Workshop: implementation & enforcement of consistent IT & cloud security
policies & procedures.
How to reduce it costs, increase agility and better
support business functions by addressing the cybersecurity challenge of
data security, data breaches and security alerts by implement an information
security management system.
IT security is still the biggest perceived
barrier to further cloud adoption. Nine out of ten organizations are concerned
about public cloud security issues. Dominant cloud security concerns are
often related to unauthorized access, hijacking of accounts, and malicious
insiders. Almost 80% of corporate managers are concerned about personal
cloud storage services operated by employees or visitors. However, security
and compliance are the biggest concerns.
This workshop discusses how to close the cloud security gap and provide
the ability to implement the enforcement of consistent cloud security
policies and procedures.
- Encryption of data and data in motion is probably the best protection
for cloud data.
- How can cloud computing deliver on flexibility, availability and
cost reductions?
- Despite making massive investments in security, 36% of respondents
believe that major cloud apps are less secure than premises-based
applications.
The cyber security challenge
The proper corporate response to the cyber security threats is becoming
more and more involved. Contrary to other business areas, the regulatory
guidelines are rather vague. For instance, that the board should be informed
of risks and handles policies to be in place.
However, how do you stay aware and maintain systems in an area, which
changes constantly?
In a field where you could invest in new knowledge and technology every
day to follow the latest developments?
- Changing circumstances - the threat picture is developing.
- What are the different approaches towards planning, prioritisation
and managing cybersecurity activities?
- Is your cyber security strategy sufficient?
Data security, data breaches and security alerts
Data security controls are crucial to ensure that customer and business
information is always protected. IT risk-management programs with configured
operating environments, healthy and multi-factor authentication and other
strategies that provide flexible controls and solutions.
- How to safeguard against the risks associated with groups that are
either employed, associated or business partners that have access
to data and systems.
- A review of updated controls, user access, separation of system
infrastructure, limits and restrictions and proactive system monitoring
- How to monitor periodic risk assessments of information security
programs
How to implement an information security management system based on
ISO 27001-2.
Information security is becoming more and more essential and should be
part of good business practice and corporate management. In governance,
risk management, and compliance world, a solution for all GRC components
is a well-structured and documented isms execution, with high management
involvement and stakeholder awareness in the organization.
During this presentation, you get facts, do's and do not's in connection
with establishing a balanced, controlled and standardised isms implementation.
We will provide some ideas on what management and business need to be
aware of in an iso certification process. An ISO 27001 certification may
not be the objective for the isms, however, there will be many valuable
benefits in the preparedness process of the certification, that will help
the IT and other departments of the organisation.
To get detailed guidance on how you can conduct the workshop with or without
our guidance, please study the entire website: http://www.riskability.org/2015/it-security/
Alternatively, register: http://www.riskability.org/2015/it-security/register.htm