Embracing Cybersecurity on Cloud Computing

•

3 likes•600 views

We will talk about how people do perceive cloud computing and how to link it with a cybersecurity plan. Is cybersecurity compatible with public clouds? Main points that will be covered: • Examples of cybersecurity techniques/ technologies • What is cloud computing – different types of cloud • Measure to take care of when working with Cloud Computing • Examples of technologies adapted to “secure the cloud” Presenter: Eric Fourn is a security and virtualization / cloud professional with more than 12 years of experience. He holds certifications in virtualization and security. Also he is certified instructor for virtualization technologies and a PECB trainer. He wrote a book on VMware vSphere 5 (editions ENI). Link of the recorded session published on YouTube: https://youtu.be/Dp6YF7BagQc

Embracing Cybersecurity on the cloud
November 1st, 2016

Eric Fourn
Virtualization architect, trainer
Virtualization and security geek since more than 10 years.
IT architect, trainer (VMware Certified Instructor, former Citrix Certified
Instructor, PECB certified trainer)
.
Contact Information
+33660494592
Efourn@engineering-fabrics.fr
linkedin.com/in/eric-fourn-vci
twitter.com/efourn

3
Embracing security on the cloud
Agenda
 What is cybersecurity?
 What is cloud computing?
 IT infrastructure of the cloud
 Cloud services
 How do people perceive public
clouds?
 Link public clouds and cybersecurity
plan
 Certifications, safeguards for a cloud
provider
 ISO standards, frameworks
 Q & A

4
Embracing cybersecurity on the cloud
What is cybersecurity?
 A subset of Information
security
 Concerns digital information
 Data created, managed and
carried with computers,
smartphones, tablets
 “Carriers” connect to unsecure
networks

5
Embracing cybersecurity on the cloud
What is “cloud” (computing) ?
 NOT technology
 Consumption model : IT as a
service
 Internal / External
 Private (in-house) / Public
(elsewhere) / Hybrid (both)

6
Embracing cybersecurity on the cloud
IT infrastructure of the cloud
 On demand
 At scale
 Multitenant

7
Embracing cybersecurity on the cloud
Cloud services : heading to the right type
 IaaS
 PaaS
 SaaS
 DaaS
 MSaaS

8
Embracing cybersecurity on the cloud
How do people perceive public clouds?
 For SaaS (storage and file
sharing, email, social
networking, document editing)
 Not secure (data on the
internet)
 For personal use (facebook,
icloud, gmail, mega)

9
Embracing cybersecurity on the cloud
Link public cloud and cybersecurity plan - A
 Strong training and
awareness plan is required
 Consider cloud infrastructure
as outsourcing
 Responsibilities / perimeters
are to be set
 Consider securing data
transfer and data encryption

10
Embracing cybersecurity on the cloud
Link public cloud and cybersecurity plan - B
 Consider data that can/cannot
be on the cloud
 Remain the one who use the
cloud (not the other way
around)
 Know the Cloud
 The Cloud/Internet know us
(usually more than we think)

11
Embracing cybersecurity on the cloud
Certifications, safeguards for a cloud provider
Look for :
 ISO standards (up to date)
 Frameworks used (accurate)
 Certifications (accredited)
 References (same or close to your business)
 Stability (financial, management)

12
Embracing cybersecurity on the cloud
ISO standards, frameworks - A
Look for :
 NIST guide to information technology security services
 ISO/IEC 27001 – Information security management
 ISO/IEC 27017 – IT – security techniques – code of
practices for information security controls based on
ISO/IEC 27002 for cloud services
 ISO/IEC 27018 – IT – security techniques – code of
practice for protection of personally identifiable
information (PII) in public clouds acting as PII processors

13
Embracing cybersecurity on the cloud
ISO standards, frameworks - B
ISO/IEC 27032:2012 :
 Is a guidance for improving the state of Cybersecurity
 covers the baseline security practices for stakeholders in
the Cyberspace
 Is for individuals – organizations cannot be certified
against ISO/IEC 27032
 Links technical and security management system

IT Security Training Courses
 ISO/IEC 27032 Lead Cybersecurity Manager
5 Day Course
 ISO/IEC 27034 Application Security Foundation
2 Days Course
 ISO/IEC 27034 Application Security Lead Implementer
5 Days Course
 ISO/IEC 27034 Application Security Lead Auditor
5 Days Course
Exam and certification fees are included in the training price.
https://www.pecb.com/it-security | www.pecb.com/events

THANK YOU
?
+33660494592
efourn@engineering-fabrics.fr
linkedin.com/in/eric-fourn-vci
twitter.com/efourn

Cybersecurity is a universal concern across today’s enterprise and the need for strategic approach is required for appropriate mitigation. Adopting ISO 27032 will help to: • Understanding the nature of Cyberspace and Cybersecurity • Explore Cybersecurity Ecosystem – Roles & Responsibilities • Achieve Cyber Resilience through implementing defensive and detective cybersecurity controls Presenter: Obadare Peter Adewale is a first generation and visionary cyberpreneur. He is a PECB certified Trainer, Fellow Chartered Information Technology Professional, the First Licensed Penetration Tester in Nigeria, second COBIT 5 Assessor in Africa and PCI DSS QSA. He is also an alumnus of Harvard Business School and MIT Sloan School of Management Executive Education. Link of the recorded session published on YouTube: https://youtu.be/NX5RMGOcyBM

Progress towards security in the Cloud-Héctor Sánchez, MicrosoftMind the Byte

PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032

PECB

The webinar covers: • An overview of Cybersecurity • Explaining of Cybersecurity Relationship with other types of security • Guidance for addressing common Cybersecurity issues. • Convincing stakeholders to collaborate on resolving Cybersecurity issues. Presenter: This webinar was presented by PECB Partner and Trainer Mr. Fabrice DePaepe, who is Managing Director at Nitroxis Sprl and has more than 15 years of experience in IT and Information Security. Link of the recorded session published on YouTube: https://youtu.be/fQUSQEoLsYc

ISO/IEC 27032 – Guidelines For Cyber Security

Tharindunuwan9

ISO/IEC 27034 Application Security – How to trust, without paying too much!

PECB

This series of standard offers a new vision, new principles, and elements that will facilitate application security planning, implementation, management and repeatable verification. In this webinar, you will hear how a Lead Implementer should select and adjust them taking account of business, legal and technological contexts, priorities and its organization's limited resources. Mr. Luc Poulin has more than thirty years of experience in computer science, during which he acquired a solid expertise in IT systems and software engineering. He has a Ph.D. CISSP-ISSMP CSSLP CISM CISA CASLI , CASLA and currently working as CEO- Information / Application Security Senior Advisor at Cogentas Inc. Link of the recorded session published on YouTube: https://youtu.be/Saba09xOcVI

Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001

PECB

This webinar gives an idea of what is the relation of ISO 27032 with ISO 55001, and how these two standards cover one another. Get more information on Cybersecurity as the importance is given more to the security industry nowadays. Main points covered: • Protection assets in Cyberspace • Covering ISO 27032 in ISO 55001 and ISO 55001 in ISO 27032 • Sample of Cybersecurity Risks in Assets • Highlights of the Implementation of the Cyber Security program Framework Presenter: This webinar was presented by PECB Partner and Trainer Mr. Claude Essomba, who is a Managing Director at GETSEC SARL, and has more than 9 years of experience in IT and Information Security. Link of the recorded session published on YouTube: https://youtu.be/_280jG77iKY

Iso iec 27032 foundation - cybersecurity training course

Mart Rovers

How to minimize threats in your information system using network segregation?

PECB

We will discuss the importance of network infrastructure and how we can minimize risks of attacks in our IT by segregating and segmenting our network infrastructure. Main points that have been covered are: • Why it’s always a primary target for attacks? • What are the segmented networks? • How can it be used? Presenter: Our presenter for this webinar is Mohamed Tawfik, who is a qualified Technocrat, and a seasoned IT/Telecom Professional having over 20 years of solid experience with multi-national corporate organizations planning, deployment, governance, audit and enforcing policy on Information Security Practice, while having in-depth knowledge of IT/Telecom Infrastructure and with a proven record of customer satisfaction. Link of the recorded session published on YouTube:https://youtu.be/sKhihzgElH8

The webinar covers: • The origin and need for security and privacy in IoT devices • Elements of the IoT Trust Framework • Plans for implementation and certification This webinar was presented by Scott S. Perry CPA and Online Trust Alliance: Scott Perry is Principle of Scott S. Perry CPA, an expert with more than 25 years of experience as a manager, senior manager and director on the audit firms. A national consulting firm has led him to drive his own licensed, nationally operating CPA firm based in Bellevue, Washington specializing in Cybersecurity Audits. Craig Spiezle is Executive director of Online Trust Alliance (OTA), a recognized authority on trust and the convergence of privacy, security and interactive marketing promoting a privacy practices, balanced public policy, end-to-end security and data stewardship. Currently Craig is on board Identity Theft Council and a member of InfraGuard a partnership between the Federal Bureau of Investigation and private sector. Link of the recorded session published on YouTube: https://youtu.be/K3KZHWHO8bg

Cyber security standards

Vaughan Olufemi ACIB, AICEN, ANIM

When identifying the most useful best-practice standards and guidance for implementing effective cyber security, it is important to establish the role that each fulfils, its scope and how it interacts (or will interact) with other standards and guidance. Cybersecurity standards are generally applicable to all organisations regardless of their size or the industry and sector in which they operate. This page provides generic information on each of the standards that is usually recognised as an essential component of any cyber security strategy.

Advantages of privacy by design in IoE

Marc Vael

ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010

ARC Advisory Group

ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010 in Orlando, FL. What Stimulates Cyber Security Activity? For Industrial Control Systems (ICS) 􀂍 Risk Management • Business: Safety, Environmental, Reliability, Financial … • National: Terrorism, Rapidly emerging “Cyber Warfare” 􀂍 Regulation & Compliance (Must Do) • Government, Customers, Partners, Suppliers … 􀂍 Cost Reduction • People & Infrastructure • Skills & Practices Cyber Security is a National, Business and Personal Issue

A holistic approach to risk management 20210210 w acfe france & cyber rea...

Judith Beckhard Cardoso

Iso iec 27000_2018

newbie2019

Cybersecurity nexus vision

Marc Vael

Cybersecurity governance existing frameworks (nov 2015)

Marc Vael

Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...

Tchelinux

Information Security Challenges & Opportunities

Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master

Pindad iso27000 2016 smki

Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

Introduction to security

Mukesh Chinta

Thread Legal and Microsoft 365 Security

Thread Legal

Residency research makeup project acme enterprise scenario resi

SHIVA101531

Security architecture principles isys 0575general att

SHIVA101531

Metholodogies and Security StandardsConferencias FIST

Security domains

Adel J. Shtayyeh

Cisco Cybersecurity Essentials Chapter- 7

Mukesh Chinta

Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...

Abhishek Goel

SCADA systems control some of the most vital infrastructure in industrial and energy sectors, from oil and gas pipelines to nuclear facilities to water treatment plants. Critical infrastructure is defined as the physical and IT assets, networks and services that if disrupted or destroyed would have a serious impact on the health, security, or economic wellbeing of citizens and the efficient functioning of a country’s government.

Ics & computer security for nuclear facilities

omriyad

An Insight to Survey Findings on ISO 45001

PECB

Mr. Ward outlined in relation to the standard's Context clause how the global business environment will influence organizations as they consider the relevance of 45001 to their business needs. Main points covered: • Organizations should be asking themselves will it be to our advantage, to our detriment or will we become a victim of it. • Using his survey data Mr. Ward explained the findings and related them to this bigger picture. Presenter: Chris Ward was an inspector with UK regulator the Health and Safety Executive for 37 years. He inspected and managed inspectors in most manufacturing and service sectors. He specialized in health and safety management systems and revised HSE's guidance HSG 65. He has contributed to the drafting of ISO 45001. He continues to investigate fatal accidents around the world. Link of the recorded session published on YouTube:https://youtu.be/CCmZz-jmVz0

Using ISO 31000 as a strategic tool for National Planning and Governance

PECB

This webinar was poised to assist in drafting a sustainable National Risk framework to guide and aid in decision making for governance and management practices. Main points that have been covered are: • Risk Awareness and Risk cultured society • Modern Operational Practices and Risk • Trend in Risk Management for Governance and Management • Failure of strategies with risk in focus Presenter: Mr. Oluwagbenga Bamgbose is a Certified Lead Project Manager and Certified PECB Trainer. He is certified in various field including ISO 27001, ISO 20000 ISO 31000 Risk Manager, ISO 22301 and ISO 21500. Link of the recorded session published on YouTube: https://youtu.be/GLuqtiOIQos

What's hot

Creating Trust for the Internet of Things

PECB

Cyber security standards

Vaughan Olufemi ACIB, AICEN, ANIM

Advantages of privacy by design in IoE

Marc Vael

ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010

ARC Advisory Group

A holistic approach to risk management 20210210 w acfe france & cyber rea...

Judith Beckhard Cardoso

Iso iec 27000_2018

newbie2019

Cybersecurity nexus vision

Marc Vael

Cybersecurity governance existing frameworks (nov 2015)

Marc Vael

Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...

Tchelinux

Information Security Challenges & Opportunities

Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master

Pindad iso27000 2016 smki

Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

Introduction to security

Mukesh Chinta

Thread Legal and Microsoft 365 Security

Thread Legal

Residency research makeup project acme enterprise scenario resi

SHIVA101531

Security architecture principles isys 0575general att

SHIVA101531

Metholodogies and Security StandardsConferencias FIST

Security domains

Adel J. Shtayyeh

Cisco Cybersecurity Essentials Chapter- 7

Mukesh Chinta

Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...

Abhishek Goel

Ics & computer security for nuclear facilities

omriyad

What's hot (20)

Creating Trust for the Internet of Things

Cyber security standards

Advantages of privacy by design in IoE

ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010

A holistic approach to risk management 20210210 w acfe france & cyber rea...

Iso iec 27000_2018

Cybersecurity nexus vision

Cybersecurity governance existing frameworks (nov 2015)

Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...

Information Security Challenges & Opportunities

Pindad iso27000 2016 smki

Introduction to security

Thread Legal and Microsoft 365 Security

Residency research makeup project acme enterprise scenario resi

Security architecture principles isys 0575general att

Metholodogies and Security Standards

Security domains

Cisco Cybersecurity Essentials Chapter- 7

Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...

Ics & computer security for nuclear facilities

Viewers also liked

An Insight to Survey Findings on ISO 45001

PECB

Using ISO 31000 as a strategic tool for National Planning and Governance

PECB

Management par la qualité selon l’ISO 9001 au service de la maîtrise des risques

PECB

L’entreprise dans le cadre de ses activités pour la création et la préservation de la valeur elle est confrontée à des risques inhérents dont elle cherche à identifier, apprécier et traiter. Le management par la qualité constituera un soutien à un processus de management des risques efficace. Principaux points couverts: • Le système de management qualité • La qualité selon la norme ISO 9001-2015 en tant qu’action de maîtrise des risques de l’entreprise • La synergie entre le management par la qualité et le management des risques Presenter: Le webinaire est présenté par Zied Boudriga, formateur certifié par PECB et Directeur des risques Opérationnels et des Marchés à l’Arab Tunisian Bank et formateur certifié PECB. Link of the recorded session published on YouTube: https://youtu.be/XwAhLhhOxjA

How to establish strategic approach to ISO 9001:2015

PECB

Using QMS as a Strategic Business Framework by Establishing and Quantifying Business Objectives and its Impacts, Mapping Core Competencies (Technical-Behavioral) and Analyzing Business Information captured throughout the business process cycle using Interactive Business Dashboards; leads to Business Improvement initiatives and results in the growth of the entire business itself. Main points covered: • Using QMS as a Strategic Business Framework • How to establish and Quantify Business Objectives and its impact to your business • How to return your investment and what value ISO 9001 bring into business Presenter: This webinar was presented by Muhamed Farooque; Muhamed is Business Performance Management Specialist with the excellent knowledge base in ISO Management Systems, Business Process Improvement and Business Analytics Practices. ISO Management Systems: Qualified Lead Auditor for ISO 9001-ISO 14001-OHSAS 18001, Lean Six Sigma Black Belt etc. Link of the recorded session published on YouTube: https://youtu.be/66qt6O-Nstc

Cloud security innovation - Cloud Security Alliance East Europe Congress 2013

Moshe Ferber

We live in interesting times, at least from computer technology point of view. In the last couple years we change the way our backend systems function (Cloud Computing) and the way consume our front end interfaces (Mobility, the Internet of thing). It is safe to say that the technology changes we are now experiencing – will revolutionize the way we consume technology. But the described changes are being held back, and mostly because of information security. The root cause of the slow adoption of cloud among enterprises is Trust. Challenges around transparency, compliance, standardization and immature technologies are causing lack of trust between cloud stakeholders. And this lack of trust is the number one obstacle facing cloud computing. So it is time for innovation. There is great demand for new, innovative solutions that will fuel the engines of the industry. Cloud Computing technologies can be innovative and ground breaking, this has been proved before. Today there are many areas where innovative solution can change the way we think and provide security. In the presentation we will discuss the future of technologies like Identity Management, Encryption, API security and Big Data platforms and evaluate where we should improve the current technologies. Regarding encryption - we know that current technologies are limited in our options to safe guard keys in virtual environments and that we don’t have solutions for using encryption as a method to increase real multi tenancy, audit and access controls, for all data types. Encryption technology must improve at all levels, starting from key management, file level encryption (IRM solutions) and other new technologies such as Homomorfic encryptions should be developed further to be effective.

Cloud security what to expect (introduction to cloud security)

Moshe Ferber

The influence of Deming's 14 points to ISO 9001:2015

PECB

Deming’s 14 points are key principles for management to follow for significantly improving the effectiveness of a business or organization. Deming's 14 points are as relevant today as they were when they were originally created. The question that is set out to answer is to what degree has Deming’s approach influenced the ISO 9001:2015. Main points covered: • Analyzing Deming’s 14 points and their relevance to ISO 9001:2015 • How to create constancy of purpose toward improvement of product • How to become competitive and stay in business with Deming’s 14 points Presenter: This webinar was presented Mahadevan Hariharan; Mahadevan is a Quality professional with over 40 years of experience in the areas of Total Quality Management, Business Excellence, Manufacturing Excellence and Change Management Program. He is also PECB certified Lead auditor and trainer. Link of the recorded session published on YouTube:https://youtu.be/T43qGC0VGXs

Protecting Yourself from the Heartbleed Bug

David Sweigert

Cloud Computing & Cybersecurity

David Sweigert

Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...

PECB

Knowledge of the uncertainty of measurement of testing and calibration results is fundamentally important for laboratories, their clients and all institutions using these results for comparative purposes. Uncertainty of measurement is a very important metric of the quality of a result or a testing method. Main points covered: • To introduce the basic concepts related to measurement results and measurement uncertainty • Explain the relevance of these concepts to chemical analysis data • Introduce mathematical concepts, uncertainty sources and important approaches for estimation of measurement uncertainty Presenter: This webinar was presented by Dotun Bolade, who is an Analytical Chemist/Environmental Scientist by training and practice with years of experience in laboratory instrumentation and automation. For him, ISO management systems have become second nature having worked in environments where ISO 9001, 14001, 18001 and 17025 have been fully implemented. He is a Certified PECB ISO/IEC 17025 Lead Assessor. Link of the recorded session published on YouTube: https://youtu.be/AOpFou7_FVI

Cloud security ppt

Venkatesh Chary

Cloud computing security issues and challenges

Dheeraj Negi

cloud computing ppt

himanshuawasthi2109

Mind the Byte

Bahasan 1 lingkup_alat_media_pendidikan

merysiswinda

Trends in CybersecurityVarunee Wongwichit

Cloud Security Standards: What to Expect and What to Negotiate V2.0

Cloud Standards Customer Council

Webinar presentation September 20, 2016. This deck introduces the CSCC’s deliverable, Cloud Security Standards: What to Expect and What to Negotiate V2.0, which was updated in August 2016 to reflect the latest developments in cloud security standards. The presentation is an overview of the various security standards, frameworks, and certifications that exist for cloud computing. This information will help cloud customers understand and distinguish between the different types of security standards that exist and assess the security standards support of their cloud service providers. Read the CSCC's deliverable here: http://www.cloud-council.org/deliverables/cloud-security-standards-what-to-expect-and-what-to-negotiate.htm

Cloud Computing Certification

Vskills

Certified Cloud Computing Professional assesses the candidate for a company’s cloud computing and transformation needs. The certification tests the candidates on various areas in cloud computing which include knowledge of technical concepts and terminologies, cloud services and models like PaaS, IaaS, SaaS and planning and implementing cloud based services for the organization. http://www.vskills.in/certification/Certified-Cloud-Computing-Professional

Security Trainingen 2015Roderick Commerell

Viewers also liked (19)

An Insight to Survey Findings on ISO 45001

Using ISO 31000 as a strategic tool for National Planning and Governance

Management par la qualité selon l’ISO 9001 au service de la maîtrise des risques

How to establish strategic approach to ISO 9001:2015

Cloud security innovation - Cloud Security Alliance East Europe Congress 2013

Cloud security what to expect (introduction to cloud security)

The influence of Deming's 14 points to ISO 9001:2015

Protecting Yourself from the Heartbleed Bug

Cloud Computing & Cybersecurity

Estimation of Measurement Uncertainty in Labs: a requirement for ISO 17025 Ac...

Cloud security ppt

Cloud computing security issues and challenges

cloud computing ppt

Mind the Byte

Bahasan 1 lingkup_alat_media_pendidikan

Trends in Cybersecurity

Cloud Security Standards: What to Expect and What to Negotiate V2.0

Cloud Computing Certification

Security Trainingen 2015

Similar to Embracing Cybersecurity on Cloud Computing

Cloud computing security issues and challenges

Kresimir Popovic

In the last few years, cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. Now, recession-hit companies are increasingly realizing that simply by tapping into the cloud they can gain fast access to best-of-breed business applications or drastically boost their infrastructure resources, all at negligible cost. But as more and more information on individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. This paper discusses security issues, requirements and challenges that cloud service providers (CSP) face during cloud engineering. Recommended security standards and management models to address these are suggested for technical and business community.

5787355.ppt

ahmad21315

Sleeping well with cloud services

Comarch_Services

Not so long ago, the only way to access a new application was to install it from a floppy disk. Prehistory, huh? Now we have the Internet. Anytime. Anywhere. Everywhere: in the office, at home, in cafés, on the street, even on the beach. We live in a world where we are connected all the time. This influences our lifestyle, our interests and attitude, it changes the way we work. This means a whole new era for the software industry. And this era should be called “Cloud”.

Cloud Computing Security Frameworks - our view from exoscale

Antoine COETSIER

With this short 15 min presentation done at the EPFL engineering school in Lausanne, May 2014, we brushed the concepts and recommandations when choosing and benchmarking cloud providers towards security. The Cloud Security Alliance framework is at the moment the best matrix to establish such evaluation as it embraces the full service offered by provider and not only one aspect like Datacenter or Helpdesk. Antoine Coetsier - CEO at Exoscale

Securing Sensitive Data in Your Hybrid Cloud

RightScale

RightScale Webinar: Do you want both the control and customization of a private cloud and the cost savings of a public cloud? Then a hybrid cloud might be the best solution for your business. But to safely receive these benefits, you’ll need to secure your sensitive data across both your private and public cloud. Hear about the challenges faced by cloud customers as they deploy applications and data in hybrid clouds. Join Dave Asprey, VP of Cloud Security at Trend Micro, and Phil Cox, Director of Security and Compliance at RightScale, to learn about common pitfalls, inherent risks, and security best practices to protect sensitive information in cross-cloud environments. With effective and flexible cloud security, you can embrace the economic and technical efficiencies of hybrid clouds, improving your business and saving costs.

Introduction to Cloud Security

Susanne Tedrick

Cloud has changed the way we use computing and can yield significant economic, collaborative and efficiency benefits. But with this increased adoption, at both the personal & business level, comes increased exposure to potential risks, threats and attacks. This talk will introduce the fundamentals of cloud security, how cloud service and deployment models influence security, and practices that we can all undertake for threat and risk protection.

Security in Web 2.0, Social Web and Cloud

ITDogadjaji.com

To Cloud or Not To Cloud

Michael Yung

To cloud or not to cloud

Alejandro De La Borbolla Ruiz

B018211016

IOSR Journals

Cloud Security Engineer Interview Questions.pdf

Infosec Train

Cloud Security Engineer Interview Questions.pdf

infosec train

Security in the cloud planning guideYury Chemerkin

cloud-securityAsun Sada

What is the significance of cybersecurity in cloud.pptx

Infosectrain3

Cloud security, often known as cloud computing security, is a branch of cybersecurity that focuses on protecting cloud computing platforms. Cloud security refers to the entire bundle of technology, protocols, regulations, and best practices that secure cloud computing environments, cloud-based applications, and cloud-based data. Cloud security, to put it simply, is the discipline of defending cloud-based data, applications, and infrastructure against cyber threats.

What is the significance of cybersecurity in cloud.pptx

infosec train

Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf

ParishSummer

VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityShane Glenn

Security, Compliance and Cloud - Jelecos

Erin_Jelecos

Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdf

Forgeahead Solutions

Discover the essential practices and strategies to fortify your cloud infrastructure against cyber threats and data breaches. Our comprehensive guide delves into proven methodologies and cutting-edge techniques for ensuring maximum security in your cloud environment. From robust access controls to encryption protocols, learn how to safeguard your valuable data and maintain regulatory compliance. Download now to fortify your defenses and elevate your cloud security posture. Visit https://forgeahead.io/blog/tips-for-cloud-infrastructure-security/

Similar to Embracing Cybersecurity on Cloud Computing (20)

Cloud computing security issues and challenges

5787355.ppt

Sleeping well with cloud services

Cloud Computing Security Frameworks - our view from exoscale

Securing Sensitive Data in Your Hybrid Cloud

Introduction to Cloud Security

Security in Web 2.0, Social Web and Cloud

To Cloud or Not To Cloud

To cloud or not to cloud

B018211016

Cloud Security Engineer Interview Questions.pdf

Security in the cloud planning guide

cloud-security

What is the significance of cybersecurity in cloud.pptx

Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf

VTI Learning Series Beyond the Convergence of Physical & Cyber Security

Security, Compliance and Cloud - Jelecos

Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdf

More from PECB

Beyond the EU: DORA and NIS 2 Directive's Global Impact

PECB

The global implications of DORA and NIS 2 Directive are significant, extending beyond the European Union. Amongst others, the webinar covers: • DORA and its Implications • Nis 2 Directive and its Implications • How to leverage directive and regulation as a marketing tool and competitive advantage • How to use new compliance framework to request additional budget Presenters: Christophe Mazzola - Senior Cyber Governance Consultant Armed with endless Excel files, a meme catalog worthy of the best X'os (formerly twittos), and a risk register to make your favorite risk manager jealous, I swapped my computer scientist cape a few years ago for that of a (cyber) threat hunter with the honorary title of CISO. Ah, and I am also a quadruple senior certified ISO27001/2/5, Pas mal non ? C'est francais. Malcolm Xavier Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc. His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management. Date: April 25, 2024 Tags: Information Security, Digital Operational Resilience Act (DORA) ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: Digital Operational Resilience Act (DORA) - EN | PECB NIS 2 Directive - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity

PECB

In an era where digital transformation is inevitable, the landscape of cybersecurity is constantly evolving. Amongst others, the webinar covers: • DORA and its Implications • ISO/IEC 27005: Risk Management in Information Security • Leveraging Artificial Intelligence for Enhanced Cybersecurity Presenters: Geoffrey L. Taylor - Director of Cybersecurity Geoffrey Taylor brings a wealth of experience from multiple roles within various industries throughout his career. As a Certified ISO 27001 Implementer and Auditor, as well as certified ISO 27005, CISM and CRISC, he brings a unique perspective on cybersecurity strategy, risk management and the implementation of an Information Security Management System, having helped multiple organizations in aligning their strategy based on their threat landscape. Martin Tully - Senior Cyber Governance Consultant Martin is a Senior Consultant at CRMG with over twenty years of experience, and has previously been employed at two of the ‘Big Four’ professional services firms. Martin has worked across most industry sectors in the development of the best practice guidance and risk analysis methodologies. Martin is also accomplished at: leading the implementation of an ISMS; delivering a number of information risk assessments; reviewing information security policies; assessing security requirements across the supply chain; and updating a complete framework of supporting standards. Prior to the ISF, Martin’s roles have included delivering operational risk reporting, running research projects and benchmarking information security investments for major clients. Martin holds a Bachelors degree from Royal Holloway University of London. Date: March 27, 2024 Tags: ISO, ISO/IEC 27005, ISO/IEC 42001, Artificial Intelligence, Information Security, Digital Operational Resilience Act (DORA) ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: ISO/IEC 27005 Information Security Risk Management - EN | PECB ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/ffX-Xbw7XUk

Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance

PECB

In today’s rapidly evolving world, where Artificial Intelligence (AI) not only drives innovation but also presents unique challenges and opportunities, staying ahead means being informed. Amongst others, the webinar covers: • ISO/IEC 27001 and ISO/IEC 42001 and their key components • Latest trends in AI Governance • Ethical AI practices • Benefits of Certification Presenters: Jeffrey Bankard - Cybersecurity & AI Leader, AI Management Systems: ISO/IEC 42001 Jeffrey provides executive leadership for AI product creation through the product incubation unit (PIU). Ensures the timely delivery of AI consulting engagements through cross-functional teams comprised of senior information and network security leaders to establish strategic goals for improving the security architecture and risk posture for clients. Consults with business leaders to define key performance indicators and service levels. Fosters employee development through mentoring and coaching. Decides how to achieve results within the organization’s strategic plans, policies, and guidelines. Develops new products and secures those products through current AI security guidelines (ISO 42001). Adrian Resag - Experienced in Risk and Control - ISO/IEC 27001 and ISO/IEC 42001 Adrian believes a stimulating career can span many disciplines and that leading organizations value versatile professionals. He has enjoyed managing teams spanning the globe by working in world-leading organizations as Chief Audit Executive, Head of Risk Management, Information Systems Auditor, Head of Internal Control, as a consultant, a statutory auditor and an accountant. To allow such a diverse career, his approach has been to pursue certifications in many fields (making him one of the most qualified and certified in some of them). He has written books and created professional certifications in audit & assurance and compliance & ethics, and teaches in subjects from information security to risk management. With a passion for education, Adrian founded an educational institution and has taught tens of thousands of students and professionals online, in companies, universities and in governmental organizations. Date: February 28, 2024 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: ISO/IEC 27001 Information Security Management System - EN | PECB ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/DujXaxBhhRk

ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...

PECB

The importance of a robust cybersecurity strategy cannot be overstated. Learning on the effective measures to be taken and tools needed to navigate the evolving cybersecurity landscape successfully is essential. Amongst others, the webinar covers: • ISO/IEC 27002 and ISO/IEC 27032 and their key components • Key Components of a Resilient Cybersecurity Strategy • CMMC Frameworks Presenters: Dr. Oz Erdem Governance, Risk and Compliance (GRC) consultant, trainer, auditor, and speaker Dr. Erdem has over 25 years of experience in information security, trade compliance, data privacy, and risk management. He took leadership roles in governance and compliance at various Fortune 100-500 companies and SMBs, including Siemens Corporation, Siemens Industry, Linqs, Texas Instruments, Rtrust, ICEsoft Technologies, NATO C3A, and BILGEM. In addition, successfully managed software development (i.e., embedded, cloud, and SaaS) and digital product projects involving information security, mobile networks, and IoT networks. Further, Dr. Erdem led several non-profit organizations, such as National Association of District Export Councils (NADEC), Government Contractors Council (GovConCouncil), and Central-North Florida District Export Council as the Chairman of the Board. Peter Geelen Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more. George Usi - CEO of Omnistruct An internet pioneer and award-winning leader in internet governance with over 25 years of experience, George Usi knows that getting hacked is not a matter of ‘if’ but, ‘when’ and the fiscal and reputational effects that has on a business, the executives, and the board. George is the Co-Founder of Omnistruct, a cyber risk company. Omnistruct protects and expands revenue creation, reputation, and customer retention through cyber risk transference, governance, and compliance. We ensure that security and privacy programs work. Date: January 24, 2024 YouTube Video: https://youtu.be/9i5p5WFExT4 Website: https://bit.ly/3SjovIP

ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...

PECB

As we approach the new year, the importance of a robust cybersecurity strategy cannot be overstated. Learning on the effective measures to be taken and tools needed to navigate the evolving cybersecurity landscape successfully is essential. Amongst others, the webinar covers: • ISO/IEC 27001 and ISO/IEC 27035 and their key components • Key Components of a Resilient Cybersecurity Strategy • Best practices for building a resilient cybersecurity strategy in 2024 Presenters: Rinske Geerlings Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer. She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs) Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents. She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk. Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions. Loris Mansiamina A Senior GRC Professional consultant for Small, Medium and large companies. Over 10 years, Loris has been assisting clients in both public and private sectors about various matters relating to Gouvernance, Risk Management and Compliance (GRC), Digital transformation, cyber security program management, ISO 27k & ISO 20k implementation, COBIT & ITIL implementation, etc. Date: December 19, 2023 Tags: ISO, ISO/IEC 27001, ISO/IEC 27035, Cybersecurity, Information Security ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 ISO/IEC 27035 Information Security Incident Management - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/yT8gxRZD_4c

ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively

PECB

In today's rapidly evolving digital landscape, the integration of artificial intelligence (AI) in business processes is becoming increasingly essential. Hence, it is crucial to stay informed and prepared. Amongst others, the webinar covers: • ISO/IEC 27005 and ISO/IEC 27001 and their key components • The standard’s alignment • Identifying AI risks and vulnerabilities • Implementing effective risk management strategies Presenters: Sabrina Feddal With more than 16 years of background in operational security, telco as engineer and project manager for major international companies. I have founded Probe I.T in 2016 to provide my customers (both national and international) with GRC services. Winner of the 2020 award, the CEFCYS – Main French Women in cybersecurity association - jury's favorite, she remains committed on a daily basis to maintaining diversity and gender diversity in her teams. Passionate about Law, History & Cybersecurity. She has several professional certifications acquired over the course of her career: Prince2, CISSP, Lead Implementer ISO27001, Risk Manager, University degree in Cybercrime and Digital Investigation. Her values: excellence, discretion, professionalism. Mike Boutwell Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects. Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director. Date: November 22, 2023 Tags: ISO, ISO/IEC 27001, ISO/IEC 27005, Cybersecurity, Information Security ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 ISO/IEC 27005 Information Security Risk Management - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/TtnY1vzHzns

Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...

PECB

In today's digital age, cybersecurity is more critical than ever. Hence, it is crucial to stay informed and prepared. Amongst others, the webinar covers: • ISO/IEC 27032:2023 and ISO/IEC 27701 and their key components • The standard’s alignment • Emerging Cybersecurity Threats • What is new to the ISO/IEC 27032:2023 Presenters: Madhu Maganti Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes. Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting. Jeffrey Crump Mr. Jeffrey Crump is the Principal Consultant at Arizona-based Cyber Security Training and Consulting LLC and a graduate of the Certified NIS 2 Directive Lead Implementer course. He is a Certified CMMC Assessor, Certified CMMC Professional, and Instructor. Mr. Crump is also the author of Cyber Crisis Management Planning: How to reduce cyber risk and increase organizational resilience. His book has been expanded into a triad of certification courses on cyber crisis planning, exercises, and leadership. Date: October 25, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/a21uasr8aLs

ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation

PECB

Cybersecurity is an ongoing journey. The regular update and improvement of security measures is essential to stay ahead of evolving threats. Amongst others, the webinar covers: • Benefits of Compliance • Digital Transformation: Why • ISO/IEC 27001 and ISO/IEC 27032 • ISO/IEC 27001: Information Security Management System (ISMS) • ISO/IEC 27032: Cybersecurity Framework Presenters: Douglas Brush Douglas Brush is a federally court-appointed Special Master, and Court Appointed Neutral expert in high-profile litigation matters involving privacy, security, and eDiscovery. He is an information security executive with over 30 years of entrepreneurship and professional technology experience. He is a globally recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to serving as a CISO and leading enterprise security assessments, he has conducted hundreds of investigations involving hacking, data breaches, trade secret theft, employee malfeasance, and various other legal and compliance issues. He is the founder and host of Cyber Security Interviews, a popular information security podcast. Douglas is also committed to raising awareness about mental health, self-care, neurodiversity, diversity, equity, and inclusion, in the information security industry. Malcolm Xavier Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc. His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management. Carole Njoya Founder in 2018 of Alcees, a Paris-based management consulting fabric specialized in cybersecurity, data privacy governance and digital trust, Carole Njoya provides independent, tailored and expert advisory to companies doing business in European markets and serving both B2B and B2C customers. With more than 100 cybersecurity projects delivered, she assists entities in preparing, implementing and maintaining the right best practices under the ISO 27001 compliance framework and GDPR article 25 obligation (Privacy by design) for their vendors. Carole Njoya featured in the « Women Know Cybersecurity » 2019 Twitter list edited by Cybercrime Magazine. Carole Njoya is committed in science and engineering since pre-teen period. Date: September 27, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 YouTube video: https://youtu.be/U7tyzUrh8aI

Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations

PECB

The management of AI systems is a shared responsibility. By implementing the ISO 31000 Framework and complying with emerging regulations like the EU ACT, we can jointly create a more reliable, secure, and trustworthy AI ecosystem. Amongst others, the webinar covers: • Understanding AI and the regulatory landscape • AI and the threat landscape • A risk driven approach to AI assurance - based on ISO 31000 principles • Stress testing to evaluate risk exposure Presenters: Chris Jefferson Chris is the Co-Founder and CTO at Advai. As the Co-Founder of Advai, Chris is working on the application of defensive techniques to help protect AI and Machine Learning applications from being exploited. This involves work in DevOps and MLOps to create robust and consistent products that support multiple platforms, such as cloud, local, and edge. Nick Frost Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense that prioritized key risks to the organisation and helped minimize disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management. Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicist in the Oil and Gas Industry. Date: August 24, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/MXnHC6AvjXc

Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?

PECB

Generative AI offers great opportunities for innovation in various industries. Hence, by adopting ISO/IEC 27032, you can enhance your cybersecurity resilience and efficiently address the risks associated with generative AI. Amongst others, the webinar covers: • AI & Privacy • Generative AI, Models & Cybersecurity • AI & ISO/IEC 27032 Presenters: Christian Grafenauer Anonymization expert, privacy engineer, data protection officer, LegalTech researcher (GDPR, Blockchain, AI) Christian Grafenauer is an accomplished privacy engineer, anonymization expert, and computer science specialist, currently serving as the project lead for anonymity assessments at techgdpr. With an extensive background as a senior architect in Blockchain for IBM and years of research in the field since 2013, Christian co-founded privacy by Blockchain design to explore the potential of Blockchain technology in revolutionizing privacy and internet infrastructure. As a dedicated advocate for integrating legal and computer science disciplines, Christian’s expertise in anonymization and GDPR compliance enables innovative AI applications, ensuring a seamless fusion of technology and governance, particularly in the realm of smart contracts. In his role at techgdpr, he supports technical compliance, Blockchain, and AI initiatives, along with anonymity assessments. Christian also represents consumer interests as a member of the national Blockchain and DTL standardization committee at din (German standardization institute) in ISO/TC 307. Akin Johnson Akin J. Johnson is a renowned Cybersecurity Expert, known for his expertise in protecting digital systems from potential threats. With over a decade of experience in the field, Akin has developed a deep understanding of the ever-evolving cyber landscape. Akin is an advocate for cybersecurity awareness and frequently shares his knowledge through speaking engagements, workshops, and publications. He firmly believes in the importance of educating individuals and organizations on the best practices for safeguarding their digital assets. Lucas Falivene Lucas is a highly experienced cybersecurity professional with a solid base in business, information systems, information security, and cybersecurity policy-making. A former Fulbright scholar with a Master of Science degree in Information Security Policy and Management at Carnegie Mellon University (Highest distinction) and a Master's degree in Information Security at the University of Buenos Aires (Class rank 1st). Lucas has participated in several trainings conducted by the FBI, INTERPOL, OAS, and SEI/CERT as well as in the development of 4 cyber ISO national standards. Date: July 26, 2023 YouTube Link: https://youtu.be/QPDcROniUcc

GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...

PECB

By embracing the importance of GDPR and leveraging ISO/IEC 27701, you can enhance your data protection practices, achieve compliance, and minimize the risk of penalties. Amongst others, the webinar covers:  Importance of Data Protection  Understanding Data Collection and Challenges  Introduction to GDPR  Key Principles of GDPR  Who does GDPR Apply to and Its Global Implications  Introduction to ISO/IEC 27701  Implementing ISO/IEC 27701  Privacy by Design  Dealing with IT on a Daily Basis  Building Awareness and Training  Audit, Data Discovery, and Risk Assessments Presenters: Mike Boutwell Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects. Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director. Lisa Goldsmith Lisa Goldsmith is the founder of LJ Digital and Data Consultancy. Lisa has over 23 years’ experience of supporting leadership teams in membership, charity, and wider not-for-profit organisations to simplify their IT and digital strategy that allows them to sleep soundly at night, knowing their systems and processes are fit for purpose, GDPR compliant, secure and that they deliver value to staff, members, and stakeholders. Prior to starting her own consultancy, Lisa gained extensive experience working for membership organisations and has knowledge and expertise at all levels of operations from working within careers and qualifications teams, as Membership Manager, as Head of Digital & IT for delivering large-scale digital, IT and GDPR compliance projects and serving on several Senior Leadership Teams. Lisa is also currently a Trustee of the BCLA and Groundwork East. Date: June 27, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/lfJrSLaGDtc Website: https://bit.ly/437GOnG

How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...

PECB

The EU has implemented a range of regulations aimed at strengthening its cybersecurity posture. In this context, the ISO/IEC 27001 standard offers a comprehensive framework for managing and safeguarding sensitive information, such as personal data. Amongst others, the webinar covers: • Quick recap on the ISO/IEC 27001:2013 & 2022 • ISO/IEC 27001 vs legislation • The EU Cyber Legislation landscape • Some considerations and consequences • How to stay on top of the ever changing context Presenters: Peter Geelen Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more. Jean-Luc Peters Jean-Luc Peters brings 25 years of IT technology, information and cybersecurity expertise to boards, executives, and employees. Since the younger age he has held management positions in the private and government sector. He is currently the Head of the Cyber Emergency Response team for the National Cybersecurity Authority in Belgium. In addition to this, he is also a trainer, coach and trusted advisor focusing on enhancing cyber resilience. Jean-Luc has helped in the technical implementation of the NIS 1 (Network and Information Security) Directive transposition in Belgium, defining the Baseline Security Guidelines governmental ISMS framework and many other projects. He holds several certifications, including ISO/IEC 27001 Lead Implementer, ISO/IEC 27005 Auditor, CISSP, GISP, Prince 2 Practitioner, ITIL etc. Date: May 31, 2023 Tags: ISO, ISO/IEC 27001, Information Security, Cybersecurity ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/rsjwwF5zlK8

Student Information Session University KTMC

PECB

ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...

PECB

To protect your organization from cyber attacks, you need to implement a robust information security management system (ISMS) and business continuity management system (BCMS) based on international standards, such as ISO/IEC 27001 and ISO 22301. Amongst others, the webinar covers: • Why we need a cyber response plan to protect business operations • Introduction to ISO/IEC 27001 and ISO 22301 • What do we need for a cyber security response plan? • How do we develop a cyber security response plan? Presenters: Nick Frost Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense, that prioritise key risks to the organisation and helped minimise disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management. Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicst in the Oil and Gas Industry. Simon Lacey Simon is a resourceful, creative Information & Cyber Security professional with a proven track record of instigating change, disrupting the status quo, influencing stakeholders and developing ‘big picture’ vision across business populations. Multiple industry experience; excels in building stakeholder engagement & consensus; and suporting organisations to make sustainable change. Simon also has considerable experience of risk management, education and awareness, strategy development and consulting to senior management and is a confident and engaging public speaker. Simon has previously worked within the NHS, Bank of England and BUPA, before setting out as an independent consultan forming Oliver Lacey Limited, supporting clients in multiple business sectors. When not working, Simon loves to run – currently training for the Berlin Marathon, a Director of Aylesbury United Football Club, records vlogs and is an experienced standup comic. Date: April 26, 2023 Find out more about ISO training and certification services Training: https://bit.ly/3AyoyYF https://bit.ly/3LbBVTx Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/i4qx5mjEqio

Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...

PECB

Integrating ISO/IEC 27001 and ISO 31000 can help organizations align their information security and risk management efforts with their overall business objectives, leading to more effective risk management and better decision-making. Amongst others, the webinar covers: • Aligning the ISMS process with ISO/IEC 27001 • Using ISO 31000 within the ISMS • Aligning the RM process with ISO 31000 • How/where does ISO/IEC 27001 fit? Presenters: Nick Riemsdijk As a highly experienced and multi-skilled leader in Information and Physical Security, Nick is known as a collaborative, focused, driven and highly analytical individual with a broad portfolio of successes in client engagements. His expertise spans devising, implementing, managing and delivering information security, physical security, organizational resilience and facilities management solutions for organizations. He is certified as a Certified Information Security Manager (CISM), Certified Protection Professional (CPP), in Project Management (Prince2), ISO 22301 (Business Continuity), ISO 27001 (Information Security), and ISO 31000 (Risk Management). Rinske Geerlings Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer. She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs) Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents. She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk. Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions. Date: March 23, 2023 Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/Xj0U2mbpZUs

Student Information Session University CREST ADVISORY AFRICA

PECB

IT Governance and Information Security – How do they map?

PECB

Effective IT Governance requires proper Information Security practices to ensure that the organization's data is secure. On the other hand, Information Security policies and procedures must be aligned with the organization's overall IT Governance framework to ensure that security measures do not negatively impact business operations. Amongst others, the webinar covers: ▪ Bring Governance and InfoSec Together ▪ Answering WIIFM ▪ Business Terms Presenters: Dr. Edward Marchewka Dr. Edward Marchewka is a seasoned executive that has come up through the ranks in the IT vertical, expanding into information security, quality management, and strategic planning. Edward founded and serves as the Principal for 3LC Solutions, enabling YOU to Tell a Better Story in business, with our vCIO, vCISO, quality, and strategy consulting services, through metrics and relating risk to the business with our CHICAGO Metrics® SaaS solution. He has also held several roles leading information technology, most recently with Gift of Hope Organ and Tissue Donor Network, leading the Information and Technology Services department as the Director of IT, Data, and Security Services. Prior to Gift of Hope, he ran information security for Chicago Public Schools. Edward has earned a Doctorate of Business Administration from California Southern University and Masters’ degrees in Business Administration and Mathematics from Northern Illinois University. He earned Bachelors’ degrees in Liberal Studies and Nuclear Engineering Technologies from Thomas Edison State College, N.J. Edward maintains several active IT, security, and professional certifications from (ISC)2, ASQ, ITIL, PCI, PMI, ISACA, Microsoft, and CompTIA. He has held legacy IT certifications from Cisco and HP, and a designation from the National Security Agency. Date: February 22, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-38500 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/2bSbAdL5Idg

Information Session University Egybyte.pptx

PECB

Student Information Session University Digital Encode.pptx

PECB

oin us as our Director for Business Mustafe Bislimi teams up with Dr. Obadare Peter Adewale, our academic partner Digital Encode Limited, to provide valuable information about our programs, admissions process and specialization and elective courses. Discover the opportunities available to you as a student at PECB University and get a firsthand look at what makes us a top choice for education. Whether you're a prospective student or simply curious about PECB University, don't miss this informative session! Subscribe to our channel and stay tuned for more videos. For inquiries regarding admission process contact us: university.studentaffairs@pecb.com -EMBA in Cybersecurity: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbHJQUUpjMmY2NmcyeURhTzE5VlRSNjg2Y1hwd3xBQ3Jtc0tuLTZqdmZyWkc2VVNQV21YRTlKZUQ2SEtUenNXbzYyb1ZianV5cldDYTViWjZ1eVhCNWtxWHI3VTNwRS1BOE4wTERkZ3BtcndwM0sxdVoydWZYSXBkV2hYd2lwU0NLSTk5WERWMlhtVk1Ud2tuWTRjTQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fcybersecurity&v=3YJbbr708pk -EMBA in Business Continuity Management: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa3JQTGVhd1VfeG1weWNzUzRrMmg2bk0tc3kxUXxBQ3Jtc0tsOVF5VG82TkhRU3R5TVRWWmdhMzBrSTU2eW9wby1OYWN4VTg5bkJBY0lhTmNsOFhETzB5cVp0WU8zbTQwTlZkdk9Dby1fSXdhWmRpZFFPUmk3NS1QOGpMOVBlaDFhVVpwa2JZMkxKNGRnTnppMm93SQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fbusiness-continuity-management&v=3YJbbr708pk -EMBA in Governance, Risk, and Compliance: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbUplMGtjOFRWbzdGWERmdTR2QjdSbTBuQUxCd3xBQ3Jtc0tsNVdOU1p6UERWM3ZySE55V2FlWlJ1aFlzUU85VEt0aVRoR0hyTjNHbUNVYVMyb0lzTkZycUtJRzNxazlDWGRqTHZQMWJPZEYwbG1xWjVJN1JNOW1QUjJBZDY3NkU5LVl0b2xxOFpkZW1ZX2F3QmF5cw&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fgovernance-risk-compliance&v=3YJbbr708pk

Cybersecurity trends - What to expect in 2023

PECB

Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets. Amongst others, the webinar covers: • Top Cyber Trends for 2023 • Cyber Insurance • Prioritization of Cyber Risk Presenters: Colleen Lennox Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job! Madhu Maganti Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes. Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting. Date: January 25, 2023 Tags: ISO, ISO/IEC 27032, Cybersecurity Management ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 https://pecb.com/article/cybersecurity-risk-assessment https://pecb.com/article/a-deeper-understanding-of-cybersecurity Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/BAAl_PI9uRc

More from PECB (20)