Cybersecurity for Beginners : Incident M
β Miller, Mike; Miller, Mike
π Library
π
2020
π English
β¦ LIBER β¦
π
Cybersecurity Best Practices Guide For IIROC Dealer Members
β Scribed by IIROC / OCRCVM
- Publisher
- IIROC / OCRCVM
- Year
- 2018
- Tongue
- English
- Leaves
- 52
- Category
- Library
β¬ Acquire This Volume
No coin nor oath required. For personal study only.
β¦ Synopsis
In recognition of the importance of proactive management of cyber risk to ensure the stability of IIROC-regulated firms, the integrity of Canadian capital markets, and the protection of investor interests, this document sets forth a voluntary risk-based Cybersecurity Framework β a set of industry standards and best practices to help IIROC Dealer Members manage cybersecurity risks.
The voluntary guidance provided herein offers Dealer Members the ability to customize and quantify adjustments to their cybersecurity programs using cost-effective security controls and risk management techniques. For smaller Dealer Members, this can help in understanding how to provide basic security for computer systems and networks.1 For larger Dealer Members, this provides a cost-effective approach to securing computer systems based on business needs, without placing additional regulatory requirements on business.
Key points in this report include:
β’ A sound governance framework with strong leadership is essential to effective enterprise- wide cybersecurity. Board-level and senior management-level engagement is critical to the success of firmsβ cybersecurity programs, along with a clear chain of accountability.
β’ A well-trained staff can serve as the first line of defense against cyber attacks. Effective training helps to reduce the likelihood of a successful attack by providing well- intentioned staff with the knowledge to avoid becoming inadvertent attack vectors (for example, by unintentionally downloading malware).
β’ The level of sophistication of technical controls employed by an individual firm is highly contingent on that firmβs individual situation. While a smaller firm may not be positioned to implement the included controls in their entirety, these strategies can serve a critical benchmarking function to support an understanding of vulnerabilities relative to industry standards.
β’ IIROC Dealer Members typically use third-party vendors for services, which requires vendor access to sensitive firm or client information, or access to firm systems. At the same time, the number of security incidents at companies attributed to partners and vendors has risen consistently, year on year. Firms should manage cybersecurity risk exposures that arise from these relationships by exercising strong due diligence and developing clear performance and verification policies.
β¦ Table of Contents
Executive Summary......Page 3
Purpose and Applicability......Page 4
Audience......Page 5
1.1 Defining Cybersecurity......Page 6
1.2 Threat Landscape......Page 8
2.2.1 Relationship to Other Security Control Publications......Page 10
3.1.1 Governance Framework......Page 11
3.1.2 Board and Senior Management Involvement......Page 13
3.2 Best Practice Recommendations: Small- to Mid-Sized Dealer Members......Page 15
3.3 Personnel Screening and the Insider Threat......Page 16
3.4 Physical and Environmental Security......Page 18
3.5 Cybersecurity Awareness and Training......Page 19
3.6 Assessing Threats and Vulnerabilities......Page 21
3.7 Network Security......Page 22
3.7.1 Wireless Network Security......Page 24
3.7.2 Remote Access......Page 25
3.7.2.1 Remote Access Endpoint Security......Page 26
3.8 Information System Protection......Page 27
3.8.1 Bring Your Own Device......Page 28
3.8.2 Backup and Recovery......Page 29
3.9 User Account Management and Access Control......Page 30
3.10 Asset Management......Page 31
3.11 Incident Response......Page 32
3.12.2 Information Sharing......Page 35
3.13 Cyber Insurance......Page 37
3.14 Vendor Risk Management......Page 39
3.14.1 Cloud Computing......Page 41
3.15 Cyber Policy......Page 42
Appendix A β Cybersecurity Incident Checklist......Page 43
Appendix B β Sample Vendor Assessment......Page 45
Appendix C β Glossary......Page 49
Appendix D - References......Page 51
π SIMILAR VOLUMES
Cybersecurity Best Practices
β Michael Bartsch, Stefanie Frey
π Library
π
2018
π Springer Fachmedien Wiesbaden;Springer Vieweg
<p><p>Das Thema Cybersecurity ist so aktuell wie nie, denn im Cyberspace lassen sich nur schwer Grenzen in Bezug auf den Zugang zu Informationen, Daten und Redefreiheit setzen. Kriminelle nutzen die LΓΌcken oft zu ihrem Vorteil aus. Die Vielzahl der IT-Systeme, ihre unterschiedlichen Nutzungsarten un
Cybersecurity for Executives: A Practica
β Gregory J. Touhill, C. Joseph Touhill
π Library
π
2014
π Wiley-AIChE
π English
Practical guide that can be used by executives to make well-informed decisions on cybersecurity issues to better protect their business<ul><li>Emphasizes, in a direct and uncomplicated way, how executives can identify, understand, assess, and mitigate risks associated with cybersecurity issues</li><
Cybersecurity for Executives: A Practica
β Gregory J. Touhill, C. Joseph Touhill
π Library
π
2014
π Wiley
π English
Practical guide that can be used by executives to make well-informed decisions on cybersecurity issues to better protect their business. Emphasizes, in a direct and uncomplicated way, how executives can identify, understand, assess, and mitigate risks associated with cybersecurity issues; Covers 'W
Cybersecurity for Project Managers. A PR
β Niharika Srivastav & Sanjay Saxena
π Library
π
2021
π English
Effective Cybersecurity: A Guide to Usin
β William Stallings
π Library
π
2018
π Addison-Wesley Professional
π English
<p>William Stallingsβ <b>Effective Cybersecurity </b>offers a comprehensive and unified explanation of the best practices and standards that represent proven, consensus techniques for implementing cybersecurity. Stallings draws on the immense work that has been collected in multiple key security doc