One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 455201 |
| Date de publication | 2017-12-26 20:01:58 (vue: 2017-12-26 20:01:58) |
| Titre | NBlog December 26 - government security manual |
| Texte | An updated version of the New Zealand Information Security Manual (NZISM) - in effect the government's information security policy manual, or at least the public non-secret element - was released this month: NZISM is painstakingly maintained and published by the Government Communications Security Bureau (GCSB) - our spooks in other words. It is a substantial tome, well over six hundred A4 pages split across two volumes.Part 1 (365 pages) covers:A brief introduction to the topic and the manual, in the NZ government context;Governance arrangements including overall controls such as accountability and responsibility, and compliance through system certification and accreditation, audits and reviews;Policies, plans, Standard Operating Procedures plus emergency and incident response procedures;Change management;Business continuity and Disaster Recovery management; Physical security;Personnel security (including security awareness;Infrastructure security (well, cabling and TEMPEST anyway);Communications systems and devices (e.g. cellphones and wearables);Product security (acquiring commercial goods and services);Storage media (lifecycle management).Part 2 (another 300 pages) covers:Software security (e.g. hardened Standard Operating |
| Envoyé | Oui |
| Condensat | coordinating despite it standard 2018 300 365 600+ :picking ;access ;communications ;cryptography;network ;data ;email ;product ;storage ;supporting accepted accountability accreditation acquiring across adapt/interpret added adopting after agencies agreements all also and other another anyway app apply applying are aren arrangements assets audits authentication awareness awareness;infrastructure best between brief broader bureau but cabling cellphones centric certification check classification classified cloud commercial communications compliance complication concerns context;governance continuity contracts control controls covers:a covers:software crown crypto cybersecurity data databases;working december departments development devices differently disaster distinguishes doubt driven effect effort element emergency encouraged end energy engaged enough entities environments especially essentially even except fact firewalls framework from gcsb generally glossary good goods government hardened standard have haven hence here hierarchical highly hundred identification illustrating immediately implied impressive incident including information intended internal introduction involved iso27k isolate issues job laws least lifecycle like line local logging etc maintained make malware management management; physical management;business mandatory manual marking may media month:nzism more mostly multinationals must nblog networks new nits non not nzism obvious off only operating organisations organizations other ought over overall pages painstakingly part people piece places plans plus policies policy politics practices principle private privileges procedures procedures;change protecting protective psr public published rather read recommended recovery red refers regulations released relevant requirements resident resilience respectively response responsibility reviews;policies risk scope scratch secret section sector security security;gateway security;personnel seems sense sensible services should site;enterprise six slogging small software some sound spanning special split spooks standards starting stating: strategies structure style:overall substantial such suppliers system systems tag take taxpayer tempest templates than those through time tls tome too topic tough traffic training transfers turn two updated updates use users using various version voip volumes vpns way wearables website well whitelisting wish without words work would yet zealand |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.