Cybersecurity, Digital investigations, and the 'unsung' Heroes of Incident Support

•

2 likes•422 views

Focus of this talk is to outline some of the fundamentals and principals associated with cybersecurity and digital investigations, demonstrate how they are connected, and to highlight how audit now plays a part in supporting incident response. Main points covered: • Fundamentals and principles associated with Cybersecurity and Digital Investigations • How Cybersecurity and Digital Investigations are connected • How an audit plays a significant part in supporting incident response Presenter: Jason Green is a Principal at Hexigent Consulting, a cyber security, digital investigation and forensic services company based out Oakville, Ontario. He is an experienced security executive with a proven record in the delivery of strategic security services, and has operated internationally in the investigations and information/cyber security fields since 1988. He works with clients to assist with digital investigative matters, provide security thought leadership, develop and execute strategic plans, identify and address security and technology issues, and respond to incidents, with a view to reducing risks and optimizing efficiencies. His background encompasses digital forensics and investigation, governance, risk and compliance, operational security design, security assessments, social engineering, and controls design and review. Recorded webinar: https://youtu.be/3CfXQqLVq84

Education

Cybersecurity: Mindset
Investigations: Informed decisions
Audit: Perspective

1. A vulnerability will be exploited
2. Everything is vulnerable, somehow
3. We trust, even when we shouldn’t
4. Innovation leads to exploitation
5. When in doubt, see #1
Cybersecurity:

The
(simplified)
Approach
Identify
‘Crown
Jewels’
Protect
Assets
Detect
Incidents
Incident
Response

Mature processes, methods, tools and skills, working in
unison with a common goal.
The ‘Cyber’ objective:
Resulting in:
Well trained people, following
well developed procedures, using
well implemented technology

1. You can never have enough intel
2. Science is your friend
3. Tools are tools. There is no ‘find evidence’ button
4. Someone is going to court
5. Caffeine and jazz seem to help
Digital
Investigations:

Incident or
Need
Research
Hypothesis
Experiment
Analysis
Conclusion
1.
Technical &
Management
Awareness
3.
Incident Response
Escalation
2.
Triage &
Risk Review
4.
Reputational
Management
Digital
Investigatio
n
Lifecycle

Technical &
Management
Awareness
Reputational
Management
Triage &
Risk Review
Incident Response
Escalation
Initial alerting from varied Sources.
Questions are asked. Reviews (tech & process)
INFORMATION*
*Process, workflows, technology, change management, etc..
IR Teams. War rooms. Decisions being made. Lots of noise.
Definitely a problem. PR/HR/Legal are involved.

Audit
Factual source of information in most
organizations?
“…a systematic, disciplined approach to evaluate and improve the
effectiveness of risk management, control and governance
processes."
Internal

“Why can’t we combat this, easily?”
• Complex Technology
• Adapting Processes
• People

Create relationships
Incident + Operational knowhow + Audit knowledge =

1. Knowledge transfer / cross training is good.
2. Be flexible. Always.
3. Evolve. There’s a world outside of the walls.
4. It takes a village.
…A truly collaborative approach:

ISO/IEC 27032
Training Courses
• ISO/IEC 27032 Introduction
1 Day Course
• ISO/IEC 27032 Foundation
2 Days Course
• ISO/IEC 27032 Lead Cybersecurity Manager
5 Days Course
Exam and certification fees are included in the training price.
www.pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
www.pecb.com/events

THANK YOU
?
jasongreen@hexigent.com
www.hexigent.com/
linkedin.com/in/jasongreen

Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations

PECB

Generative AI offers great opportunities for innovation in various industries. Hence, by adopting ISO/IEC 27032, you can enhance your cybersecurity resilience and efficiently address the risks associated with generative AI. Amongst others, the webinar covers: • AI & Privacy • Generative AI, Models & Cybersecurity • AI & ISO/IEC 27032 Presenters: Christian Grafenauer Anonymization expert, privacy engineer, data protection officer, LegalTech researcher (GDPR, Blockchain, AI) Christian Grafenauer is an accomplished privacy engineer, anonymization expert, and computer science specialist, currently serving as the project lead for anonymity assessments at techgdpr. With an extensive background as a senior architect in Blockchain for IBM and years of research in the field since 2013, Christian co-founded privacy by Blockchain design to explore the potential of Blockchain technology in revolutionizing privacy and internet infrastructure. As a dedicated advocate for integrating legal and computer science disciplines, Christian’s expertise in anonymization and GDPR compliance enables innovative AI applications, ensuring a seamless fusion of technology and governance, particularly in the realm of smart contracts. In his role at techgdpr, he supports technical compliance, Blockchain, and AI initiatives, along with anonymity assessments. Christian also represents consumer interests as a member of the national Blockchain and DTL standardization committee at din (German standardization institute) in ISO/TC 307. Akin Johnson Akin J. Johnson is a renowned Cybersecurity Expert, known for his expertise in protecting digital systems from potential threats. With over a decade of experience in the field, Akin has developed a deep understanding of the ever-evolving cyber landscape. Akin is an advocate for cybersecurity awareness and frequently shares his knowledge through speaking engagements, workshops, and publications. He firmly believes in the importance of educating individuals and organizations on the best practices for safeguarding their digital assets. Lucas Falivene Lucas is a highly experienced cybersecurity professional with a solid base in business, information systems, information security, and cybersecurity policy-making. A former Fulbright scholar with a Master of Science degree in Information Security Policy and Management at Carnegie Mellon University (Highest distinction) and a Master's degree in Information Security at the University of Buenos Aires (Class rank 1st). Lucas has participated in several trainings conducted by the FBI, INTERPOL, OAS, and SEI/CERT as well as in the development of 4 cyber ISO national standards. Date: July 26, 2023 YouTube Link: https://youtu.be/QPDcROniUcc

Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?

PECB

By embracing the importance of GDPR and leveraging ISO/IEC 27701, you can enhance your data protection practices, achieve compliance, and minimize the risk of penalties. Amongst others, the webinar covers:  Importance of Data Protection  Understanding Data Collection and Challenges  Introduction to GDPR  Key Principles of GDPR  Who does GDPR Apply to and Its Global Implications  Introduction to ISO/IEC 27701  Implementing ISO/IEC 27701  Privacy by Design  Dealing with IT on a Daily Basis  Building Awareness and Training  Audit, Data Discovery, and Risk Assessments Presenters: Mike Boutwell Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects. Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director. Lisa Goldsmith Lisa Goldsmith is the founder of LJ Digital and Data Consultancy. Lisa has over 23 years’ experience of supporting leadership teams in membership, charity, and wider not-for-profit organisations to simplify their IT and digital strategy that allows them to sleep soundly at night, knowing their systems and processes are fit for purpose, GDPR compliant, secure and that they deliver value to staff, members, and stakeholders. Prior to starting her own consultancy, Lisa gained extensive experience working for membership organisations and has knowledge and expertise at all levels of operations from working within careers and qualifications teams, as Membership Manager, as Head of Digital & IT for delivering large-scale digital, IT and GDPR compliance projects and serving on several Senior Leadership Teams. Lisa is also currently a Trustee of the BCLA and Groundwork East. Date: June 27, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/lfJrSLaGDtc Website: https://bit.ly/437GOnG

GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...

PECB

The EU has implemented a range of regulations aimed at strengthening its cybersecurity posture. In this context, the ISO/IEC 27001 standard offers a comprehensive framework for managing and safeguarding sensitive information, such as personal data. Amongst others, the webinar covers: • Quick recap on the ISO/IEC 27001:2013 & 2022 • ISO/IEC 27001 vs legislation • The EU Cyber Legislation landscape • Some considerations and consequences • How to stay on top of the ever changing context Presenters: Peter Geelen Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more. Jean-Luc Peters Jean-Luc Peters brings 25 years of IT technology, information and cybersecurity expertise to boards, executives, and employees. Since the younger age he has held management positions in the private and government sector. He is currently the Head of the Cyber Emergency Response team for the National Cybersecurity Authority in Belgium. In addition to this, he is also a trainer, coach and trusted advisor focusing on enhancing cyber resilience. Jean-Luc has helped in the technical implementation of the NIS 1 (Network and Information Security) Directive transposition in Belgium, defining the Baseline Security Guidelines governmental ISMS framework and many other projects. He holds several certifications, including ISO/IEC 27001 Lead Implementer, ISO/IEC 27005 Auditor, CISSP, GISP, Prince 2 Practitioner, ITIL etc. Date: May 31, 2023 Tags: ISO, ISO/IEC 27001, Information Security, Cybersecurity ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/rsjwwF5zlK8

How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...

PECB

Student Information Session University KTMC

PECB

To protect your organization from cyber attacks, you need to implement a robust information security management system (ISMS) and business continuity management system (BCMS) based on international standards, such as ISO/IEC 27001 and ISO 22301. Amongst others, the webinar covers: • Why we need a cyber response plan to protect business operations • Introduction to ISO/IEC 27001 and ISO 22301 • What do we need for a cyber security response plan? • How do we develop a cyber security response plan? Presenters: Nick Frost Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense, that prioritise key risks to the organisation and helped minimise disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management. Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicst in the Oil and Gas Industry. Simon Lacey Simon is a resourceful, creative Information & Cyber Security professional with a proven track record of instigating change, disrupting the status quo, influencing stakeholders and developing ‘big picture’ vision across business populations. Multiple industry experience; excels in building stakeholder engagement & consensus; and suporting organisations to make sustainable change. Simon also has considerable experience of risk management, education and awareness, strategy development and consulting to senior management and is a confident and engaging public speaker. Simon has previously worked within the NHS, Bank of England and BUPA, before setting out as an independent consultan forming Oliver Lacey Limited, supporting clients in multiple business sectors. When not working, Simon loves to run – currently training for the Berlin Marathon, a Director of Aylesbury United Football Club, records vlogs and is an experienced standup comic. Date: April 26, 2023 Find out more about ISO training and certification services Training: https://bit.ly/3AyoyYF https://bit.ly/3LbBVTx Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/i4qx5mjEqio

ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...

PECB

Integrating ISO/IEC 27001 and ISO 31000 can help organizations align their information security and risk management efforts with their overall business objectives, leading to more effective risk management and better decision-making. Amongst others, the webinar covers: • Aligning the ISMS process with ISO/IEC 27001 • Using ISO 31000 within the ISMS • Aligning the RM process with ISO 31000 • How/where does ISO/IEC 27001 fit? Presenters: Nick Riemsdijk As a highly experienced and multi-skilled leader in Information and Physical Security, Nick is known as a collaborative, focused, driven and highly analytical individual with a broad portfolio of successes in client engagements. His expertise spans devising, implementing, managing and delivering information security, physical security, organizational resilience and facilities management solutions for organizations. He is certified as a Certified Information Security Manager (CISM), Certified Protection Professional (CPP), in Project Management (Prince2), ISO 22301 (Business Continuity), ISO 27001 (Information Security), and ISO 31000 (Risk Management). Rinske Geerlings Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer. She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs) Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents. She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk. Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions. Date: March 23, 2023 Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/Xj0U2mbpZUs

Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...

PECB

Student Information Session University CREST ADVISORY AFRICA

PECB

Effective IT Governance requires proper Information Security practices to ensure that the organization's data is secure. On the other hand, Information Security policies and procedures must be aligned with the organization's overall IT Governance framework to ensure that security measures do not negatively impact business operations. Amongst others, the webinar covers: ▪ Bring Governance and InfoSec Together ▪ Answering WIIFM ▪ Business Terms Presenters: Dr. Edward Marchewka Dr. Edward Marchewka is a seasoned executive that has come up through the ranks in the IT vertical, expanding into information security, quality management, and strategic planning. Edward founded and serves as the Principal for 3LC Solutions, enabling YOU to Tell a Better Story in business, with our vCIO, vCISO, quality, and strategy consulting services, through metrics and relating risk to the business with our CHICAGO Metrics® SaaS solution. He has also held several roles leading information technology, most recently with Gift of Hope Organ and Tissue Donor Network, leading the Information and Technology Services department as the Director of IT, Data, and Security Services. Prior to Gift of Hope, he ran information security for Chicago Public Schools. Edward has earned a Doctorate of Business Administration from California Southern University and Masters’ degrees in Business Administration and Mathematics from Northern Illinois University. He earned Bachelors’ degrees in Liberal Studies and Nuclear Engineering Technologies from Thomas Edison State College, N.J. Edward maintains several active IT, security, and professional certifications from (ISC)2, ASQ, ITIL, PCI, PMI, ISACA, Microsoft, and CompTIA. He has held legacy IT certifications from Cisco and HP, and a designation from the National Security Agency. Date: February 22, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-38500 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/2bSbAdL5Idg

IT Governance and Information Security – How do they map?

PECB

Information Session University Egybyte.pptx

PECB

oin us as our Director for Business Mustafe Bislimi teams up with Dr. Obadare Peter Adewale, our academic partner Digital Encode Limited, to provide valuable information about our programs, admissions process and specialization and elective courses. Discover the opportunities available to you as a student at PECB University and get a firsthand look at what makes us a top choice for education. Whether you're a prospective student or simply curious about PECB University, don't miss this informative session! Subscribe to our channel and stay tuned for more videos. For inquiries regarding admission process contact us: university.studentaffairs@pecb.com -EMBA in Cybersecurity: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbHJQUUpjMmY2NmcyeURhTzE5VlRSNjg2Y1hwd3xBQ3Jtc0tuLTZqdmZyWkc2VVNQV21YRTlKZUQ2SEtUenNXbzYyb1ZianV5cldDYTViWjZ1eVhCNWtxWHI3VTNwRS1BOE4wTERkZ3BtcndwM0sxdVoydWZYSXBkV2hYd2lwU0NLSTk5WERWMlhtVk1Ud2tuWTRjTQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fcybersecurity&v=3YJbbr708pk -EMBA in Business Continuity Management: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa3JQTGVhd1VfeG1weWNzUzRrMmg2bk0tc3kxUXxBQ3Jtc0tsOVF5VG82TkhRU3R5TVRWWmdhMzBrSTU2eW9wby1OYWN4VTg5bkJBY0lhTmNsOFhETzB5cVp0WU8zbTQwTlZkdk9Dby1fSXdhWmRpZFFPUmk3NS1QOGpMOVBlaDFhVVpwa2JZMkxKNGRnTnppMm93SQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fbusiness-continuity-management&v=3YJbbr708pk -EMBA in Governance, Risk, and Compliance: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbUplMGtjOFRWbzdGWERmdTR2QjdSbTBuQUxCd3xBQ3Jtc0tsNVdOU1p6UERWM3ZySE55V2FlWlJ1aFlzUU85VEt0aVRoR0hyTjNHbUNVYVMyb0lzTkZycUtJRzNxazlDWGRqTHZQMWJPZEYwbG1xWjVJN1JNOW1QUjJBZDY3NkU5LVl0b2xxOFpkZW1ZX2F3QmF5cw&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fgovernance-risk-compliance&v=3YJbbr708pk

Student Information Session University Digital Encode.pptx

PECB

Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets. Amongst others, the webinar covers: • Top Cyber Trends for 2023 • Cyber Insurance • Prioritization of Cyber Risk Presenters: Colleen Lennox Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job! Madhu Maganti Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes. Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting. Date: January 25, 2023 Tags: ISO, ISO/IEC 27032, Cybersecurity Management ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 https://pecb.com/article/cybersecurity-risk-assessment https://pecb.com/article/a-deeper-understanding-of-cybersecurity Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/BAAl_PI9uRc

Cybersecurity trends - What to expect in 2023

PECB

Several organizations are experiencing increased volatility in their security environment. A proper security management system can contribute to business resilience and to its credibility, hence, organizations should continually conduct security risk assessments in order to be able to better manage their security. Amongst others, the webinar covers: • What is ISO 28000:2022 • Why is it important and changes • How it operates • Benefits to implement this standard Presenters: Patrick Ben As a cybersecurity analyst, Patrick is highly skilled in identifying and mitigating security threats to computer systems and networks. With a strong background in computer science and a passion for staying up-to-date on the latest security trends, he is able to analyze and evaluate security risks and develop effective strategies to protect against them. I have experience working with a variety of security tools and technologies, including firewall configurations, intrusion detection systems, and network security protocols. Patrick is also proficient in coding languages such as Python and Java, which allows him to analyze and understand complex security systems at a deeper level. Overall, Patrick’s goal is to use his expertise and experience to help organizations and individuals protect their systems and data from security threats. He is excited to continue learning and growing in the field of cybersecurity and to make a positive impact in the world of information security. Date: December 14, 2022 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection https://pecb.com/article/isoiec-27001---what-are-the-main-changes-in-2022 https://pecb.com/article/investing-in-information-security-awareness Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION Webinar: https://youtu.be/G2Ru7jiSRmE

ISO 28000:2022 – Reduce risks and improve the security management system

PECB

ISO/IEC 27005:2022 provides guidance in assisting you and your organization to perform information security risk management activities. Amongst others, the webinar covers: • Changes to the ISO/IEC 27005:2022 standard • Changes to the ISO/IEC 27005:2022 standard • Why a new ISO/IEC 27005-standard? Presenters: Anders Linde Anders Linde, founder of CISO27, holds more than 12 years of information security consulting and training experience. Anders is particularly interested in resolving the challenges arising from the consolidation and adaptation of international best practices in different organizational settings. Anders is a PECB certified trainer and member of SC27, contributing to the international development of the ISO/IEC 27000 series. Tony Chebli Tony is a cybersecurity practice leader and certified instructor. He was appointed as a CISO “information security head” for Group Credit Libanais for the past 13 years. Tony engineered a security program derived from ISO 27001 and PCI-DSS which helped the Bank comply with Central Bank of Lebanon and Banking Control Commission circulars and satisfy the external and internal IT auditors’ requirements. He was featured as a keynote speaker at several conferences and contributed to developing security awareness in the Middle East. Tony was hosted as a speaker for ISC2 Secure Summit in Dubai (November 2017), and the PCI council in Dubai (April 2016), he conducted as well road shows about ISO 27001 in KSA, Dubai, Jordan & Lebanon. Tony received for three consecutive years the “CISO 100 information security executive” award from the Middle East Security Awards (MESA) in Dubai. Date: November 16, 2022 Tags: ISO, ISO/IEC 27005, Information Security Risk Management ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27005 https://pecb.com/article/data-protection-risk-management https://pecb.com/article/investing-in-information-security-awareness Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

ISO/IEC 27005:2022 – What are the changes?

PECB

ISO/IEC 27001 is the main standard that aims to enhance an organization’s information security. Amongst others, the webinar covers: • ISO/IEC 27001 & ISO/IEC 27002, catching up with history • Quick recap on the ISO/IEC 27002:2022 • From ISO/IEC 27002 to the ISO/IEC 27001 updates • Some considerations & consequences of the update • What's up next with ISO/IEC 27001, in practice? Presenters: Peter Geelen Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more. Stefan Mathuvis Stefan Mathuvis, is owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy. Date: November 9, 2022 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection https://pecb.com/article/isoiec-27001---what-are-the-main-changes-in-2022 https://pecb.com/article/investing-in-information-security-awareness Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

ISO/IEC 27001:2022 – What are the changes?

PECB

Organizations need to implement a risk management strategy in order to mitigate, and whenever possible, eliminate cyber risks and threats. ISO/IEC 27032 and ISO 31000 combined help you to manage cyber risks. Amongst others, the webinar covers: • ISO/IEC 27032 vs. ISO 31000 • IRTVH Assessment Framework Presenters: Sherifat Akinwonmi Sherifat is a Cyber Security professional with over 12 years of experience across diverse industries including Agriculture, Oil & Energy Services, Pharmaceuticals, Financial and IT services. She is part of the top 20 Canadian Women in Cybersecurity – ITWC. She is also a Business Information Security Officer (BISO) with one of the top banks in Northern America. Sherifat is member of several boards including the Advisory Board for Canadian Women in Cybersecurity, Girls & Women Technological Empowerment Organization (GWTEO). She has a great passion and interest in enabling women in their professional careers. She volunteers her time mentoring young people to launch their careers in Technology and supports the less privileged. Geary Sikich Geary Sikich is a Senior Crisis Management Consultant at Health Care Service Corporation (HCSC). Prior to joining HCSC, Geary was a Principal with Logical Management Systems, Corp., a management consulting, and executive education firm with a focus on enterprise risk management, contingency planning, executive education and issues analysis. Geary developed LMSCARVERtm the “Active Analysis” framework, which directly links key value drivers to operating processes and activities. LMSCARVERtm provides a framework that enables a progressive approach to business planning, scenario planning, performance assessment and goal setting. Prior to founding Logical Management Systems, Corp. in 1985 Geary held a number of senior operational management positions in a variety of industry sectors. Geary served in the U.S. Army; responsible for the initial concept design and testing of the U.S. Army's National Training Center and other related activities. Geary holds a M.Ed. in Counseling and Guidance from the University of Texas at El Paso and a B.S. in Criminology from Indiana State University. Geary has developed and taught courses for Norwich University, University of Nevada Reno, George Washington University and University of California Berkley. He is active in Executive Education, where he has developed and delivered courses in enterprise risk management, contingency planning, performance management and analytics. Geary is a frequent speaker on business continuity issues business performance management. Date: October 12, 2022

ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...

PECB

An organization should enable continual operation of its information security after each incident. That means that information security and business continuity have one thing in common, which is the protection of the availability of information. Amongst others, the webinar covers: • ISO27001 ‘Information Security Management System’ Overview • ISO22301 ‘Business Continuity Management System’ Overview • Improving an ISO27001 Continuity Plan with ISO22301 Presenters: Rod Crowder Rod is the Founder, Managing Director & Principal Consultant of OpsCentre, a boutique provider of: Risk Management, Crisis and Business Continuity, IT Disaster Recovery, Information Security and IT Service Management Consultancy & Training. He is the Australia and New Zealand Country Representative & the Lead Instructor for Disaster Recovery Institute International, the oldest and largest NFP organization serving resilience professionals. He has over 25 years experience in Risk, Resilience, BCP, ITDRP & Information Security projects across Asia Pacific, for 140+ clients and over 420 client consultancy projects. He chairs the Adaptive Business Continuity Advisory Group; an international think-tank committed to developing new resilience and business continuity methodologies and practices. Rudy Shoushany Rudy is a motivational digital leader and Keynote speaker. He has a wide experience in Digital transformation in the financial sector Field, with over 22 years of experience in assisting organizations. His specialty ICT Strategies in Digital Transformation, Governance, Compliance, Blockchain, and CyberSecurity. Rudy is a Certified professional with many achievements and awards skilled in executive leadership & Coaching by PWC. Graduated from University of South Africa, with Certification from Stanford in Cybersecurity Strategies and Boston University in Digital Transformation. Rudy has been lately selected to be on the Forbes Technology Council and selected as top 25 Global Thought leader and Influencer in Technology and Top 100 Leaders in Governance in the digital transformation innovations. He serves as Board Member, coach, Judge and mentor for different Organizations and startups. Date: September 14, 2022 Find out more about ISO training and certification services Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection https://pecb.com/article/business-continuity-management-advice-for-employers--covid-19-coronavirus-outbreak https://pecb.com/article/investing-in-information-security-awareness Webinars: https://pecb.com/webinars

ISO/IEC 27001 and ISO 22301: How do they map?

PECB

Cybersecurity risk management is very important when it comes to maintaining the assets of an organization. In order to effectively manage cybersecurity risks and avoid data breaches, all functions of the organization should operate with clearly defined roles and responsibilities. Amongst others, the webinar covers: 1. Cyber Security trends: What we are seeing today 2. Identify those assets that ‘matter’ 3. Understanding your threat landscape 4. What does good look like for cyber risk management? Presenters: Nick Frost Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense, that prioritise key risks to the organisation and helped minimise disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management. Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicst in the Oil and Gas Industry. Simon Lacey Simon is a resourceful, creative Information & Cyber Security professional with a proven track record of instigating change, disrupting the status quo, influencing stakeholders and developing ‘big picture’ vision across business populations. Multiple industry experience; excels in building stakeholder engagement & consensus; and suporting organisations to make sustainable change. Simon also has considerable experience of risk management, education and awareness, strategy development and consulting to senior management and is a confident and engaging public speaker. Simon has previously worked within the NHS, Bank of England and BUPA, before setting out as an independent consultan forming Oliver Lacey Limited, supporting clients in multiple business sectors. When not working, Simon loves to run – currently training for the Berlin Marathon, a Director of Aylesbury United Football Club, records vlogs and is an experienced standup comic. Date: August 17, 2022 Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701 https://pecb.com/en/education-and-certification-for-individuals/iso-31000 https://pecb.com/whitepaper/the-future-of-privacy-with-isoiec-27701 https://pecb.com/whitepaper/iso-310002018-risk-management-guidelines Webinars: https://pecb.com/webinars

ISO/IEC 27001, Cybersecurity, and Risk Management: How to avoid data breaches?

PECB

ISO/IEC 27701, Data Protection, and Risk Management: How do they map? Risk management has become a very important feature when it comes to data protection and information security. Due to the criticality of data that is processed on a daily basis, risk management is highly needed to ensure that individuals’ rights are protected. Amongst others, the webinar covers: • Privacy, Data Protection, and Risk Management Definitions • Privacy, Data Protection , and Risk Management Inter-relationship • Risk Management – Real world example • Data Protection – How would it apply to the example? Presenters: Anthony English One of the top cybersecurity professionals in Atlantic Canada with extensive Canadian and International experience in cybersecurity covering risk assessment, management, mitigation, security testing, business continuity, information security management systems, architecture security reviews, project security, security awareness, lectures, presentations and standards-based compliance. George Usi George Usi is the CEO of Omnistruct Inc, a GaaS (cyber Governance as a Service) company with a vision to be the safety airbag of cyber risk and compliance. After more than twenty-five years in internet open standards, networking, and security, George recognized that getting hacked in an Internet-delivered world was a matter of when. He also recognized that cyber laws with the potential of steep fines for business leaders who neglect to illustrate cyber security diligence would evolve with more aggressive sanctions in arrears of hacker success. So, he ideated a goal to eliminate cyber risk and set a mission for Omnistruct to be the “safety airbag” of cyber compliance. With a continuous audit and documentation approach, business owners can protect consumer privacy rights when they ideate, illustrate, and continuously measure their cyber posture using a new US guideline in cyber risk developed by NIST. George attended California State University Chico, is a graduate of California State University Sacramento and a graduate of the Stanford Latino Executive Initiative (SLEI-ed) and Latino Business Action Network (LBAN) Graduate School of Business certificate program. Michael Bastiani Michael is a freelancer with his company Risk-BASE, available for roles as (but not limited to) risk manager, project manager, and consultant. With years of experience in the railway industry, Michael has experience in operational technology, automation, maintenance, IT, strategy, and safety. With his background as an engineer at TU Delft, one can always count on Michael to bring an innovative perspective to the table. Date: July 20, 2022

George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...

PECB

Top 5 information security challenges - How does ISO/IEC 27001 help you? Data breaches are continuing to be a high concern for today’s businesses. In this regard, organizations are developing several programs and methods to avoid such breaches. Amongst others, the webinar covers: • Top information security challenges • How does ISO 27001 help you Presenter: Rinske Geerlings Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer. She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs) Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents. She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk. Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions. Date: June 30, 2022 Tags: ISO, ISO/IEC 27001, Information Security, Data protection ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection https://pecb.com/whitepaper/no-iso-27001-certified-companies-among-largest-data-breaches-2014-2015 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

Top 5 information security challenges - How does ISO/IEC 27001 help you?

PECB

More from PECB (20)

Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations

Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?

GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...

How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...

Student Information Session University KTMC

ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...

Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...

Student Information Session University CREST ADVISORY AFRICA

IT Governance and Information Security – How do they map?

Information Session University Egybyte.pptx

Student Information Session University Digital Encode.pptx

Cybersecurity trends - What to expect in 2023

ISO 28000:2022 – Reduce risks and improve the security management system

ISO/IEC 27005:2022 – What are the changes?

ISO/IEC 27001:2022 – What are the changes?

ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...

ISO/IEC 27001 and ISO 22301: How do they map?

ISO/IEC 27001, Cybersecurity, and Risk Management: How to avoid data breaches?

George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...

Top 5 information security challenges - How does ISO/IEC 27001 help you?

Recently uploaded

1029-Danh muc Sach Giao Khoa khoi 6.pdf

QucHHunhnh

Micro-Scholarship, What it is, How can it help me.pdf

Poh-Sun Goh

Sociology 101 Demonstration of Learning Exhibit

jbellavia9

1029 - Danh muc Sach Giao Khoa 10 . pdf

QucHHunhnh

HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx

Esquimalt MFRC

ICT role in 21st century education and it's challenges.

MaryamAhmad92

Introduction to Nonprofit Accounting: The Basics

TechSoup

Graduate Outcomes Presentation Slides - English

neillewis46

How to Give a Domain for a Field in Odoo 17

Celine George

On National Teacher Day, meet the 2024-25 Kenan Fellows

Mebane Rash

FSB Advising Checklist - Orientation 2024

Elizabeth Walsh

Application orientated numerical on hev.ppt

RamjanShidvankar

Wizards are very useful for creating a good user experience. In all businesses, interactive sessions are most beneficial. To improve the user experience, wizards in Odoo provide an interactive session. For creating wizards, we can use transient models or abstract models. This gives features of a model class except the data storing. Transient and abstract models have permanent database persistence. For them, database tables are made, and the records in such tables are kept until they are specifically erased.

How to Create and Manage Wizard in Odoo 17

Celine George

Food safety_Challenges food safety laboratories_.pdf

Sherif Taha

Spellings Wk 3 English CAPS CARES Please Practise

AnaAcapella

Single or Multiple melodic lines structure

dhanjurrannsibayan2

Unit-IV- Pharma. Marketing Channels.pptx

VishalSingh1417

Activity 01 - Artificial Culture (1).pdf

ciinovamais

General Principles of Intellectual Property: Concepts of Intellectual Proper...

Poonam Aher Patil

Google Gemini An AI Revolution in Education.pptx

Dr. Sarita Anand

Recently uploaded (20)

1029-Danh muc Sach Giao Khoa khoi 6.pdf

Micro-Scholarship, What it is, How can it help me.pdf

Sociology 101 Demonstration of Learning Exhibit

1029 - Danh muc Sach Giao Khoa 10 . pdf

HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx

ICT role in 21st century education and it's challenges.

Introduction to Nonprofit Accounting: The Basics

Graduate Outcomes Presentation Slides - English

How to Give a Domain for a Field in Odoo 17

On National Teacher Day, meet the 2024-25 Kenan Fellows

FSB Advising Checklist - Orientation 2024

Application orientated numerical on hev.ppt

How to Create and Manage Wizard in Odoo 17

Food safety_Challenges food safety laboratories_.pdf

Spellings Wk 3 English CAPS CARES Please Practise

Single or Multiple melodic lines structure

Unit-IV- Pharma. Marketing Channels.pptx

Activity 01 - Artificial Culture (1).pdf

General Principles of Intellectual Property: Concepts of Intellectual Proper...

Google Gemini An AI Revolution in Education.pptx

Cybersecurity, Digital investigations, and the 'unsung' Heroes of Incident Support

2. Cybersecurity: Mindset Investigations: Informed decisions Audit: Perspective

3. 1. A vulnerability will be exploited 2. Everything is vulnerable, somehow 3. We trust, even when we shouldn’t 4. Innovation leads to exploitation 5. When in doubt, see #1 Cybersecurity:

4. The (simplified) Approach Identify ‘Crown Jewels’ Protect Assets Detect Incidents Incident Response

5. Mature processes, methods, tools and skills, working in unison with a common goal. The ‘Cyber’ objective: Resulting in: Well trained people, following well developed procedures, using well implemented technology

6. 1. You can never have enough intel 2. Science is your friend 3. Tools are tools. There is no ‘find evidence’ button 4. Someone is going to court 5. Caffeine and jazz seem to help Digital Investigations:

7. Incident or Need Research Hypothesis Experiment Analysis Conclusion 1. Technical & Management Awareness 3. Incident Response Escalation 2. Triage & Risk Review 4. Reputational Management Digital Investigatio n Lifecycle

8. Technical & Management Awareness Reputational Management Triage & Risk Review Incident Response Escalation Initial alerting from varied Sources. Questions are asked. Reviews (tech & process) INFORMATION* *Process, workflows, technology, change management, etc.. IR Teams. War rooms. Decisions being made. Lots of noise. Definitely a problem. PR/HR/Legal are involved.

9. Audit Factual source of information in most organizations? “…a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes." Internal

10. Innovation = Audit challenges

11. “Why can’t we combat this, easily?” • Complex Technology • Adapting Processes • People

12. Create relationships Incident + Operational knowhow + Audit knowledge =

13. 1. Knowledge transfer / cross training is good. 2. Be flexible. Always. 3. Evolve. There’s a world outside of the walls. 4. It takes a village. …A truly collaborative approach:

14. ISO/IEC 27032 Training Courses • ISO/IEC 27032 Introduction 1 Day Course • ISO/IEC 27032 Foundation 2 Days Course • ISO/IEC 27032 Lead Cybersecurity Manager 5 Days Course Exam and certification fees are included in the training price. www.pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 www.pecb.com/events

15. THANK YOU ? jasongreen@hexigent.com www.hexigent.com/ linkedin.com/in/jasongreen

Editor's Notes

What I’d like to do is talk about the mindset of cybersecurity, demonstrate how more informed decisions are possible using investigative methods, and provide a – possibly – different perspective when considering audits/auditors.
When considering cybersecurity, I’ve found some things that are fact. These haven’t changed much throughout my career and so I’d suggest they will likely to continue to be relevant. Although applying different lens to the following, will allow for a diverse approach. Note – I saw the basis of this list in a Forbes article from Jan 2018, but have repurposed here since it’ll help make some succinct points. The speed of change in technology and the way we use it, has meant that vulnerabilities appear continuously. Bad guys, bad code, bad luck or bad karma means we’re seeing a steep uptick in operational impacts. Fort knox, the whitehouse, my laptop, or the wifi network here at the conference. All, have a one or more weakness. With the application of enough time and effort, they could be found. Then it’s just a matter of time… In any ‘security’ program one things holds true – the human element is the weakest link. We’re pre-programmed to think in certain ways and that can be used against us. In the cyber space, as things improve, things get worse. Functionality v security. Whatever you’re look ing at… it’s vulnerable. If you’re auditing, remember that. Most folk see this list through a technical lens – servers, systems, applications & devices. But what if we re-considered it from a governance perspective…. A vulnerability in your governance model etc… Fresh thinking. Don’t just think technically, about what appears to be a technical issue. It’s bigger. This is usually thought of the in the technical sense, but consider these through the lens of governance/strategy/or process.
A simple approach to the cybersecurity problem. How do we look at it. Figure out what you need to protect Come up with controls (detective and preventative) Have a way of seeing when things go sideways, or wrong. Have a plan.. a good one.. to make sure fires can be put out…quickly.
It all sounds great, but what are we actually trying to achieve. What is the ‘cyber objective’  Ultimately, we want to help the folks that pay our salary - or fees - make informed decisions, and keep the lights on at our place of employment. Simple premise. Complex execution.
Switching gears. One of the ‘spokes’ of cyber is incident response. Regardless of what it is, if an investigation is needed, there are some things were remembering. Much like cyber – these don’t really change. Lots of information is needed; in fact… get ‘all the data and information’. A logical and structured approach is needed to make sense of things. Forensic ‘science’ is typically applied to ensure that all avenues are explored, and findings derived. Rinse, repeat. It’s not about the tools… but they help. Everything needs documenting….someone will be going to court and have to defend activities…maybe years away. Self explanatory 
Blue -The approach to incidents. Note the analysis to research cyclic aspect (for the scientists amongst the audiences). Example could be applied to any type of incident/situation, but lets assume a significant security incident. {walkthrough to examples each component} Orange - Then consider the macro level ‘business view’ of whats going on. {Same – examples – brief}
Flipping to the business view Tech & management. Initial notifications or understanding. Something is wrong. Needs explanation. Incident management approach is dusted off  Triage & risk. Typically technical triage to validate notification or suspicions. Likely involving 2nd line technical folks, but as things are established, possibly switching to business stakeholders to perform ad hoc risk reviews / suspected impact assessments. IR escalation. Game on. It’s an incident…SMT / board is involved. Now decisions start to get made for a variety or reasons, all with different drivers. Bias becomes a problem (usually). Crisis managers need to step in to wrangle things. While #3 is taking place, if things are serious enough, leadership would look to manage their reputation. Get the right message out…work with facts and not speculation, carefully frame messages, all the while making decisions. All of this needs one thing – information.
So… information… it’s coming from all directions…but if we step back and consider where the non-traditional sources of some information come from, we see audit. The IA function is one that has been ever present throughout my time in the workforce. They adapt, they evolve, but they’re ever present with the same task.. Rarely seen in incident/investigation situations, but actually valuable. Here’s the story of why…{share story} Not to say my experience either supporting audit, or working with clients to help them through an audit, has always been simple. In fact.. Here’s a visual that best describes the cyber functionsd relationship with auditors, or auditees (depending on your perspective) Its not that there is conflict, but there can be the perception of conflict. Audit (especially internal audit) can be seen as challenging. Folks don’t have time, don’t’ want to have time. Have better things to do, that they are measured on. The business – rightly – see’s IA as just another function and ‘we’re all in it together for the greater good of the organization’, but those on the ground don’t alway’s align. It can create….friction.
…and it’s not surprising. The raft of technology changes that come so rapidly, mean that security and investigative professionals change the way in which they do things, the tools and methods they use, and agile/lean approach's to combat security challenges. We then ask IA to audit those. They don’t always understand them (as they’re new and constantly moving), and the process of auditing becomes frustrating, on both sides.
The question is asked frequently. Audit want to know why something more measurable might not be in place; The business just assume IA can ‘figure it out’. Compliance requirements help to formalize things, but new requirements are coming continuously they will change the landscape. Mandatory breach reporting across Canada and GDPR – while straightforward in description – will have significant upstream affects when one considers how to comply…effectively and efficiently.
So where’s this going. Bridging the audit/operations gap by building a true appreciation for each others role is beneficial. Sharing knowledge about the challenges and perspectives from both sides will result in more positive interactions. When considering incidents and investigations, using operational know how AND drawing on audit knowledge where needed could potentially result in the unthinkable….
A truly collaborative approach! So let me leave you with another short list. If each business unit or party has an appreciation and understanding of the goals, and the challenges faced…things will be better. If ever the opportunity arises to shadow in each others department, do it. Both sides here…accept that cyber approaches now are flexible. They change continuously and traditional approaches need to adapt. Be open to change, and give more time to truly share context around either requirements , architecture, processes etc.. Keep an eye on how others do things. The cyber community is rich with knowledge which is frequently shared. It’s all readily available, so take a few mins a week to understand how things are changing. Don’t assume your way is the right way (it’s just your way). Contribute, don’t just wait to be told. We’re all in it together. We want to protect our organizations in the most sustainable manner. Everyone plays a part, and when things don’t go to plan, or when incidents are occurring it can take the entire team to course correct, put the fires out, and keep moving forward. All under the watchful, and collaborative eye of the audit function 

Cybersecurity, Digital investigations, and the 'unsung' Heroes of Incident Support

Recommended

Recommended

More Related Content

More from PECB

More from PECB (20)

Recently uploaded

Recently uploaded (20)

Cybersecurity, Digital investigations, and the 'unsung' Heroes of Incident Support

Editor's Notes