{"id":2891,"date":"2015-10-20T18:55:00","date_gmt":"2015-10-20T16:55:00","guid":{"rendered":"http:\/\/preventista.sk\/info\/?p=2891"},"modified":"2015-10-19T23:13:47","modified_gmt":"2015-10-19T21:13:47","slug":"bezpecnostny-incident-neprijemna-udalost","status":"publish","type":"post","link":"https:\/\/preventista.sk\/info\/bezpecnostny-incident-neprijemna-udalost\/","title":{"rendered":"Bezpe\u010dnostn\u00fd incident – nepr\u00edjemn\u00e1 udalos\u0165?"},"content":{"rendered":"

Jednou z k\u013e\u00fa\u010dov\u00fdch zodpovednost\u00ed vedenia podniku pri podpore syst\u00e9mu riadenia informa\u010dnej bezpe\u010dnosti je zavedenie procesu rie\u0161enia bezpe\u010dnostn\u00fdch incidentov. Schopnos\u0165 organiz\u00e1cie efekt\u00edvne reagova\u0165 na identifikovan\u00fd incident je z\u00e1visl\u00e1 od kvalitnej pr\u00edpravy na v\u0161etky potenci\u00e1lne udalosti, ktor\u00e9 by mohli nepriaznivo p\u00f4sobi\u0165 na informa\u010dn\u00e9 akt\u00edva podniku. <\/em><\/p>\n

Ak sa incident t\u00fdka kritick\u00fdch informa\u010dn\u00fdch akt\u00edv, jeho zvl\u00e1dnutie si vy\u017eaduje komplexn\u00e9 podchytenie, presn\u00fa anal\u00fdzu a uv\u00e1\u017eliv\u00fa reakciu. Pr\u00edprava rie\u0161enia incidentov preto mus\u00ed by\u0165 nevyhnutne zalo\u017een\u00e1 na d\u00f4kladnom pl\u00e1novan\u00ed zdrojov, ale najm\u00e4 na v\u010dasnom vybudovan\u00ed a otestovan\u00ed reak\u010dn\u00fdch proced\u00far. Implement\u00e1cia procesov reakcie na bezpe\u010dnostn\u00e9 incidenty je podmienen\u00e1 spr\u00e1vnym\u00a0 pochopen\u00edm cel\u00e9ho \u017eivotn\u00e9ho cyklu incidentu, od jeho vzniku, a\u017e po uzatvorenie a ponau\u010denie. <\/em><\/p>\n

Povedzme si nie\u010do ku \u017eivotn\u00e9mu cyklu incidentu a\u00a0stru\u010dne aj k aktivit\u00e1m, z ktor\u00fdch sa sklad\u00e1 proces rie\u0161enia bezpe\u010dnostn\u00e9ho incidentu. <\/em><\/p>\n

<\/h1>\n
\n

Udalos\u0165 vs. incident<\/h1>\n

Bez vetra sa ani l\u00edstok nepohne, ako hovor\u00ed zn\u00e1me slovensk\u00e9 pr\u00edslovie. Plat\u00ed to aj pre bezpe\u010dnostn\u00e9 po\u010d\u00edta\u010dov\u00e9 incidenty. Pod\u013ea lexik\u00e1lneho slovn\u00edka je incident nepr\u00edjemn\u00e1 pr\u00edhoda, nemil\u00e1 udalos\u0165 a \u00a0podobne je potrebn\u00e9 nahliada\u0165 aj na cel\u00fd proces vzniku bezpe\u010dnostn\u00e9ho incidentu. Bez predch\u00e1dzaj\u00facej UDALOSTI nem\u00f4\u017ee jestvova\u0165 INCIDENT<\/strong>.<\/p>\n

V\u00a0informa\u010dn\u00fdch technol\u00f3gi\u00e1ch je udalos\u0165ou (ang. \u201eevent\u201c) ak\u00fdko\u013evek pozorovate\u013en\u00fd \u00a0jav v syst\u00e9moch a v\u00a0sie\u0165ach. Udalos\u0165ou je prihl\u00e1senie pou\u017e\u00edvate\u013ea, spustenie aplik\u00e1cie, aktivita sie\u0165ovej vrstvy a\u00a0ak\u00fdko\u013evek in\u00fd proces, ktor\u00fd m\u00f4\u017ee by\u0165 potenci\u00e1lne negat\u00edvny, nechcen\u00fd a nepr\u00edjemn\u00fd, napr\u00edklad aj preto, \u017ee je zlomyse\u013en\u00fd. Udalos\u0165, nemus\u00ed nevyhnutne znamena\u0165 incident, m\u00f4\u017ee v\u0161ak poskytn\u00fa\u0165 ind\u00edcie, ktor\u00e9 po vyhodnoten\u00ed m\u00f4\u017eu odhali\u0165 nezvykl\u00fa, alebo neo\u010dak\u00e1van\u00fa \u0161kodliv\u00fa aktivitu<\/strong>.<\/p>\n

Udalos\u0165, pod\u013ea ITIL-u, je tak\u00e1 zmena stavu, ktor\u00e1 m\u00e1 v\u00fdznam pre mana\u017ement konfigura\u010dn\u00fdch polo\u017eiek, alebo pre IT slu\u017ebu. Term\u00edn \u201eudalos\u0165\u201c je pou\u017e\u00edvan\u00fd aj v zmysle v\u00fdstrahy, alebo upozornenia vytvoren\u00e9ho IT slu\u017ebou, alebo monitorovac\u00edm n\u00e1strojom. Udalos\u0165 si spravidla vy\u017eaduje z\u00e1sah prev\u00e1dzkov\u00e9ho person\u00e1lu a \u010dasto m\u00e1 za n\u00e1sledok vytvorenie z\u00e1znamu o incidente.<\/p>\n

Na incident je mo\u017en\u00e9 nazera\u0165 napr\u00edklad aj prostredn\u00edctvom kvality prev\u00e1dzky IT slu\u017eby. Je prirodzen\u00e9, \u017ee za \u017eiaducu sa pova\u017euje len tak\u00e1 prev\u00e1dzka slu\u017eby, ktor\u00e1 nejav\u00ed \u017eiadnu kvalitat\u00edvnu\u00a0 odch\u00fdlku od p\u00f4vodnej \u0161pecifik\u00e1cie. \u00a0Oproti tomu, prev\u00e1dzka IT slu\u017eby, ktor\u00e1 m\u00e1 zn\u00e1mky \u00a0nekvality, u\u017e \u00a0m\u00f4\u017ee by\u0165 pova\u017eovan\u00e1 za ne\u017eiaducu. Samotn\u00e1 chyba, alebo slu\u017eba so zn\u00ed\u017eenou kvalitou v\u0161ak e\u0161te nie je bezpe\u010dnostn\u00fdm incidentom<\/strong>.<\/p>\n

\"bezpecnostny-incident\"<\/a><\/h1>\n
\n

Defin\u00edcia incidentu<\/h2>\n

Bezpe\u010dnostn\u00fd po\u010d\u00edta\u010dov\u00fd incident je tak\u00e1 \u0161kodliv\u00e1 udalos\u0165, v r\u00e1mci ktorej do\u0161lo ku strate d\u00f4vernosti d\u00e1t, zni\u010deniu d\u00e1t, prelomeniu integrity syst\u00e9mu, alebo obmedzeniu, \u010di odmietnutiu dostupnosti slu\u017eby. M\u00f4\u017ee to by\u0165 ak\u00e9ko\u013evek nezvykl\u00e1, alebo neo\u010dak\u00e1van\u00e1 aktivita, priestupok, alebo riziko priestupku proti bezpe\u010dnostnej politike, pr\u00edpadne proti akceptovate\u013en\u00e9mu pou\u017eitiu bezpe\u010dnostn\u00fdch polit\u00edk, nesplnenie \u0161tandardn\u00fdch postupov, ktor\u00e9 viedlo ku takej zmene kvality slu\u017eby, ktor\u00e1 je pre organiz\u00e1ciu z\u00e1sadne neprijate\u013en\u00e1.<\/p>\n

Pod\u013ea ISO 27001 – bezpe\u010dnostn\u00fd incident je jedna, alebo viac ne\u017eiaducich, alebo neo\u010dak\u00e1van\u00fdch bezpe\u010dnostn\u00fdch udalost\u00ed, u ktor\u00fdch existuje vysok\u00e1 pravdepodobnos\u0165 kompromit\u00e1cie \u010dinnost\u00ed organiz\u00e1cie a ohrozenie bezpe\u010dnosti inform\u00e1ci\u00ed<\/strong>.<\/p>\n

Medzin\u00e1rodn\u00e1 norma ISO\/IEC 27013, ktor\u00e1 pojedn\u00e1va o\u00a0zjednotenej implement\u00e1cii syst\u00e9mu riadenia informa\u010dnej bezpe\u010dnosti (ISO\/IEC 27001) a mana\u017ementu slu\u017eieb IT (ISO\/IEC 20000-1), odpor\u00fa\u010da o\u0161etrova\u0165 incidenty v\u00a0informa\u010dnej bezpe\u010dnosti ako \u0161pecifick\u00fd typ z\u00e1va\u017en\u00e9ho incidentu (ang. \u201emajor incident\u201c). Tak\u00fd postup zabezpe\u010d\u00ed, \u017ee:<\/p>\n

    \n
  • vedenie organiz\u00e1cie bude o\u00a0incidente informovan\u00e9,<\/li>\n
  • procesy o\u0161etrovania bezpe\u010dnostn\u00fdch incidentov bud\u00fa vopred stanoven\u00e9,<\/li>\n
  • pre tieto procesy bude vopred ur\u010den\u00fd a\u00a0vy\u0161kolen\u00fd okruh zodpovedn\u00fdch zamestnancov.<\/li>\n<\/ul>\n

    <\/h3>\n
    \n

    \u017divotn\u00fd cyklus incidentu<\/h3>\n

    Pre pochopenie jednotliv\u00fdch f\u00e1z bezpe\u010dnostn\u00e9ho po\u010d\u00edta\u010dov\u00e9ho incidentu je potrebn\u00e9 pozrie\u0165 sa najsk\u00f4r na incident z\u00a0poh\u013eadu \u010dasov\u00e9ho rozl\u00ed\u0161enia. Incident po\u010das svojej \u017eivotnosti (ang. \u201etime to live\u201c) prech\u00e1dza nieko\u013ek\u00fdmi f\u00e1zami, ktor\u00e9 sa vz\u00e1jomne prel\u00ednaj\u00fa a\u00a0ktor\u00e9 maj\u00fa r\u00f4znu, v\u00a0\u010dase sa meniacu pr\u00e1cnos\u0165 i zlo\u017eitos\u0165.<\/p>\n

    Od chv\u00edle, ke\u010f sa vyskytne \u0161kodliv\u00e1 udalos\u0165, v\u017edy uplynie ist\u00fd \u010das, k\u00fdm t\u00fato udalos\u0165 zodpovedn\u00e9 osoby deteguj\u00fa. Pravda je tak\u00e1, \u017ee niekedy ju nedok\u00e1\u017eu detegova\u0165\u00a0 v\u00f4bec. Ale t\u00e1to t\u00e9ma by bola na samostatn\u00fa \u00favahu. J<\/p>\n

    Po \u00faspe\u0161nom zisten\u00ed\u00a0 incidentu, je potrebn\u00fd ur\u010dit\u00fd \u010das na to, aby zodpovedn\u00e9 osoby z\u00edskali v\u00fdsledky hrubej anal\u00fdzy a\u00a0aby na z\u00e1klade zisten\u00fdch inform\u00e1ci\u00ed zhodnotili udalos\u0165, ktor\u00e1 determinuje incident. Tento \u010dasov\u00fd interval sa naz\u00fdva detekcia (ang. \u201edetection time\u201c). Ke\u010f\u017ee najm\u00e4 pri v\u00e1\u017enych incidentoch nie je v\u00a0mo\u017enostiach jedn\u00e9ho \u00a0\u010dloveka aby reagoval na incident, je bezprostredne nutn\u00e9 tie\u017e zabezpe\u010di\u0165 eskal\u00e1ciu in\u00fdm \u00fatvarom a vyh\u013eadanie kontaktn\u00fdch os\u00f4b z\u00fa\u010dastnen\u00fdch na vopred definovan\u00fdch procesoch reakcie na incident (ang. \u201eescalation time\u201c).<\/p>\n

     <\/p>\n

    Trvanie reakcie, alebo tie\u017e odozva na incident (ang. \u201eresponse time\u201c), je \u010das ktor\u00fd uplynie od detekcie a\u017e po n\u00e1pravu d\u00f4sledkov incidentu a\u00a0ukon\u010denie vy\u0161etrovania. Hlavn\u00fdm cie\u013eom aktiv\u00edt odozvy na incident by malo by\u0165 obnovenie funk\u010dnosti po\u0161koden\u00fdch informa\u010dn\u00fdch akt\u00edv, ich n\u00e1vrat do p\u00f4vodn\u00e9ho stavu, zaru\u010denie kontinuity \u010dinnosti, z\u00e1konn\u00e1 n\u00e1prava incidentu a zhroma\u017edenie d\u00f4kazov na podporu postupu proti vinn\u00edkom. Z\u00a0toho d\u00f4vodu m\u00e1 odozva na incident dve samostatn\u00e9 \u010dasti, ktor\u00fdch cie\u013e by sa dal zjednodu\u0161ene heslovite pomenova\u0165:<\/p>\n

      \n
    1. \u201eoprav a pokra\u010duj\u201c<\/li>\n
    2. \u201evy\u0161etri a st\u00edhaj\u201c<\/li>\n<\/ol>\n

      V organiz\u00e1ci\u00e1ch, pre ktor\u00e9 s\u00fa ich informa\u010dn\u00e9 akt\u00edva kriticky d\u00f4le\u017eit\u00e9 pre pokra\u010dovanie \u010dinnosti, je logicky prvou \u010das\u0165ou vymedzenie a izol\u00e1ciu incidentu a n\u00e1sledn\u00e1 koordin\u00e1cia snahy o obnovenie funk\u010dnosti po\u0161koden\u00fdch inform\u00e1ci\u00ed a\u00a0syst\u00e9mov, odstr\u00e1nenie n\u00e1sledkov incidentu, n\u00e1prava \u0161k\u00f4d a pokra\u010dovanie v\u00a0\u010dinnosti.<\/p>\n

      Popritom mus\u00ed z\u00e1rove\u0148 za\u010da\u0165 racion\u00e1lny a\u00a0premyslen\u00fd rozbor incidentu, rozklad indik\u00e1cie od abstraktn\u00e9ho, v\u0161eobecn\u00e9ho zistenia, ku konkr\u00e9tnemu popisu podstaty a podrobnost\u00ed incidentu, stanovenie ot\u00e1zok pre identifik\u00e1ciu typu incidentu, overenie nastavenia bezpe\u010dnostn\u00fdch polit\u00edk, rozpoznanie typu bezpe\u010dnostn\u00e9ho incidentu, stanovenie p\u00e1trac\u00edch postupov pod\u013ea pr\u00edslu\u0161nej kateg\u00f3rie incidentu, klasifik\u00e1cia napadnut\u00fdch syst\u00e9mov a\u00a0kompromitovan\u00fdch inform\u00e1ci\u00ed, zhodnotenie mo\u017en\u00fdch vyvolan\u00fdch vplyvov na spolupracuj\u00face syst\u00e9my a forenzn\u00e1 anal\u00fdza incidentu.<\/p>\n

      Podrobn\u00fd opis postupov nie je vzh\u013eadom na r\u00f4znorodos\u0165 syst\u00e9mov a\u00a0procesov v\u00a0mo\u017enostiach jedin\u00e9ho \u010dl\u00e1nku. \u010co v\u0161ak je nutn\u00e9 zd\u00f4razni\u0165 – un\u00e1hlen\u00e9 reakcie s\u00fa v\u00a0procese rie\u0161enia incidentov extr\u00e9mne kontraprodukt\u00edvne. Bezpe\u010dnostn\u00fd incident je ne\u0161tandardn\u00e1 udalos\u0165, ktor\u00e1 vyvol\u00e1va tendenciu chaotick\u00e9ho konania, \u010do n\u00e1sledne zvy\u0161uje riziko str\u00e1t<\/strong>. Je preto ve\u013emi \u00fa\u010deln\u00e9, ak organiz\u00e1cia m\u00e1 vopred pripraven\u00fd pl\u00e1n reakcie a popis procesov, s\u00favisiacich so sp\u00f4sobom rie\u0161enia bezpe\u010dnostn\u00e9ho po\u010d\u00edta\u010dov\u00e9ho incidentu, napr\u00edklad diagnostick\u00fa maticu pre ur\u00fdchlenie rozhodovania, najm\u00e4 pre menej sk\u00fasen\u00fd person\u00e1l.<\/p>\n

      <\/h2>\n
      \n

      Niet nad sk\u00fasenosti…<\/h2>\n

      Kedysi d\u00e1vno vyhl\u00e1sil gener\u00e1l A. V. Suvorov\u00a0 zn\u00e1mu vetu: \u201e\u0164a\u017eko na cvi\u010disku, \u013eahko na bojisku\u201c. Ned\u00e1 sa, ne\u017e s\u00a0t\u00fdmto tvrden\u00edm s\u00fahlasi\u0165. Prezierav\u00e9 vedenie podniku v\u00a0ide\u00e1lnom pr\u00edpade zabezpe\u010d\u00ed, \u017ee pl\u00e1n reakcie na incident bude vopred otestovan\u00fd v\u00a0realistick\u00fdch cvi\u010deniach s\u00a0modelov\u00fdmi situ\u00e1ciami.<\/p>\n

      Pou\u010denie z\u00a0incidentu (ang. \u201eincident learning\u201c, alebo \u201elessons learnt\u201c) je s\u00fa\u010das\u0165ou tzv. post-incidentn\u00fdch aktiv\u00edt. T\u00fdm sa vlastne zabezpe\u010d\u00ed previazanos\u0165 nadobudnut\u00fdch sk\u00fasenost\u00ed s\u00a0pr\u00edpravou na bud\u00faci podobn\u00fd incident.<\/p>\n

       <\/p>\n

      Pokia\u013e m\u00e1 organiz\u00e1cia \u00faprimn\u00fd z\u00e1ujem vyhn\u00fa\u0165 sa v\u00a0bud\u00facnosti incidentu, ktor\u00fd bol pr\u00e1ve predmetom rie\u0161enia, potom je potrebn\u00e9 v\u00a0\u010dase, ke\u010f s\u00fa e\u0161te v\u0161etky poznatky a sk\u00fasenosti \u010derstv\u00e9, tieto prediskutova\u0165 so v\u0161etk\u00fdmi zainteresovan\u00fdmi stranami, ktor\u00e9 boli s\u00fa\u010das\u0165ou procesu rie\u0161enia incidentu. \u00a0Ako v\u00fdstup z\u00a0tejto diskusie je vhodn\u00e9 navrhn\u00fa\u0165\u00a0 tak\u00e9 protiopatrenia (alebo zmenu existuj\u00facich protiopatren\u00ed), ktor\u00e9 pom\u00f4\u017eu organiz\u00e1cii zlep\u0161i\u0165:<\/p>\n

        \n
      1. \u00farove\u0148 technick\u00e9ho zabezpe\u010denia vo\u010di zranite\u013enosti, ktor\u00e1 bola v incidente zneu\u017eit\u00e1,<\/li>\n
      2. schopnos\u0165 reagova\u0165 na podobn\u00fd incident v\u00a0bud\u00facnosti s\u00a0krat\u0161\u00edmi \u010dasmi odozvy<\/li>\n<\/ol>\n

        <\/h1>\n
        \n

        Z\u00e1ver<\/h1>\n

        V organiz\u00e1ci\u00e1ch s vy\u0161\u0161ou komplexitou informa\u010dn\u00fdch syst\u00e9mov je nanajv\u00fd\u0161 vhodn\u00e9, aby bol vopred ustanoven\u00fd a priebe\u017ene \u0161kolen\u00fd \u0161pecializovan\u00fd t\u00edm, ktor\u00e9ho \u00falohou bude spr\u00e1vne reagova\u0165 na identifikovan\u00e9 incidenty, ktor\u00fd bude schopn\u00fd v\u010das prija\u0165 protiopatrenia, zabezpe\u010di\u0165 zber d\u00f4kazov pre \u010fal\u0161ie vy\u0161etrovanie incidentu a pr\u00edpadn\u00e9 vyvodenie pracovnopr\u00e1vnych, alebo trestnopr\u00e1vnych d\u00f4sledkov. Form\u00e1lna defin\u00edcia typov udalost\u00ed, ktor\u00e9 pre organiz\u00e1ciu znamenaj\u00fa incident, je d\u00f4le\u017eitou vstupnou podmienkou pre zavedenie procesov \u00a0rie\u0161enia po\u010d\u00edta\u010dov\u00fdch incidentov. Av\u0161ak je to len prv\u00fdm krokom zo s\u00e9rie n\u00e1sledn\u00fdch zmien procesov, ktor\u00e9 by podniku mali zaru\u010di\u0165 schopnos\u0165 \u00a0efekt\u00edvneho vysporiadania sa s\u00a0rizikami, ktor\u00e9 sa stali be\u017enou s\u00fa\u010das\u0165ou modernej doby.<\/p>\n

        Ivan Makat\u00fara<\/p>\n","protected":false},"excerpt":{"rendered":"

        Jednou z k\u013e\u00fa\u010dov\u00fdch zodpovednost\u00ed vedenia podniku pri podpore syst\u00e9mu riadenia informa\u010dnej bezpe\u010dnosti je zavedenie procesu rie\u0161enia bezpe\u010dnostn\u00fdch incidentov. Schopnos\u0165 organiz\u00e1cie efekt\u00edvne reagova\u0165 na identifikovan\u00fd incident je z\u00e1visl\u00e1 od kvalitnej pr\u00edpravy na v\u0161etky potenci\u00e1lne udalosti, ktor\u00e9 by mohli nepriaznivo p\u00f4sobi\u0165 na informa\u010dn\u00e9 akt\u00edva podniku. Ak sa incident t\u00fdka kritick\u00fdch informa\u010dn\u00fdch akt\u00edv, jeho zvl\u00e1dnutie si vy\u017eaduje komplexn\u00e9 […]<\/p>\n","protected":false},"author":8,"featured_media":2911,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4],"tags":[32,96,23],"class_list":["post-2891","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-itbezp","tag-bezpecnost","tag-iso","tag-it-kriminalita"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/incident2.png?fit=700%2C400&ssl=1","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":2901,"url":"https:\/\/preventista.sk\/info\/riadenie-rizik-v-informacnej-bezpecnosti\/","url_meta":{"origin":2891,"position":0},"title":"Riadenie riz\u00edk v informa\u010dnej bezpe\u010dnosti","author":"I. Makatura","date":"21. okt\u00f3bra 2015","format":false,"excerpt":"IT riziko ako t\u00e9ma d\u0148a Informa\u010dn\u00e9 technol\u00f3gie s\u00fa dnes integr\u00e1lnou s\u00fa\u010das\u0165ou v\u00e4\u010d\u0161iny podporn\u00fdch, ale aj obchodn\u00fdch podnikov\u00fdch procesov. Rast\u00faca z\u00e1vislos\u0165 na IT aplik\u00e1ci\u00e1ch v\u0161ak v s\u00fa\u010dasnosti znamen\u00e1 aj dramatick\u00fd n\u00e1rast riz\u00edk a potrebami ich nepretr\u017eitej a systematickej ochrany. Rie\u0161en\u00edm probl\u00e9mov ochrany informa\u010dn\u00fdch akt\u00edv organiz\u00e1cie pred rizikami vypl\u00fdvaj\u00facimi z prev\u00e1dzky IT\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/rizika.png?fit=700%2C400&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/rizika.png?fit=700%2C400&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/rizika.png?fit=700%2C400&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/rizika.png?fit=700%2C400&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":5507,"url":"https:\/\/preventista.sk\/info\/sutaz-pre-ucitelov\/","url_meta":{"origin":2891,"position":1},"title":"S\u00fa\u0165a\u017e pre u\u010dite\u013eov","author":"Redakcia","date":"11. janu\u00e1ra 2024","format":false,"excerpt":"Po \u00faspe\u0161nej s\u00fa\u0165a\u017ei pre \u017eiakov a \u0161tudentov vyhlasujeme tvoriv\u00fa s\u00fa\u0165a\u017e tentokr\u00e1t pre u\u010dite\u013eov z\u00e1kladn\u00fdch a stredn\u00fdch \u0161k\u00f4l. Prispejte k zlep\u0161ovaniu vzdel\u00e1vania bezpe\u010dnosti a e\u0161te k tomu z\u00edskate pr\u00ednosn\u00fd a pr\u00edjemn\u00fd benefit. ZADANIE S\u00fa\u0165a\u017eiaci vypracuje jeden pracovn\u00fd list k aktivite s\u00favisiacej s v\u00fdukou zvolenej t\u00e9my informa\u010dnej alebo kybernetickej bezpe\u010dnosti v \u0161kole\u2026","rel":"","context":"V "Aktu\u00e1lne"","block_context":{"text":"Aktu\u00e1lne","link":"https:\/\/preventista.sk\/info\/category\/akcie\/aktualne\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2023\/12\/banner_sutaz_ucitel.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2023\/12\/banner_sutaz_ucitel.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2023\/12\/banner_sutaz_ucitel.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2023\/12\/banner_sutaz_ucitel.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":4852,"url":"https:\/\/preventista.sk\/info\/odchod-exit-z-cloudu-6-cast-miniserialu\/","url_meta":{"origin":2891,"position":2},"title":"Odchod (EXIT) z Cloudu (6.\u010das\u0165 miniseri\u00e1lu)","author":"Iveta \u0160\u0165avinov\u00e1","date":"10. m\u00e1ja 2022","format":false,"excerpt":"Povestn\u00e9 \u201eumenie od\u00eds\u0165\u201c, ke\u010f nastane \u010das je pre \u013eud\u00ed \u010dasto \u0165a\u017ek\u00e9. Pre prostredie cloudu patr\u00ed toto umenie medzi strategick\u00e9 schopnosti. V\u00a0\u010dl\u00e1nku o\u00a0rizik\u00e1ch pou\u017e\u00edvania cloud rie\u0161en\u00ed, aplik\u00e1ci\u00ed a slu\u017eieb (vi\u010f Rizik\u00e1 \u2013 s\u00fa\u010das\u0165 Cloud sveta) bolo spomenut\u00e9, \u017ee zmeny v\u00a0cloude sa realizuj\u00fa dod\u00e1vate\u013eom cloud rie\u0161enia s vysokou frekvenciou, av\u0161ak nie v\u0161etky\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/01\/Cloud-2.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/01\/Cloud-2.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/01\/Cloud-2.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/01\/Cloud-2.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":2768,"url":"https:\/\/preventista.sk\/info\/outsourcing-informacnych-technologii-a-bezpecnost\/","url_meta":{"origin":2891,"position":3},"title":"Outsourcing informa\u010dn\u00fdch technol\u00f3gi\u00ed a bezpe\u010dnos\u0165","author":"Redakcia","date":"5. augusta 2015","format":false,"excerpt":"In\u0161tit\u00facie verejnej spr\u00e1vy podobne ako firmy a organiz\u00e1cie zo s\u00fakromn\u00e9ho sektora vyu\u017e\u00edvaj\u00fa outsourcing ako jednu zo strat\u00e9gi\u00ed boja s ch\u00fdbaj\u00facimi profesion\u00e1lmi a\u00a0nedostatkom finan\u010dn\u00fdch prostriedkov pre\u00a0oblas\u0165 informa\u010dn\u00fdch a\u00a0komunika\u010dn\u00fdch technol\u00f3gi\u00ed. Je ale n\u00e1kup IT slu\u017eieb pre zabezpe\u010denie kritick\u00fdch procesov a\u00a0bezpe\u010dnosti organiz\u00e1cie u\u00a0dod\u00e1vate\u013ea v\u017edy spr\u00e1vnou vo\u013ebou? Outsourcing je v\u00a0s\u00fa\u010dasnosti ob\u013e\u00faben\u00fdm sp\u00f4sobom optimaliz\u00e1cie n\u00e1kladov\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/08\/cover.jpg?fit=700%2C400&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/08\/cover.jpg?fit=700%2C400&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/08\/cover.jpg?fit=700%2C400&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/08\/cover.jpg?fit=700%2C400&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":3220,"url":"https:\/\/preventista.sk\/info\/nechraneny-pocitac-moze-sposobit-stratu-dat\/","url_meta":{"origin":2891,"position":4},"title":"Nechr\u00e1nen\u00fd po\u010d\u00edta\u010d m\u00f4\u017ee sp\u00f4sobi\u0165 stratu d\u00e1t","author":"Redakcia","date":"10. apr\u00edla 2016","format":false,"excerpt":"... \u010fal\u0161\u00ed zo s\u00e9rie rozhovorov pre redakciu elektronick\u00e9ho port\u00e1lu LCinfo.sk tentokr\u00e1t na t\u00e9mu bezpe\u010dn\u00fd po\u010d\u00edta\u010d, cel\u00fd \u010dl\u00e1nok preber\u00e1me v plnom znen\u00ed bez redak\u010dn\u00fdch \u00faprav Tentoraz sme sa s predsedom OZ Preventista \u2013 zdru\u017eenie pre bezpe\u010dnos\u0165 a prevenciu a s\u00fadnym znalcom Jaroslavom Osterom porozpr\u00e1vali o ochrane po\u010d\u00edta\u010da (PC) a n\u00e1strah\u00e1ch, ktor\u00e9\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"nech","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2016\/04\/nech.jpg?fit=700%2C400&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2016\/04\/nech.jpg?fit=700%2C400&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2016\/04\/nech.jpg?fit=700%2C400&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2016\/04\/nech.jpg?fit=700%2C400&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":4789,"url":"https:\/\/preventista.sk\/info\/preco-je-manazment-it-rizik-dolezity-pre-bezpecnost-organizacie\/","url_meta":{"origin":2891,"position":5},"title":"Pre\u010do je mana\u017ement IT riz\u00edk d\u00f4le\u017eit\u00fd pre bezpe\u010dnos\u0165 organiz\u00e1cie","author":"Jozef \u00daroda","date":"20. marca 2022","format":false,"excerpt":"Mo\u017eno ste sa u\u017e stretli s\u00a0pojmom mana\u017ement riz\u00edk v\u00a0spojen\u00ed s\u00a0informa\u010dnou bezpe\u010dnos\u0165ou. Existuje mnoho odborn\u00fdch metod\u00edk, ktor\u00e9 detailne popisuj\u00fa cel\u00fd proces riadenia riz\u00edk. Cie\u013eom tohoto \u010dl\u00e1nku nie je rozobera\u0165 ich. Cie\u013eom je jednoducho a\u00a0prakticky vysvetli\u0165 pojem mana\u017ement riz\u00edk, op\u00edsa\u0165 ak\u00e9 funkcie ukr\u00fdva a\u00a0najm\u00e4 ako v\u00e1m m\u00f4\u017ee by\u0165 n\u00e1pomocn\u00fd. A ako\u00a0m\u00f4\u017ee by\u0165\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/03\/man_rizik.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/03\/man_rizik.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/03\/man_rizik.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/03\/man_rizik.png?resize=700%2C400&ssl=1 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/posts\/2891","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/comments?post=2891"}],"version-history":[{"count":9,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/posts\/2891\/revisions"}],"predecessor-version":[{"id":2900,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/posts\/2891\/revisions\/2900"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/media\/2911"}],"wp:attachment":[{"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/media?parent=2891"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/categories?post=2891"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/tags?post=2891"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}