Challenges in Managing the Ongoing Information Security Requirements

Challenges in Managing the Ongoing Information Security Requirements

 

  • General

    Sale Date Ended

    INR 239
    Sold Out

Invite friends

Contact Us

Page Views : 211

About The Event

Overview: The best information security program becomes a mere token effort if the organization doesn't keep up with ongoing new and changing requirements and adjusting to an ever changing world. International standards like ISO/IEC27001:2013 call this process continual improvement. Indeed, being a mandatory requirement of the standard, compliance with the same can only be achieved by implementing a continual improvement program. The sheer number of sources of change to derive improvement actions from makes such program a real challenge. 

This webinar looks at a range of areas of change, associated challenges and strategies to address these. After a recap on continual improvement, we start from regulatory change, in particular the just starting transfer from ISO/IEC27001:2005 to ISO/IEC27001:2013. The new version of the standard puts a particular emphasis on improved risk management, management commitment and competence. All three are not new to the standard yet have been found to not having received enough attention in the past. 

We continue by looking into changed risk exposures due new and changing threats and vulnerabilities, in particular relating to new technologies. We also look into the impact of increased maturity of the information security management system as direct consequence of continual improvement activities. Finally, we discuss the changing expectations of consumers and other interested parties, i.e. the market. Every organization should have these subjects on the radar. 

Why should you attend: There's no question, Information Security Requirements are constantly evolving. Aside from keeping the existing Information Security Management System effective, organizations need to address new and updated international standards, regulations, laws and other requirements, eg the just recently published ISO/IEC27001:2013. Equally, threats to information security are not going away either, indeed with ongoing technical progress and new technologies, new threats and vulnerabilities are emerging all the time. A stark reminder are the countless and continuing information security incidents that have made headlines world-wide in recent years: confidential data stolen, websites stalled by attacks, accidental change of data, faulty processes causing misrepresentation to name just a few. Aside from the immediate damage, such incidents cause tremendous reputational harm. So, how can an organization stay ahead of the game and master all those challenges? This webinar presents the different challenges to ensure that you don't miss any due to a lack of awareness and then discusses strategies to address each challenge. 

Areas Covered in the Session:

  • Why Change Matters to Your Information Security
  • The Purpose of Continual Improvement
  • Regulatory Change, in particular the Transfer from ISO/IEC27001:2005 to ISO/IEC27001:2013
  • Changing Risk Management Requirements
  • Changing Management Commitment Requirements
  • Changing Competence Requirements
  • New and Changing Threats and Vulnerabilities, in particular relating to New Technologies
  • Impact of Increased Maturity of the Information Security Management System
  • Market Matters and Changing Consumer Expectations
  • Q&A


Who Will Benefit:

  • Chief Executive Officers
  • Chief Financial Officers
  • Chief Operation Officers
  • Chief Security Officers
  • Chief Information Officers
  • Risk Managers
  • Compliance Managers

 

Speaker Profile:

Martin Holzke

 

has been a freelance IT and Security Consultant for more than 20 years and is nowadays based in Scotland. Starting out in full life cycle systems development after studying Physics, he has worked with a broad range of technologies across virtually every industry as well as delivering technical training in the field across Europe and USA. Since the early days of the Sarbanes-Oxley Act of 2002, Martin has been involved in implementing and auditing information security programs. He is PECB Certified ISO/IEC 27001 Master, Lead Implementer, Lead Auditor and Trainer regularly teaching these subjects. More recently, he has also been appointed as ISMS Technical Assessor for the United Kingdom Accreditation Service (UKAS).

Click here to know more about: Ongoing Information Security Requirements