security policy update
play

Security Policy Update Mike Stanfield OSG Security Team OSG - PowerPoint PPT Presentation

Apr 19, 2023 •13 likes •113 views

Security Policy Update Mike Stanfield OSG Security Team OSG Council Face-to-Face October 11 th , 2019 OSG Security Team Security Team Members: Susan Sons, CACR Indiana University Adrian Crenshaw, CACR Indiana University Josh Drake,

  1. Security Policy Update Mike Stanfield OSG Security Team OSG Council Face-to-Face October 11 th , 2019

  2. OSG Security Team Security Team Members: • Susan Sons, CACR Indiana University • Adrian Crenshaw, CACR Indiana University • Josh Drake, CACR Indiana University • Zalak Shah, CACR Indiana University • Mike Stanfield, CACR Indiana University 2 11 October 2019 | OSG Council Face-to-Face

  3. Policy Updates 3 11 October 2019 | OSG Council Face-to-Face

  4. Why are we updating policies? • IRIS-HEP Deliverable: − Realign the OSG Cybersecurity Program with the Open Science Cybersecurity Framework • Step one is a refresh of the OSG Security policies 4 11 October 2019 | OSG Council Face-to-Face

  5. Updated Policies • Master Information Security Policy & Procedures • Incident Response Policies & Procedures • Service Container Security Policy 5 11 October 2019 | OSG Council Face-to-Face

  6. Master Information Security Policy & Procedures • Describes the roles and priorities of the Security team. • Defines security expectations of OSG staff and users. • Moved exception management into a single source of truth. • Greatly reduced size (~10 pages). https://drive.google.com/file/d/1BfZb3il57Wn1NVnnLzvOCCHFOLhiI1-L/view?usp=sharing 6 11 October 2019 | OSG Council Face-to-Face

  7. Incident Response Policies & Procedures • Explicitly defining the process the OSG Security team uses during an incident. • Tested via a tabletop exercise, gaps identified and addressed. • Tested recently again during an incident (2019-10-03_001). − Some minor adjustments still to be made. https://drive.google.com/file/d/1radhu-qz8sNSWuEkL5Ykrx8-huUup844/view?usp=sharing 7 11 October 2019 | OSG Council Face-to-Face

  8. Service Container Security Policy • Addressing a need within OSG and the larger community. • Defines how we handle creation and validation of service containers. • Recently shared with EGI − Any WLCG container policies will use this as a starting point. https://drive.google.com/open?id=1yKjSSAIlHMeRxEAN45ltki1z_BBZbaaq 8 11 October 2019 | OSG Council Face-to-Face

  9. Evolving policies • These policy documents are in a draft state (but are nearly final). • Policy shouldn’t be stagnant - should review at least annually. • Still waiting final ET approval: please send us your feedback! 9 11 October 2019 | OSG Council Face-to-Face

  10. Questions? 10 11 October 2019 | OSG Council Face-to-Face

Recommend

Update on Security Policy David Kelsey (RAL) 7 Mar 2010 Security Workshop @ ISGC 2010,

Update on Security Policy David Kelsey (RAL) 7 Mar 2010 Security Workshop @ ISGC 2010,

Update on Security Policy David Kelsey (RAL) 7 Mar 2010 Security Workshop @ ISGC 2010, Taipei david.kelsey at stfc.ac.uk Overview Why do we need security policies? Joint Security Policy Group (JSPG) Some history

408 views • 28 slides
Security Classification Policy Implementation in Policing Update Helen Edwards Head of

Security Classification Policy Implementation in Policing Update Helen Edwards Head of

Security Classification Policy Implementation in Policing Update Helen Edwards Head of Information Management March 2013 1 New Security Classifications From April 2014, the Government security classifications are changing.

173 views • 13 slides
CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley

CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley

CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley tcrosley@cs SQL Review Structured Query Language (SQL) used to communicate with databases Standard SQL commands SELECT, INSERT, UPDATE, DELETE, DROP

771 views • 12 slides
AIST POLICY UPDATE 29 July 2020 SPEAKER: David Haynes, Senior Policy Manager, AIST Policy

AIST POLICY UPDATE 29 July 2020 SPEAKER: David Haynes, Senior Policy Manager, AIST Policy

AIST POLICY UPDATE 29 July 2020 SPEAKER: David Haynes, Senior Policy Manager, AIST Policy Update AGENDA CoVid measures Regulator update Policy landscape Joint letter APRA/ASIC Retirement Income Review Insurance in Super Code Royal

298 views • 18 slides
Update - Security Policies David Groep (Nikhef) EGI OMB 24 November 2016 www.egi.eu EGI-Engage

Update - Security Policies David Groep (Nikhef) EGI OMB 24 November 2016 www.egi.eu EGI-Engage

Update - Security Policies David Groep (Nikhef) EGI OMB 24 November 2016 www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number 654142 Refreshing the security policy suite

399 views • 15 slides
Pre-ICANN68 Policy Update Webinar 18 June 2020 | 1 Welcome to the Pre-ICANN68 Policy Update

Pre-ICANN68 Policy Update Webinar 18 June 2020 | 1 Welcome to the Pre-ICANN68 Policy Update

Pre-ICANN68 Policy Update Webinar 18 June 2020 | 1 Welcome to the Pre-ICANN68 Policy Update Webinar This is a text box caption to describe David Olive the photo to the left. Senior Vice President, Policy Development Support | 2

751 views • 41 slides
Security Update Security Plans Our Security plans are For Official Use Only, Safety

Security Update Security Plans Our Security plans are For Official Use Only, Safety

Security Update Security Plans Our Security plans are For Official Use Only, Safety Sensitive Information Not for public or media release F.S. 119.071. Required by law, rule and regulation: Homeland Security Directive 5 and 8.

393 views • 11 slides
ICANN Policy Update - Singapore Policy Department, June 2011 Goals for this session Update

ICANN Policy Update - Singapore Policy Department, June 2011 Goals for this session Update

ICANN Policy Update - Singapore Policy Department, June 2011 Goals for this session Update you on current Policy work and encourage you to participate Review policy issues to be discussed at the ICANN Singapore Meeting Inform you of

998 views • 80 slides
Document Hierarchy of Information Security Corporate Security Policy Policy General commitment

Document Hierarchy of Information Security Corporate Security Policy Policy General commitment

Document Hierarchy of Information Security Corporate Security Policy Policy General commitment to Information Security General commitment to Information Security Installation of CorpSec Enabling CSO Installing Information Security Standard

355 views • 8 slides
CI P Cyber Security Update CI P Cyber Security Update John Lim John Lim Consolidated Edison Co.

CI P Cyber Security Update CI P Cyber Security Update John Lim John Lim Consolidated Edison Co.

CI P Cyber Security Update CI P Cyber Security Update John Lim John Lim Consolidated Edison Co. of New York, Inc. December 1, 2010 1 Disclaim er Materials presented or discussed here are the presenters own and do not necessarily

451 views • 15 slides
Pre-ICANN57 Policy Update Webinar 20 October 2016 | 10 UTC & 19 UTC Welcome to the

Pre-ICANN57 Policy Update Webinar 20 October 2016 | 10 UTC & 19 UTC Welcome to the

Pre-ICANN57 Policy Update Webinar 20 October 2016 | 10 UTC & 19 UTC Welcome to the Pre-ICANN57 Policy Update Webinar David Olive Senior Vice President, Policy Development Support General Manager, ICANN Regional Headquarters Hub in

965 views • 78 slides
Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian

Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian

Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian Roth , Timothy Barron, Stefano Calzavara, Nick Nikiforakis & Ben Stock Network and Distributed System Security Symposium (NDSS '20) Cross-Site

878 views • 31 slides
Policy Development Process & Policy Update Newcomers Session - 11 Sep 2020 ORGANISED

Policy Development Process & Policy Update Newcomers Session - 11 Sep 2020 ORGANISED

Policy Development Process & Policy Update Newcomers Session - 11 Sep 2020 ORGANISED BY Policy Development Process & Policy Update Madhvi Gokool 11 SEPTEMBER 2020 Why should you care? Public IP Number Resources are The

566 views • 23 slides
Finance, Costing, & Audit Policy Update Co-Chairs: Michelle Bulls, NIH Office of Policy for

Finance, Costing, & Audit Policy Update Co-Chairs: Michelle Bulls, NIH Office of Policy for

Finance, Costing, & Audit Policy Update Co-Chairs: Michelle Bulls, NIH Office of Policy for Extramural Research Administration Jim Luther, Duke University January 10, 2020 Plenary Update GOALS To reduce administrative burden for

128 views • 12 slides
and Advocacy in Alaska Outline: Framing Food Security/Insecurity Food Security in Alaska

and Advocacy in Alaska Outline: Framing Food Security/Insecurity Food Security in Alaska

Anti-Hunger Policy and Advocacy in Alaska Outline: Framing Food Security/Insecurity Food Security in Alaska Federal Policy and Advocacy State Policy and Advocacy SNAP FINI Grant Useful Reports Policy

852 views • 12 slides
ICANN Policy Update Webinar Policy Department, 22 November 2010 Introduction David Olive 1

ICANN Policy Update Webinar Policy Department, 22 November 2010 Introduction David Olive 1

ICANN Policy Update Webinar Policy Department, 22 November 2010 Introduction David Olive 1 Goals for this session Update you on current Policy work and encourage you to participate Review issues to be discussed at the ICANN Meeting in

929 views • 65 slides
ICANN Policy Update Webinar Policy Department, 4 October 2012 Introduction David Olive 2

ICANN Policy Update Webinar Policy Department, 4 October 2012 Introduction David Olive 2

ICANN Policy Update Webinar Policy Department, 4 October 2012 Introduction David Olive 2 Goals for this session Update you on current Policy work and encourage you to participate Review issues to be discussed at the ICANN Meeting in

1.4k views • 110 slides
OpenVMS Security Update OpenVMS Security Update OpenVMS Security Update Helmut Ammer Helmut

OpenVMS Security Update OpenVMS Security Update OpenVMS Security Update Helmut Ammer Helmut

OpenVMS Security Update OpenVMS Security Update OpenVMS Security Update Helmut Ammer Helmut Ammer CSSC Mnchen CSSC Mnchen 1F06 1F06 25. DECUS Mnchen Symposium Bonn 2002 1 berblick berblick berblick OpenVMS Security

754 views • 31 slides
Transit Service Policy Update Review of Policy Changes Transit Service Policy What is the

Transit Service Policy Update Review of Policy Changes Transit Service Policy What is the

Transit Service Policy Update Review of Policy Changes Transit Service Policy What is the Transit Service Policy? Key policy document that establishes: A formal process for evaluating existing services A methodology and process for

152 views • 14 slides
US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific,

US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific,

US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific, Technical and Industrial Directorate of Business Resilience Defence Security Security Protection The DTCT requires the Parties to provide an

387 views • 9 slides
ICANN Policy Update Webinar Policy Department, March 2012 Introduction David Olive 2 Goals

ICANN Policy Update Webinar Policy Department, March 2012 Introduction David Olive 2 Goals

ICANN Policy Update Webinar Policy Department, March 2012 Introduction David Olive 2 Goals for this session Update you on current Policy work and encourage you to participate Review issues to be discussed at the ICANN Meeting in

1.27k views • 108 slides
ICANN Policy Update Webinar Policy Department, October 2011 Introduction David Olive 2 Goals

ICANN Policy Update Webinar Policy Department, October 2011 Introduction David Olive 2 Goals

ICANN Policy Update Webinar Policy Department, October 2011 Introduction David Olive 2 Goals for this session Update you on current Policy work and encourage you to participate Review issues to be discussed at the ICANN Meeting in

1.34k views • 97 slides
ICANN Policy Update Webinar Policy Department, 3 March 2011 Introduction David Olive 1 Goals

ICANN Policy Update Webinar Policy Department, 3 March 2011 Introduction David Olive 1 Goals

ICANN Policy Update Webinar Policy Department, 3 March 2011 Introduction David Olive 1 Goals for this session Update you on current Policy work and encourage you to participate Review issues to be discussed at the ICANN Meeting in San

1.08k views • 70 slides
Policy Update Marika Konings, Senior Policy Director Goals for this session Provide you with

Policy Update Marika Konings, Senior Policy Director Goals for this session Provide you with

Policy Update Marika Konings, Senior Policy Director Goals for this session Provide you with an overview of the main Policy Sessions taking place this week Encourage you to attend & participate Answer any questions you might have

496 views • 27 slides

More recommend