Basics for Security Officers to Petroleum Industry & Petrochemicals Comp. اكاديمية المستقبل للتدريب

[RIGHT]Basics for Security Officers to Petroleum Industry & Petrochemicals Comp.

IT SECURITY IS CRITICAL TO THE INFRASTRUCTURE OF THE OIL AND NATURAL GAS INDUSTRY, AND THIS CONFERENCE WILL REFLECT ON THE LATEST ISSUES AND STRATEGIES ENHANCING OPERATIONS. THIS CONFERENCE PROVIDES AN EXCELLENT OPPORTUNITY TO NETWORK WITH IT SECURITY PROFESSIONALS, AND TO CANDIDLY SHARE IDEAS AND TO DISCUSS THE CHALLENGES FACING THE INDUSTRY. THESE SESSIONS, ESSENTIAL TO IT SECURITY, ARE CHOSEN AND PRESENTED BY RECOGNIZED MEMBERS IN THE FIELD.

AIM OF THE COURSE :

1.INCREASE SECURITY SKILLS AND INFORMATION ON OIL FACILITIES TO MEET ANY

2.UNCONTROLLED RISK.

3.CONDUCT TRIAMINIC IN NEW STANDARD PHILOSOPHY.

4.TAKING OPPORTUNITY FOR PREPARING SECURITY STAFF, PERSONS & OFFICERS

5.WITH NEW REQUIRES SKILLS.

6.ADHERENCE TO COMPANY SECURITY POLICY IN REGARDLESS

7.ENSURE THAT SECURITY STAFF HAVE A GOOD INFORMATION FOR CRITICAL SITUATION

8.APPLYING NEW &MODERN SECURITY SYSTEMS AT DEFERMENTS SITE .

9.CREATE HIGH QUALITY SYSTEM IN ACCORDANCE IN NEW &IMPROVEMENT STANDARDS

10.FOR THE LEADERS.

11.MEET THE INTERNATIONAL REQUIREMENT STANDARDS IN SECURITY

12.UNDERTAKEN THE VALUE OF RECURRENCES PETROLEUM FACILITIES ALL TIME

13.PROVIDE PARTICIPANTS MAY ATTEND THE COURSE WITH HIGH SECURITY TECHNOLOGY

14.AS SEARCHED AND DESIGNED.

15.HIGHLIGHTING ON RISK ASSESSMENT MAY NEEDS.

16.TRAIN SECURITY OFFICERS BASICALLY.

17.PROVIDES SECURITY OFFICERS WITH HAIGH RISE INFORMATION.

BENEFITS OF THE COURSE :

1.INCREASE SECURITY SKILLS AND ATTITUDE AMONG SECURITY OFFICERS &ENSURING THAT WILL BE APPLE TO ANY CRITICAL &UNCONTROLLED SITUATION AT SITE

2.PROTECT OIL FACILITIES WITH NEW, DEEP INFORMATION IN REGARDLESS

3.REDUCE RISK AND HAVING THE PROPER KNOWLEDGE OF ASSESSMENT MAY REQUIRES

4.ADHERENCE TO THE INTERNATIONAL FAVOR SECURITY STANDARDS AS DESIGNED AND BUILT TO OIL FACILITIES.

5.CORRECT BAD INFORMATION.

6.IMPROVE PRACTICAL APPLICATIONS TO THE ATTENDEES.

7.EXECUTIVE COMPANY POLICY IN HIGH PERFORMANCE.

8.KEEPING COMPANY REPUTATION SUCCESSFULLY, WITH GOOD ENVIRONMENT.

9.CONTROLLING RISK OF TERRORIST ATTACKS.

10.PREVENT PROBLEMS MAY CREATE, AMONG INDIVIDUALS EASLY.

11.ENSURE THAT DAY WORKS WILL FLOW SECURELY ALL TIME.

12.PROTECT COMPANY PROPERTIES IN GOOD OPERATIONAL CONDITION AGAINST INTERRUPTERS, PAD ELEMENTS.

13.LEARN, KNOW, HOW CONDUCT INVESTIGATION SECURELY.

WHO SHOULD ATTEND :

·IT MANAGEMENT

·IT SECURITY PROFESSIONALS OFFICERS

·SYSTEM ADMINISTRATORS

·DATABASE ADMINISTRATORS

·DATA PRIVACY SPECIALISTS

·APPLICATION SUPPORT PERSONNEL

·LEGAL

·HUMAN RESOURCES PROFESSIONALS

·IT AUDITORS

·COMPLIANCE OFFICERS

·CORPORATE SECURITY PROFESSIONALS

·ANYONE INTERESTED IN LEARNING ABOUT COMPANY OF THE ART SECURITY PRACTICES AND THEIR PRACTICAL IMPLEMENTATION AS WELL AS SECURING THEIR ENTERPRISE AND ITS CORE PROCESSES.

BASIC TOPICS , MAY INCLUDE :

·DISCUSSION OF EMERGING THREATS IN THE ENERGY SECTOR

·LEGISLATIVE / THREAT / COMPLIANCE

·PRIVACY

·MOBILE COMPUTING

·IDENTITY MANAGEMENT IN THE OIL AND NATURAL GAS INDUSTRY

·DOWNSTREAM / PCI

·APPLICATION SECURITY

·SCADA / PROCESS CONTROL SYSTEM SECURITY

·CIO / CISO PANEL DISCUSSION

·METRICS AND BENCHMARKING

·SECURITY AND RISK MANAGEMENT

·ALIGNMENT OF BUSINESS AND IT SECURITY EFFORTS

·BEST PRACTICES ON LOG CONSOLIDATION AND COMPLIANCE

·3RD PARTY CONNECTIONS

·EMERGING TECHNOLOGY TRENDS

·ENSURING THE SECURITY OF THE DIGITAL OILFIELD

THE CONFERENCE IS EXPECTED TO HOST MORE COMPANIES IT SECURITY EXPERTS FROM THE OIL AND GAS INDUSTRY, CREATING THE OPPORTUNITY TO LEARN ABOUT THE LATEST DEVELOPMENTS, SHARE INSIGHTS, AND NETWORK WITH OTHER IT SECURITY PROFESSIONALS. A SEPARATE EXHIBITION AREA WILL HOST COMPANIES FROM THE IT SECURITY INDUSTRY.

1. SECURITY POLICY

1.1. Security Policy Documents

1.2. Review and Evaluation

2.1. Information security infrastructure

2.2. Security of third party access

2.3. Outsourcing

2.4. Partnerships, Joint ventures and Alliances

3. ASSET CLASSIFICATION AND CONTROL

3.1. Accountability for assets

3.2. Fraud policy

3.3. Information classification

3.4. Asset Protection

4. PERSONNEL SECURITY

4.1. Security in job definition and resourcing

4.2. User training

4.3. Responding to security incidents and malfunctions

4.4. Joiners, Leavers and Travelers

5. PHYSICAL AND ENVIRONMENTAL SECURITY

5.1. Secure Areas Security

5.2. General Controls

6. COMMUNICATIONS AND OPERATIONS MANAGEMENT

6.1. Operational procedures and responsibilities

6.2. System planning and acceptance

6.3. Protection against malicious software

6.4. Housekeeping

6.5. Network management

6.6. Media handling and security

6.7. Exchanges of information and software

7. LOGICAL ACCESS CONTROL

7.1. Business requirement for access control.

7.2. User access management.

7.3. User responsibilities.

7.4. Network access control

7.5. Operating system access control.

7.6. Application access control

7.7. Monitoring system access and use.

7.8. Mobile computing and Teleporting.

7.9. Internet/Intranet access.

8. DEVELOPMENT AND MAINTENANCE

8.1. Security Requirements

8.2. Security in Application Systems

8.3. Cryptographic Controls

8.4. Security of system files.

8.5. Security in Development and support processes.

8.6. Security During Maintenance

9. BUSINESS CONTINUITY Management.

9.1. Aspects of Business Continuity Management.

10. COMPLIANCE.

10.1. Compliance with Legal Requirements.

10.2. Review of security policy and technical compliance.

10.3. Audit Consideration.

Commercial in Confidence

Uncontrolled when Printed

Commercial in Confidence

A .Annex A

B .Annex B.

C .ANNEXES C .CODE OF CONNECTION.

Issue 4.0

C.1 Background’s

C.2 Principle of Connection

C.3 End System Security Policies

C.4 The Company Voice and Data Networks Security Requirements.

1.1 INTRODUCTION TO SECURITY VULNERABILITY ASSESSMENT.

1.2 OBJECTIVES, INTENDED AUDIENCE AND SCOPE OF THE GUIDANCE

1.3 SECURITY VULNERABILITY ASSESSMENT AND SECURITY MANAGEMENT PRINCIPLES.

SECTION 2 SECURITY VULNERABILITY ASSESSMENT CONCEPTS

2.1 INTRODUCTION TO SVA TERMS.

2.2 RISK DEFINITION FOR SVA.

2.3 CONSEQUENCES

2.4 ASSET ATTRACTIVENESS.

2.5 THREAT.

2.6 VULNERABILITY.

2.7 SVA APPROACH.

2.8 CHARACTERISTICS OF A SOUND SVA APPROACH.

2.9 SVA STRENGTHS AND LIMITATIONS.

2.10 RECOMMENDED TIMES FOR CONDUCTING AND REVIEWING THE SVA.

2.11 VALIDATION AND PRIORITIZATION OF RISKS.

2.12 RISK SCREENING.

3.1 OVERVIEW OF THE SVA METHODOLOGY.

3.2 SVA METHODOLOGY.

3.3 STEP 1: ASSETS CHARACTERIZATION.

3.4 STEP 2: THREAT ASSESSMENT.

3.5 SVA STEP 3: VULNERABILITY ANALYSIS

3.6 STEP 4: RISK ANALYSIS/RANKING.

3.7 STEP 5: IDENTIFY COUNTERMEASURES:

3.8 FOLLOW-UP TO THE SVA.

ATTACHMENT 1 – EXAMPLE SVA METHODOLOGY FORMS.

ABBREVIATIONS AND ACRONYMS.

APPENDIX A—SVA SUPPORTING DATA REQUIREMENTS.

APPENDIX B—SVA COUNTERMEASURES CHECKLIST.

APPENDIX C—SVA INTERDEPENDENCIES AND INFRASTRUCTURE CHECKLIST

APPENDIX C1—REFINERY SVA EXAMPLE.

APPENDIX C2—PIPELINE SVA EXAMPLE.

APPENDIX C3—TRUCK TRANSPORTATION SVA EXAMPLE.

APPENDIX C4—RAIL TRANSPORTATION SVA EXAMPLE…

REFERENCES .FIGURES

2.1 Risk Definition.

2.2 SVA Risk Variables.

2.3 Asset Attractiveness Factors.

2.4 Overall Asset Screening Approach

2.5 Recommended Times for Conducting and Reviewing the SVA

3.1 Security Vulnerability Assessment Methodology -Steps .

3.1a Security Vulnerability Assessment Methodology-Step1

3.1b Security Vulnerability Assessment Methodology-Step 2.

3.1c Security Vulnerability Assessment Methodology-Steps 3

3.2 SVA Methodology Timeline

3.3 SVA Team Members

3.4 Sample Objectives Statement.

3.5 Security Events of Concern.

3.6 Description of Step 1 and Sub steps

3.7 Example Candidate Critical Assets…

3.8 Possible Consequences of Security Events

3.9 Example Definitions of Consequences of the Event.

3.10 Description of Step 2 and Sub steps

3.11 Threat Rating Criteria.

3.12 Target Attractiveness Factors (for Terrorism)

3.13 Attractiveness Factors Ranking Definitions (A).

3.14 Description of Step 3 and Sub steps.

3.15 Vulnerability Rating Criteria.

3.16 Description of Step 4 and Sub steps.

3.17 Risk Ranking Matrix

3.18 Description of Step 5 and Sub steps

METHODOLOGY OF THE COURSE :

·MOVIE FILMS

·SLIDES

·INTERNATIONAL COLORED POSTERS IN ARABIC & ENGLISH WORDS

·FAVOR HANDOUT WILL HAND OVER FROM THE COMPANY

[RIGHT]18/7/2012 تاريخ البدء: