Newsletter | Volume 1

Issue I
Issue II
Issue III
Issue IV
Issue V
Issue VI
Issue VII
Issue VIII
Issue IX
Issue X
Issue XI
Issue XII
Issue XIII
Issue XIV
Issue XV
Issue XVI
Issue XVII
Issue XVIII
Issue XIX
Issue XX
Issue XXI
Issue XXII
Issue XXIII

click here to

Subscribe to our newsletter



To Unsubscribe click here
How will we conduct an IT-Security Day for you?
The IT Security Day should aim to answer some questions that highlight new forms of cyber-attacks e.g. by using spoofing as a technique that can overcome planned defences.

Participants will have an opportunity to discuss the challenges and apply their talents to defend their the financial organisation and use the outcome to identify areas to enhance policies, develop technical solutions and improve personnel strategies to allow their organisations to respond better to real work incidents.

General Data Protection Regulation (GDPR)
The existing EU data protection regime is based on the 1995 Data Protection Directive (95/46/EC). During the last 20 years, there have been significant advances in information technology, and fundamental changes to the ways in which individuals and organisations communicate and share information. Combined with such developments, the various EU member states have adopted a somewhat divergent approach to implementing the Data Protection Directive.

The directive has created compliance difficulties for many businesses. In recognition of such challenges, the EU's legislative bodies have developed a more harmonised data protection law, the draft General Data Protection Regulation (GDPR). Although the GDPR is not likely to enforceable before 2018, this session will consider the impact of the GDPR on businesses and what they should be doing now.

Let's address the IT security, Cyber Security and data protection implications on business and what the organisation should be doing now to address the future compliance issues?

The cyber security challenge
The proper collective response to the Cybersecurity threats is becoming more and more complex. Contrary to other business areas, the regulatory guidelines are still vague. Therefore, each company must establish correct and clear guidelines;
  • When should the board of directors be informed of IT and cyber risks
  • Who is responsible and takes ownership of IT and cyber security policies
  • How does management stay aware and maintain policies in an area, which changes constantly?
  • When should the company invest in new knowledge and technology to follow the latest developments?
  • What are the different approaches towards planning, prioritisation and managing Cybersecurity activities?
  • Is your Cyber security strategy sufficient?

Data security, data breaches and security alerts
Data security controls are crucial to ensure that customer and business information is always protected. IT Risk management programs with organised operating environments, strong and multi-factor verification and other controls can provide flexible controls and solutions. How to safeguard against the third party risks associated with groups that have access to data and systems.

We review updated controls, user access, separation of system infrastructure, limits and restrictions and proactive system monitoring;
  • How to monitor periodic risk assessments of information security programs.

The sum of the above will ensure business sustainability and build IT controls to protect unauthorised access to business communications, intellectual property or client information.