Académique Documents
Professionnel Documents
Culture Documents
SECURITY:
ESSENTIALS
Daniel
Medina
medina@nyu.edu
ADMINISTRATION
h?p://nyu.medina.io
Daniel
Medina
medina@nyu.edu
Get
an
NYU
Account:
h?p://start.nyu.edu
Today
Cryptography
Access
Controls
Networks
&
Perimeters
ApplicaIon
Security
Audit
&
Incidents
Laws
&
RegulaIons
TBD
ABOUT ME
Daniel
Medina
medina@nyu.edu
ABOUT
ME
Background
Previously:
Systems
Administrator,
Network
Developer,
Security
Architect,
Academia
&
Wall
Street
Now:
Director
TechOps
(Security,
Infra)@
tech
startup,
Adjunct
at
NYU
since
2007
ABOUT
ME
Why
am
I
here?
Years
at
Columbia
University
Never
go
into
teaching
Got
real
job
at
a
bank
Missed
university
/
academia
Adjunct
at
NYU
since
2007
First
class:
Perl
Programming
ABOUT
YOU
Hi!
Name
Background
Why
are
you
here?
INTERMISSION
hWps://twiWer.com/briankrebs/status/431247496388812800
hWps://twiWer.com/briankrebs/status/431277998374137856
SIDEBAR:
WHATS
IN
A
SECURITY
ROLE?
Word
cloud
of
an
informaIon
security
professionals
skills
&
experIse
(via
LinkedIn)
SO WHAT IS SECURITY?
I AM TRULY SORRY
WE
HAVE
HIRED
SECURITY
EXPERTS
Target
CIO
resigned
March
2014
hWp://bits.blogs.ny<mes.com/2014/07/31/brad-maiorino-targets-new-cybersecurity-boss-discusses-being-a-gluWon-for-punishment/
INTERMISSION
SOME CONCEPTS
C
I
A
CondenIality
Integrity
Availablility
RISK
ASSESSMENT
What
are
we
protecIng?
What
are
the
threats?
What
costs
would
we
bear?
ADVERSARY
MODEL
careless
user
bored
hacker
criminal
gang
hack<vist
collec<ve
disgruntled
employee
industrial
compe<tor
government
agency
I+AAA
Iden<ca<on
Authen<ca<on
Authoriza<on
Accoun<ng