Going UP? More you know, less you no! How to talk about Privacy with your boss in the elevator?
|
|
- Ira Malone
- 5 years ago
- Views:
Transcription
1 Going UP? How to talk about Privacy with your boss in the elevator? Before you do things right, you have to do the right things. Why good communication between business and IT areas is so important to help organizations delivering value and how to put everyone speaking the same language using COBIT 5 related materials. Reality check and lessons learned from projects and initiatives developed to improve Information Security & Privacy savviness at small medium enterprises in a small medium country like Portugal. Bruno Horta Soares, CISA, CGEIT, CRISC, PMP Founder & Senior Advisor at GOVaaS - Governance Advisors, as-a-service ISACA Lisbon Chapter Founder and President More you know, less you no! ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 1
2 BRUNO HORTA SOARES Everything Should Be Made as Simple as Possible, But Not Simpler Albert Einstein ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 2
3 Agenda 1. You have the size of your dreams! 2. Going up? ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 3
4 1. You have the size of your dreams! Does size matter? The category of micro, small and medium-sized enterprises (SMEs) is made up of enterprises which employ fewer than 250 persons and which have an annual turnover not exceeding 50 million euro, and/or an annual balance sheet total not exceeding 43 million euro. Source: Extract of Article 2 of the Annex of Recommendation 2003/361/EC ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 4
5 1. You have the size of your dreams! An evolution Gap The essence of systems theory is that a system need to be viewed holistically not merely as a sum of its parts to be accurately understood von Bertalanffy, L.; General System Theory: Foundation, Development, Applications ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 5
6 1. You have the size of your dreams! How CIOs See IT? By 2017, 80% of the CIO's time will be focused on analytics, cybersecurity, and creating new revenue streams through digital services. IDC FutureScape Close the Gap! How LoB See IT? LoB executives are taking charge of their destiny. Business leaders are taking control of their technology because it is integral to their outcomes. IDC FutureScape Operating model Business Strategy Digital Strategy Customer experience Product & Services IT Strategy ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 6
7 1. You have the size of your dreams! Size doesn t matter: Its all about Value Creation? Risks Benefits Resources Pressure Rationalization Oportunity Determination Sofistication Assets/Resources Assets/Resources Actors Threats Vulnerabilities ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 7
8 Elevator pitch How about the weather? ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 8
9 Adopt and adapt COBIT 5 Solutions that focus on specifics will be outdated rapidly; a principle-based approach is required World Economic Forum COBIT 5 provides a comprehensive business framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT. ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 9
10 Tip#1 There is always two sides of the story I don t know X if you heard about the new EU Data Privacy/Protection Regulation and had the opportunity to analyze the budget regarding ISO / IEC certification is not urgent... but we are always afraid of an attack or non compliance that will end our business ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 10
11 Tip#1 There is always two sides of the story My security & privacy guy is 5 stars, have lots of certifications and is very concerned... It s a shame I don t understand anything he says or what he does! The boss Benefits Realisation Stakeholders drivers Influence Necessidades dos Stakeholders Risk Oprimisations Cascade to Business Goals Cascade to IT Related Goals Cascade to Resource Optimization Enablers Goals COBIT 5 Principle 1: Meeting Stakeholder Needs ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 11
12 Tip#1 There is always two sides of the story Compliance with external laws and regulations Ilustrative IT compliance and support for business compliance with external laws and regulations Security of information, processing infrastructure and applications EDM03 Ensure Risk Optimisation APO01 Manage the IT Management Framework APO12 Manage Risk APO13 Manage Security BAI06 Manage Changes BAI10 Manage Configuration DSS05 Manage Security Services MEA02 Monitor, Evaluate and Assess the System of Internal Control MEA03 Monitor, Evaluate and Assess Compliance With External Requirements COBIT 5 Principle 1: Meeting Stakeholder Needs ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 12
13 Tip#1 There is always two sides of the story We know that Compliance with external laws and regulations is critical to our business and we are setting IT compliance and Security as two of our critical goals. We ll identify relevant enablers to support this goal and I would appreciate your sponsorship to our Security & Privacy Program. Do you know that By 2019, Geopolitical Divisions and Global Economic Instability Will Result in Supplier Cyberattacks, Prompting Spending by 25% or More on Supply Chain Risks IDC FutureScape ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 13
14 Tip#2 Remember, there are no technical problems X I m so sorry for all the inconvenient the privacy incident caused! We are already doing an audit and we are almost sure it was an outsourcer s responsibility. I promise it will not happen again! ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 14
15 Tip#2 Remember, there are no technical problems Our Clients Information appear in newspapers!!! Who s the responsability? I m taking care of the business, you have to take care of the Security & Privacy! The boss Owners and Stakeholders Delegate Governing Body Set Direction Management Instruct and align Operations and Execution Accountable Monitor Report COBIT 5 Principle 2: Covering the Enterprise End-to-end ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 15
16 Tip#2 Remember, there are no technical problems Compliance with external laws and regulations Ilustrative IT compliance and support for business compliance with external laws and regulations Security of information, processing infrastructure and applications EDM03 Ensure Risk Optimisation APO01 Manage the IT Management Framework APO12 Manage Risk APO13 Manage Security BAI06 Manage Changes BAI10 Manage Configuration DSS05 Manage Security Services MEA02 Monitor, Evaluate and Assess the System of Internal Control MEA03 Monitor, Evaluate and Assess Compliance With External Requirements Board Chief Risk Officer Chief Information Security Officer Audit Chief Information Officer Head IT Operations COBIT 5 Principle 2: Covering the Enterprise End-to-end ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 16
17 Tip#2 Remember, there are no technical problems "The analysis of the incident allowed us to conclude that it s necessary a better involvement of the entire organization in Security & Privacy decisions. We would suggest the creation of the CISO function to get all areas involved and to increase our savvinness. " Do you know that By 2017, One-Third of Corporate Boards Will Fill a Seat With a Risk Mitigation Expert Who Can Provide Guidance on Data Privacy and Security Initiatives IDC FutureScape ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 17
18 Tip #3 Speak the same language "We are so X happy for our recent achievements. We received two awards related with ITIL and ISO27001 certification and our KPIs are all green. We are 100% focused on providing our best support to our users, that s why those new compliance projects from business are a little bit delayed!" ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 18
19 Tip #3 Speak the same language Why are we paying every year so much money to be certified and our regulators keep saying we are not answering their needs! The boss Drivers Performance Complience COBIT 5 Principle 3: Applying a Single Integrated Framework ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 19
20 Tip #3 Speak the same language "We care about the continuous improvement of our Security & Privacy. We improved the coordination between internal and external Security and Legal Teams, we reviewed business areas' needs, adjusted our SLAs to better manage all stakeholders expectations and enforced new compliance controls." Do you know that By 2019, 25% of Security Spend Will Be Driven by the European Union and Other Jurisdictional Data Regulations, Leading to a Patchwork of Compliance Regimes IDC FutureScape ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 20
21 Tip #4 Show him the big picture X Our Data Lekeage software is out of date. We are now studying new solutions to replace it and as soon we have the new technology we believe that our Security & Privacy will improve." ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 21
22 Tip #4 Show him the big picture A friend of mine told me about these new security services in the cloud. I think it's a great opportunity to get rid of security & privacy internal costs and focus in my core business. The boss Enablers Processes Information Organisational structures Principles, policies and frameworks Services, infrastructure and applications Culture, ethics and behaviour People, skills and competencies Resources COBIT 5 Principle 4: Enabling a Holistic Approach ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 22
23 Tip #4 Show him the big picture We analysed why Security incidents happen and we believe that only by aligning people, processes and technologies it will be possible to deliver better Security & Privacy related initiatives. We ll review our Security & Privacy framework, update our supporting tools, implement a new CISO and train our people! Do you know that By 2020, More than Half of Web Security Market Revenue Will Come from Cloud-Based Offerings Over Traditional On-Premises Gateways IDC FutureScape ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 23
24 Tip #5 There are unknowns unknowns X We have been implementing a new Security & Privacy Governance framework and set all associated processes. As soon we finish it we will send it for your approval. ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 24
25 Tip #5 There are unknowns unknowns Stakeholder needs I m already responsible for the Corporate Governance, you can take care of Security & Privacy governance. The boss Direct Governance Evaluate Feedback Management Control Plan Build Run Monitor Operations Plan Build Run Monitor COBIT 5 Principle 5: Separating Governance From Management ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 25
26 Tip #5 There are unknowns unknowns "We are designing the Security & Privacy Governance and Management framework to focus in value creation and we would like to discuss with the Board it s role and how better Security & Privacy can contribute to benefits realization, risk and resources optimization. It would be very important to have your direction." Do you know that By 2017, the Security Services Market Will Increase At Least 30%, Driven by the Scarceness and High Price of Available Data Scientists IDC FutureScape ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 26
27 Next steps Since most organizations have strong love for complexity, few will believe that a firm s success is based on such simple premises. The knowing doing gap, Jeffrey Pfeffer ad Robert I Sutton, 2000 ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 27
28 Bruno Horta Soares, CISA, CGEIT, CRISC TM, PMP Founder & Senior Advisor GOVaaS - Governance Advisors, as-a-service Rua do Tamisa, BL D 1.ºC Parque das Nações Lisboa Mobile: bruno.soares@govaas.com Q&A More you know, less you no! ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 28
29 Bruno Horta Soares, CISA, CGEIT, CRISC, PMP Academic training 5 years degree in Management and Computer Science, from ISCTE and a postdegree in Project Management, from ISLA Campus Lisboa. Professional certifications Certified in Project Management Professional (PMP), from Project Management Institute (PMI), Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC) and COBIT 5 Foundation from ISACA, ITIL version 3 Foundation, ISO/IEC Lead Auditor and Training for Trainers Certification (CAP). He s also APMG individual accredited trainer for COBIT 5. Founder and Senior Advisor at GOVaaS Governance Advisors, as-a-service IT Executive Senior Advisor on IT Strategy and Governance at IDC Portugal Visiting professor and coordinator at ISCAC - Coimbra Business School - Coimbra, Portugal Visiting professor at Instituto Superior Técnico (IST) - Lisbon, Portugal Visiting professor at Universidade Portucalense (UPT) - Porto, Portugal Visiting professor and coordinator at Universidade Europeia Laureate International Universities - Lisbon, Portugal Visiting professor at Unipê - Centro Universitário de João Pessoa - Paraíba, Brasil Visiting professor at Universidade Católica Portuguesa - Lisbon, Portugal Visiting professor at Porto Business School - Porto, Portugal Founder and President at ISACA Lisbon Chapter Member of ISACA Government and Regulatory Advocacy Regional Subcommittee Area 3 IT Governance coordinator at the Portuguese Institute of Directors ISACA Knowledge Center Topic Leader - COBIT 5 APMG individual accredited trainer for COBIT 5 ISACA Malta Chapter Protecting Privacy in an Information-Driven Economy Bruno Horta Soares 29
The Experience of Generali Group in Implementing COBIT 5. Marco Salvato, CISA, CISM, CGEIT, CRISC Andrea Pontoni, CISA
The Experience of Generali Group in Implementing COBIT 5 Marco Salvato, CISA, CISM, CGEIT, CRISC Andrea Pontoni, CISA Generali Group at a glance Let me introduce myself Marco Salvato CISA, CISM, CGEIT,
More informationISACA. Certification Details for Certified in the Governance of Enterprise IT (CGEIT )
ISACA Pasitikėjimas informacinėmis sistemomis ir jų nauda Certification Details for Certified in the Governance of Enterprise IT (CGEIT ) Dainius Jakimavičius, CGEIT ISACA Lietuva tyrimų ir metodikos koordinatorius
More informationCOURSE BROCHURE. COBIT5 FOUNDATION Training & Certification
COURSE BROCHURE COBIT5 FOUNDATION Training & Certification What is COBIT5? COBIT 5 (Control Objectives for Information and Related Technology) is an international open standard that defines requirements
More informationThe Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation. ISACA All Rights Reserved.
The Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation Tichaona Zororo CIA, CISA, CISM, CRISC, CRMA, CGEIT, COBIT 5 Certified Assessor B.Sc. Honours Information Systems,
More informationISACA International Perspective
ISACA International Perspective 11 th October 2013 Allan Boardman ISACA International Vice President and Board Director Member of ISACA s Strategic Advisory Council Member of the IT Governance Institute
More informationCOBIT 5 Foundation. Certification-led Audit, Security, Governance & Risk
COBIT 5 Foundation Vertical Type Sub-Category Technology Certification-led Audit, Security, Governance & Risk Welcome Note Hello there You've considered embarking on an exciting journey to strengthen your
More informationCOBIT 5 With COSO 2013
Integrating COBIT 5 With COSO 2013 Stephen Head Senior Manager, IT Risk Advisory Services 1 Our Time This Evening Importance of Governance COBIT 5 Overview COSO Overview Mapping These Frameworks Stakeholder
More informationLes joies et les peines de la transformation numérique
Les joies et les peines de la transformation numérique Georges Ataya CISA, CGEIT, CISA, CISSP, MSCS, PBA Professor, Solvay Brussels School of Economics and Management Academic Director, IT Management Education
More informationITIL Service Lifecycle Strategy
ITIL Service Lifecycle Strategy Course Details Course Code: Duration: Notes: ITILSL-Str 5 days This course syllabus should be used to determine whether the course is appropriate for the students, based
More informationCOBIT 5 Foundation Certification Training Course - Brochure
COBIT 5 Foundation Certification Training Course - Brochure The Next Level of IT Security Governance Course Name : COBIT 5 Foundation Version : INVL_Cobit5_BR_02_081_1.1 Course ID : ITSG-130 www.invensislearning.com
More informationA Global Look at IT Audit Best Practices
A Global Look at IT Audit Best Practices 2015 IT Audit Benchmarking Survey March 2015 Speakers Kevin McCreary is a Senior Manager in Protiviti s IT Risk practice. He has extensive IT audit and regulatory
More informationBuilding YOUR Privacy Program: One Size Does Not Fit All. IBM Security Services
Building YOUR Privacy Program: One Size Does Not Fit All Justine Gottshall Partner, InfoLawGroup, LLP Chief Privacy Officer, Signal Jgottshall@infolawgroup.com Adam Nelson Executive Consultant Global Data
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationitsm003 v.3.0 DxCERTS IT & NIST Cybersecurity Digital Transformation (Dx) Enterprise Training Curriculum
itsm003 v.3.0 DxCERTS IT & NIST Cybersecurity Digital Transformation (Dx) Enterprise Training Curriculum Agenda and Objectives The Digital Transformation (Dx) Problem NISTCSF.COM Cybersecurity Curriculum
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationRisk Based IT Auditing Master Class. Unlocking your World to a Sea of Opportunities
Risk Based IT Auditing Master Class Unlocking your World to a Sea of Opportunities The Digital World Information Technology has developed into a nerve center of every organisation. It has become an intrinsic
More informationISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015
ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO 27001 FRAMEWORK AUGUST 19, 2015 Agenda Coalfire Overview Threat Landscape What is ISO Why ISO ISO Cycle Q&A 2 Presenters
More informationPOSITION DESCRIPTION
UNCLASSIFIED IT Security Certification Assessor POSITION DESCRIPTION Unit, Directorate: Location: IT & Physical Security, Protective Security Wellington Salary range: H $77,711 - $116,567 Purpose of position:
More informationConnecting ITSM to IT Governance
Connecting ITSM to IT Governance J O H N B O R W I C K, M A N A G E R A N D F O U N D E R H I G H E R E D U C A T I O N I T M A N A G E M E N T, L L C http://www.heitmanagement.com/itilcg2014 John Borwick,
More informationHow to implement NIST Cybersecurity Framework using ISO WHITE PAPER. Copyright 2017 Advisera Expert Solutions Ltd. All rights reserved.
How to implement NIST Cybersecurity Framework using ISO 27001 WHITE PAPER Copyright 2017 Advisera Expert Solutions Ltd. All rights reserved. Copyright 2017 Advisera Expert Solutions Ltd. All rights reserved.
More informationBig data privacy in Australia
Five-article series Big data privacy in Australia Three actions you can take towards compliance Article 5 Big data and privacy Three actions you can take towards compliance There are three actions that
More informationbuilding for my Future 2013 Certification
I am building for my Future 2013 Certification Let ISACA help you open new doors of opportunity With more complex IT challenges arising, enterprises demand qualified professionals with proven knowledge
More informationGeneral Data Protection Regulation (GDPR): Securing Data, Leading with both Legal and Technical Expertise
General Data Protection Regulation (GDPR): Securing Data, Leading with both Legal and Technical Expertise Executive Summary As an independent nonprofit association serving more than 20,000 information
More informationBRING EXPERT TRAINING TO YOUR WORKPLACE.
BRING EXPERT TRAINING TO YOUR WORKPLACE. ISACA s globally respected training and certification programs inspire confidence that enables innovation in the workplace. ISACA s On-Site Training brings a unique
More informationCOBIT 5 Assessor Certification Course
COBIT 5 Assessor Certification Course About COBIT 5.0 Information is created, used, retained, disclosed and destroyed. Technology plays a key role in these actions and technology is becoming pervasive
More informationHow icims Supports. Your Readiness for the European Union General Data Protection Regulation
How icims Supports Your Readiness for the European Union General Data Protection Regulation The GDPR is the EU s next generation of data protection law. Aiming to strengthen the security and protection
More informationIMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES
IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data
More informationGetting Started with IT Service Management
Getting Started with IT Service Management SMSG 4 th February 2014 BCS Bedford Branch Ian Connelly Over 15 years experience working in IT, latterly within Service Operations for Telcos, ISPs & the insurance
More informationEvaluating Cybersecurity Coverage A Maturity Model. Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium
Discussion on: Evaluating Cybersecurity Coverage A Maturity Model Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium By: Eric C. Lovell PricewaterhouseCoopers LLP ( PwC ) March 24,
More informationCOBIT 5 Implementation
COBIT 5 Implementation Fifalde Consulting Inc. +1-613-699-3005 2017 Fifalde Consulting Inc. COBIT is a registered Trade Mark of ISACA and the IT Governance Institute. 2 1. Course Description: Get a practical
More informationGetting Started with IT Service Management
Getting Started with IT Service Management SMSG 3rd March 2014 BCS Bristol Branch BCS Service Management Specialist Group The Service Management Specialist Group provides an avenue for developing and promoting
More informationCybersecurity & Privacy Enhancements
Business, Industry and Government Cybersecurity & Privacy Enhancements John Lainhart, Director, Grant Thornton The National Institute of Standards and Technology (NIST) is in the process of updating their
More informationCitation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit Abstract from Nordic ISACA Conference 2014, Oslo, Norway.
Aalborg Universitet Vision for IT Audit 2020 Berthing, Hans Henrik Aabenhus Publication date: 2014 Document Version Early version, also known as pre-print Link to publication from Aalborg University Citation
More informationCertified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
More informationITIL Intermediate Service Design (SD) Certification Training - Brochure
ITIL Intermediate Service Design (SD) Certification Training - Brochure Get a Management-level overview of Service Design to advance in your Career Course Name : ITIL SD Version : INVL_ITILSD_BR_02_033_1.2
More informationNY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO
NY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO June 28, 2017 Alan Calder IT Governance Ltd www.itgovernanceusa.com PLEASE NOTE THAT
More informationIT risks and controls
Università degli Studi di Roma "Tor Vergata" Master of Science in Business Administration Business Auditing Course IT risks and controls October 2018 Agenda I IT GOVERNANCE IT evolution, objectives, roles
More informationRevisit the Foundations of ITSM SMSG
Revisit the Foundations of ITSM SMSG 10 th October 2013 Ian Connelly Over 15 years experience working in IT, principally in Service Operations for Telcos, ISPs & the Insurance sector Service Management
More informationWhat is ISO/IEC 27001?
An Introduction to the International Information Security Management Standard By President INTERPROM July 2017 Copyright 2017 by InterProm USA. All Rights Reserved www.interpromusa.com Contents INTRODUCTION...
More informationitsm003 v.3.0 DxCERTS IT & NIST Cybersecurity Workforce Development Training Curriculum & Management Program
itsm003 v.3.0 DxCERTS IT & NIST Cybersecurity Workforce Development Training Curriculum & Management Program Agenda and Objectives The Digital Transformation (Dx) Problem NISTCSF.COM Cybersecurity Curriculum
More informationINFORMATION SECURITY GOVERNANCE, RISK & COMPLIANCE CLOUD CONSULTING SERVICES CIO & CISO SERVICES. forebrook
INFORMATION SECURITY GOVERNANCE, RISK & COMPLIANCE CLOUD CONSULTING SERVICES CIO & CISO SERVICES forebrook INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationCOBIT 5 Foundation Workshop
COBIT 5 Foundation Workshop Dear Members, ISACA Pune chapter is pleased to organize Two / Three Days COBIT-5 Foundation course Dates of Training & Workshop: Date: Friday, 19 th Dec 2014 and Saturday, 20
More informationITIL and IT Service Management
Background and Introduction to ITIL and IT Service Management Agenda/Learning Objectives What is ITIL The history of ITIL The key components of version 3 (the Lifecycle) The key advantages and Objectives
More informationAssociation for International PMOs. Expert. Practitioner. Foundation PMO. Learning.
AIPMO Association for International PMOs Expert Practitioner Foundation www.pmolearning.co.uk PMO Learning The Leading Standard and Certification for People Working in PMO Today Understand the Value of
More informationSteps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m.
Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m. The cyber threats are no longer a question of if, but when, a breach will occur. It is important
More informationA Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud
A Checklist for Compliance in the Cloud 1 A Checklist for Compliance in the Cloud A Checklist for Compliance in the Cloud 1 With the industrialization of hacking and the enormous impact of security breaches,
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationCOURSE BROCHURE CISA TRAINING
COURSE BROCHURE CISA TRAINING What is CISA? The CISA, Certified Information Systems Auditor, is a professional designation which provides great benefits and increased influence for an individual within
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationCyber, Information Security, and Data Protection
Cyber, Information Security, and Data Protection The past, the present, and th e future 15th, 16th & 17th October 2018 Muscat - Oman Intellectual Events And Conferences Private Limited For more information
More informationThe Etihad Journey to a Secure Cloud
SESSION ID: CCS-T07 The Etihad Journey to a Secure Cloud Georges de Moura Head of Group Information Security, Risk & Compliance Etihad Aviation Group History: Before The Cloud Devolved IT Decision-Making
More informationInformation Security Governance and IT Governance
Information Security Governance and IT Governance Overview NC State is redesigning its IT governance process (see external document, NC State IT Governance Redesign at http://go.ncsu.edu/it-governance-redesign-final
More informationPredstavenie štandardu ISO/IEC 27005
PERFORMANCE & TECHNOLOGY - IT ADVISORY Predstavenie štandardu ISO/IEC 27005 ISMS Risk Management 16.02.2011 ADVISORY KPMG details KPMG is a global network of professional services firms providing audit,
More informationGENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION
GENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION Hrvoje Sagrak 1 Introduction In an interconnected world that we live in, protection of our societies and values relies highly
More informationImplementation PREVIEW VERSION
Implementation These following pages provide a preview of the information contained in COBIT 5 Implementation. The publication provides a good-practice approach for implementation governance of enterprise
More informationCloud Services. Infrastructure-as-a-Service
Cloud Services Infrastructure-as-a-Service Accelerate your IT and business transformation with our networkcentric, highly secure private and public cloud services - all backed-up by a 99.999% availability
More informationWolfpack Cyber Academy Training Catalogue
Wolfpack Cyber Academy Training Catalogue IT GOVERNANCE I INFORMATION RISK I CYBERSECURITY I PRIVACY I FOUNDATION I INTERMEDIATE I ADVANCED 2017 WOLF PACK www.wolfpackrisk.com Contents About Wolfpack Information
More informationEUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE
EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE Overview all ICT Profile changes in title, summary, mission and from version 1 to version 2 Versions Version 1 Version 2 Role Profile
More informationRisk Advisory Academy Training Brochure
Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty
More informationCERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS
CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS Good IT governance is a key element of a well-performing enterprise. Enterprises need qualified information
More information*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
Introduction and Bio CyberSecurity Defined CyberSecurity Risks NIST CyberSecurity Framework References *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS *** Chapter 3. Framework Implementation Relationship
More informationData Security Standards
Data Security Standards Overall guide The bigger picture of where the standards fit in 2018 Copyright 2017 Health and Social Care Information Centre. The Health and Social Care Information Centre is a
More informationPlanning and Implementing ITIL in ICT Organisations
CCPM Solutions Experts in ICT Performance Supporting Your Business Planning and Implementing ITIL in ICT Organisations June 2012, Addis Ababa Content 1. Quick ITIL (Overview) 2. Case study (How not to
More informationThe secret of the service catalogue. Panel discussion 9 th April 2014
The secret of the service catalogue Panel discussion 9 th April 2014 The panellists Colin Rudd: is a leading author of the ITIL guidance and is one of the most experienced service management professionals
More informationIntegrating ITIL and COBIT 5 to optimize IT Process and service delivery. Johan Muliadi Kerta
Integrating ITIL and COBIT 5 to optimize IT Process and service delivery Johan Muliadi Kerta Measurement is the first step that leads to control and eventually to improvement. If you can t measure something,
More informationSELLING YOUR ORGANIZATION ON APPLICATION SECURITY. Navigating a new era of cyberthreats
SELLING YOUR ORGANIZATION ON APPLICATION SECURITY Navigating a new era of cyberthreats Selling Your Organization on Application Security 01 It's no secret that cyberattacks place organizations large and
More informationCISM Certified Information Security Manager
CISM Certified Information Security Manager Firebrand Custom Designed Courseware Logistics Start Time Breaks End Time Fire escapes Instructor Introductions Introduction to Information Security Management
More informationCYBERSECURITY: E-COMMERCE, GOVERNANCE AND APPLIED CERTIFICATIONS A ROUNDTABLE DISCUSSION 15 DECEMBER 2015
CYBERSECURITY: E-COMMERCE, GOVERNANCE AND APPLIED CERTIFICATIONS A ROUNDTABLE DISCUSSION 15 DECEMBER 2015 WELCOME Have a question for the speaker? Text it in using the Ask A Question button! Audio is streamed
More informationITIL Intermediate Service Design (SD) Certification Boot Camp - Brochure
ITIL Intermediate Service Design (SD) Certification Boot Camp - Brochure Get a Management-level overview of Service Design to advance in your Career Course Name : ITIL SD Version : INVL_ITILSD_BR_02_033_1.2
More informationExam4Tests. Latest exam questions & answers help you to pass IT exam test easily
Exam4Tests http://www.exam4tests.com Latest exam questions & answers help you to pass IT exam test easily Exam : CISM Title : Certified Information Security Manager Vendor : ISACA Version : DEMO 1 / 10
More informationIT-CNP, Inc. Capability Statement
Securing America s Infrastructure Security Compliant IT Operations Hosting Cyber Security Information FISMA Cloud Management Hosting Security Compliant IT Logistics Hosting 1 IT-CNP, Inc. is a Government
More informationITIL Intermediate Continual Service Improvement (CSI) Certification Boot Camp - Brochure
ITIL Intermediate Continual Service Improvement (CSI) Certification Boot Camp - Brochure Gain Knowledge to Align IT Services to Business Needs US Course Name : CISSP Version : INVL_CISSP_BR_02_089_1.2
More informationFOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY
FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide
More informationSharpen the COBIT axe before chopping the IT Governance tree
Sharpen the COBIT axe before chopping the IT Governance tree Cai Walters CISA, CISM, Network+, Security+ Who is: Cai Walters Professions over the last 30 years Senior IT Auditor Policy writer of IT regulations
More informationstandards and frameworks and controls oh my! Mike Garcia Senior Advisor for Elections Best Practices
standards and frameworks and controls oh my! Mike Garcia Senior Advisor for Elections Best Practices mike.garcia@cisecurity.org The big three in their own words ISO 27000: family of standards to help organizations
More informationSPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES
SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES Dear Executive, you requested more information, here are three quick questions Would you know if your company
More informationCybersecurity and the Board of Directors
Cybersecurity and the Board of Directors Key Findings from BITS/FSR Meetings OVERVIEW Board directors are increasingly required to engage in cybersecurity risk management yet some may need better education
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationIT MANAGEMENT AND THE GDPR: THE VMWARE PERSPECTIVE
TRANSFORM SECURITY DATA PROTECTION SOLUTION OVERVIEW IT MANAGEMENT AND THE GDPR: THE VMWARE PERSPECTIVE Introduction This Solution Overview is intended for IT personnel interested in the VMware perspective
More informationIsaca EXAM - CISM. Certified Information Security Manager. Buy Full Product.
Isaca EXAM - CISM Certified Information Security Manager Buy Full Product http://www.examskey.com/cism.html Examskey Isaca CISM exam demo product is here for you to test the quality of the product. This
More informationState of Cloud Survey GERMANY FINDINGS
2011 State of Cloud Survey GERMANY FINDINGS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Cloud security is top goal and top concern.................................. 8 Finding 2: IT staff
More informationCOBIT 5 Implementation Certification Training Course - Brochure
COBIT 5 Implementation Certification Training Course - Brochure Unlock your True Potential Course Name : COBIT 5 Implementation Version : INVL_Cobit5_BR_02_080_1.1 Course ID : ITSG-131 www.invensislearning.com
More informationTable of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING
Table of Contents Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING Chapter 1: Significance of Internal Auditing in Enterprises Today: An Update 3 1.1 Internal Auditing History and Background
More informationManaging IT Risk: The ISACA Risk IT Framework. 1 st ISACA Day, Sofia 15 October Charalampos (Haris)Brilakis, CISA
Managing IT Risk: The ISACA Risk IT Framework Charalampos (Haris)Brilakis, CISA ISACA Athens Chapter BoD / Education Committee Chair Sr. Manager, Internal Audit, Eurobank (Greece) 1 st ISACA Day, Sofia
More informationIDC FutureScape: Worldwide Security Products and Services 2017 Predictions
IDC FutureScape: Worldwide Security Products and Services 2017 Predictions Sean Pike, Program Vice President, Robert Ayoub, Research Director IDC Web Conference December, 7, 2016 Logistics Submit any questions
More informationIT Consulting and Implementation Services
PORTFOLIO OVERVIEW IT Consulting and Implementation Services Helping IT Transform the Way Business Innovates and Operates 1 2 PORTFOLIO OVERVIEW IT Consulting and Implementation Services IT is moving from
More informationGovernance, Organisation, Law, Regulation and Standards Syllabus QAN 603/0855/2
Making IT good for society Governance, Organisation, Law, Regulation and Standards Syllabus QAN 603/0855/2 Version 5.0 April 2018 This is a United Kingdom government regulated qualification which is administered
More informationRegulating Cyber: the UK s plans for the NIS Directive
Regulating Cyber: the UK s plans for the NIS Directive September 2017 If you are a digital service provider or operate an essential service then new security and breach notification obligations may soon
More informationTraining + Information Sharing: Pillars of enhancing cybersecurity posture
Training + Information Sharing: Pillars of enhancing cybersecurity posture Welland Chu VP, Professional Development & Secretary ISACA China Hong Kong Chapter June 2018 www.isaca.org Reported cyber incidents
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationACTIONABLE SECURITY AWARENESS: CONVERT THE WEAKEST LINK INTO THE SAFETY FORCE
ACTIONABLE SECURITY AWARENESS: CONVERT THE WEAKEST LINK INTO THE SAFETY FORCE Cybersecurity Awareness by gamification: Kaspersky CyberSafety Training 2017 Kaspersky Lab. All rights reserved. 1 HUMAN MISTAKES
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationBuild confidence in the cloud Best practice frameworks for cloud security
Build confidence in the cloud Best practice frameworks for cloud security Cloud services are rapidly growing and becoming more of a focus for business. It s predicted that more than $1 trillion in IT spending
More informationGoverning cyber security risk: It s time to take it seriously Seven principles for Boards and Investors
www.pwc.co.uk Governing cyber security risk: It s time to take it seriously Seven principles for Boards and Investors Dr. Richard Horne Cyber Security Partner PwC January 2017 Board governance is often
More informationECCouncil EC-Council Certified CISO (CCISO) Download Full Version :
ECCouncil 712-50 EC-Council Certified CISO (CCISO) Download Full Version : http://killexams.com/pass4sure/exam-detail/712-50 QUESTION: 330 Scenario: You are the newly hired Chief Information Security Officer
More informationDigital Service Management (DSM)
Digital Service Management (DSM) A Proactive, Collaborative and Balanced Approach for Managing, Improving and Securing an Enterprise Digital Service Portfolio itsm003 v.3.0 Agenda and Objectives What is
More informationThe Quest for Independence - Information Security Management Pyramid. Mikhail Utin, CISSP, PhD, Daniil Utin, MS and Rubos, Inc.
1 1. Introduction The Quest for Independence - Information Security Management Pyramid Mikhail Utin, CISSP, PhD, Daniil Utin, MS and Rubos, Inc. team The current state of global cybersecurity remains chaotic
More information