tracks the security state on a continuous basis and ensure that the controls are operating. He then tells about the two types of reauthorization time driven and event driven. He then discusses on how it could be made much easier by continuous monitoring .He finally tells us to consider the value of this process while developing a system.He then winds up the discussion by giving various references . The presentation ends with a simple Q and A session and the different points to remember in a proactive lifecycle security management.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.