One day Risk Assessment Workshop-- (ISC)2 Chennai Chapter
Sale Date Ended
“One Day Workshop on Risk Assessment”
Risk Assessment is the foundational step to any information security management. In the rapidly tiding waters of today’s security landscape, the role of risk assessment has become all the more pronounced.
The workshop will begin with an introduction to risk assessment and the vital role it plays in an organization’s approach to security management. Once the basic concepts are brushed upon, the workshop will touch upon a few formal risk assessment methodologies. The core focus of the workshop will commence thereafter – ie a risk assessment case study based on the NIST SP 800-30 methodology.
The workshop will be hands-on and will require participants to complete risk assessment exercises in a collaborative manner. Common challenges faced in real-life risk assessments will be stimulated and their solutions discussed.
- Basic concepts of risk assessment
- Practical implementation of a risk assessment as per NIST SP 800-30
- Defining and reducing scope
- Identifying and valuing assets
- Identifying and profiling threats
- Capturing vulnerabilities in the light of existing and required controls
- Calculating risk scores
- Determining the correct risk management measures – treat, transfer, terminate, tolerate
- Maintaining continuous risk assessment
Who Should Attend:
- Information security professionals, compliance managers, risk managers, facility managers
- Corporate executives in IT, supply chain management, strategic planning, and human resources
- Law enforcement and fire protection professionals
- Intelligence services and military personnel
- Government officials (Justice and Home Affairs, Foreign Affairs and Defense)
- Consultants, vendors, and architects
- System owners, IT security specialists, auditors, IT managers, network specialists and system administrators
- Those looking for a detailed understanding of NIST SP 800-30 and other risk assessment methodologies
Praveen Joseph Vackayil
Praveen is an information security professional with a strong interest in the areas of PCI and Risk Assessment. Currently working as a Senior Security Specialist at Cognizant Technology Solutions, Praveen takes care of PCI and risk management for banking clients. Praveen has performed PCI and ISO 27001 implementations in Europe, Africa, the Middle East, India and SE Asia for banks, IT service providers, e-commerce merchants, etc. With strong experience in conducting live and virtual trainings, Praveen has trained more than 600 professionals on PCI and risk assessment. Praveen certified the first e-commerce merchant in the Middle East in PCI DSS. He was part of the team that developed the world's first PCI risk assessment tool. In 2012, Praveen presented on the PCI Risk Assessment Special Interest Group at the PCI Council's Global Community Meeting in Dublin. Praveen is a CISSP, ISO 27001 LA, CCNA and a former PCI QSA. He holds a Masters in Information Systems and Management from Warwick University, UK and a Bachelors in Electronics and Communications Engineering from Anna University.
Deepak is a PCI QSA from PCI SSC and has a dynamic experience in consulting for banks, telecom providers, e commerce merchants and IT organizations in deploying and complying organizations with various information security standards. He has done conducted various CISRA workshops all over the globe. Currently a QSA in SISA, he has conducted many laudable workshops in the Middle East, Africa and South East Asia. He has successfully conducted risk assessments for PCI Compliance Program at leading payment gateways, Banks, Third Party Processors, IT companies, and BPOs His assignments executed include organization wide compliance for Alghanim, Alshaya, Vodafone India, IBM Daksh, Abu Dhabi Commercial Bank, Doha Bank, Sampath Bank, Flipkart etc.
About (ISC)2 Chennai Chapter
(ISC)² is based out of Palm Harbor, Florida and consists of over 80,000 members worldwide. The chapter program provides members a forum to facilitate the exchange of knowledge and ideas, development of leadership & professional skills and advancement of information systems security. We also provide our members with access to a variety of industry resource and educational programs to keep our members informed of the latest advances in technology and techniques.
Our members consist of (ISC)² credentialed professionals who hold either a SSCP, CAP, CSSLP, CCFP and/or a CISSP or advanced concentration certification. Our chapter program is focused on sharing knowledge and exchanging ideas among security professionals in the local area. Ultimately, we want to advance the field of information security by educating practitioners and the public at large on how to protect and defend against security threats.
(ISC)² Chennai Chapter will provide information security professionals in the local community an opportunity to build a local network of peers to share knowledge, exchange ideas and earn CPEs. In addition, the members will be able to:
- Develop or enhance your leadership skills by serving as an officer or chairing a committee
- Pursue speaking or writing opportunities for chapter functions or general public
- Collaborate with other local chapter organizations to develop synergy and share knowledge
- Advance security awareness within the local community and to children & senior citizens.
- Mentor students as they pursue for the information security profession