Updating the 2016 IT, Data and Cyber Security Program
Copenhagen Compliance® has since 2005, continuously
provided guidance on how organizations can implement a governance and risk-based
approach to IT security issues, by making these issues visible, measurable
and actionable. At the IT
Security Day on 15th March 2016, we will demonstrate the Security Risk
Management tools that support both advanced reporting capabilities and interconnectivity
to ensure that remediation actions for IT breach, controls, and tests.
Each of the past several years has
been considered to be the worst year ever when it comes to IT, data and
cyber security breaches. Still dozens of 'other' companies and government
agencies are victims of massive network security breaches. But the breach
has probably occurred in your IT or data network, you just don't not know
abou it.
Updated state-of-the-art IT-security policies
Several of victims are often data-security firms, hosting companies or
financial institutions. Therefore, the violations affected customers and
consumers on a relatively large scale. The continued and extended the
use of mobile devices; social media and cloud security will drive the
IT-security concerns in 2016.
The 2015 program will focus on the latest IT security challenges that
damage the IT infrastructure social media as a tool in cyber warfare.
Most companies will focus on stricter data discipline, governance, security
enforcements with a primary focus on data protection. We recommend a bi-annual
assessment of cloud-service providers and their ability to enforce updated
state-of-the-art IT security policies.
- Protect the Social Side of your Business and Organisation. Employ
the components of the Social Media to Remain Competitive
- The social media experience is changing the communication structure
within and outside the organization. What are the threats to social
media's unstructured and unexplored lines of contact? Improper use
of the social media can inadvertently lead to Good Governance, Risk
Management, and Compliance issues e.g. Insider trading, antitrust
violations, defamation, and harassment, etc.
- Social media allow companies can also be used for stakeholder
engagement, highlighting the need for Social Media governance. Organizations
admit that it is hard to monitor and manage the interactive content
of the Social Media to drive value and ultimately manage risk.
- Social media is now often used to enhance the company's bottom
line profitability by leveraging the elements of social media marketing.
Take into consideration that by 2015, almost half of the CIOs will
use cloud sourcing due to costs issues or to create new revenue
streams to outperform competitors
- IT focus on creating a comprehensive Social Media strategy on how
to:
- Capture and govern the social media in the cloud
- Determine the boundaries of interaction that contains detailed,
negative or neutral position
- Extend existing compliance guidance and assessment practices to
interactive content
- Perform hypothetical search and policy-based monitoring of the
combined social statistics -in your entire database
- Preserve or recover the interactive content for legal action or
proceedings
- Using Technology to Simplify, Integrate and create Business Security
and Value.
- How to use IT to capture and control the enterprise-wide GRC perspectives
and compliance events at your business platform
- How to manage and monitor the various security risks that drown
in data, by implementing new technology e.g. dashboard systems that
prioritize risks and develop a global view of compliance activity
- How to move more strategically and stay ahead of compliance missteps.
- How to mitigate exposure to risk, fraud, and human error by implementing
controls-monitoring technology to enforce real-time, contextual,
and preventive IT controls within business processes
- Managing Information Governance to Avoid Compliance Meltdowns.
- How to create a secure, cloud-based IT environment that consolidates
management information data into one system. The priorities could
be corporate records management and regulatory compliance departments
- How to move Information Governance into the next generation of
large data structures and the related risks. e.g. e-discovery failures,
privacy breaches, and limited data protection
- How to manage these risks and compliance obligations into a modern
corporate IT environments such as cloud computing
- How to find the right cloud model for your business and control
the information flow?
- What are the implications of the new EU mandates on privacy and
data security?
To be continued in the next newsletter. The Cloud is here to stay, integrate
Cloud Computing into Your Data Security Program: see: http://www.riskability.org/2016/it-security/index.htm