Effective Cybersecurity Practices：Architecture and Technology for Financial Institutions

Course Outline:

It is mainly divided into two parts: Security Architecture and Security Technology Practice.

Part I: Security Architecture

This paper mainly introduces the fields involved in enterprise security construction, the main points of financial industry security construction, several key security management fields such as internal control compliance, outsourcing management, etc. It elaborates on security team building, security training, security assessment, security budget and so on, which is helpful to understand the perspective of enterprise security from the perspective of enterprise security builders and to solve problems. This part includes the introduction of enterprise information security construction, financial industry information security, security planning, internal control compliance management, security team building, security training, outsourcing security, security assessment, security certification and others, and other aspects include security budget, vendor management, security summary and security reporting.

Part II: Security Technology Practice This paper mainly introduces the application practice of security technology in enterprise security construction, including application security, intranet security, data security and business security. It elaborates on some key protection points such as mail, activity catalogue, patch management, anti-DDoS attack, and makes some open discussions on security operation, emergency response and security trend as well as the future of practitioners. These are helpful for enterprise security managers to better grasp the overall situation and act in accordance with the situation.