Information security and the service desk
I will be delivering a webinar on information security and the service desk next week. Here is a preview of what I’m going to talk about.
Follow this link to join us on Wednesday, 10th October at 16:00 UK time (17:00 Central Europe, 11 AM US Eastern, 8 AM US Pacific time)
On information security
- The webinar will start with an overview of information security - what Infosec covers, what are we trying to protect and what can go wrong.
- This webinar will help you understand the difference between confidentiality, integrity and availability, and the different types of attack that might impact these.
- We’ll share some stories of how attacks have affected other organizations, and help you think about how to avoid suffering the same fate.
- I’ll talk to you about how good risk management can help you get the right balance between protecting your assets and enabling people to get on with their work
- How too much security can be as much of a problem as too little.
On security controls
- I’ll cover the different types of security controls and how these can protect the confidentiality, integrity and availability of valuable information.
- Some controls can help to prevent incidents from occurring, but you also need controls to help you detect incidents when they do occur, and to help you correct the situation after you have detected one.
- Data shows that when an organization suffers a security breach, the average length of time that the attackers remain on the system is about 200 days. If you can detect incidents really fast and correct the situation effectively, then you can massively reduce the impact. I’ll help you think about how to get the balance between these different types of control right.
On service desks
Just to make sure we all share the same understanding of what a service desk does, I’ll take a few minutes to describe what’s meant by a service desk.
- A modern service desk is much more than a simple call centre, and there are many different ways in which a service desk can add value for an organisation
How service desks can contribute to information security
- A service desk that doesn’t contribute to information security may be part of the problem, rather than part of the solution, making security breaches more likely, and resulting in higher impact when breaches do occur.
- On the other hand, there are many things that a service desk can do that will contribute to preventing security incidents, detecting incidents that couldn’t be prevented, and correcting incidents that have been detected.
- A great service desk can make a huge difference to how your organization is protected, and thinking about the right precautions for your organisation just might save you from being yet another organization that suffers the embarrassment of a major security breach.
The webinar will conclude with a brief overview of other areas of service management that could contribute to your information security. Organizations with great collaboration between IT service management staff and information security staff are much better placed than those where different parts of the organisation act in isolation.
If you’re interested to know how your service desk can play a valued and valuable role in protecting the information your organization needs to conduct its business, then please join us for the webinar on 10th October.