Cybersecurity on Business Resilience

•

3 gefällt mir•551 views

This topic will cover the most significant points of Cybersecurity trends and future perspective. We as retail or business should be more informed about this Global Issue. Linkage of Cybersecurity and Business Continuity will be discussed as well. Additionally, the topic incorporates how the Cybersecurity is perceived in the mind of people. The main parts of the presentation are: • Cyber resilience trends • The Link between cyber risk and business continuity • What ARE and what SHOULD companies doing about the threat • Lessons learned / case studies from recent attacks Presenter: Mr. Bevan Lane is a PECB partner and trainer. He has more than 16 years of experience as a consultant in information security, firstly with PwC and then as an independent consultant. Mr. Lane has also an extensive experience in information security risk assessment training and has implemented solutions for major organization across the globe. Link of the recorded session published on YouTube: https://youtu.be/WQ-HYqCrRDQ

Bildung

Bevan Lane
Director at InfoSec Consulting
Mr. Bevan Lane has more than 16 years of experience as a consultant in information security, firstly with
PwC and then as an independent consultant. Mr. Lane has also an extensive experience in information
security risk assessment and training and has implemented solutions for major organization across the
globe.
Contact Information
+27829283620
bevanlane@icloud.com www.infosecconsulting.co.za
za.linkedin.com/in/bevan-lane-2266782

Cyber ResilienceCybersecurity Resilience
Bevan Lane

1. Local and global cyber trends
2. Lessons learnt / case studies from recent attacks
3. The Link between cyber risk and business continuity
4. What ARE and what SHOULD companies doing about the
threat
Agenda

• It’s no longer sufficient to suppose that you can defend against any
potential attack; you must accept that an attack will inevitably
succeed.
• An organisation’s resilience to these attacks – identifying and
responding to security breaches – will become a critical survival trait
in the future.
Change Your mindset

2. Lessons learnt / case studies from recent attacks

• Manipulation and disruption of control systems
to such a degree that a blast furnace could not be
properly shut down, resulting in “massive”—
though unspecified—damage
Type of Attack: Cyberwar
13
German Steel Mill
Date Undisclosed
Steel Production
What Happened
BP, State Oil Fund of the
Republic of Azerbaijan
2008
Oil and Gas
What Happened
• The Azerbaijan to Turkey Pipeline was attacked
by a Suspected Cyberwar attack aiming to
damage pipeline.
Attack: ICS System Attack, Cyberwar

2. Real Life Events
3. The Link Between Cyber Resilience and Business Continuity
Business Continuity Management - ISO22301
Cyber resilience is a key principle underpinning ISO 27001, and the wider issue of ICT’s role in
business continuity is covered by ISO 27031
Many Drivers are changing the game:
• Integration of IT into businesses
• Mobility
• Cloud Services
• Internet of Things (IOT)
• Legislation/Regulations

4. What ARE Companies doing and what SHOULD they be
doing?

What are they doing?
Silo Approach Incident Response not
formalised
Information Assets not
identified
Cyber Risk not/partially
integrated into BCM

What SHOULD they be doing?
• Cyber resilience = cyber security + business resilience
• Cyber resilience is a broader approach, which encompasses cyber
security and business resilience, and aims not only to defend against
potential attacks but also to ensure your survival following a
successful attack.
• An effective approach to cyber resilience is twofold:
• Ensure your cyber security is as effective as possible without compromising
the usability of your systems.
• Ensure you have robust business continuity plans in place that cover your
information assets so that you can resume normal operations as soon as
possible if an attack is successful.

THANK YOU
?
+27829283620
bevanlane@icloud.com www.infosecconsulting.co.za
za.linkedin.com/in/bevan-lane-2266782

Weitere ähnliche Inhalte

Was ist angesagt?

This webinar strives to shed some light on questions like: - How successful are pentesters in discovering vulnerabilities? - What is the best pentesting method? - How many pentesters do I need? - How to rate the skill level of a pentester? - What implication do the corresponding answers have to our risk assessment? Presenter: This webinar was presented by Friedhelm Düsterhöft, Managing Director of msdd.neT GmbH offering IT Security consultancy and training services for international companies from the IT-, telecommunications- and financial industry. He has specialized in GRC topics around ISO 27001 and also has long-term experience in vulnerability management and penetration testing. Link of the recorded session published on YouTube:

Web applications: How Penetration Tests can improve your Risk Assessment

PECB

The Technology Horizon & Cyber Security from EISIC 2015

Ollie Whitehouse

Introduction: CISSP Certification

Sam Bowne

Outpost24 Webinar - Common wireless security threats and how to avoid them

Outpost24

Navigating Cybersecurity

Segun Ebenezer Olaniyan

This post contains detailed Mindmap related to Complex subject of Cyber security and address critical components summarized as below: - Cyber Security standards - SOC (Security Operation Center) - Cybersecurity Lifecycle - Hacker Kill Chain - Malware (Types,Protection Mechanism) - Cyber Architecture - CSC (Critical Security Standards) - Incident Management - Network Perimeter best security practices - Final Case Study I hope the Technical post is appreciated and liked by Security Consultants and Subject Matter experts on Cybersecurity.Your criticals Inputs are appreciated.Thank you - Wajahat Iqbal (Wajahat_Iqbal@Yahoo.com)

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)

WAJAHAT IQBAL

Network security, seriously?

Peter Wood

A holistic approach to risk management 20210210 w acfe france & cyber rea...

Judith Beckhard Cardoso

Organizations today are facing unprecedented and sophisticated attacks to their internal Information Technology infrastructure. These evolving attacks include spear phishing, ransomware, credential hijacking, and more and can result in significant data loss and/or theft of confidential and valuable intellectual property. In response to these threats, Microsoft has released an array of tools such as Azure Sentinel, Cloud App Security, Microsoft Defender for Identity, and more which can help to secure and protect against these threats. These tools work with both on-premises and cloud-based infrastructure to provide for comprehensive protection of hybrid environments. This session breaks down each of these Microsoft tools and provides for an understanding of their value for specific security scenarios. A simple, no-marketing approach is taken to evaluating each individual tool, and a simple breakdown of what is provided with each Microsoft licensing model is outlined. Attendees will gain a better appreciation to which tools to utilize and how to better protect their Information Technology investments from the type of career-ending attacks which are unfortunately common today. • Understand how modern threats such as spear phishing, ransomware, credential hijacking, and more are commonly faced in today’s IT environments and what tools and techniques can be used to mitigate the risk faced by these modern threats • Examine Microsoft security tools such as Azure Sentinel, Microsoft Defender for Identity, Azure Security Center, Cloud App Security, Azure AD Privileged Identity Management, Azure AD Identity Protection, Azure Information Protection, and more • Understand which tools are available for each licensing model in the Microsoft world and when it may make sense to ‘upgrade’ existing licenses to support specific toolsets as opposed to investment in third-party tools

Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...

Michael Noel

Developing an attractive website for your business operations to generate more leads and profit for the company is no longer the only concern. There are various other factors in play. It is important to ensure that the website and software of your company are safe from any kind of malware. The main priority of any organization should be to build a defence system for its servers and data. Render your expert service to the clients and meet their requirements with this Cyber Security for Organization Proposal PowerPoint Presentation Slides. Utilize this PPT template to highlight your key deliverables such as uninterrupted server protection, secure organization information, network security, penetration testing, monitoring system vulnerabilities, and personnel training to avoid cyber attacks. Use this internet security PPT layout to talk about the whole process of project kick-off, planning, development, implementation, maintaining, and training for the cyber security services that your company adopts. Showcase the overall project cost that a client has to invest in availing your services as well as mention in detail the financial outlay according to each service and package. Grab the opportunity to educate your audience about the additional services that you provide like software development, cloud services, security, and networking by employing our electronic safeguard services PPT deck. Implement this visually-appealing security services PowerPoint theme to present an attractive business overview of your company and convey your mission, vision, objectives, and goals in an organized manner. Gain the trust of your clients by displaying your past achievements, awards, and client testimonials with this PPT design. You can take the assistance of this PowerPoint slide to inform the customer about your expertise in mobile app development, onsite developer, and business intelligence analytics. Download our ready-to-use computer security PPT graphic and promise the best security to your clients and make an everlasting impression on them. https://bit.ly/3fxyjMt

Cyber Security For Organization Proposal Powerpoint Presentation Slides

SlideTeam

National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...

Shah Sheikh

Setting up CSIRT

APNIC

Ethical hacking helps organizations in preventing the exploitation and vulnerabilities of their system’s data. Today, several real-world testing methods are used to avoid cyber-attacks and secure important data from exploitation. The webinar covers • Ethical Hacking • Penetration Testing • Differences and Similarities • Types & Stages of Penetration Testing • Cybersecurity • Impact of COVID-19 on Cybersecurity Presenters: Carl Carpenter Carl is a former CISO of a $6B entity where he was responsible for protecting data of all types and regulatory environments such as FFIEC, HIPAA, and PCI as well as working with the FBI, IRS, and US Department of Labor around investigations relating to money laundering. He has performed assessments against Fortune 10 and 50 companies in the areas of GDPR, CCPA, ISO/IEC 27001 and currently performs CMMC assessments as well as CMMC pre-audit support to help ensure a successful CMMC audit. Prior to that, Carl retired from the US Military where he was involved in counter-terrorist, counter-narcotics, counter-intelligence operations and training foreign military members in these same concepts. Carl is also a PECB trainer in ISO/IEC 27001, ISO/IEC 27032, and CMMC Foundations and holds numerous other certifications. In 2016, Carl joined Arrakis Consulting where he started as an auditor and providing CISO-as-a-Service to small or medium sized companies that needed more experience without increased cost. In 2017, Carl added active penetration testing to his portfolio of skills and routinely performs penetration tests against companies of all sizes. Carl also trains people on a variety of skills such as penetration testing, network engineering, network administration, OSI model, subnetting, etc… Carl holds a Bachelors from Western Governors University in Network Security and Operations as well as numerous certifications from ITIL, Cisco, CompTIA, Microsoft, CMMC-AB, ISACA, OneTrust, RSA, PCI Council, Citrix, and Novell Andreas Christoforides Mr. Christoforides is an active IT auditor and a trainer for a various organization on Information Security Management Systems. He is a member of the Cyprus Computer Society, a PECB certified trainer for ISO/IEC 27001, ISO 22301 and GDPR CDPO, and a former Deputy Head of IT Infrastructure at a Bulgarian Leading Bank. In 2019, he joined BEWISE and delivered to clients a wide range of Cybersecurity projects in the areas of strategy, governance and risk management, data privacy and protection (GDPR), and business resilience and recovery. He conducts IT Risk Assessments and develops IT policies and procedures towards establishing an effective and secure IT Governance framework. Mr. Christoforides holds a BEng degree from Birmingham City University and a variety of other qualifications from Microsoft and CISCO. YouTube video: https://youtu.be/cTrdBZFIFhM Website link: https://pecb.com/

Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?

PECB

CISSP introduction 2016 Udemy Course

Adrian Mikeliunas

Cybersecurity concepts & Defense best practises

WAJAHAT IQBAL

With 73% of all cyber attacks happening on web applications* last year, there’s little doubt application layers and web-related attacks pose a significant risk to most organizations. However typical investment to protect common attack targets (content management systems and ecommerce platforms) don’t correspond. This webinar examines the growth of applications in enterprise architecture and the risks associated with agile development, plus expert advice and real world examples on how to scope and build an successful application security program that will maximize coverage and optimize your limited resource

Building an application security program

Outpost24

** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training ** Cybersecurity careers are complex and many roles can be found in banks, retailers and government organizations. This PPT will guide you through multiple career paths in cybersecurity. Below are the topics covered in this tutorial: 1. Where to Start? 2. Career Paths in Cybersecurity 3. Cybersecurity Job Salaries 4. Skills for Cybersecurity Careers 5. Tools & Technologies 6. Cybersecurity Careers & Estimated Annual 7. Related Occupations you should know about Cybersecurity Training Playlist: https://bit.ly/2NqcTQV

Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...

Edureka!

Cybersecurity framework v1-1_presentation

Monchai Phaichitchan

Vulnerability management - beyond scanning

Vladimir Jirasek

Cybersecurity is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of information technology (IT). • The evolution of Cybersecurity • Protecting Digital Assets • Difference between Cybersecurity and Information Security • Cybersecurity Objectives • Future of Cybersecurity Presenter: Hafiz Adnan is an IT GRC, Security Consultant and Lead Auditor and a PECB Certified Trainer with over 11 years of significant, progressive experience in Information Technology field, focusing on Information Security, IT Governance, ISO Standards Implementation & Compliance, IT Service Management, Risk Management, Information Security & IT Service Management Audits, Software Project Management and Process Improvement. Link of the recorded session published on YouTube: https://youtu.be/BA670iVPi5c

The difference between Cybersecurity and Information Security

PECB

Was ist angesagt? (20)

Web applications: How Penetration Tests can improve your Risk Assessment

The Technology Horizon & Cyber Security from EISIC 2015

Introduction: CISSP Certification

Outpost24 Webinar - Common wireless security threats and how to avoid them

Navigating Cybersecurity

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)

Network security, seriously?

A holistic approach to risk management 20210210 w acfe france & cyber rea...

Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...

Cyber Security For Organization Proposal Powerpoint Presentation Slides

National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...

Setting up CSIRT

Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?

CISSP introduction 2016 Udemy Course

Cybersecurity concepts & Defense best practises

Building an application security program

Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...

Cybersecurity framework v1-1_presentation

Vulnerability management - beyond scanning

The difference between Cybersecurity and Information Security

Andere mochten auch

Всеми организациями , занятыми в цепи производства, поставки и реализации пищевой продукции необходимо внедрение системы управления безопасностью пищевых продуктов в соответствии требований стандарта ISO 22000, который охватывает вопросы контроля от качества и безопасности сырья, из которой производится продукция - к материалу упаковки, а также доставки готовой продукции конечным потребителям. Как показывает практика, на предприятиях где отсутствует ISO 22000 наблюдается ряд причин критических несоответствий, приводящих к появлению недоброкачественной или опасной для здоровья людей продукции. Main points covered: • Основные факторы приводящие к заболеванию через продукты питания • Причины возникновения отклонений • Примеры несоответствий Presenter: Данный вебинар будет проводить РЕСВ сертифицированный тренер,ведущий врач ветеринарной медицины, специалист по качеству, сертификации и стандартизации Демченко Наталия. Link of the recorded session published on YouTube: https://youtu.be/mtqyZgnV6h4

Топ 10 причин критических несоответствий при сертификации по ISO 22000

PECB

As the Anti-Bribery is becoming the world's most challenges issues, it is very important for businesses to support their company with the best programs and enhanced protection. The webinar demonstrated that this is possible by implementing ISO 37001 standard, and by identifying the key elements of an effective ISO 37001 implementation. Main points that have been covered are: • Definition of ISO 37001 • Case Studies • Culture, Training and Reinforcement program Presenter: Mr. Mohamad Khachab is PECB Partner & Trainer, with 30 years of professional experience in management consultancy, project management, teaching/training, IT Procurement, preparing proposals, information risk management, research, developing bidding documents, and business development activities. Link of the recorded session published on YouTube: https://youtu.be/wKc-2aHDf5s

Key Elements of an Effective Anti-Bribery Management System Implementation

PECB

The webinar will cover common requirements and differences between ISO 9001 and ISO 27001 and the best practices in establishing integrated management system based on those two standards. Main points covered: • Common requirements of ISO 9001 and ISO 27001 • Steps in creating integrated management system • Main challenges in integration Presenter: This webinar was presented by Strahinja Stojanovic; he is the author of the 9001Academy, 14001Academy and 18001Academy toolkit. He has extensive working experience both as an external auditor and as a consultant. In his consulting career, he works with clients from the manufacturing and service providing organization. He has an MSc in Mechanical Engineering, and is the holder of the following certificates: ISO 9001 Lead Auditor, ISO 14001 Lead Auditor, OHSAS 18001 Lead Auditor. Link of the recorded session published on YouTube: https://youtu.be/MP_J6_QlrbM

Best Approach to Integrate ISO 9001 and ISO 27001 Simultaneously

PECB

How ISO 22316 provides guidance for your organization? Learn the attributes, activities and the involved management disciplines. Main points covered: • Approach to organizational resilience • Attributes and activities • Involved management disciplines Presenter: The webinar was presented by Dr. Wolfgang Mahr. He has over 20 years of experience in consulting and project management in the ICT environment and during the last 20 years has specialized in the field of Business Continuity Management. He is experienced in IT governance, information security, business management, marketing, account and product management, in professional education as an author of the educational content and international speaker. Link of the recorded session published on YouTube: https://youtu.be/28TMYJCIYEg

Organizational Resilience – How ISO 22316 Provides Guidance for Your Organiza...

PECB

Un análisis del proceso de Gestión de Riesgos de TI desde las perspectivas distintas de los estándares, las normas y las mejores prácticas de gestión de TI aplicables. Se revisa el enfoque de gestión de riesgos de TI descrito en ITSM/ITIL, ISO 20000, ISO 31000, ISO 27001, ISO 27005, ISO 22301 y COBIT. Vamos a cubrir: • Perspectiva general de Gestión de Riesgos • Normas, estándares y buenas prácticas en la gestión de procesos de TI • Un marco de referencia genérico para la Gestión de Riesgos (ISO 31000) • Gestión de Riesgos en la Gestión del Servicio (ISO/IEC 20000) • Gestión de Riesgos en la Seguridad de la información (ISO/IEC 27001) Presentador: Pedro Escarcega Navarrete es un profesional con más de 30 años de experiencia como ejecutivo en empresas, en áreas de tecnología y ha desempeñado funciones que van desde la consultoría, capacitación e implementación y gestión de procesos de tecnologías de la información, el diseño y la administración de proyectos, hasta funciones de gerencia y dirección. Link of the recorded session published on YouTube: https://youtu.be/JF0RIYmH6No

La Gestión de Riesgos en las Tecnologías de la Información

PECB

The assurance of food safety in the food supply chain depends significantly on Prerequisite programmes, HACCP and OPRPs - but one important aspect shouldn't be missed, that is the need for reliable testing through laboratory competence on the measurement and evaluation system. Main points covered: • Essentials of food safety in the food chain • Components of food safety requirements and good practices • Food Safety Assurance through Laboratory Competence Presenter: Mary Anne Concio PECB certified Lead Implementer and Lead Auditor for ISO 9000, ISO 13053, ISO /TS 16949, ISO 22000, ISO 22301, ISO 27001 and Founder/ CEO at Powerhouse Development and Coaching Academy. Link of the recorded session published on YouTube: https://youtu.be/_4DFrRcYAPI

Managing the need for Laboratory Competence in the Food Supply Chain

PECB

DE presentation to IISD on May 7, 2008. Title: Amazon Resilience and Busines...

DE Design and Environment

W13 libr250 paraphrasing

lterrones

The webinar will cover why we should document the BCMS plan and how it can be done. Main points covered: · Why do we need to document · What is included in the documentation · How is the documentation used Presenter: Barbro Thöyrä, MBA., holds certificates in ISO 22301 Master and Lead Auditor, ICT Disaster Recovery Manager, ISO 28000 Provisional Implementer, PECB Certified Outsourcing Manager and DRI Risk Management. She is an approved PECB and DRI trainer and BCI Instructor. She has several years of experience as an IT manager, product manager and subject matter expert in BCMS. She has worked as a senior consultant, project management, IT architect, wrote manuals and developed services within BCMS and CRM. Furthermore, she is a trainer in IT and BCMS and carried out several international BCMS and IT projects as an expert and project manager. Link of the webinar published on YouTube: https://youtu.be/q3Jr9k-tbic

Is it Necessary to Document the BCMS plan?

PECB

The traditional approach for security management fails in agile development projects. We summarize the cause of this failure and propose a new Agile Security Engagement Model (ASEM) to solve the issues. This model is risk-driven, supportive and robust. It embraces important innovations, such as a security services catalogue and continuous monitoring. This way of working helps organizations to properly address information security in agile environments. Main points that have been covered are: • Four false assumptions that make the traditional security approach fail • ‘Feet in the mud’ with the Agile Security Engagement Model (ASEM) • Explanation of the innovations in this Agile Security approach Presenter: Pascal de Koning is qualified as Information Security professional. He has the wide experience as a consultant and fills in the role of the security officer at various companies. Pascal is an active member of the Security Forum of The Open Group. Link of the recorded session published on YouTube: https://youtu.be/08Se5Ta65v8

A New Security Management Approach for Agile Environments

PECB

ISO 45001 is the latest occupational health and safety management system standard which is being developed by the ISO. This standard will replace OHSAS 18001, and set specific requirements for an occupational health and safety management that will enable the organizations toward ensuring safety and health in workplace. This webinar will give you a detailed description of all changes when transitioning from OHSAS 18001 to ISO 45001. Main points covered: • Overview of ISO 45001 and reason why the revision of OHSAS 18001 was necessary • ISO 45001 most significant changes and related standards affected by this change • Recommendations on what steps to take when going through transition Presenter: This webinar was presented by PECB’s Course Development Manager for Health, Safety and Environment, Nysret Lezi. Link of the recorded webinar published on YouTube: https://youtu.be/SUtF4KusUyE

Migration from OHSAS 18001 to ISO 45001

PECB

The impact of globalization on international business

sooriya karunanithi

Andere mochten auch (12)

Топ 10 причин критических несоответствий при сертификации по ISO 22000

Key Elements of an Effective Anti-Bribery Management System Implementation

Best Approach to Integrate ISO 9001 and ISO 27001 Simultaneously

Organizational Resilience – How ISO 22316 Provides Guidance for Your Organiza...

La Gestión de Riesgos en las Tecnologías de la Información

Managing the need for Laboratory Competence in the Food Supply Chain

DE presentation to IISD on May 7, 2008. Title: Amazon Resilience and Busines...

W13 libr250 paraphrasing

Is it Necessary to Document the BCMS plan?

A New Security Management Approach for Agile Environments

Migration from OHSAS 18001 to ISO 45001

The impact of globalization on international business

Ähnlich wie Cybersecurity on Business Resilience

To protect your organization from cyber attacks, you need to implement a robust information security management system (ISMS) and business continuity management system (BCMS) based on international standards, such as ISO/IEC 27001 and ISO 22301. Amongst others, the webinar covers: • Why we need a cyber response plan to protect business operations • Introduction to ISO/IEC 27001 and ISO 22301 • What do we need for a cyber security response plan? • How do we develop a cyber security response plan? Presenters: Nick Frost Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense, that prioritise key risks to the organisation and helped minimise disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management. Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicst in the Oil and Gas Industry. Simon Lacey Simon is a resourceful, creative Information & Cyber Security professional with a proven track record of instigating change, disrupting the status quo, influencing stakeholders and developing ‘big picture’ vision across business populations. Multiple industry experience; excels in building stakeholder engagement & consensus; and suporting organisations to make sustainable change. Simon also has considerable experience of risk management, education and awareness, strategy development and consulting to senior management and is a confident and engaging public speaker. Simon has previously worked within the NHS, Bank of England and BUPA, before setting out as an independent consultan forming Oliver Lacey Limited, supporting clients in multiple business sectors. When not working, Simon loves to run – currently training for the Berlin Marathon, a Director of Aylesbury United Football Club, records vlogs and is an experienced standup comic. Date: April 26, 2023 Find out more about ISO training and certification services Training: https://bit.ly/3AyoyYF https://bit.ly/3LbBVTx Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/i4qx5mjEqio

ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...

PECB

Conventional information security measures continue to fail our businesses in today’s rapidly changing world of cyber-risk. Adverse cyber-events manifest themselves as the usual suspects including data breaches, information theft, ransom- and malware, viruses, payment card fraud, DDOS attacks or physical loss – to name but a few. Problem is, the tally of adverse events keeps mounting up. While headline adverse cyber incidents are now reported in the media with regularity, this represents the tip of the cyber-risk iceberg. Most known events are either unreported or hidden from public disclosure. Not helping, is the industry analysis suggesting that, on average, nearly half of all adverse cyber-risk events impacting organisations are self-inflicted and avoidable. No industry is untouched. Delivered at the CIO Summit in Melbourne, Australia in November 2016, in this presentation, Rob offers valuable strategic insights into the problem and why it continues to be a problem. He outlines some practical steps that will be helpful for CIOs and CISOs in reshaping their own organisation’s approach in building a more effective and resilient information security capability.

Current enterprise information security measures continue to fail us. Why is ...

Livingstone Advisory

Cyber Security Standards Compliance

Dr. Prashant Vats

Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.

Cyber Security Governance

Priyanka Aash

What The Cyber Entails-2.pdf

Chinatu Uzuegbu

Dealing with Information Security, Risk Management & Cyber Resilience

Donald Tabone

OT Security Architecture & Resilience: Designing for Security Success

accenture

CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...

Booz Allen Hamilton

How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs

SurfWatch Labs

Topic11

Anne Starr

By leveraging more than 30 years of energy expertise, ScottMadden has developed an approach to help clients implement cybersecurity programs that target enterprise risks and demonstrate tangible evidence of improving cybersecurity capabilities. This approach engages business stakeholders to answer the following strategic questions: 1. What are our biggest enterprise cybersecurity risks? 2. What is the appropriate response to these risks? 3. How will success be measured? 4. How will we get there? We align with energy sector guidance to meet industry expectations, and we integrate with enterprise governance to direct and monitor implementation progress, ongoing performance, and assurance. This report highlights ScottMadden’s approach to strategic cybersecurity. For more information, please visit www.scottmadden.com.

Strategic Cybersecurity

ScottMadden, Inc.

Organizations today are faced with a broad set of opportunities and competitive challenges due to dynamic technological change. Mobile computing, Social Business and Cloud-based solutions promise significant business and operational potential. But as organizations pursue these initiatives they extend their threat surface areas. New risks and challenges arise that requires the organization to take a more proactive approach to their security posture. They need to improve their security intelligence not only to gain better visibility but also avoid becoming overwhelmed by unqualified security incidents. In this session we will discuss how an organization can enhance their security IQ to deal with new security realities. Presenter: Vijay Dheap, Global Solutions Manager - Big Data Security Intelligence and Mobile Security. Mer från dagen på http://bit.ly/sb13se

Enhancing your Organization's Security IQ to Meet Emerging Threats & New Real...

IBM Sverige

111.pptx

JESUNPK

Join us on our upcoming BYOP (Bring Your Own Pizza) "Application Security Meetup" to hear about the latest cyber security breaches, trends and technologies in modern application development. Agenda: 17:00 - 17:10 - Opening words - by Lior Mazor (Organizer) 17:10 - 17:35 - 'Recent cyber security attacks in Israel' - by Lior Mazor (Organizer) 17:35 - 18:00 - ‘How to deliver a secure product’ - by Michael Furman (Tufin) 18:00 - 18:30 - 'Hacking serverless - Introduction to Serverless Application Security' - by Yossi Shenhav (Komodo) 18:30-19:00 - ‘Post Apocalypse: Exploiting web messaging implementations’ - by Chen Gour-Arie (enso security)

Application security meetup 27012021

lior mazor

Best practices to mitigate data breach risk

Livingstone Advisory

Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...

International Federation of Accountants

Risk monitoring and response

ZyrellLalaguna

View On Demand Webinar: http://event.on24.com/wcc/r/1060940/3EBB3C7D778564710E957F99AF1D7C1B How comprehensive is your security program? Organizations today are reliant on technology more than ever to achieve competitive advantage. Whether it is growing your brand, automating a supply chain or moving to cloud and mobile, technology is the lifeblood of business. This shift in reliance also brings cyber threats that must be addressed. Based on extensive experience, IBM has established 10 Essential Practices for a comprehensive security posture. Join Glen Holland, Global Practice Lead of SAP Security Services, to hear about the key imperatives can help you understand and address these threats and protect the business. In this on demand webinar, you will learn: - The 10 security essentials and best practices of today’s security leaders - How to assess your security maturity - Where your critical gaps lie and how to prioritize your actions

10 Security Essentials Every CxO Should Know

IBM Security

6 Steps to Bringing a Security Offering to Market

Continuum

NUS-ISS Learning Day 2019-Architecting security in the digital age

NUS-ISS

Ähnlich wie Cybersecurity on Business Resilience (20)

ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...

Current enterprise information security measures continue to fail us. Why is ...

Cyber Security Standards Compliance

Cyber Security Governance

What The Cyber Entails-2.pdf

Dealing with Information Security, Risk Management & Cyber Resilience

OT Security Architecture & Resilience: Designing for Security Success

CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...

How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs

Topic11

Strategic Cybersecurity

Enhancing your Organization's Security IQ to Meet Emerging Threats & New Real...

111.pptx

Application security meetup 27012021

Best practices to mitigate data breach risk

Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...

Risk monitoring and response

10 Security Essentials Every CxO Should Know

6 Steps to Bringing a Security Offering to Market

NUS-ISS Learning Day 2019-Architecting security in the digital age

Mehr von PECB

The global implications of DORA and NIS 2 Directive are significant, extending beyond the European Union. Amongst others, the webinar covers: • DORA and its Implications • Nis 2 Directive and its Implications • How to leverage directive and regulation as a marketing tool and competitive advantage • How to use new compliance framework to request additional budget Presenters: Christophe Mazzola - Senior Cyber Governance Consultant Armed with endless Excel files, a meme catalog worthy of the best X'os (formerly twittos), and a risk register to make your favorite risk manager jealous, I swapped my computer scientist cape a few years ago for that of a (cyber) threat hunter with the honorary title of CISO. Ah, and I am also a quadruple senior certified ISO27001/2/5, Pas mal non ? C'est francais. Malcolm Xavier Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc. His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management. Date: April 25, 2024 Tags: Information Security, Digital Operational Resilience Act (DORA) ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: Digital Operational Resilience Act (DORA) - EN | PECB NIS 2 Directive - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

Beyond the EU: DORA and NIS 2 Directive's Global Impact

PECB

In an era where digital transformation is inevitable, the landscape of cybersecurity is constantly evolving. Amongst others, the webinar covers: • DORA and its Implications • ISO/IEC 27005: Risk Management in Information Security • Leveraging Artificial Intelligence for Enhanced Cybersecurity Presenters: Geoffrey L. Taylor - Director of Cybersecurity Geoffrey Taylor brings a wealth of experience from multiple roles within various industries throughout his career. As a Certified ISO 27001 Implementer and Auditor, as well as certified ISO 27005, CISM and CRISC, he brings a unique perspective on cybersecurity strategy, risk management and the implementation of an Information Security Management System, having helped multiple organizations in aligning their strategy based on their threat landscape. Martin Tully - Senior Cyber Governance Consultant Martin is a Senior Consultant at CRMG with over twenty years of experience, and has previously been employed at two of the ‘Big Four’ professional services firms. Martin has worked across most industry sectors in the development of the best practice guidance and risk analysis methodologies. Martin is also accomplished at: leading the implementation of an ISMS; delivering a number of information risk assessments; reviewing information security policies; assessing security requirements across the supply chain; and updating a complete framework of supporting standards. Prior to the ISF, Martin’s roles have included delivering operational risk reporting, running research projects and benchmarking information security investments for major clients. Martin holds a Bachelors degree from Royal Holloway University of London. Date: March 27, 2024 Tags: ISO, ISO/IEC 27005, ISO/IEC 42001, Artificial Intelligence, Information Security, Digital Operational Resilience Act (DORA) ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: ISO/IEC 27005 Information Security Risk Management - EN | PECB ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/ffX-Xbw7XUk

DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity

PECB

In today’s rapidly evolving world, where Artificial Intelligence (AI) not only drives innovation but also presents unique challenges and opportunities, staying ahead means being informed. Amongst others, the webinar covers: • ISO/IEC 27001 and ISO/IEC 42001 and their key components • Latest trends in AI Governance • Ethical AI practices • Benefits of Certification Presenters: Jeffrey Bankard - Cybersecurity & AI Leader, AI Management Systems: ISO/IEC 42001 Jeffrey provides executive leadership for AI product creation through the product incubation unit (PIU). Ensures the timely delivery of AI consulting engagements through cross-functional teams comprised of senior information and network security leaders to establish strategic goals for improving the security architecture and risk posture for clients. Consults with business leaders to define key performance indicators and service levels. Fosters employee development through mentoring and coaching. Decides how to achieve results within the organization’s strategic plans, policies, and guidelines. Develops new products and secures those products through current AI security guidelines (ISO 42001). Adrian Resag - Experienced in Risk and Control - ISO/IEC 27001 and ISO/IEC 42001 Adrian believes a stimulating career can span many disciplines and that leading organizations value versatile professionals. He has enjoyed managing teams spanning the globe by working in world-leading organizations as Chief Audit Executive, Head of Risk Management, Information Systems Auditor, Head of Internal Control, as a consultant, a statutory auditor and an accountant. To allow such a diverse career, his approach has been to pursue certifications in many fields (making him one of the most qualified and certified in some of them). He has written books and created professional certifications in audit & assurance and compliance & ethics, and teaches in subjects from information security to risk management. With a passion for education, Adrian founded an educational institution and has taught tens of thousands of students and professionals online, in companies, universities and in governmental organizations. Date: February 28, 2024 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: ISO/IEC 27001 Information Security Management System - EN | PECB ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/DujXaxBhhRk

Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance

PECB

The importance of a robust cybersecurity strategy cannot be overstated. Learning on the effective measures to be taken and tools needed to navigate the evolving cybersecurity landscape successfully is essential. Amongst others, the webinar covers: • ISO/IEC 27002 and ISO/IEC 27032 and their key components • Key Components of a Resilient Cybersecurity Strategy • CMMC Frameworks Presenters: Dr. Oz Erdem Governance, Risk and Compliance (GRC) consultant, trainer, auditor, and speaker Dr. Erdem has over 25 years of experience in information security, trade compliance, data privacy, and risk management. He took leadership roles in governance and compliance at various Fortune 100-500 companies and SMBs, including Siemens Corporation, Siemens Industry, Linqs, Texas Instruments, Rtrust, ICEsoft Technologies, NATO C3A, and BILGEM. In addition, successfully managed software development (i.e., embedded, cloud, and SaaS) and digital product projects involving information security, mobile networks, and IoT networks. Further, Dr. Erdem led several non-profit organizations, such as National Association of District Export Councils (NADEC), Government Contractors Council (GovConCouncil), and Central-North Florida District Export Council as the Chairman of the Board. Peter Geelen Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more. George Usi - CEO of Omnistruct An internet pioneer and award-winning leader in internet governance with over 25 years of experience, George Usi knows that getting hacked is not a matter of ‘if’ but, ‘when’ and the fiscal and reputational effects that has on a business, the executives, and the board. George is the Co-Founder of Omnistruct, a cyber risk company. Omnistruct protects and expands revenue creation, reputation, and customer retention through cyber risk transference, governance, and compliance. We ensure that security and privacy programs work. Date: January 24, 2024 YouTube Video: https://youtu.be/9i5p5WFExT4 Website: https://bit.ly/3SjovIP

ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...

PECB

As we approach the new year, the importance of a robust cybersecurity strategy cannot be overstated. Learning on the effective measures to be taken and tools needed to navigate the evolving cybersecurity landscape successfully is essential. Amongst others, the webinar covers: • ISO/IEC 27001 and ISO/IEC 27035 and their key components • Key Components of a Resilient Cybersecurity Strategy • Best practices for building a resilient cybersecurity strategy in 2024 Presenters: Rinske Geerlings Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer. She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs) Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents. She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk. Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions. Loris Mansiamina A Senior GRC Professional consultant for Small, Medium and large companies. Over 10 years, Loris has been assisting clients in both public and private sectors about various matters relating to Gouvernance, Risk Management and Compliance (GRC), Digital transformation, cyber security program management, ISO 27k & ISO 20k implementation, COBIT & ITIL implementation, etc. Date: December 19, 2023 Tags: ISO, ISO/IEC 27001, ISO/IEC 27035, Cybersecurity, Information Security ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 ISO/IEC 27035 Information Security Incident Management - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/yT8gxRZD_4c

ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...

PECB

In today's rapidly evolving digital landscape, the integration of artificial intelligence (AI) in business processes is becoming increasingly essential. Hence, it is crucial to stay informed and prepared. Amongst others, the webinar covers: • ISO/IEC 27005 and ISO/IEC 27001 and their key components • The standard’s alignment • Identifying AI risks and vulnerabilities • Implementing effective risk management strategies Presenters: Sabrina Feddal With more than 16 years of background in operational security, telco as engineer and project manager for major international companies. I have founded Probe I.T in 2016 to provide my customers (both national and international) with GRC services. Winner of the 2020 award, the CEFCYS – Main French Women in cybersecurity association - jury's favorite, she remains committed on a daily basis to maintaining diversity and gender diversity in her teams. Passionate about Law, History & Cybersecurity. She has several professional certifications acquired over the course of her career: Prince2, CISSP, Lead Implementer ISO27001, Risk Manager, University degree in Cybercrime and Digital Investigation. Her values: excellence, discretion, professionalism. Mike Boutwell Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects. Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director. Date: November 22, 2023 Tags: ISO, ISO/IEC 27001, ISO/IEC 27005, Cybersecurity, Information Security ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 ISO/IEC 27005 Information Security Risk Management - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/TtnY1vzHzns

ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively

PECB

In today's digital age, cybersecurity is more critical than ever. Hence, it is crucial to stay informed and prepared. Amongst others, the webinar covers: • ISO/IEC 27032:2023 and ISO/IEC 27701 and their key components • The standard’s alignment • Emerging Cybersecurity Threats • What is new to the ISO/IEC 27032:2023 Presenters: Madhu Maganti Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes. Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting. Jeffrey Crump Mr. Jeffrey Crump is the Principal Consultant at Arizona-based Cyber Security Training and Consulting LLC and a graduate of the Certified NIS 2 Directive Lead Implementer course. He is a Certified CMMC Assessor, Certified CMMC Professional, and Instructor. Mr. Crump is also the author of Cyber Crisis Management Planning: How to reduce cyber risk and increase organizational resilience. His book has been expanded into a triad of certification courses on cyber crisis planning, exercises, and leadership. Date: October 25, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/a21uasr8aLs

Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...

PECB

Cybersecurity is an ongoing journey. The regular update and improvement of security measures is essential to stay ahead of evolving threats. Amongst others, the webinar covers: • Benefits of Compliance • Digital Transformation: Why • ISO/IEC 27001 and ISO/IEC 27032 • ISO/IEC 27001: Information Security Management System (ISMS) • ISO/IEC 27032: Cybersecurity Framework Presenters: Douglas Brush Douglas Brush is a federally court-appointed Special Master, and Court Appointed Neutral expert in high-profile litigation matters involving privacy, security, and eDiscovery. He is an information security executive with over 30 years of entrepreneurship and professional technology experience. He is a globally recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to serving as a CISO and leading enterprise security assessments, he has conducted hundreds of investigations involving hacking, data breaches, trade secret theft, employee malfeasance, and various other legal and compliance issues. He is the founder and host of Cyber Security Interviews, a popular information security podcast. Douglas is also committed to raising awareness about mental health, self-care, neurodiversity, diversity, equity, and inclusion, in the information security industry. Malcolm Xavier Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc. His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management. Carole Njoya Founder in 2018 of Alcees, a Paris-based management consulting fabric specialized in cybersecurity, data privacy governance and digital trust, Carole Njoya provides independent, tailored and expert advisory to companies doing business in European markets and serving both B2B and B2C customers. With more than 100 cybersecurity projects delivered, she assists entities in preparing, implementing and maintaining the right best practices under the ISO 27001 compliance framework and GDPR article 25 obligation (Privacy by design) for their vendors. Carole Njoya featured in the « Women Know Cybersecurity » 2019 Twitter list edited by Cybercrime Magazine. Carole Njoya is committed in science and engineering since pre-teen period. Date: September 27, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 YouTube video: https://youtu.be/U7tyzUrh8aI

ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation

PECB

The management of AI systems is a shared responsibility. By implementing the ISO 31000 Framework and complying with emerging regulations like the EU ACT, we can jointly create a more reliable, secure, and trustworthy AI ecosystem. Amongst others, the webinar covers: • Understanding AI and the regulatory landscape • AI and the threat landscape • A risk driven approach to AI assurance - based on ISO 31000 principles • Stress testing to evaluate risk exposure Presenters: Chris Jefferson Chris is the Co-Founder and CTO at Advai. As the Co-Founder of Advai, Chris is working on the application of defensive techniques to help protect AI and Machine Learning applications from being exploited. This involves work in DevOps and MLOps to create robust and consistent products that support multiple platforms, such as cloud, local, and edge. Nick Frost Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense that prioritized key risks to the organisation and helped minimize disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management. Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicist in the Oil and Gas Industry. Date: August 24, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/MXnHC6AvjXc

Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations

PECB

Generative AI offers great opportunities for innovation in various industries. Hence, by adopting ISO/IEC 27032, you can enhance your cybersecurity resilience and efficiently address the risks associated with generative AI. Amongst others, the webinar covers: • AI & Privacy • Generative AI, Models & Cybersecurity • AI & ISO/IEC 27032 Presenters: Christian Grafenauer Anonymization expert, privacy engineer, data protection officer, LegalTech researcher (GDPR, Blockchain, AI) Christian Grafenauer is an accomplished privacy engineer, anonymization expert, and computer science specialist, currently serving as the project lead for anonymity assessments at techgdpr. With an extensive background as a senior architect in Blockchain for IBM and years of research in the field since 2013, Christian co-founded privacy by Blockchain design to explore the potential of Blockchain technology in revolutionizing privacy and internet infrastructure. As a dedicated advocate for integrating legal and computer science disciplines, Christian’s expertise in anonymization and GDPR compliance enables innovative AI applications, ensuring a seamless fusion of technology and governance, particularly in the realm of smart contracts. In his role at techgdpr, he supports technical compliance, Blockchain, and AI initiatives, along with anonymity assessments. Christian also represents consumer interests as a member of the national Blockchain and DTL standardization committee at din (German standardization institute) in ISO/TC 307. Akin Johnson Akin J. Johnson is a renowned Cybersecurity Expert, known for his expertise in protecting digital systems from potential threats. With over a decade of experience in the field, Akin has developed a deep understanding of the ever-evolving cyber landscape. Akin is an advocate for cybersecurity awareness and frequently shares his knowledge through speaking engagements, workshops, and publications. He firmly believes in the importance of educating individuals and organizations on the best practices for safeguarding their digital assets. Lucas Falivene Lucas is a highly experienced cybersecurity professional with a solid base in business, information systems, information security, and cybersecurity policy-making. A former Fulbright scholar with a Master of Science degree in Information Security Policy and Management at Carnegie Mellon University (Highest distinction) and a Master's degree in Information Security at the University of Buenos Aires (Class rank 1st). Lucas has participated in several trainings conducted by the FBI, INTERPOL, OAS, and SEI/CERT as well as in the development of 4 cyber ISO national standards. Date: July 26, 2023 YouTube Link: https://youtu.be/QPDcROniUcc

Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?

PECB

By embracing the importance of GDPR and leveraging ISO/IEC 27701, you can enhance your data protection practices, achieve compliance, and minimize the risk of penalties. Amongst others, the webinar covers:  Importance of Data Protection  Understanding Data Collection and Challenges  Introduction to GDPR  Key Principles of GDPR  Who does GDPR Apply to and Its Global Implications  Introduction to ISO/IEC 27701  Implementing ISO/IEC 27701  Privacy by Design  Dealing with IT on a Daily Basis  Building Awareness and Training  Audit, Data Discovery, and Risk Assessments Presenters: Mike Boutwell Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects. Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director. Lisa Goldsmith Lisa Goldsmith is the founder of LJ Digital and Data Consultancy. Lisa has over 23 years’ experience of supporting leadership teams in membership, charity, and wider not-for-profit organisations to simplify their IT and digital strategy that allows them to sleep soundly at night, knowing their systems and processes are fit for purpose, GDPR compliant, secure and that they deliver value to staff, members, and stakeholders. Prior to starting her own consultancy, Lisa gained extensive experience working for membership organisations and has knowledge and expertise at all levels of operations from working within careers and qualifications teams, as Membership Manager, as Head of Digital & IT for delivering large-scale digital, IT and GDPR compliance projects and serving on several Senior Leadership Teams. Lisa is also currently a Trustee of the BCLA and Groundwork East. Date: June 27, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/lfJrSLaGDtc Website: https://bit.ly/437GOnG

GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...

PECB

The EU has implemented a range of regulations aimed at strengthening its cybersecurity posture. In this context, the ISO/IEC 27001 standard offers a comprehensive framework for managing and safeguarding sensitive information, such as personal data. Amongst others, the webinar covers: • Quick recap on the ISO/IEC 27001:2013 & 2022 • ISO/IEC 27001 vs legislation • The EU Cyber Legislation landscape • Some considerations and consequences • How to stay on top of the ever changing context Presenters: Peter Geelen Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more. Jean-Luc Peters Jean-Luc Peters brings 25 years of IT technology, information and cybersecurity expertise to boards, executives, and employees. Since the younger age he has held management positions in the private and government sector. He is currently the Head of the Cyber Emergency Response team for the National Cybersecurity Authority in Belgium. In addition to this, he is also a trainer, coach and trusted advisor focusing on enhancing cyber resilience. Jean-Luc has helped in the technical implementation of the NIS 1 (Network and Information Security) Directive transposition in Belgium, defining the Baseline Security Guidelines governmental ISMS framework and many other projects. He holds several certifications, including ISO/IEC 27001 Lead Implementer, ISO/IEC 27005 Auditor, CISSP, GISP, Prince 2 Practitioner, ITIL etc. Date: May 31, 2023 Tags: ISO, ISO/IEC 27001, Information Security, Cybersecurity ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/rsjwwF5zlK8

How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...

PECB

Student Information Session University KTMC

PECB

Integrating ISO/IEC 27001 and ISO 31000 can help organizations align their information security and risk management efforts with their overall business objectives, leading to more effective risk management and better decision-making. Amongst others, the webinar covers: • Aligning the ISMS process with ISO/IEC 27001 • Using ISO 31000 within the ISMS • Aligning the RM process with ISO 31000 • How/where does ISO/IEC 27001 fit? Presenters: Nick Riemsdijk As a highly experienced and multi-skilled leader in Information and Physical Security, Nick is known as a collaborative, focused, driven and highly analytical individual with a broad portfolio of successes in client engagements. His expertise spans devising, implementing, managing and delivering information security, physical security, organizational resilience and facilities management solutions for organizations. He is certified as a Certified Information Security Manager (CISM), Certified Protection Professional (CPP), in Project Management (Prince2), ISO 22301 (Business Continuity), ISO 27001 (Information Security), and ISO 31000 (Risk Management). Rinske Geerlings Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer. She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs) Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents. She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk. Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions. Date: March 23, 2023 Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/Xj0U2mbpZUs

Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...

PECB

Student Information Session University CREST ADVISORY AFRICA

PECB

Effective IT Governance requires proper Information Security practices to ensure that the organization's data is secure. On the other hand, Information Security policies and procedures must be aligned with the organization's overall IT Governance framework to ensure that security measures do not negatively impact business operations. Amongst others, the webinar covers: ▪ Bring Governance and InfoSec Together ▪ Answering WIIFM ▪ Business Terms Presenters: Dr. Edward Marchewka Dr. Edward Marchewka is a seasoned executive that has come up through the ranks in the IT vertical, expanding into information security, quality management, and strategic planning. Edward founded and serves as the Principal for 3LC Solutions, enabling YOU to Tell a Better Story in business, with our vCIO, vCISO, quality, and strategy consulting services, through metrics and relating risk to the business with our CHICAGO Metrics® SaaS solution. He has also held several roles leading information technology, most recently with Gift of Hope Organ and Tissue Donor Network, leading the Information and Technology Services department as the Director of IT, Data, and Security Services. Prior to Gift of Hope, he ran information security for Chicago Public Schools. Edward has earned a Doctorate of Business Administration from California Southern University and Masters’ degrees in Business Administration and Mathematics from Northern Illinois University. He earned Bachelors’ degrees in Liberal Studies and Nuclear Engineering Technologies from Thomas Edison State College, N.J. Edward maintains several active IT, security, and professional certifications from (ISC)2, ASQ, ITIL, PCI, PMI, ISACA, Microsoft, and CompTIA. He has held legacy IT certifications from Cisco and HP, and a designation from the National Security Agency. Date: February 22, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-38500 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/2bSbAdL5Idg

IT Governance and Information Security – How do they map?

PECB

Information Session University Egybyte.pptx

PECB

oin us as our Director for Business Mustafe Bislimi teams up with Dr. Obadare Peter Adewale, our academic partner Digital Encode Limited, to provide valuable information about our programs, admissions process and specialization and elective courses. Discover the opportunities available to you as a student at PECB University and get a firsthand look at what makes us a top choice for education. Whether you're a prospective student or simply curious about PECB University, don't miss this informative session! Subscribe to our channel and stay tuned for more videos. For inquiries regarding admission process contact us: university.studentaffairs@pecb.com -EMBA in Cybersecurity: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbHJQUUpjMmY2NmcyeURhTzE5VlRSNjg2Y1hwd3xBQ3Jtc0tuLTZqdmZyWkc2VVNQV21YRTlKZUQ2SEtUenNXbzYyb1ZianV5cldDYTViWjZ1eVhCNWtxWHI3VTNwRS1BOE4wTERkZ3BtcndwM0sxdVoydWZYSXBkV2hYd2lwU0NLSTk5WERWMlhtVk1Ud2tuWTRjTQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fcybersecurity&v=3YJbbr708pk -EMBA in Business Continuity Management: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa3JQTGVhd1VfeG1weWNzUzRrMmg2bk0tc3kxUXxBQ3Jtc0tsOVF5VG82TkhRU3R5TVRWWmdhMzBrSTU2eW9wby1OYWN4VTg5bkJBY0lhTmNsOFhETzB5cVp0WU8zbTQwTlZkdk9Dby1fSXdhWmRpZFFPUmk3NS1QOGpMOVBlaDFhVVpwa2JZMkxKNGRnTnppMm93SQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fbusiness-continuity-management&v=3YJbbr708pk -EMBA in Governance, Risk, and Compliance: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbUplMGtjOFRWbzdGWERmdTR2QjdSbTBuQUxCd3xBQ3Jtc0tsNVdOU1p6UERWM3ZySE55V2FlWlJ1aFlzUU85VEt0aVRoR0hyTjNHbUNVYVMyb0lzTkZycUtJRzNxazlDWGRqTHZQMWJPZEYwbG1xWjVJN1JNOW1QUjJBZDY3NkU5LVl0b2xxOFpkZW1ZX2F3QmF5cw&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fgovernance-risk-compliance&v=3YJbbr708pk

Student Information Session University Digital Encode.pptx

PECB

Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets. Amongst others, the webinar covers: • Top Cyber Trends for 2023 • Cyber Insurance • Prioritization of Cyber Risk Presenters: Colleen Lennox Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job! Madhu Maganti Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes. Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting. Date: January 25, 2023 Tags: ISO, ISO/IEC 27032, Cybersecurity Management ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 https://pecb.com/article/cybersecurity-risk-assessment https://pecb.com/article/a-deeper-understanding-of-cybersecurity Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/BAAl_PI9uRc

Cybersecurity trends - What to expect in 2023

PECB

Several organizations are experiencing increased volatility in their security environment. A proper security management system can contribute to business resilience and to its credibility, hence, organizations should continually conduct security risk assessments in order to be able to better manage their security. Amongst others, the webinar covers: • What is ISO 28000:2022 • Why is it important and changes • How it operates • Benefits to implement this standard Presenters: Patrick Ben As a cybersecurity analyst, Patrick is highly skilled in identifying and mitigating security threats to computer systems and networks. With a strong background in computer science and a passion for staying up-to-date on the latest security trends, he is able to analyze and evaluate security risks and develop effective strategies to protect against them. I have experience working with a variety of security tools and technologies, including firewall configurations, intrusion detection systems, and network security protocols. Patrick is also proficient in coding languages such as Python and Java, which allows him to analyze and understand complex security systems at a deeper level. Overall, Patrick’s goal is to use his expertise and experience to help organizations and individuals protect their systems and data from security threats. He is excited to continue learning and growing in the field of cybersecurity and to make a positive impact in the world of information security. Date: December 14, 2022 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection https://pecb.com/article/isoiec-27001---what-are-the-main-changes-in-2022 https://pecb.com/article/investing-in-information-security-awareness Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION Webinar: https://youtu.be/G2Ru7jiSRmE

ISO 28000:2022 – Reduce risks and improve the security management system

PECB

Mehr von PECB (20)