** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
National Cybersecurity - Roadmap and Action PlanDr David Probert
Analysis, strategies and practical action plans for National Government Cybersecurity based upon the United Nations - International Telecommunications Union - UN/ITU Cybersecurity Framework and their Global Cybersecurity Agenda - GCA.
** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
National Cybersecurity - Roadmap and Action PlanDr David Probert
Analysis, strategies and practical action plans for National Government Cybersecurity based upon the United Nations - International Telecommunications Union - UN/ITU Cybersecurity Framework and their Global Cybersecurity Agenda - GCA.
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
Building an effective Information Security RoadmapElliott Franklin
As company information security functions continue to grow each year with increasing attacks and regulations, how are you handling the
pressure? Are you constantly battling to run the business projects and reacting to customer requests? Have you blocked off a few hours each week
on your calendar to close your email, turn off your phone and try to build, assess and maintain an effective vision for your security team? This
presentation will discuss a cascading approach to creating such a roadmap that is easily understood by executives and has helped gain quick buy
in for multiple enterprise wide security projects.
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesSlideTeam
Information technology experts can now take advantage of How To Handle Cybersecurity Risk PowerPoint Presentation Slides. This information security PPT theme infuses top-quality design with data obtained by industry experts. Explain the present situation of the target firm’s information security management employing this PowerPoint layout. The data visualizations featured here simplify the elucidation of complex data such as the analysis of the current IT department. Showcase the cybersecurity framework roadmap and risks of the internet using our PPT presentation. Elaborate on the cybersecurity risk management action plan using the tabular format via this PowerPoint slideshow. Demonstrate the cybersecurity contingency plan with appreciable ease. Our information security management system PPT templates deck assists you in assigning risk handling responsibilities to the staff. Explain the duties of the management in successful information security governance. This PowerPoint presentation also addresses the cost of cybersecurity management and staff training. Hit the download icon and start personalization. Our How To Handle Cybersecurity Risk PowerPoint Presentation Slides are explicit and effective. They combine clarity and concise expression. https://bit.ly/3o0xDkR
Secrets to managing your Duty of Care in an ever- changing world.
How well do you know your risks?
Are you keeping up with your responsibilities to provide Duty of Care?
How well are you prioritising Cybersecurity initiatives?
Liability for Cybersecurity attacks sits with Executives and Board members who may not have the right level of technical security knowledge. This session will outline what practical steps executives can take to implement a Cybersecurity Roadmap that is aligned with its strategic objectives.
Led by Krist Davood, who has spent over 28 years implementing secure mission critical systems for executives. Krist is an expert in protecting the interconnectedness of technology, intellectual property and information systems, as evidenced through his roles at The Good Guys, Court Services Victoria and Schiavello.
The seminar will cover:
• Fiduciary responsibility
• How to efficiently deal with personal liability and the threat of court action
• The role of a Cybersecurity Executive Dashboard and its ability to simplify risk and amplify informed decision making
• How to identify and bridge the gap between your Cybersecurity Compliance Rating and the threat of court action
Cybersecurity Incident Management Powerpoint Presentation Slides are designed for information technology experts. Our data security PowerPoint theme combines high-quality design with info accumulated by industry experts. Represent the present situation of the target organization’s information security management using our patterned PPT slideshow. The innovative data visualizations aid in compiling data such as the analysis of the current IT department with considerable convenience. Communicate the cybersecurity framework roadmap and kinds of cyber threats with the help of this PowerPoint layout. Demonstrate the cybersecurity risk management action plan through the tabular format included in this PPT presentation. Illustrate the cybersecurity contingency plan. Our information security management system PowerPoint templates deck helps you in defining risk handling responsibilities of your personnel. Elucidate the role of the management in successful information security governance. Our PPT deck also outlines the costs involved in cybersecurity management and staff training. Showcase an impact analysis with a dash of visual brilliance. Smash the download button and start designing. Our Cybersecurity Incident Management Powerpoint Presentation Slides are topically designed to provide an attractive backdrop to any subject. Use them to look like a presentation pro. https://bit.ly/3zWo1hb
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
Main points covered:
• Understanding the inverted economics of cyber security, the incentives for cyber crime and its effect on the growing threat
• Inefficiencies with the traditional approaches to cyber risk assessment and why we are not making more progress in enhancing cyber defenses
• Resetting roles and responsibilities regarding cyber security within organizations
• Developing empirical, cost-effective cyber risk assessments to meet the evolving threat
Our presenter for this webinar is Larry Clinton, the president of the Internet Security Alliance (ISA), a multi-sector association focused on Cybersecurity thought leadership, policy advocacy, and best practices. Mr. Clinton advises both industry and governments around the world. He has twice been listed on the Corporate 100 list of the most influential people in corporate governance. He is the author of The Cyber Risk Handbook for Corporate Boards. PWC has found the use of this Handbook improves cyber budgeting, cyber risk management and helps create a culture of security. The Handbook has been published in the US, Germany, the UK and Latin America. He is currently working on a version for the European Conference of Directors Associations as well as versions for Japan and India. Mr. Clinton also leads ISA, public policy work built around their publication “The Cyber Security Social Contract” which the NATO Center of Cyber Excellence in Estonia asked for a briefing on.
Recorded Webinar: https://www.youtube.com/watch?v=8qVtoqi37X8
MITRE ATT&CK framework is about the framework that is followed by Threat Hunters, Threat Analysts for Threat Modelling purpose, which can be use for Adversary Emulation and Attack Defense. Cybersecurity Analyst widely use it for framing the attack through its various used Tactics and Techniques.
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
Cyber attacks have increased in frequency and severity, and financial institutions are particularly interesting targets to cyber criminals. Join this presentation to learn the latest cybersecurity threats and challenges plaguing the financial industry, and the policies and solutions your organization needs to have in place to protect against them.
Viewers will learn:
• Current trends in Cyber attacks
• FFIEC Cyber Assessment Toolkit
• NIST Cybersecurity Framework principles
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
• Automated approaches to integrate Security into DevOps
About the Presenter:
Ulf Mattsson is the Chief Technology Officer of Security Solutions at Atlantic BT, and earlier at Compliance Engineering. Ulf was the Chief Technology Officer and a founder of Protegrity, He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security, and received a US Green Card of class ‘EB 11 – Individual of Extraordinary Ability’ after endorsement by IBM. Ulf is the inventor of more than 45 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)PwC France
http://bit.ly/Cybersecurite-sept14
Etude mondiale de PwC, CIO et CSO réalisée en ligne du 27 mars 2014 au 25 mai 2014. Les résultats présentés ici sont fondés sur les réponses de plus de 9700 CEO, CFO, CIO, RSSI, les OSC, les vice-présidents et des directeurs de l'information et des pratiques de sécurité de plus de 154 pays.
35 % des répondants sont d'Amérique du Nord, 34 % d'Europe, 14 % d'Asie-Pacifique, 13 % en Amérique du Sud, et 4 % du Moyen-Orient et d’Afrique.
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
Building an effective Information Security RoadmapElliott Franklin
As company information security functions continue to grow each year with increasing attacks and regulations, how are you handling the
pressure? Are you constantly battling to run the business projects and reacting to customer requests? Have you blocked off a few hours each week
on your calendar to close your email, turn off your phone and try to build, assess and maintain an effective vision for your security team? This
presentation will discuss a cascading approach to creating such a roadmap that is easily understood by executives and has helped gain quick buy
in for multiple enterprise wide security projects.
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesSlideTeam
Information technology experts can now take advantage of How To Handle Cybersecurity Risk PowerPoint Presentation Slides. This information security PPT theme infuses top-quality design with data obtained by industry experts. Explain the present situation of the target firm’s information security management employing this PowerPoint layout. The data visualizations featured here simplify the elucidation of complex data such as the analysis of the current IT department. Showcase the cybersecurity framework roadmap and risks of the internet using our PPT presentation. Elaborate on the cybersecurity risk management action plan using the tabular format via this PowerPoint slideshow. Demonstrate the cybersecurity contingency plan with appreciable ease. Our information security management system PPT templates deck assists you in assigning risk handling responsibilities to the staff. Explain the duties of the management in successful information security governance. This PowerPoint presentation also addresses the cost of cybersecurity management and staff training. Hit the download icon and start personalization. Our How To Handle Cybersecurity Risk PowerPoint Presentation Slides are explicit and effective. They combine clarity and concise expression. https://bit.ly/3o0xDkR
Secrets to managing your Duty of Care in an ever- changing world.
How well do you know your risks?
Are you keeping up with your responsibilities to provide Duty of Care?
How well are you prioritising Cybersecurity initiatives?
Liability for Cybersecurity attacks sits with Executives and Board members who may not have the right level of technical security knowledge. This session will outline what practical steps executives can take to implement a Cybersecurity Roadmap that is aligned with its strategic objectives.
Led by Krist Davood, who has spent over 28 years implementing secure mission critical systems for executives. Krist is an expert in protecting the interconnectedness of technology, intellectual property and information systems, as evidenced through his roles at The Good Guys, Court Services Victoria and Schiavello.
The seminar will cover:
• Fiduciary responsibility
• How to efficiently deal with personal liability and the threat of court action
• The role of a Cybersecurity Executive Dashboard and its ability to simplify risk and amplify informed decision making
• How to identify and bridge the gap between your Cybersecurity Compliance Rating and the threat of court action
Cybersecurity Incident Management Powerpoint Presentation Slides are designed for information technology experts. Our data security PowerPoint theme combines high-quality design with info accumulated by industry experts. Represent the present situation of the target organization’s information security management using our patterned PPT slideshow. The innovative data visualizations aid in compiling data such as the analysis of the current IT department with considerable convenience. Communicate the cybersecurity framework roadmap and kinds of cyber threats with the help of this PowerPoint layout. Demonstrate the cybersecurity risk management action plan through the tabular format included in this PPT presentation. Illustrate the cybersecurity contingency plan. Our information security management system PowerPoint templates deck helps you in defining risk handling responsibilities of your personnel. Elucidate the role of the management in successful information security governance. Our PPT deck also outlines the costs involved in cybersecurity management and staff training. Showcase an impact analysis with a dash of visual brilliance. Smash the download button and start designing. Our Cybersecurity Incident Management Powerpoint Presentation Slides are topically designed to provide an attractive backdrop to any subject. Use them to look like a presentation pro. https://bit.ly/3zWo1hb
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
Main points covered:
• Understanding the inverted economics of cyber security, the incentives for cyber crime and its effect on the growing threat
• Inefficiencies with the traditional approaches to cyber risk assessment and why we are not making more progress in enhancing cyber defenses
• Resetting roles and responsibilities regarding cyber security within organizations
• Developing empirical, cost-effective cyber risk assessments to meet the evolving threat
Our presenter for this webinar is Larry Clinton, the president of the Internet Security Alliance (ISA), a multi-sector association focused on Cybersecurity thought leadership, policy advocacy, and best practices. Mr. Clinton advises both industry and governments around the world. He has twice been listed on the Corporate 100 list of the most influential people in corporate governance. He is the author of The Cyber Risk Handbook for Corporate Boards. PWC has found the use of this Handbook improves cyber budgeting, cyber risk management and helps create a culture of security. The Handbook has been published in the US, Germany, the UK and Latin America. He is currently working on a version for the European Conference of Directors Associations as well as versions for Japan and India. Mr. Clinton also leads ISA, public policy work built around their publication “The Cyber Security Social Contract” which the NATO Center of Cyber Excellence in Estonia asked for a briefing on.
Recorded Webinar: https://www.youtube.com/watch?v=8qVtoqi37X8
MITRE ATT&CK framework is about the framework that is followed by Threat Hunters, Threat Analysts for Threat Modelling purpose, which can be use for Adversary Emulation and Attack Defense. Cybersecurity Analyst widely use it for framing the attack through its various used Tactics and Techniques.
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
Cyber attacks have increased in frequency and severity, and financial institutions are particularly interesting targets to cyber criminals. Join this presentation to learn the latest cybersecurity threats and challenges plaguing the financial industry, and the policies and solutions your organization needs to have in place to protect against them.
Viewers will learn:
• Current trends in Cyber attacks
• FFIEC Cyber Assessment Toolkit
• NIST Cybersecurity Framework principles
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
• Automated approaches to integrate Security into DevOps
About the Presenter:
Ulf Mattsson is the Chief Technology Officer of Security Solutions at Atlantic BT, and earlier at Compliance Engineering. Ulf was the Chief Technology Officer and a founder of Protegrity, He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security, and received a US Green Card of class ‘EB 11 – Individual of Extraordinary Ability’ after endorsement by IBM. Ulf is the inventor of more than 45 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)PwC France
http://bit.ly/Cybersecurite-sept14
Etude mondiale de PwC, CIO et CSO réalisée en ligne du 27 mars 2014 au 25 mai 2014. Les résultats présentés ici sont fondés sur les réponses de plus de 9700 CEO, CFO, CIO, RSSI, les OSC, les vice-présidents et des directeurs de l'information et des pratiques de sécurité de plus de 154 pays.
35 % des répondants sont d'Amérique du Nord, 34 % d'Europe, 14 % d'Asie-Pacifique, 13 % en Amérique du Sud, et 4 % du Moyen-Orient et d’Afrique.
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced data privacy and security solutions has become even more critical. French regulators cited GDPR in fining Google $57 million and the U.K.'s Information Commissioner's Office is seeking a $230 million fine against British Airways and seeking $124 million from Marriott. Facebook is setting aside $3 billion to cover the costs of a privacy investigation launched by US regulators.
This session will take a practical approach to address guidance and standards from the Federal Financial Institutions Examination Council (FFIEC), EU GDPR, California CCPA, NIST Risk Management Framework, COBIT and the ISO 31000 Risk management Principles and Guidelines.
Learn how new data privacy and security techniques can help with compliance and data breaches, on-premises, and in public and private clouds.
CSE 2016 Future of Cyber Security by Matthew RosenquistMatthew Rosenquist
Cybersecurity is a difficult and serious endeavor which over time strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone. Peering into the future of cybersecurity provides valuable insights around the challenges and opportunities. The industry is changing rapidly and attackers seem to always be one step ahead.
Presented by Matthew Rosenquist at the 2016 Connected Security Expo (CSE) @ ISC West http://www.connectedsecurityexpo.com/
We Are Instructor Led Online Training Hub.Get access to the world’s best learning experience at our online learning community where millions of learners learn cutting-edge skills to advance their careers, improve their lives, and pursue the work they love. We provide a diverse range of courses, tutorials, resume formats, projects based on real business challenges, and job support to help individuals get started with their professional career.
With cybercrime (like denial of service, malware, phishing, and SQL injection) looming large in our digitized world, penetration testing - and code and application level security testing (SAST and DAST) - are essential for organizations to identify security loopholes in applications and beyond. We provide a guide to the salient standards and techniques for full-spectrum testing to safeguard your data - and reputation.
Your organization is at risk! Upgrade your IT security & IT governance now.Cyril Soeri
The ICT Association Suriname in collaboration with the Telecommunication Authority Suriname (TAS) presented a Cybersecurity awareness session for the members of the Chamber of Commerce. TAS presented the national response to IT incidents by explaining the implementation of the Computer Emergency Response Team (CERT).
New regulations and the evolving cybersecurity technology landscapeUlf Mattsson
As the cyber threat landscape continues to evolve, organizations worldwide are increasing their spend on cybersecurity technology. We have a transition from 3rd party security providers into native cloud security services. The challenge of securing enterprise data assets is increasing. What’s needed to control Cyber Risk and stay Compliant in this evolving landscape?
We will discuss evolving industry standards, how to keep track of your data assets, protect your sensitive data and maintain compliance to new regulations.
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
The global implications of DORA and NIS 2 Directive are significant, extending beyond the European Union.
Amongst others, the webinar covers:
• DORA and its Implications
• Nis 2 Directive and its Implications
• How to leverage directive and regulation as a marketing tool and competitive advantage
• How to use new compliance framework to request additional budget
Presenters:
Christophe Mazzola - Senior Cyber Governance Consultant
Armed with endless Excel files, a meme catalog worthy of the best X'os (formerly twittos), and a risk register to make your favorite risk manager jealous, I swapped my computer scientist cape a few years ago for that of a (cyber) threat hunter with the honorary title of CISO.
Ah, and I am also a quadruple senior certified ISO27001/2/5, Pas mal non ? C'est francais.
Malcolm Xavier
Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc.
His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management.
Date: April 25, 2024
Tags: Information Security, Digital Operational Resilience Act (DORA)
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: Digital Operational Resilience Act (DORA) - EN | PECB
NIS 2 Directive - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityPECB
In an era where digital transformation is inevitable, the landscape of cybersecurity is constantly evolving.
Amongst others, the webinar covers:
• DORA and its Implications
• ISO/IEC 27005: Risk Management in Information Security
• Leveraging Artificial Intelligence for Enhanced Cybersecurity
Presenters:
Geoffrey L. Taylor - Director of Cybersecurity
Geoffrey Taylor brings a wealth of experience from multiple roles within various industries throughout his career. As a Certified ISO 27001 Implementer and Auditor, as well as certified ISO 27005, CISM and CRISC, he brings a unique perspective on cybersecurity strategy, risk management and the implementation of an Information Security Management System, having helped multiple organizations in aligning their strategy based on their threat landscape.
Martin Tully - Senior Cyber Governance Consultant
Martin is a Senior Consultant at CRMG with over twenty years of experience, and has previously been employed at two of the ‘Big Four’ professional services firms. Martin has worked across most industry sectors in the development of the best practice guidance and risk analysis methodologies. Martin is also accomplished at: leading the implementation of an ISMS; delivering a number of information risk assessments; reviewing information security policies; assessing security requirements across the supply chain; and updating a complete framework of supporting standards. Prior to the ISF, Martin’s roles have included delivering operational risk reporting, running research projects and benchmarking information security investments for major clients. Martin holds a Bachelors degree from Royal Holloway University of London.
Date: March 27, 2024
Tags: ISO, ISO/IEC 27005, ISO/IEC 42001, Artificial Intelligence, Information Security, Digital Operational Resilience Act (DORA)
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27005 Information Security Risk Management - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/ffX-Xbw7XUk
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernancePECB
In today’s rapidly evolving world, where Artificial Intelligence (AI) not only drives innovation but also presents unique challenges and opportunities, staying ahead means being informed.
Amongst others, the webinar covers:
• ISO/IEC 27001 and ISO/IEC 42001 and their key components
• Latest trends in AI Governance
• Ethical AI practices
• Benefits of Certification
Presenters:
Jeffrey Bankard - Cybersecurity & AI Leader, AI Management Systems: ISO/IEC 42001
Jeffrey provides executive leadership for AI product creation through the product incubation unit (PIU). Ensures the timely delivery of AI consulting engagements through cross-functional teams comprised of senior information and network security leaders to establish strategic goals for improving the security architecture and risk posture for clients. Consults with business leaders to define key performance indicators and service levels. Fosters employee development through mentoring and coaching. Decides how to achieve results within the organization’s strategic plans, policies, and guidelines. Develops new products and secures those products through current AI security guidelines (ISO 42001).
Adrian Resag - Experienced in Risk and Control - ISO/IEC 27001 and ISO/IEC 42001
Adrian believes a stimulating career can span many disciplines and that leading organizations value versatile professionals. He has enjoyed managing teams spanning the globe by working in world-leading organizations as Chief Audit Executive, Head of Risk Management, Information Systems Auditor, Head of Internal Control, as a consultant, a statutory auditor and an accountant. To allow such a diverse career, his approach has been to pursue certifications in many fields (making him one of the most qualified and certified in some of them). He has written books and created professional certifications in audit & assurance and compliance & ethics, and teaches in subjects from information security to risk management. With a passion for education, Adrian founded an educational institution and has taught tens of thousands of students and professionals online, in companies, universities and in governmental organizations.
Date: February 28, 2024
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
YouTube video: https://youtu.be/DujXaxBhhRk
The importance of a robust cybersecurity strategy cannot be overstated. Learning on the effective measures to be taken and tools needed to navigate the evolving cybersecurity landscape successfully is essential.
Amongst others, the webinar covers:
• ISO/IEC 27002 and ISO/IEC 27032 and their key components
• Key Components of a Resilient Cybersecurity Strategy
• CMMC Frameworks
Presenters:
Dr. Oz Erdem
Governance, Risk and Compliance (GRC) consultant, trainer, auditor, and speaker
Dr. Erdem has over 25 years of experience in information security, trade compliance, data privacy, and risk management. He took leadership roles in governance and compliance at various Fortune 100-500 companies and SMBs, including Siemens Corporation, Siemens Industry, Linqs, Texas Instruments, Rtrust, ICEsoft Technologies, NATO C3A, and BILGEM. In addition, successfully managed software development (i.e., embedded, cloud, and SaaS) and digital product projects involving information security, mobile networks, and IoT networks. Further, Dr. Erdem led several non-profit organizations, such as National Association of District Export Councils (NADEC), Government Contractors Council (GovConCouncil), and Central-North Florida District Export Council as the Chairman of the Board.
Peter Geelen
Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
George Usi - CEO of Omnistruct
An internet pioneer and award-winning leader in internet governance with over 25 years of experience, George Usi knows that getting hacked is not a matter of ‘if’ but, ‘when’ and the fiscal and reputational effects that has on a business, the executives, and the board. George is the Co-Founder of Omnistruct, a cyber risk company. Omnistruct protects and expands revenue creation, reputation, and customer retention through cyber risk transference, governance, and compliance. We ensure that security and privacy programs work.
Date: January 24, 2024
YouTube Video: https://youtu.be/9i5p5WFExT4
Website: https://bit.ly/3SjovIP
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...PECB
As we approach the new year, the importance of a robust cybersecurity strategy cannot be overstated. Learning on the effective measures to be taken and tools needed to navigate the evolving cybersecurity landscape successfully is essential.
Amongst others, the webinar covers:
• ISO/IEC 27001 and ISO/IEC 27035 and their key components
• Key Components of a Resilient Cybersecurity Strategy
• Best practices for building a resilient cybersecurity strategy in 2024
Presenters:
Rinske Geerlings
Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer.
She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs)
Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents.
She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk.
Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions.
Loris Mansiamina
A Senior GRC Professional consultant for Small, Medium and large companies. Over 10 years, Loris has been assisting clients in both public and private sectors about various matters relating to Gouvernance, Risk Management and Compliance (GRC), Digital transformation, cyber security program management, ISO 27k & ISO 20k implementation, COBIT & ITIL implementation, etc.
Date: December 19, 2023
Tags: ISO, ISO/IEC 27001, ISO/IEC 27035, Cybersecurity, Information Security
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
ISO/IEC 27035 Information Security Incident Management - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/yT8gxRZD_4c
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyPECB
In today's rapidly evolving digital landscape, the integration of artificial intelligence (AI) in business processes is becoming increasingly essential. Hence, it is crucial to stay informed and prepared.
Amongst others, the webinar covers:
• ISO/IEC 27005 and ISO/IEC 27001 and their key components
• The standard’s alignment
• Identifying AI risks and vulnerabilities
• Implementing effective risk management strategies
Presenters:
Sabrina Feddal
With more than 16 years of background in operational security, telco as engineer and project manager for major international companies. I have founded Probe I.T in 2016 to provide my customers (both national and international) with GRC services. Winner of the 2020 award, the CEFCYS – Main French Women in cybersecurity association - jury's favorite, she remains committed on a daily basis to maintaining diversity and gender diversity in her teams.
Passionate about Law, History & Cybersecurity. She has several professional certifications acquired over the course of her career: Prince2, CISSP, Lead Implementer ISO27001, Risk Manager, University degree in Cybercrime and Digital Investigation.
Her values: excellence, discretion, professionalism.
Mike Boutwell
Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects.
Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director.
Date: November 22, 2023
Tags: ISO, ISO/IEC 27001, ISO/IEC 27005, Cybersecurity, Information Security
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
ISO/IEC 27005 Information Security Risk Management - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/TtnY1vzHzns
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...PECB
In today's digital age, cybersecurity is more critical than ever. Hence, it is crucial to stay informed and prepared.
Amongst others, the webinar covers:
• ISO/IEC 27032:2023 and ISO/IEC 27701 and their key components
• The standard’s alignment
• Emerging Cybersecurity Threats
• What is new to the ISO/IEC 27032:2023
Presenters:
Madhu Maganti
Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes.
Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting.
Jeffrey Crump
Mr. Jeffrey Crump is the Principal Consultant at Arizona-based Cyber Security Training and Consulting LLC and a graduate of the Certified NIS 2 Directive Lead Implementer course. He is a Certified CMMC Assessor, Certified CMMC Professional, and Instructor. Mr. Crump is also the author of Cyber Crisis Management Planning: How to reduce cyber risk and increase organizational resilience. His book has been expanded into a triad of certification courses on cyber crisis planning, exercises, and leadership.
Date: October 25, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/a21uasr8aLs
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationPECB
Cybersecurity is an ongoing journey. The regular update and improvement of security measures is essential to stay ahead of evolving threats.
Amongst others, the webinar covers:
• Benefits of Compliance
• Digital Transformation: Why
• ISO/IEC 27001 and ISO/IEC 27032
• ISO/IEC 27001: Information Security Management System (ISMS)
• ISO/IEC 27032: Cybersecurity Framework
Presenters:
Douglas Brush
Douglas Brush is a federally court-appointed Special Master, and Court Appointed Neutral expert in high-profile litigation matters involving privacy, security, and eDiscovery.
He is an information security executive with over 30 years of entrepreneurship and professional technology experience. He is a globally recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to serving as a CISO and leading enterprise security assessments, he has conducted hundreds of investigations involving hacking, data breaches, trade secret theft, employee malfeasance, and various other legal and compliance issues.
He is the founder and host of Cyber Security Interviews, a popular information security podcast.
Douglas is also committed to raising awareness about mental health, self-care, neurodiversity, diversity, equity, and inclusion, in the information security industry.
Malcolm Xavier
Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc.
His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management.
Carole Njoya
Founder in 2018 of Alcees, a Paris-based management consulting fabric specialized in cybersecurity, data privacy governance and digital trust, Carole Njoya provides independent, tailored and expert advisory to companies doing business in European markets and serving both B2B and B2C customers. With more than 100 cybersecurity projects delivered, she assists entities in preparing, implementing and maintaining the right best practices under the ISO 27001 compliance framework and GDPR article 25 obligation (Privacy by design) for their vendors. Carole Njoya featured in the « Women Know Cybersecurity » 2019 Twitter list edited by Cybercrime Magazine. Carole Njoya is committed in science and engineering since pre-teen period.
Date: September 27, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
YouTube video: https://youtu.be/U7tyzUrh8aI
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsPECB
The management of AI systems is a shared responsibility. By implementing the ISO 31000 Framework and complying with emerging regulations like the EU ACT, we can jointly create a more reliable, secure, and trustworthy AI ecosystem.
Amongst others, the webinar covers:
• Understanding AI and the regulatory landscape
• AI and the threat landscape
• A risk driven approach to AI assurance - based on ISO 31000 principles
• Stress testing to evaluate risk exposure
Presenters:
Chris Jefferson
Chris is the Co-Founder and CTO at Advai. As the Co-Founder of Advai, Chris is working on the application of defensive techniques to help protect AI and Machine Learning applications from being exploited. This involves work in DevOps and MLOps to create robust and consistent products that support multiple platforms, such as cloud, local, and edge.
Nick Frost
Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense that prioritized key risks to the organisation and helped minimize disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management.
Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicist in the Oil and Gas Industry.
Date: August 24, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/MXnHC6AvjXc
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
Generative AI offers great opportunities for innovation in various industries. Hence, by adopting ISO/IEC 27032, you can enhance your cybersecurity resilience and efficiently address the risks associated with generative AI.
Amongst others, the webinar covers:
• AI & Privacy
• Generative AI, Models & Cybersecurity
• AI & ISO/IEC 27032
Presenters:
Christian Grafenauer
Anonymization expert, privacy engineer, data protection officer, LegalTech researcher (GDPR, Blockchain, AI) Christian Grafenauer is an accomplished privacy engineer, anonymization expert, and computer science specialist, currently serving as the project lead for anonymity assessments at techgdpr. With an extensive background as a senior architect in Blockchain for IBM and years of research in the field since 2013, Christian co-founded privacy by Blockchain design to explore the potential of Blockchain technology in revolutionizing privacy and internet infrastructure. As a dedicated advocate for integrating legal and computer science disciplines, Christian’s expertise in anonymization and GDPR compliance enables innovative AI applications, ensuring a seamless fusion of technology and governance, particularly in the realm of smart contracts. In his role at techgdpr, he supports technical compliance, Blockchain, and AI initiatives, along with anonymity assessments. Christian also represents consumer interests as a member of the national Blockchain and DTL standardization committee at din (German standardization institute) in ISO/TC 307.
Akin Johnson
Akin J. Johnson is a renowned Cybersecurity Expert, known for his expertise in protecting digital systems from potential threats. With over a decade of experience in the field, Akin has developed a deep understanding of the ever-evolving cyber landscape.
Akin is an advocate for cybersecurity awareness and frequently shares his knowledge through speaking engagements, workshops, and publications. He firmly believes in the importance of educating individuals and organizations on the best practices for safeguarding their digital assets.
Lucas Falivene
Lucas is a highly experienced cybersecurity professional with a solid base in business, information systems, information security, and cybersecurity policy-making. A former Fulbright scholar with a Master of Science degree in Information Security Policy and Management at Carnegie Mellon University (Highest distinction) and a Master's degree in Information Security at the University of Buenos Aires (Class rank 1st). Lucas has participated in several trainings conducted by the FBI, INTERPOL, OAS, and SEI/CERT as well as in the development of 4 cyber ISO national standards.
Date: July 26, 2023
YouTube Link: https://youtu.be/QPDcROniUcc
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
By embracing the importance of GDPR and leveraging ISO/IEC 27701, you can enhance your data protection practices, achieve compliance, and minimize the risk of penalties.
Amongst others, the webinar covers:
Importance of Data Protection
Understanding Data Collection and Challenges
Introduction to GDPR
Key Principles of GDPR
Who does GDPR Apply to and Its Global Implications
Introduction to ISO/IEC 27701
Implementing ISO/IEC 27701
Privacy by Design
Dealing with IT on a Daily Basis
Building Awareness and Training
Audit, Data Discovery, and Risk Assessments
Presenters:
Mike Boutwell
Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects.
Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director.
Lisa Goldsmith
Lisa Goldsmith is the founder of LJ Digital and Data Consultancy. Lisa has over 23 years’ experience of supporting leadership teams in membership, charity, and wider not-for-profit organisations to simplify their IT and digital strategy that allows them to sleep soundly at night, knowing their systems and processes are fit for purpose, GDPR compliant, secure and that they deliver value to staff, members, and stakeholders.
Prior to starting her own consultancy, Lisa gained extensive experience working for membership organisations and has knowledge and expertise at all levels of operations from working within careers and qualifications teams, as Membership Manager, as Head of Digital & IT for delivering large-scale digital, IT and GDPR compliance projects and serving on several Senior Leadership Teams. Lisa is also currently a Trustee of the BCLA and Groundwork East.
Date: June 27, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/lfJrSLaGDtc
Website: https://bit.ly/437GOnG
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...PECB
The EU has implemented a range of regulations aimed at strengthening its cybersecurity posture. In this context, the ISO/IEC 27001 standard offers a comprehensive framework for managing and safeguarding sensitive information, such as personal data.
Amongst others, the webinar covers:
• Quick recap on the ISO/IEC 27001:2013 & 2022
• ISO/IEC 27001 vs legislation
• The EU Cyber Legislation landscape
• Some considerations and consequences
• How to stay on top of the ever changing context
Presenters:
Peter Geelen
Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Jean-Luc Peters
Jean-Luc Peters brings 25 years of IT technology, information and cybersecurity expertise to boards, executives, and employees. Since the younger age he has held management positions in the private and government sector. He is currently the Head of the Cyber Emergency Response team for the National Cybersecurity Authority in Belgium. In addition to this, he is also a trainer, coach and trusted advisor focusing on enhancing cyber resilience.
Jean-Luc has helped in the technical implementation of the NIS 1 (Network and Information Security) Directive transposition in Belgium, defining the Baseline Security Guidelines governmental ISMS framework and many other projects. He holds several certifications, including ISO/IEC 27001 Lead Implementer, ISO/IEC 27005 Auditor, CISSP, GISP, Prince 2 Practitioner, ITIL etc.
Date: May 31, 2023
Tags: ISO, ISO/IEC 27001, Information Security, Cybersecurity
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/rsjwwF5zlK8
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
To protect your organization from cyber attacks, you need to implement a robust information security management system (ISMS) and business continuity management system (BCMS) based on international standards, such as ISO/IEC 27001 and ISO 22301.
Amongst others, the webinar covers:
• Why we need a cyber response plan to protect business operations
• Introduction to ISO/IEC 27001 and ISO 22301
• What do we need for a cyber security response plan?
• How do we develop a cyber security response plan?
Presenters:
Nick Frost
Nick Frost is Co-founder and Lead Consultant at CRMG.
Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant.
In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense, that prioritise key risks to the organisation and helped minimise disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management.
Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicst in the Oil and Gas Industry.
Simon Lacey
Simon is a resourceful, creative Information & Cyber Security professional with a proven track record of instigating change, disrupting the status quo, influencing stakeholders and developing ‘big picture’ vision across business populations. Multiple industry experience; excels in building stakeholder engagement & consensus; and suporting organisations to make sustainable change.
Simon also has considerable experience of risk management, education and awareness, strategy development and consulting to senior management and is a confident and engaging public speaker.
Simon has previously worked within the NHS, Bank of England and BUPA, before setting out as an independent consultan forming Oliver Lacey Limited, supporting clients in multiple business sectors.
When not working, Simon loves to run – currently training for the Berlin Marathon, a Director of Aylesbury United Football Club, records vlogs and is an experienced standup comic.
Date: April 26, 2023
Find out more about ISO training and certification services
Training: https://bit.ly/3AyoyYF
https://bit.ly/3LbBVTx
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
YouTube video: https://youtu.be/i4qx5mjEqio
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...PECB
Integrating ISO/IEC 27001 and ISO 31000 can help organizations align their information security and risk management efforts with their overall business objectives, leading to more effective risk management and better decision-making.
Amongst others, the webinar covers:
• Aligning the ISMS process with ISO/IEC 27001
• Using ISO 31000 within the ISMS
• Aligning the RM process with ISO 31000
• How/where does ISO/IEC 27001 fit?
Presenters:
Nick Riemsdijk
As a highly experienced and multi-skilled leader in Information and Physical Security, Nick is known as a collaborative, focused, driven and highly analytical individual with a broad portfolio of successes in client engagements. His expertise spans devising, implementing, managing and delivering information security, physical security, organizational resilience and facilities management solutions for organizations. He is certified as a Certified Information Security Manager (CISM), Certified Protection Professional (CPP), in Project Management (Prince2), ISO 22301 (Business Continuity), ISO 27001 (Information Security), and ISO 31000 (Risk Management).
Rinske Geerlings
Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer.
She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs)
Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents.
She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk.
Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions.
Date: March 23, 2023
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
YouTube video: https://youtu.be/Xj0U2mbpZUs
IT Governance and Information Security – How do they map?PECB
Effective IT Governance requires proper Information Security practices to ensure that the organization's data is secure. On the other hand, Information Security policies and procedures must be aligned with the organization's overall IT Governance framework to ensure that security measures do not negatively impact business operations.
Amongst others, the webinar covers:
▪ Bring Governance and InfoSec Together
▪ Answering WIIFM
▪ Business Terms
Presenters:
Dr. Edward Marchewka
Dr. Edward Marchewka is a seasoned executive that has come up through the ranks in the IT vertical, expanding into information security, quality management, and strategic planning.
Edward founded and serves as the Principal for 3LC Solutions, enabling YOU to Tell a Better Story in business, with our vCIO, vCISO, quality, and strategy consulting services, through metrics and relating risk to the business with our CHICAGO Metrics® SaaS solution.
He has also held several roles leading information technology, most recently with Gift of Hope Organ and Tissue Donor Network, leading the Information and Technology Services department as the Director of IT, Data, and Security Services. Prior to Gift of Hope, he ran information security for Chicago Public Schools.
Edward has earned a Doctorate of Business Administration from California Southern University and Masters’ degrees in Business Administration and Mathematics from Northern Illinois University. He earned Bachelors’ degrees in Liberal Studies and Nuclear Engineering Technologies from Thomas Edison State College, N.J. Edward maintains several active IT, security, and professional certifications from (ISC)2, ASQ, ITIL, PCI, PMI, ISACA, Microsoft, and CompTIA. He has held legacy IT certifications from Cisco and HP, and a designation from the National Security Agency.
Date: February 22, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-38500
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/2bSbAdL5Idg
Student Information Session University Digital Encode.pptxPECB
oin us as our Director for Business Mustafe Bislimi teams up with Dr. Obadare Peter Adewale, our academic partner Digital Encode Limited, to provide valuable information about our programs, admissions process and specialization and elective courses.
Discover the opportunities available to you as a student at PECB University and get a firsthand look at what makes us a top choice for education.
Whether you're a prospective student or simply curious about PECB University, don't miss this informative session! Subscribe to our channel and stay tuned for more videos.
For inquiries regarding admission process contact us: university.studentaffairs@pecb.com
-EMBA in Cybersecurity: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbHJQUUpjMmY2NmcyeURhTzE5VlRSNjg2Y1hwd3xBQ3Jtc0tuLTZqdmZyWkc2VVNQV21YRTlKZUQ2SEtUenNXbzYyb1ZianV5cldDYTViWjZ1eVhCNWtxWHI3VTNwRS1BOE4wTERkZ3BtcndwM0sxdVoydWZYSXBkV2hYd2lwU0NLSTk5WERWMlhtVk1Ud2tuWTRjTQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fcybersecurity&v=3YJbbr708pk
-EMBA in Business Continuity Management: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa3JQTGVhd1VfeG1weWNzUzRrMmg2bk0tc3kxUXxBQ3Jtc0tsOVF5VG82TkhRU3R5TVRWWmdhMzBrSTU2eW9wby1OYWN4VTg5bkJBY0lhTmNsOFhETzB5cVp0WU8zbTQwTlZkdk9Dby1fSXdhWmRpZFFPUmk3NS1QOGpMOVBlaDFhVVpwa2JZMkxKNGRnTnppMm93SQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fbusiness-continuity-management&v=3YJbbr708pk
-EMBA in Governance, Risk, and Compliance: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbUplMGtjOFRWbzdGWERmdTR2QjdSbTBuQUxCd3xBQ3Jtc0tsNVdOU1p6UERWM3ZySE55V2FlWlJ1aFlzUU85VEt0aVRoR0hyTjNHbUNVYVMyb0lzTkZycUtJRzNxazlDWGRqTHZQMWJPZEYwbG1xWjVJN1JNOW1QUjJBZDY3NkU5LVl0b2xxOFpkZW1ZX2F3QmF5cw&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fgovernance-risk-compliance&v=3YJbbr708pk
Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets.
Amongst others, the webinar covers:
• Top Cyber Trends for 2023
• Cyber Insurance
• Prioritization of Cyber Risk
Presenters:
Colleen Lennox
Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job!
Madhu Maganti
Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes.
Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting.
Date: January 25, 2023
Tags: ISO, ISO/IEC 27032, Cybersecurity Management
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
https://pecb.com/article/cybersecurity-risk-assessment
https://pecb.com/article/a-deeper-understanding-of-cybersecurity
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/BAAl_PI9uRc
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
2. 2
MBA, PhD
Michael C. Redmond
Certified as Lead Implementer
ISO/IEC 27001 Information Security Management
ISO/IEC 27032 Lead Cyber Security Manager
ISO/IEC 27035 Security Incident Response
ISO/IEC 22301 Business Continuity Management Systems
ISO/IEC 21500 Lead Project Manager
ISO 31000 Risk Management
ISO 55001 Asset Management
ISO/IEC 14001 Environment Management
ISO 9001 Quality Management
ISO 26000 Social Responsibility
ISO 37001 Anti-Bribery Management Systems
Certified Implementer – Foundation
ISO 22316 Security and Resiliency Management
ISO 22320 Emergency Management
ISO 20700 Management Consultancy Services
Certified as Lead Auditor:
ISO/IEC 27001 Information Security Management
ISO/IEC 22301 Business Continuity Management Systems
ISO 55001 Asset Management
ISO/IEC 14001 Environmental Management
ISO 9001 Quality Management
ISO 26000 Social Responsibility
Other Certifications:
Masters Business Continuity Planning (Disaster Recovery Institute) – MBCP
Masters Business Continuity Planning (Business Continuity Institute) – FBCI
Certified Emergency Manager – CEM
Certified Project Manager – PMP
Certified Trainer PECB
3. 3
Attacks Are Not IF But WHEN
Many companies, hospitals, schools,
Governments and more are getting
hacked
The number of data breaches
reported increase each year
Measures against these types of security
incidents are on the rise in companies.
5. 5
Massive Cyber Attack hit 104 Countries
May 2017 WannaCry
New family of ransomware called WannaCry has infected over 140,000
computers worldwide. This piece of ransomware is based on a zero-day
exploit that helps it jump from one infected computer to another and encrypt
all the information stored on it.
A little background information about this new threat: Unlike other
ransomware families, the WannaCry strain does not spread via infected e-
mails or infected links. Instead, it takes advantage of a security hole in most
Windows versions to automatically execute itself on the victim PC.
According to various reports, this attack avenue has been developed by the
National Security Agency (NSA) in the US as a cyber-weapon and it was
leaked to the public earlier in April along with other classified data allegedly
stolen from the agency.
A number of hospitals, telecom companies, gas and utilities plants suffered
massive disruptions caused by data being held at ransom.
6. 6
How It Was Stopped
LONDON (AP) -- The cyberattack that spread malicious software around the world,
shutting down networks at hospitals, banks and government agencies, was thwarted
by a young British researcher and an inexpensive domain registration, with help from
another 20-something security engineer in the U.S.
Britain's National Cyber Security Center and others were hailing the cybersecurity
researcher, a 22-year-old identified online only as MalwareTech, who —
unintentionally at first — discovered a so-called "kill switch" that halted the
unprecedented outbreak.
By then the "ransomware" attack had crippled Britain's hospital network and
computer systems in several countries in an effort to extort money from computer
users. But the researcher's actions may have saved companies and governments
millions of dollars and slowed the outbreak before computers in the U.S. were more
widely affected.
MalwareTech, who works for cybersecurity firm Kryptos Logic, is part of a large global
cybersecurity community who are constantly watching for attacks and working
together to stop or prevent them, often sharing information via Twitter. It's not
uncommon for them to use aliases, either to protect themselves from retaliatory
attacks or for privacy.
7. 7
On Dec 14 2014, Dutch government website outage
caused by cyber attack
Cyber attackers crippled the Dutch government's main websites for most of
Tuesday and back-up plans proved ineffective, exposing the vulnerability of
critical infrastructure at a time of heightened concern about online security.
The outage at 0900 GMT lasted more than seven hours and on Wednesday
the government confirmed it was a cyber attack.
8. 8
LinkedIn, Drop Box and Formspring
The US attorney's office in San Francisco on Friday (21 October, 2016)
announced that the 29-year-old Russian man – Yevgeniy Nikulin – who was
arrested in Czech Republic, was indicted by a federal grand jury on
Thursday on multiple charges including computer intrusion, aggravated
identity theft and conspiracy.
Nikulin was accused of hacking and stealing information from the computer
systems at three Bay Area technology companies – LinkedIn, Drop Box
and Formspring.
LinkedIn breach was executed over just two days in 2012 from 3-4
March
Dropbox hack allegedly took place over more than two months, from
14 May to July 25 in 2012
Formspring - Social media network Formspring, which shut down in
March 2013, allowed users to ask or answer questions about anything.
Working with unnamed co-conspirators, Nikulin allegedly tried to sell
the Formspring user credential database for €5,500 (about $7,000) in
2012
9. 9
2013 Verizon Data Breach Investigations
Report
2012, 66 percent of
breaches that led to data
compromise within “days” or
less remained undiscovered
for months or more
In 69 percent of the cases,
a third party discovered
the breach
10. 10
In 2012, Global Payments Inc. Data Breach
Affected 1.5 Million
Nearly 1.5 million consumers were affected by
hackers accessing Global Payments Inc.’s payment
processing system in January and February.
resource.onlinetech.com/global-payments-inc-pci-data-breach-affects-1-5-million
12. 12
Two Years ago World Economic Forum
Global Technology Risks for 2016
According to the World Economic Forum’s global risk perspectives survey
for 2016, Cyberattacks were listed in the top five risks in 27 world
economies.
“The internet has opened a new frontier in warfare: Everything is networked
and anything networked can be hacked.”
13. 13
Hackers Read The Same Publications
That We Do
Cnet
CSO
Dark Reading
eWeek
Krebs on Security
Network World
Search Security
Techweb
Threatpost
15. 15
Efficient Incident Response Program allows
an organization
Maintain
continuous
operations.
Mitigate
revenue
Respond with
speed and
agility
Maintain
continuous
operations.
Mitigate
revenue loss
Mitigate fines
Mitigate
lawsuits
16. 16
Different Plans Sound Similar
CIRP Computer Incident Response Plan
CSIRP Cyber Security Incident Response Plan
CSIRT Cyber Security Incident Response Team
ISIRT per ISO 27035
17. 17
Why CSIRT
Security breaches and subsequent fraud are increasing in frequency and
scale.
While financial institutions, retailers, healthcare providers, and other
targeted organizations are doing everything possible to remain one step
ahead of cyber criminals, these incidents will likely continue to happen
putting sensitive information at risk.
While you can’t always prevent a breach, quick response can minimize
reputation damage and financial impact.
Proactive and timely account holder communication can help reduce
costs, including those associated with increased call center activity,
customer education, brand repair campaigns, regulatory compliance, and
the expense of covering customer losses.
18. 18
CSIRT Program
Information Security, Governance & Risk, are all
critical aspects of planning and execution of the
Cyber Information Security Response Program.
Who in your organization has key responsibility
to develop a program?
20. 20
Cyber Response Getting Started
Adopt a systematic
approach to risk tracking to
enhance the effectiveness
of the Cyber Incident
Program
• Outline the critical actions to take if
an event affects the company or its
partners
• Understand your organizations’
susceptibility to a Cyber Attack
• Cyber Incident Response: Getting
started, research, training, testing
and maintaining
21. 21
Knowledge
1. Knowledge incident analysis processes and relevant legal, regulatory and
business issues
2. Knowledge of effective communication and the communication strategies
that can be adopted during an incidents
3. Knowledge of Crisis Management and Business Continuity and how to align
with these processes
4. Knowledge of investigations and the principles of forensics investigations
including protecting the chain of custody
5. Knowledge of the roles of the Incident Management Team and when such
members are involved in Incident Handling.
From: PECB ISO 27035 Test Preparation
22. 22
Standards
• ISO 2700 (Requirements)
• ISO 27035 Incident Response
• And so many more
Standards and Best
Practices
• COBIT (Framework for IT Governance and Controls)
• ISO 27005 (Information Security Risk Management)
• ITIL(Framework: Identifying, planning, delivering,
supporting IT for Business Functions)
Maintaining
23. 23
ISO and Information Security
27001 Information Security Requirements
27002 Code of Practice Information Security Management
27003 Information Security Management System Implementation Guidance
27004 Information Security Measurement
27005 Information Security Risk Management
27006 Requirements Audit and Certification ISO
24. 24
Cyber Defense and Response
An organization’s
security policy and
controls must be
adaptable to
emerging threats in
todays world.
The assessment of
security threats is
ongoing, and must
be mapped against
the adequacy and
existence of
security controls.
Security controls
and
countermeasures
that are currently in
in place may not
commensurate with
potential risks.
The effort is never
ending, but
knowing how to
start is they key.
26. 26
Phases ISO 27035 Incident Response
Prepare to deal with incidents e.g. prepare an incident management policy,
and establish a competent team to deal with incidents;
Identify and report information security incidents;
Assess incidents and make decisions about how they are to be addressed
e.g. patch things up and get back to business quickly, or collect forensic
evidence even if it delays resolving the issues;
Respond to incidents i.e. contain them, investigate them and resolve them;
Learn the lessons - more than simply identifying the things that might have
been done better, this stage involves actually making changes that improve
the processes.
27. 27
Motivators
Increase in the number of computer security incidents
being reported
Increase in the number and type of organizations being
affected by computer security incidents
More focused awareness by organizations on the need for
security policies and practices as part of their overall risk-
management strategies
New laws and regulations that impact how organizations are
required to protect information assets
Realization that systems and network administrators alone
cannot protect organizational systems and assets
28. 28
Questions For Thought
Which regulations, guidelines and white papers did you use in preparing your Cyber Incident
Response Plan?
What are your 5 top tiered Cyber Risks?
Do you have separate plan for Breach?
How did you approach developing the Incident Plan?
How do you conduct incident training?
How often do you do testing for Incident Response?
What types of tests do you perform?
How often do you conduct Incident Response testing?
Do you conduct testing jointly with Disaster Recovery tests or as a separate Cyber Incident
Response Test?
How are Incident Response tests evaluated?
What part does audit have in your Incident Response planning and testing?
What areas do you engage in your planning i.e. Legal, Unix?
Do you use simulation software in testing and if so which one(s)?
What automatic processes do you have in place to help with Incident Response?
29. 29
Cyber Defense and Response
An organization’s
security policy and
controls must be
adaptable to
emerging threats in
todays world.
The assessment of
security threats is
ongoing, and must
be mapped against
the adequacy and
existence of
security controls.
Security controls
and
countermeasures
that are currently in
in place may not
commensurate with
potential risks.
The effort is never
ending, but
knowing how to
start is they key.
30. 30
Summary of ISO 27035
Establish information security incident management policy
Updating of information security and risk management policies
Creating information security incident management plan
Establishing an Incident Response Team (IRT) [aka CSIRT]
Defining technical and other support
Creating information security incident awareness and training
Testing (or rather exercising) the information security incident management
plan
Lesson learned
31. 31
Benefit of Structured Approach
Improve overall security
Reduce adverse business impacts
Strengthen the Information Security Incident Prevention Focus
Strengthen Prioritization
Strengthen Evidence
32. 32
Managing Incidents Effectively
Detective and corrective controls designed to recognize and respond to
events and incidents, minimize adverse impacts
Gather forensic evidence (where applicable)
And in due course ‘learn the lessons’ in terms of prompting improvements
to the ISMS
Typically by improving the preventive controls or other risk
treatments
35. 35
Integrate CSIRT into IS
Integrate CSIRT
Management with Enterprise
Risk Management
Use common business
terminology, congruent
methods, and common or
linked risk register, and
establishing mechanisms for
risk acceptance.
Build CSIRT regulation
review process schedule and
regulation requirements.
36. 36
Gap Knowledge
To what
degree we
understand
the security
risks
How well we
are protected
What security
incidents we
can expect
To what
degree the
organization is
prepared to
respond to
security
incidents
To what
degree the
organization
can respond
to security
incidents,
without
suffering
damage
To what
degree the
organization
can ensure
timely and
sufficient
response
37. 37
Risk
While financial institutions, retailers, healthcare providers,
and other targeted organizations are doing everything
possible to remain one step ahead of cyber criminals, these
incidents will likely continue to happen putting sensitive
information at risk.
38. 38
Mitigation To Tell Employees
Set your computers to auto lock with password if not in use for 5 minutes – this way, if an employee leaves their computer no one will be able
to access it.
Avoid using USB flash drives – they are the best way to get your computer infected, because very often anti-virus programs cannot detect such
malicious code.
Make sure you protect your mobile device with a good password, because if it gets stolen, the thief will be able to access your email, and with
your email he will be able to change passwords to your cloud services and consequently access all your data stored in the cloud.
Use password managers, which will enable you to save passwords for your different services and applications, because if you used the same
password for all of them, the breach of only one password enables the criminals to access all of your accounts; password managers also enable
you to use complex passwords for each of your services. And yes, those password managers are available for mobile devices, too.
Use VPN service for connecting to the Internet so that your passwords and other sensitive information are protected when transferred over the
network; this is especially important if you’re using a Wi-Fi connection that you cannot fully trust.
Use 2-factor authentication when connecting to important cloud services like Gmail, Dropbox, or similar – so even if someone steals your
password, he wouldn’t be able to access your sensitive information. These 2-factor authentication systems can work together with your phone
(by sending you a text message), or with special USB keys, without which access to a system wouldn’t be possible.
Encrypt the data stored on your hard drive, so that if it gets stolen the thieves won’t be able to read it; you can also encrypt data stored in a
cloud – there are some specialized cloud companies offering this kind of service.
Update your software – you should do this regularly, as soon as a security patch is published; the best route would be to set up automatic
updates.
39. 39
"Outsourcing Technology Services "
Many institutions depend on third-party service providers to perform or
support critical operations.
These institutions should recognize that using such providers does not
relieve the financial institution of its responsibility to ensure that outsourced
activities are conducted in a safe and sound manner.
The responsibility for properly overseeing outsourced relationships lies with
the institution's board of directors and senior management.
An effective third-party management program should provide the framework
for management to identify, measure, monitor, and mitigate the risks
associated with outsourcing.
41. 41
Records* ISO 27001:2013 clause number
Records of training, skills, experience and qualifications 7.2
Monitoring and measurement results 9.1
Internal audit program 9.2
Results of internal audits 9.2
42. 42
Some Mitigations
Build and maintain a secure network: Install and maintain a firewall and use unique, high-
security passwords with special care to replace default passwords.
Protect cardholder data: Whenever possible, do not store cardholder data. If there is a business
need, you must protect this data. You must also encrypt any data passed across public networks,
including your shopping cart and Web-hosting providers, and when communicating with
customers.
Maintain a vulnerability management program: Use an anti-virus software program and keep it
up-to-date. Develop and maintain secure operating systems and payment applications. Ensure the
anti-virus software applications you use are compliant
Implement strong access control measures: Access, both electronic and physical, to
cardholder data should be on a need-to-know basis. Ensure those people with electronic access
have a unique ID and password. Do not allow people to share logon information. Educate yourself
and your employees on data security and specifically the PCI Data Security Standard (DSS).
Regularly monitor and test networks: Track and monitor all access to networks and cardholder
data. Ensure you have a regular testing schedule for security systems and processes, including:
firewalls, patches, web servers, email servers, and anti-virus.
Maintain an information security policy: It is critical that your organization have a policy on how
data security is handled. Ensure you have an information security policy and that it's disseminated
and updated regularly.
43. 43
Sample Attacker Tools
Attacker Toolkits Many attackers use toolkits containing several d ifferent
types of utilities and scripts that can be used to probe and attack hosts, such as
packet sniffers, port scanners, vulnerability scanners, password crackers, and
attack programs and scripts.
Backdoors A backdoor is a malicious program that listens for commands on a
certain TCP or UDP port. Most backdoors allow an attacker to perform a certain
set of actions on a host, such as acquiring passwords or executing arbitrary
commands. Types of backdoors include zombies (better known as bots), which
are installed on a host to cause it to attack other hosts administration tools,
which are instal led on a host to enable a remote attacker to gain access to the
host’s functions and data as needed.
E-Mail Generators An email generating program can be used to create and send
large quantities of email, such as malware and spam, to other hosts without
the user’s permission or knowledge.
Keystroke Loggers A keystroke logger monitors and records keyboard use.
Some require the attacker to retrieve the data from the host, whereas other
loggers actively transfer the data to another host through email, file transfer,
or other means.
Rootkits A rootkit is a coll ection of files that is installed on a host to alter its
standard functionality in a malicious and stealthy way. A rootkit typically
makes many changes to a host to hide the rootkit’s existence, making it very
difficult to determine that the rootkit is pre sent and to identify what the
rootkit has changed.
Web Browser Plug -Ins A web browser plug -in provides a way for certain types
of content to be displayed or executed through a web browser. Malicious web
browser plug -ins can monitor all use of a browser.
44. 44
Personnel Awareness Training
Never, ever give your password to anyone.
Don’t install every program you come across on your computer or mobile device
– some of this software, disguised as a nice game or utility program, is made
with the sole purpose of injecting a virus onto your computer.
Disable your Bluetooth connection because it is very unsafe; but also, disable
the Wi-Fi network on your mobile device when you’re not using it.
Do not leave your computer in a car.
Do not leave your computer unattended in public places like airports, toilets,
public transport, conferences, etc.
45. 45
Mitigation for Social Engineering
• Targets should include individuals from the help desk, IT department,
human resources, finance, and other departments within the organization.
• The objective of these calls will be to induce the users to divulge sensitive
information over the phone in violation of company policy.
External Social Engineering – Perform
Social Engineering phone calls to
individuals within the organization.
• Attempt to gather sensitive information
• Deliver a malicious payload onto their desktop system which could include
browser and operating system buffer overflows, Trojan horses, and
keystroke loggers.
Targeted Email “Phishing” Attacks –
Send Emails to individuals and groups
within the organization in order to
attempt to entice the user to click on an
external link that (hypothetically) will “
• The media should contain simulated malicious code that will attempt to
grab sensitive host information such as the network configuration, list of
running processes, and a password hash dump.
Malicious Portable Media – Leave USB
Flash drives and CD-ROM drives with
enticing labels such as “Salary” in public
areas such as hallways, restrooms, and
break rooms.
• Search internal trash receptacles and external dumpster and disposal
areas for sensitive documents or storage media that is disposed of in
violation of company policy.
Sensitive Document Disposal Audit –
“Dumpster Diving”
47. 47
Quick Response
While you can’t always prevent a
breach, quick response can
minimize reputation damage and
financial impact.
48. 48
Quick Checklist to Mitigate Network
Review all wireless access points and note any external wireless network
whose signal range enters your premises.
Validate wireless network perimeter–One of the reasons wireless security is
so complex is wireless networks are not limited to the physical boundaries
of your buildings. Limit unnecessary exposure to the outside world.
Conduct vulnerability and penetration testing of access points
Review access points and wireless clients
50. 50
Questions
What are the basic requirements for establishing a CSIRT?
What type of CSIRT will be needed?
What type of services should be offered?
How big should the CSIRT be?
Where should the CSIRT be located in the organization?
How much will it cost to implement and support a team?
What are the initial steps to follow to create a CSIRT?
53. 53
What’s Needed
Cyber Security Incident Response Program
Cyber Security Incident Response Teams
Cyber Security Incident Response Documented Program
Cyber Security Incident Response Documented Plan
Cyber Security Incident Response Documented Playbooks
Internal Controls Assessments
Policy Review
Gap Analysis
REWI Risk Evaluation
Risk Assessment Facilitation
Security Awareness Training
Business Continuity and Disaster Recovery Planning
54. 54
Analysis Methodology
Identify the Scope of the Project
Identify Best Practices and Regulatory Requirements and Guidelines
Research and Gather Data
Assess Current Breach Response Security Measures and Capabilities
Review Audit Findings and Recommendations
Develop and Conduct Breach Risk and Gap Analysis, Breach Impact Analysis, Risk Early Warning
Indicator (REWI)
References:
Control Objectives for Information and Related Technology (COBIT) framework by ISACA
FFIEC Section J
Department of Health and Human Services, 45 CFR Parts 160, 162, and 164 Health
Insurance Reform: Security Standards; Final Rule
New York State Information Security Breach And Notification Act
Payment Card Industry Data Security Standard (PCI DSS)
Centers for Medicare & Medicaid Services
National Institute of Standards and Technology (NIST)
International Standards Organization (ISO) security standards
Many others
55. 55
Account Holder Communications
Proactive and timely account holder communication can help reduce costs,
including those associated with increased call center activity, customer
education, brand repair campaigns, regulatory compliance, and the expense
of covering customer losses.
56. 56
Gap Review Action Steps
Review existing Information Security policies
and standards to ascertain their adequacy in
coverage scope against industry best
practices, and update them as appropriate,
taking into account compliance
recommendations
Establish Key Performance Indicators (KPI) to
determine if your Information Systems
Incident Response program meets business
objectives and operational metrics for ongoing
process improvement.
57. 57
REWI
The Resilience based Early Warning Indicators (REWI)
method is a collection of self-assessment measures, which
provides information about an organization’s resilience.
The primary goal of the method is to generate early
warnings that improve the organization’s ability and
performance in the long run.
58. 58
Risk Awareness of Your Organization
Questions
Do we have
knowledge about the
information and
communication
technologies (ICT)
system and its
components?
Do we have
personnel with
information security
competence?
Whether the
employees are
security aware or not
will affect the security
risks.
Do we report on
security incidents?
Information about
past incidents will
provide insight into
what may go wrong in
the future.
Do we have
appropriate defense
mechanisms?
Information about the
technical safeguards
gives knowledge
about how well the
system is protected.
59. 59
Resilience Attribute: Risk Awareness
The risk awareness attribute measures the degree of risk understanding, as well as
anticipation regarding what to expect and attention so as to know what to look for [5].
In a security incident management context these contributing success factors can be
expanded into the following general issues:
Risk understanding: To what degree we understand the security risks associated with
the system. Risk understanding can be understood by asking the following questions
(the “general issues”)
Do we have knowledge about the information and communication technologies (ICT) system and its
components? A (correct) understanding of how the system work will provide insight into how it may be
attacked and the possible consequences.
Do we have personnel with information security competence? Whether the employees are security aware
or not will affect the security risks.
Do we report on security incidents? Information about past incidents will provide insight into what may go
wrong in the future.
Do we have appropriate defense mechanisms? Information about the technical safeguards gives
knowledge about
How well the system is protected.
Is the organization’s security policy efficient? Insight in to what degree the security policy is implemented
into the organization and whether it is followed by the employees will influence the efficiency of the
technical safeguards and barriers.
60. 60
Resilience Attribute: Support
The support attribute measures the presence of an established support systems, so
that when faced with tough decisions or tradeoffs there is some kind of decision
support or help that is institutionalized and part of practice .
In addition, support includes the ability to uphold critical support functions (technical,
human and organizational resources) in case of disruption is essential (redundancy)
In a security incident management context these contributing success factors can be
expanded into the following general issues:
Decision support: To what degree the organization support the trade-off between security and production.
Do we have adequate decision support staffing? Efficient incident response will require available personnel
with knowledge, experience and authority to make decisions.
Do we have adequate ICT decision support systems? Efficient incident response will often require
adequate support systems in place, including support for the support systems themselves.
Do we have adequate external support? Security incident management often requires support om external
actors,such as anti-virus and third party software providers.
61. 61
Response
Response: To what degree the organization is prepared to respond to
security incidents.
Do we have personnel with the ability to handle incidents? There must be employees who
are capable of handling
the incidents, including making critical decisions.
How do we train on dealing with potential incidents? Training on potential scenarios is
essential in order to
know what to do, both with respect to expected and unexpected events. The training
scenarios should be regularly
reviewed and adapted, in order to reflect the current threat picture as accurately as
possible.
62. 62
Response
Robustness of response: To what degree the organization can respond to
security incidents, without suffering damage.
Do we have sufficient redundancy in skills among the employees? Organizations that
ensure that the employees are
redundant in skills, or possess multiple skills, are more likely to successfully handle
incidents that go beyond the
planned or foreseen.
Do we have sufficient backup capacity / redundancy for the necessary critical functions?
Fault tolerance, redundancy
and recovery are important aspects for preserving the organization’s critical functions
Is the communication between involved actors sufficient? During incident response it is
crucial that all involved
are able to communicate, without misunderstandings or confusions
Do we manage incidents in compliance with existing policies? A robust response require
compliance with existing
policies and best practices.
63. 63
Response
Resourcefulness: To what degree the organization can ensure timely and
sufficient response.
Does the incident response team have sufficient resources? There must be a sufficient
number of personnel assigned to the different roles in the incident response team, including
back-up personnel in case of unavailability, and the response team must be capable of
solving their tasks in a timely manner.
Do we have adequate IT systems to support timely updating of necessary information? A
timely response requires timely updating necessary information and communicating this to
all involved actors.
64. 64
Technical Questions
Authentication Servers: Authentication servers, including directory servers and single sign-on servers,
typically log each authentication attempt, including its origin, username, success or failure
Remote Access Software: Remote access is often granted and secured through virtual private
networking (VPN). VPN systems typically log successful and failed login attempts, as well as the dates
and times each user connected and disconnected, and the amount of data sent and received in each
user session. VPN systems that support granular access control, such as many Secure Sockets Layer
(SSL) VPNs, may log detailed information about the use of resources.
Vulnerability Management Software: Vulnerability management software, which includes patch
management software and vulnerability assessment software, typically logs the patch installation history
and vulnerability status of each host, which includes known vulnerabilities and missing software
updates.5 Vulnerability management software may also record additional information about hosts’
configurations. Vulnerability management software typically runs occasionally, not continuously, and is
likely to generate large batches of log entries.
Web Proxies: Web proxies are intermediate hosts through which Web sites are accessed. Web proxies
make Web page requests on behalf of users, and they cache copies of retrieved Web pages to make
additional accesses to those pages more efficient. Web proxies can also be used to restrict Web access
and to add a layer of protection between Web clients and Web servers. Web proxies often keep a record
of all URLs accessed through them.
65. 65
Anticipation
What security incidents we can expect
Do we have updated knowledge about relevant threats? A systematic and regular
identification of vulnerabilities and threats is necessary in order to understand what may go
wrong.
Do we learn from experience? The organization’s past experiences is a valuable source of
information.
Want to avoid reoccurrence of security incidents and to learn from its own
success stories (“what went right”).
66. 66
Risk Assessment
Risk assessment is the determination of quantitative or
qualitative estimate of risk related to a well-defined
situation and a recognized threat (also called hazard).
Quantitative risk assessment requires calculations of two
components of risk (R): the magnitude of the potential
loss (L), and the probability (p) that the loss will occur.
67. 67
Incident Management Goals and Vision
To have a comprehensive Incident Management framework and set of templates for a
consistent, Enterprise-wide response to incidents within the environment.
Developing the capability to effectively manage unexpected disruptive events with the
objective of minimizing impacts and maintaining or restoring normal operations within
defined time limits.
Scope is both small incidents such as a single infected machine to a massive data
breach.
Key features of our future design needs to include:
Decision matrix for determining the type of incident we are dealing with and appropriate response.
RACI diagrams to identify responsibilities
Team charter
Team member matrix representing all aspects of the organization
Templates that can be easily and quickly adopted for any incident
Be careful with the term Incident or Breach. Some of the regulations trigger on the
date you classify an event as an Incident or Breach and that is when the clock starts
ticking for notifications.
68. 68
How To Write a CSIRT Policy
A purpose statement, outlining why the organization is issuing the policy, and what its desired
effect or outcome of the policy should be.
An applicability and scope statement, describing who the policy affects and which actions are
impacted by the policy. The applicability and scope may expressly exclude certain people,
organizations, or actions from the policy requirements. Applicability and scope is used to focus the
policy on only the desired targets, and avoid unintended consequences where possible.
An effective date which indicates when the policy comes into force.
A responsibilities section, indicating which parties and organizations are responsible for carrying
out individual policy statements.
Policy statements indicating the specific regulations, requirements, or modifications to
organizational behavior that the policy is creating.
Optional
Background, indicating any reasons, history, and intent that led to the creation of the
policy, which may be listed as motivating factors. This information is often quite valuable
when policies must be evaluated or used in ambiguous situations, just as the intent of a law
can be useful to a court when deciding a case that involves that law.
Definitions, providing clear and unambiguous definitions for terms and concepts found in
the policy document.
69. 69
Examples of Cyber Security Policies
Access controls and identity management
Business continuity and disaster recovery planning and resources
Capacity and performance planning
Customer data privacy
Data governance and classification
Incident response
Information security
Physical security and environmental controls
Risk assessment
Systems and application development and quality assurance
Systems and network monitoring
Systems and network security
Systems operations and availability concerns
Vendor and third-party service provider management
70. 70
Third Party Service Provider Policy
Policies and procedures designed to ensure the security of information
systems and nonpublic information accessible to, or held by, third-parties
and include the following:
Due diligence processes used to evaluate the adequacy of Cyber Security practices of
third-parties
Minimum Cyber Security practices required
Periodic assessment, at least annually or the continued adequacy
of their Cyber Security practices
Identification and risk assessment of third-parties
71. 71
Plans, Playbooks, Testing and Exercises
Phases ISO 27035 Incident Response
1. Prepare to deal with incidents e.g. prepare an incident management
policy, and establish a competent team to deal with incidents;
2. Identify and report information security incidents;
3. Assess incidents and make decisions about how they are to be
addressed e.g. patch things up and get back to business quickly, or collect
forensic evidence even if it delays resolving the issues;
4. Respond to incidents i.e. contain them, investigate them and resolve
them;
5. Learn the lessons - more than simply identifying the things that might
have been done better, this stage involves actually making changes that
improve the processes.
72. 72
Plan Documentation Considerations
Action sections
Recovery team
Personnel
Responsibilities
Resources
Action plans
Specific department/individual plans
Checklists
Technical procedures
73. 73
Plan Documentation Considerations
Action sections
Teams
Personnel
Responsibilities
Resources
Specific department/individual plans
Checklists
Technical procedures
Management
Administration/logistics
New equipment
74. 74
Plan Documentation Considerations
Document structure and design
Ensure built-in mechanisms to ease maintenance
Plan and implement the gathering of data required for plan completion
Identify, analyze and document and agree on approach to key phases
Allocate tasks and responsibilities
Identify, analyze and document tasks to be undertaken
78. 78
Development and Documentation
Each of the teams can create their own Breach Playbook using a
common template with lots of assistance
The CSIRT Program, CSIRT Breach Plan, and Breach Playbooks
must be documented and vetted
79. 79
Interviews and Training
Each business and technology areas that are part of the CSIRT
Response solution, must be interviewed to gain information and
ensure to provide information at the same sessions reference the
CSIRT project.
Many training sessions must be held to prepare the teams for a
Response situation. In addition, daily ‘open office hours’ should be
available for the teams while they were developing their Team
Playbooks
80. 80
Severity Level Description
Sev1 –
Major
Incident where the impact is severe. Examples (a) proprietary or
confidential information has been compromised, (b) a virus or worm has
become wide spread and is affecting over 20% percent of the
employees/consultants (c) major denial of service attack where customer
interfaces are not accessible.
Sev2 –
Critical
Incident where the impact is significant. Examples are (a) Less than 500
PCI records have been breached (b) critical vulnerability for an operating
system or application
Sev3 –
Non-Critical
Incident where the impact is minimal. Examples are (a) harmless email
SPAM (b) isolated Virus Infections and Malware
Sev 4 –
Non Incident
Incident is determined to be not an incident
81. 81
Look for Patterns
Unusual activity in access or system logs
Recent Changes to the system
Super User ID created
Deleted log files
Recent escalation of privileges
Recent off-hour activity
Recent file transfer from System
82. 82
Testing and Exercises
To validate the CSIRT Breach Plan, and Playbooks a number of
tests and exercises must be developed and implemented.
The Paper Tests allows the teams to read their Playbooks allowed
and to learn where communication links between the teams were
needed to gain information in a response.
The Table Top Test allows the CSIRT to validate their playbooks
while responding to a ‘mock scenario’ that can include up to 15
actual scenarios that occurred to other organizations.
The Simulation Test utilizes the original scenarios but adds a
number of ‘twists’ that caused the teams to respond quickly.
83. 83
3rd Party CSIRT Testing
Cyber events demonstrating
third-party provider's ability
to respond quickly and
efficiently to such an event.
• For example, an organizations
ability to recover from a disruption of
critical functions because of a
distributed denial of service (DDoS)
attack or the ability to recover from a
data corruption event should be
subject to testing.
• A financial institution may consider
working with an outside party, such
as other financial institutions or an
industry group, to test these types of
events.
Simultaneous attack
affecting both the institution
and its service provider.
84. 84
Review Summary of ISO 27035
Incident Response
Establish information security incident management policy
Updating of information security and risk management policies
Creating information security incident management plan
Establishing an Incident Response Team (IRT) [aka CSIRT]
Defining technical and other support
Creating information security incident awareness and training
Testing (or rather exercising) the information security incident
management plan
Lesson learned
85. 85
Thanks
Dr. Michael C. Redmond, PhD
917-882-5453
585-340-5187
Audio Training Available at:
www.rwknowledge.com
Contact me at:
mredmond@efprgroup.com