ISI–BDM 2013 Abstracts

Short Papers
Paper Nr: 1

Enterprise to Cloud Security Assessment - A Method using OSSTMM 3.0 Concepts


Ronivon Costa and Carlos Serrão

Abstract: Much has been talked about security, and with the wide spread and adoption of Cloud computing, the talk has followed the buzz and put Cloud Security in the spotlights. Security guides for the Cloud has been published, but we understand that is still missing a practical assessment methodology that would allow organizations to quick understand how the security of their assets are impacted when it is farmed out to Public Clouds. Our contribution to address this problem is a method to isolate the organization’s assets from the environment it is hosted, and compare metrics from the environment only. This method provides the important benefit of allowing the organization to determine how security will be impacted without having to actually migrate its resources.

Paper Nr: 4

Crying for the Moon? - Current Challenges in Corporate Information Security Management


Ulrike Hugl

Abstract: The ability to respond to the evolving challenges in corporate information security management is not a destination but rather a journey. To contest the race means to accept the dare, but being aware of the fact that offenders are normally one step ahead. Understanding threats and attackers’ methods and strategies is a crucial issue towards protecting corporate assets. This work aims on presenting an overview of current information security-related trends, it explains possible internal and external motivated offenders and reveals related organisational weak spots. Moreover, it highlights some starting points for organisational prevention measures.