Newsletter | Volume 1

How to reduce it costs, increase agility and better support business functions by addressing the cybersecurity challenge of data security, data breaches and security alerts by implement an information security management system.

IT security is still the biggest perceived barrier to further cloud adoption. Nine out of ten organizations are concerned about public cloud security issues. Dominant cloud security concerns are often related to unauthorized access, hijacking of accounts, and malicious insiders. Almost 80% of corporate managers are concerned about personal cloud storage services operated by employees or visitors. However, security and compliance are the biggest concerns.

This workshop discusses how to close the cloud security gap and provide the ability to implement the enforcement of consistent cloud security policies and procedures.

Encryption of data and data in motion is probably the best protection for cloud data.
How can cloud computing deliver on flexibility, availability and cost reductions?
Despite making massive investments in security, 36% of respondents believe that major cloud apps are less secure than premises-based applications.

The cyber security challenge
The proper corporate response to the cyber security threats is becoming more and more involved. Contrary to other business areas, the regulatory guidelines are rather vague. For instance, that the board should be informed of risks and handles policies to be in place.

However, how do you stay aware and maintain systems in an area, which changes constantly?

In a field where you could invest in new knowledge and technology every day to follow the latest developments?

Changing circumstances - the threat picture is developing.
What are the different approaches towards planning, prioritisation and managing cybersecurity activities?
Is your cyber security strategy sufficient?

Data security, data breaches and security alerts
Data security controls are crucial to ensure that customer and business information is always protected. IT risk-management programs with configured operating environments, healthy and multi-factor authentication and other strategies that provide flexible controls and solutions.

How to safeguard against the risks associated with groups that are either employed, associated or business partners that have access to data and systems.
A review of updated controls, user access, separation of system infrastructure, limits and restrictions and proactive system monitoring
How to monitor periodic risk assessments of information security programs

How to implement an information security management system based on ISO 27001-2.
Information security is becoming more and more essential and should be part of good business practice and corporate management. In governance, risk management, and compliance world, a solution for all GRC components is a well-structured and documented isms execution, with high management involvement and stakeholder awareness in the organization.

During this presentation, you get facts, do's and do not's in connection with establishing a balanced, controlled and standardised isms implementation. We will provide some ideas on what management and business need to be aware of in an iso certification process. An ISO 27001 certification may not be the objective for the isms, however, there will be many valuable benefits in the preparedness process of the certification, that will help the IT and other departments of the organisation.

To get detailed guidance on how you can conduct the workshop with or without our guidance, please study the entire website: http://www.riskability.org/2015/it-security/

Alternatively, register: http://www.riskability.org/2015/it-security/register.htm