HOW TO ADDRESS THE CURRENT IT SECURITY SKILLS SHORTAGE
|
|
- Horace Flynn
- 8 years ago
- Views:
Transcription
1 HOW TO ADDRESS THE CURRENT IT SECURITY SKILLS SHORTAGE ISACA S CYBER SECURITY NEXUS Ivan Sanchez-Lopez Senior Manager Information Security, IT Risk & Continuity, DHL Global Forwarding ISACA Luxembourg AGM
2 SESSION OVERVIEW: 1. ABOUT ISACA 2. STATUS OF THE IT SECURITY INDUSTRY 3. THE IT SECURITY SKILLS SHORTAGE 4. ISACA CYBER SECURITY NEXUS (CSX) 5. ISACA YOUNG PROFESSIONALS
3 ABOUT ISACA For more than 40 years, ISACA has been a leading global organization setting standards for information governance, security and audit practice. A non-profit, global member association of: - IT Audit and Assurance professionals - IT Security professionals - Risk & Compliance professionals - Governance professionals and more! Nearly all industry categories represented: financial, public accounting, government/ public sector, technology, healthcare, utilities and manufacturing
4 ABOUT ISACA A TRULY GLOBAL ORGANIZATION One International Headquarters Office 204 Chapters in 86 Countries 84 in North America 44 in Europe 34 in Asia/ Middle East 21 in Latin America 12 in Africa 9 in Oceania (Source: ISACA International data as of April 2014)
5 ABOUT ISACA ISACA S MEMBERS GLOBAL REACH More than 110,000 members in over 180 countries (Including At-large members where no chapters exist) Region 4 54,994 Region 1 26,766 Region 3 32,342 Region 2 5,536 Region 5 3,932 Source: ISACA International map data as of April 2014 NOTE: Europe and Africa are one region
6 ABOUT ISACA WORLDWIDE CONFERENCES, EDUCATIONAL SEMINARS & CERTIFICATIONS
7 ABOUT ISACA GLOBALLY RECOGNIZED CERTIFICATION PROGRAMS *Counts as of June ,083 CISAs certified since inception in ,399 CISMs certified since inception in ,099 CGEITs certified since inception in ,729 CRISCs certified since inception in 2010
8 1. ABOUT ISACA 2. STATUS OF THE IT SECURITY INDUSTRY 3. THE IT SECURITY SKILLS SHORTAGE 4. ISACA CYBER SECURITY NEXUS (CSX) 5. ISACA YOUNG PROFESSIONALS
9 STATUS OF THE IT SECURITY INDUSTRY WHERE WE ARE NOW According to the 2015 Verizon Data Breach Investigations Report, there were 79,790 security incidents and 2,122 confirmed data breaches during Number of Security Vulnerabilities increased 55% in a 5-years trend, according to Secunia s Vulnerability Review 2015 PwC reported in its Global State of Information Security Survey 2015 that that the number of detected information security incidents has risen 66% YoY since Zero-day vulnerabilities rose almost by 100% (from 14 in 2013 to 25 last year) with vulnerabilities like Hearthbleed, Poodle or Shellshock disclosed
10 STATUS OF THE IT SECURITY INDUSTRY THE THREAT FOR OUR SOCIETY IS REAL
11 STATUS OF THE IT SECURITY INDUSTRY THE THREAT FOR OUR COMPANIES IS REAL Information Security, IT Security and Cybersecurity is not anymore an IT-only subject: it is about protecting the company, protecting the brand will probably be remembered as the first year where security breaches took the attention of the media, with companies like Sony Entertainment, Target or Home Depot hacked and required to pay hundreds of millions of US dollars to cover costs of the attacks. Trust: takes years to build, but just seconds to destroy
12 STATUS OF THE IT SECURITY INDUSTRY WE ARE WE GOING TO ISACA s Advanced Persistent Threat Awareness Study Results show that 92% of the respondents feel APTs are a serious threat, and 66% think it is only a matter of time In the State of Cybersecurity: Implications for 2015 survey conducted by ISACA and RSA, 77% of respondents reported an increase in attacks in 2014 over Even more 82 percent predicted that it is likely or very likely they will be victimized in According to Verisign's DDoS Q Trends: Attacks Average DDoS attack size saw a 14% increase over Q and a 245% increase year over year. Cyberattacks emerge as a top technological risk in the World Economic Forum s Global Risks 2015 report: interstate conflict is no longer physical but uses economic means and cyber warfare to attack people s privacy as well as intangible assets
13 STATUS OF THE IT SECURITY INDUSTRY MORE SKILLED PLAYERS AND NEW BUSINESS MODELS As the we are becoming the first always-connected generation, the traditional threat agents are moving in that direction, too. Cyber terrorists, Hackers, Governmental agencies are: More skilled, more professional Better funded More proactive More ubiquitous New technologies like IoT, Wearables, Big Data, M2M / V2V, ehealth, create completely new (and bigger) concerns on IT Security an Privacy. New business models rely on technologies that were designed with a completely different security approach in mind.
14 STATUS OF THE IT SECURITY INDUSTRY THE SECURITY ICEBERG And this is just what we see..because we all know there is much more down there
15 STATUS OF THE IT SECURITY INDUSTRY ARE WE READY TO EMBRACE THIS? So the question is Are we prepared for this? As an organization, how can ISACA contribute?
16 1. ABOUT ISACA 2. STATUS OF THE IT SECURITY INDUSTRY 3. THE IT SECURITY SKILLS SHORTAGE 4. ISACA CYBER SECURITY NEXUS (CSX) 5. ISACA YOUNG PROFESSIONALS
17 THE IT SECURITY SKILLS SHORTAGE DO WE REALLY HAVE AN IT SECURITY SKILLS SHORTAGE? According to Cisco 2014 Annual Security Report, The security talent shortage makes this problem worse [ ] It s estimated that by 2014, the industry will still be short more than a million security professionals across the globe. (ISC)² concludes in their Global Information Security Workforce study that there is a dangerous shortage of skilled professionals in the cybersecurity profession and this shortage is negatively impacting organizations and their customers, leading to more frequent and costly data breaches The UK cyber security strategy, launched in 2011, identifies 6 key challenges in implementing the cybersecuritry strategy, one of those is addressing the UK s current and future ICT and cyber security skills gap
18 THE IT SECURITY SKILLS SHORTAGE THE CHALLENGE OF HIRING SECURITY PROFESSIONALS The State of Cybersecurity: Implications for 2015 survey conducted by ISACA and RSA indicate that cybersecurity is faced with a skills shortage. ISACA: Increased attention to cybersecurity by governments and enterprises as well as an evolving threat landscape, are combining to create an expected exponential increase in cybersecurity jobs that will require skilled professionals The survey data in this ISACA/ RSA Conference study seem to confirm that enterprises are having a difficult time hiring skilled people as it takes 53% of organizations between 3 and 6 months to fill a position and 10% cannot fill them at all
19 THE IT SECURITY SKILLS SHORTAGE FINDING THE RIGHT CANDIDATE WITH THE RIGHT SKILLS According to the study, even if companies eventually are able to hire professionals, most applicants submitting resumes do not have adequate skills to meet the needs of the business. In fact, more than 50% of the survey respondents reported that less than one-quarter of applicants are truly qualified for the open positions Among hired individuals, security professionals continue to see a skills gap. Largest gap exists in the ability to understand the business, followed by technical skills and communication
20 THE IT SECURITY SKILLS SHORTAGE INCREASING PRESSURE ON SALARIES (ISC)² 2015 Global Information Workforce Study, conducted in cooperation with Frost & Sullivan and recently presented in the RSA Conference 2015 is another good reference in order to understand the current IT Security skills shortage. Completed by 13,930 respondents, indicates that security concerns continue to escalate while the workforce shortage is even worse than we think. As there is an growing demand for cybersecurity professionals that the current supply cannot meet, the pressure on price (salaries) keeps increasing amongst individuals with certified security skills.
21 THE IT SECURITY SKILLS SHORTAGE SECURITY PROFESSIONALS: A PRECIOUS ASSET Good thing is: salaries for qualified security professionals seem to be increasing, as those are becoming a precious asset. Bad thing is: is this sustainable? You security professional: my precious asset
22 1. ABOUT ISACA 2. STATUS OF THE IT SECURITY INDUSTRY 3. THE IT SECURITY SKILLS SHORTAGE 4. ISACA CYBER SECURITY NEXUS (CSX) 5. ISACA YOUNG PROFESSIONALS
23 ISACA CYBER SECURITY NEXUS (CSX) CURRENT CERTIFICATION PROGRAMS Traditional certification programs have high-entry requirements for people with limited experience or no experience at all in a security-related function. Besides passing the exam, obtaining the certification requires practical experience in several IT Security domains. Approach is rather managerial : even people with hands-on experience on security might not be familiar with a number of topics covered in the exams.
24 ISACA CYBER SECURITY NEXUS (CSX) WHAT IS CSX ABOUT??? The Cybersecurity Nexus (CSX) is a complete program that has been designed to provide cybersecurity resources for professionals at every level of their careers. Cybersecurity Nexus represents the one central place where professionals can find the information they need related to cybersecurity training, certification, guidance, career development and community. The new Cybersecurity Nexus Certification model include skills-based training and performance-based certifications, specifically created for professionals who want to enter into the IT Security area and / or specialize in any of the 5 NIST cybersecurity domains (Identify, Detect, Protect, Respond and Recover)
25 CSX FUNDAMENTALS CERTIFICATE A RECENT SURVEY OF ISACA S STUDENT MEMBERS SHOWS THE MAJORITY (88%) PLAN TO WORK IN A FIELD REQUIRING CYBERSECURITY KNOWLEDGE 88%
26 CSX FUNDAMENTALS CERTIFICATE BUT FEWER THAN HALF SAY THEY WILL HAVE ADEQUATE SKILLS FOR THE JOB
27
28
29 ISACA CYBER SECURITY NEXUS (CSX) CSX CERTIFICATION PATH
30 CSX CERTIFICATIONS TARGET AUDIENCE AND CORE DOMAINS CSX Fundamentals certificate is already available and targeted towards those preparing for a career or new to the field, or as a cybersecurity refresher course Foundational level covers five domains: 1) Cybersecurity concepts 2) Cybersecurity architecture principles 3) Security of networks, systems, applications and data 4) Incident response 5) Security of evolving technology CSX Practitioner training will be available in June 2015, with the exam available in July CSX Specialist series and CSX Expert training and exams will be available during the second half of 2015
31 CSX CERTIFICATIONS TRAINING AND EXAMINATION METHODOLOGY The CSX training and skills verification is an adaptive, performance-based cyber lab environment that measures professionals ability to perform cybersecurity tasks based on their problem-solving approach in real time. The online exam is remotely proctored. Results are shared immediately, and those who pass receive a certificate. Continuing professional education (CPE) will require certification-holders to annually demonstrate skills in a lab or other skills-based environment in addition to participating in knowledge-based learning. Certification-holders are required to re-test every three years at the highest level they have achieved.
32 CSX FUNDAMENTALS CERTIFICATE EDUCATION, SEMINARS AND CONFERENCES ISACA offers a series of free cybersecurity webinars through the CSX program. In addition, a number of events and conferences have been scheduled during 2015 in order to boost the implementation of the program. ISACA will also host the inaugural CSX 2015 conference in Washington DC, from October North America is just the first step. Worldwide events will follow in 2016 and
33 CSX FUNDAMENTALS CERTIFICATE RESEARCH AND GUIDANCE Through CSX, ISACA has issued practical guidance for implementing the US Cybersecurity Framework (developed by NIST, which includes ISACA s COBIT 5 as an informative reference). CSX also offers guidance to implement the European Union cybersecurity strategy. ISACA has already published several original cybersecurity resources, including COBIT 5 for Information Security, Transforming Cybersecurity Using COBIT 5, Responding to Targeted Cyberattacks and Advanced Persistent Threats: How to Manage the Risk to Your Business. More publications are in progress. ISACA also offers a Cybersecurity community in the Knowledge Center, which includes a discussion forum and links to resources.
34 CYBERSECURITY NEXUS PROGRAM ELEMENTS OF CSX AVAILABLE NOW Cybersecurity Fundamentals Certificate and study guide Cybersecurity webinars and conference tracks (six-part webinar series) Implementing the NIST Cybersecurity Framework Using COBIT 5 European Cybersecurity Implementation Series Transforming Cybersecurity Using COBIT 5 Responding to Targeted Cyberattacks Advanced Persistent Threats: Managing the Risks to Your Business Cybersecurity Knowledge Center community Cybersecurity training courses COMING SOON Cybersecurity practitioner-level certification (first exam: 2015) SCADA guidance Digital forensics guidance 2014 APT Awareness Study
35 1. ABOUT ISACA 2. STATUS OF THE IT SECURITY INDUSTRY 3. THE IT SECURITY SKILLS SHORTAGE 4. ISACA CYBER SECURITY NEXUS (CSX) 5. ISACA YOUNG PROFESSIONALS
36 ISACA YOUNG PROFESSIONALS SUBCOMMITEE SUPPORTING OUR YOUNGER MEMBERS ISACA s Young Professionals Subcommittee (YPS) was created in order to facilitate the development of a community to meet the needs of young professionals (members under the age of 35). The YPS maintains its own area within ISACA s Knowledge Centre, currently with more than 2000 members (3 rd largest ISACA online community) In order to support young members, the group is hosting a series of Webinars, mentoring programs and networking events.
37 ISACA YOUNG PROFESSIONALS SUBCOMMITEE YOUNG PROFESSIONAL AMBASSADORS The Young Professional Ambassador is a nominated chapter member that: Supports the YP Community within the local chapter Creates networking opportunities with senior professionals Give input to the local Chapter Board on YP members needs
38 REFERENCES Data Breach Investigations Report (DBIR): 2. Secunia Vulnerability Review 2015: 3. PwC Global State of Information Security Survey 2015 : 4. ISACA s 2014 Advanced Persistent Threat Awareness Study (registration required): 5. State of Cybersecurity: Implications for 2015: 6. Verisign's Q DDoS Trends: DDOS-ABLOG 7. World Economic Forum s Global Risks 2015 report: 8. Cisco 2014 Annual Security Report: 9. (ISC)² Global Information Security Workforce study: The UK cyber security strategy:
39 THANK YOU Ivan Sanchez-Lopez Senior Manager Information Security, IT Risk & Continuity, DHL Global Forwarding ISACA Luxembourg AGM
THE CYBERSECURITY SKILL GAP: WHAT EMPLOYERS WANT YOU TO KNOW
www.isaca.org/cyber THE CYBERSECURITY SKILL GAP: WHAT EMPLOYERS WANT YOU TO KNOW ROBERT E STROUD CGEIT CRISC INTERNATIONAL PRESIDENT ISACA & VP STRATEGY & INNOVATION CA TECHNOLOGIES February 2015 ISACA
More informationISACA S CYBERSECURITY NEXUS (CSX) October 2015
ISACA S CYBERSECURITY NEXUS (CSX) October 2015 DO2 EXECUTIVE OVERVIEW Will you be a Cyber defender? ISACA launched the Cybersecurity Nexus (CSX) program earlier this year. CSX, developed in collaboration
More informationCYBERSECURITY NEXUS ROBERT E STROUD INTERNATIONAL PRESIDENT, ISACA RAMSÉS GALLEGO INTERNATIONAL VICE PRESIDENT, ISACA
CYBERSECURITY NEXUS ROBERT E STROUD INTERNATIONAL PRESIDENT, ISACA RAMSÉS GALLEGO INTERNATIONAL VICE PRESIDENT, ISACA Robert Stroud International President, ISACA VP Strategy & Innovation, CA Technologies
More informationCYBERSECURITY: ISSUES AND ISACA S RESPONSE
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures Mobile devices Social media Cloud services
More informationKEY TRENDS AND DRIVERS OF SECURITY
CYBERSECURITY: ISSUES AND ISACA S RESPONSE Speaker: Renato Burazer, CISA,CISM,CRISC,CGEIT,CISSP KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures
More informationINSIGHTS AND RESOURCES FOR THE CYBERSECURITY PROFESSIONAL
INSIGHTS AND RESOURCES FOR THE CYBERSECURITY PROFESSIONAL BY 2 In enterprise IT, there is a single point where everything that matters in information, technology and business converges: Cybersecurity Nexus
More informationOver 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit.
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 BILL S BIO Over 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit. Vice President Controls
More informationCYBERSECURITY NEXUS CSX. 15 October 2014 ISACA Winchester Chapter
CYBERSECURITY NEXUS CSX 15 October 2014 ISACA Winchester Chapter INTRODUCTION Career International Brewer, various roles (1991-1996) KPMG, IT Risk Service Line Leader (1996-2012) Betfair, Head of Governance,
More informationISACA Tools Help Develop Cybersecurity Expertise
Volume 21, 8 October 2014 ISACA Tools Help Develop Cybersecurity Expertise Nominate Qualified Candidates for the ISACA Board of Directors Tips for Solving Data Classification Challenges Earn CPE at Professional
More informationRe: Experience with the Framework for Improving Critical Infrastructure Cybersecurity ( Framework )
10 October 2014 Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 Re: Experience with the Framework for Improving Critical Infrastructure
More informationWhy compromise on the quality of your cyber security training? How APMG, CESG and QA accreditations ensure the highest possible training standards
Why compromise on the quality of your cyber security training? How APMG, CESG and QA accreditations ensure the highest possible training standards Cyber Security CESG Certified Training // 2 Contents 3
More informationMEETING THE NATION S INFORMATION SECURITY CHALLENGES
MEETING THE NATION S INFORMATION SECURITY CHALLENGES TO ADDRESS SKILLS AND WORKFORCE SHORTAGES IN THE INFORMATION SECURITY INDUSTRY, THE NATIONAL SECURITY AGENCY AND THE DEPARTMENT OF HOMELAND SECURITY
More informationTURNING THE RISING TIDE OF CYBERSECURITY THREATS
TURNING THE RISING TIDE OF CYBERSECURITY THREATS With cyber attacks on the rise, there s a growing need for digital forensic professionals with the knowledge and skills to investigate technology crimes
More informationCareer Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88
Career Survey 1. In which country are you based? 88 answered question 88 skipped question 0 2. What is your job title? 88 answered question 88 skipped question 0 3. Travel budget not at all 21.0% 17 somewhat
More informationCyber Risk Management with COBIT 5
Cyber Risk Management with COBIT 5 Marco Salvato CISA, CISM, CGEIT, CRISC, COBIT 5 Approved Trainer 1 Agenda Common definition of Cyber Risk and related topics Differences between Cyber Security and IS
More informationProfil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.
Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.com DA! (by Global knowledge & TechRepublic) Top certifications by salary:
More informationAssessing & Managing IT Risks: Using ISACA's CobiT & Risk IT Frameworks
Assessing & Managing IT Risks: Using ISACA's CobiT & Risk IT Frameworks 2ο InfoCom Security Conference Anestis Demopoulos, Vice President ISACA Athens Chapter, & Senior Manager, Advisory Services, Ernst
More informationCybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015
Cybersecurity Kill Chain William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015 Who Am I? Over 20 years experience with 17 years in the financial industry
More informationRisks and Rewards of the Internet of Things. Findings From ISACA s 2013 IT Risk/Reward Barometer
Risks and Rewards of the Internet of Things Findings From ISACA s 2013 IT Risk/Reward Barometer The world is increasingly being populated by connected devices that collect and share information over the
More informationNorth Texas ISSA CISO Roundtable
North Texas ISSA CISO Roundtable Roundtable Topic Threat Against Our Well Being The Most Effective Methods in Combating and Responding to the Cyber Attack Event Sponsor Moderator and Panelists David Stanton
More informationSecureNinja. SecureNinja. The CyberSecurity Experts
Shakeel The Experts Chief Ninja (CEO) The Experts Washington DC The Experts Pentagon Force Protection Agency US Air Force SecureNinj a America Online JP Cigital General Morgan CompUSA Dynamics Fortify
More informationCybersecurity. Regional and Community Banks. Inherent Risks and Preparedness. www.bostonfed.org
Cybersecurity Inherent Risks and Preparedness Regional and Community Banks www.bostonfed.org Disclaimer The opinions expressed in this presentation are intended for informational purposes, and are not
More informationCYBER-ATTACKS THE GLOBAL RESPONSE
R E P R I N T CYBER-ATTACKS THE GLOBAL RESPONSE REPRINTED FROM: Risk, Governance & Compliance for Financial Institutions 2015 RISK GOVERNANCE & COMPLIANCE for F I N A N C I A L INSTITUTIONS 2 0 1 5 Visit
More information30 BILLION RISKS AND REWARDS OF CONNECTED DEVICES THE INTERNET OF THINGS CYBER LANDSCAPE TODAY
RISKS AND REWARDS OF CONNECTED DEVICES THE HIDDEN INTERNET OF THINGS ISACA 2015 IT RISK / REWARD BAROMETER The Internet of Things paints a vision of a carefree, seamlessly connected world where interconnected
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationCybersecurity Audit Why are we still Vulnerable? November 30, 2015
Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event
More informationImpact of Cybersecurity Innovations in Key Sectors (Technical Insights)
Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Customized cybersecurity measures help overcome Industry specific challenges September 2014 Table of Contents Section Slide Number
More informationExecutive Summary. Introduction
Written Testimony of Ravi Pendse, Ph.D. Vice President and Chief Information Officer Brown University Cisco Fellow Professor of Practice, Computer Science and Engineering Before the U.S. Senate Committee
More informationExecutive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.
Executive Summary Statement of Nadya Bartol Vice President, Industry Affairs and Cybersecurity Strategist Utilities Telecom Council Before the Subcommittee on Oversight and Subcommittee on Energy Committee
More informationSecurity Awareness Campaigns Deliver Major, Ongoing ROI
Security Awareness Campaigns Deliver Major, Ongoing ROI CONTENTS 01 01 02 04 05 06 Introduction The Challenge Immediate Value Evaluating effectiveness Ongoing value Conclusion INTRODUCTION By this point,
More informationLegislative Council Panel on Information Technology and Broadcasting. Information Security
For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest
More informationISACA Singapore Chapter
ISACA Singapore Chapter Annual Report 2014/2015 Contents Introduction... 2 Chapter Administration... 3 K. Wayne Snipes Award Special Mention... 4 Industry Outreach... 4 Industry Collaborations... 5 Monthly
More informationCYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS
CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become
More informationInformation Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza
Information Security Management System (ISMS) Overview Arhnel Klyde S. Terroza May 12, 2015 1 Arhnel Klyde S. Terroza CPA, CISA, CISM, CRISC, ISO 27001 Provisional Auditor Internal Auditor at Clarien Bank
More informationCybersecurity Credentials Collaborative (C3) cybersecuritycc.org
Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org October 2015 Collaboration Members Certification Matters The Cybersecurity Credentials Collaborative (C3) was formed in 2011 to provide
More informationImplications for 2015
State of Cybersecurity: Implications for 05 An ISACA and RSA Conference Survey State of Cybersecurity: Implications for 05 Introduction to the Report In 0, RSA Conference and ISACA agreed to collaborate
More informationISACA ON-SITE TRAINING DELIVERS EXPERT INSTRUCTION AT YOUR WORKPLACE
create better trained employees. choose the best value in training. ISACA ON-SITE TRAINING DELIVERS EXPERT INSTRUCTION AT YOUR WORKPLACE PRODUCTIVE train your workforce on-site. save on employee downtime
More informationIT Security Training. Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules
IT Security Training Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules Benefits of Certification Provides Assurance to Employers Certification
More informationExecutive Cyber Security Training. One Day Training Course
Executive Cyber Security Training One Day Training Course INTRODUCING EXECUTIVE CYBER SECURITY TRAINING So what is all this we hear in the media about cyber threats? How can an organization understand
More informationCOMPUTER NETWORKS AND SECURITY A FUTURE IN
COMPUTER NETWORKS AND SECURITY A FUTURE IN COMPUTER NETWORKS & SECURITY WHAT ARE CAREERS IN NETWORKS AND SECURITY ALL ABOUT? Computer networks are an inextricable part of modern life. We use computers
More informationSecurity Transcends Technology
INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC. Career Enhancement and Support Strategies for Information Security Professionals Paul Wang, MSc, CISA, CISSP Paul.Wang@ch.pwc.com
More informationNadya Bartol, CISSP, CGEIT VP, Industry Affairs and Cybersecurity Strategist UTC (Utilities Telecom Council) USA. 2014 Utilities Telecom Council 1
Nadya Bartol, CISSP, CGEIT VP, Industry Affairs and Cybersecurity Strategist UTC (Utilities Telecom Council) USA 2014 Utilities Telecom Council 1 Why do we need cybersecurity? Agriculture and Food Energy
More informationTrends in Information Technology (IT) Auditing
Trends in Information Technology (IT) Auditing Padma Kumar Audit Officer May 21, 2015 Discussion Topics Common and Emerging IT Risks Trends in IT Auditing IT Audit Frameworks & Standards IT Audit Plan
More informationNIST Cybersecurity Framework Impacting Your Company? April 24, 2014 Presented By Sheila FitzPatrick, NetApp Jeff Greene, Symantec Andy Serwin, MoFo
2014 Morrison & Foerster LLP All Rights Reserved mofo.com NIST Cybersecurity Framework Impacting Your Company? April 24, 2014 Presented By Sheila FitzPatrick, NetApp Jeff Greene, Symantec Andy Serwin,
More informationAudit Capabilities: Beyond the Checklist. Niall Haddow, Business Leader Philip Young, Sr. IT Auditor Professional Strategies - Session S32
Audit Capabilities: Beyond the Checklist Niall Haddow, Business Leader Philip Young, Sr. IT Auditor Professional Strategies - Session S32 Agenda Beyond the Checklist Visa Overview Visa Internal Audit Overview
More informationDAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES
DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5500 companies in 26 countries around the world
More informationCybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015
Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key
More informationCyber Security 2014 SECURE BANKING SOLUTIONS, LLC
Cyber Security CHAD KNUTSON SECURE BANKING SOLUTIONS 2014 SECURE BANKING SOLUTIONS, LLC Presenter Chad Knutson Senior Information Security Consultant Masters in Information Assurance CISSP (Certified Information
More informationIntroduction to Cybersecurity Overview. October 2014
Introduction to Cybersecurity Overview October 2014 Introduces the importance of cybersecurity and current trends Eight modules with presentations and panel discussions that feature industry experts Activities,
More informationCYBER ATTACKS CASHING IN ON RETAILERS: A WEBINAR ON CYBERSECURITY
CYBER ATTACKS CASHING IN ON RETAILERS: A WEBINAR ON CYBERSECURITY May 21, 2015 WELCOME Jim Ambrosini CISSP, CFE, CISA, CRISC, CRMA is a Managing Director with CohnReznick Advisory Group who leads its cybersecurity
More informationAuditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement
Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Copyright Elevate Consult LLC. All Rights Reserved 1 Presenter Ray Guzman MBA, CISSP, CGEIT, CRISC, CISA Over 25
More informationNational Cyber Security Awareness Month. Week Two: Creating a Culture of Cybersecurity at Work
National Cyber Security Awareness Month Week Two: Creating a Culture of Cybersecurity at Work Webinar Recording and Evaluation Survey This webinar is being recorded and will be made available online to
More informationJanuary IIA / ISACA Joint Meeting Pre-meeting. Cybersecurity Update for Internal Auditors. Matt Wilson, PwC Risk Assurance Director
January IIA / ISACA Joint Meeting Pre-meeting Cybersecurity Update for Internal Auditors Matt Wilson, Risk Assurance Director Introduction and agenda Themes from The Global State of Information Security
More informationCYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts
CYBER SECURITY ADVISORY SERVICES Governance Risk & Compliance Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts The Financial Services Industry at Crossroads: Where to From Here? WELCOME What
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationSPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles
PNNL-24138 SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles March 2015 LR O Neil TJ Conway DH Tobey FL Greitzer AC Dalton PK Pusey Prepared for the
More informationState of South Carolina InfoSec and Privacy Career Path Model
State of South Carolina InfoSec and Privacy Career Path Model Start Introduction This Career Path Model for the State of South Carolina (State) is designed to help define the various career options available
More informationCYBERSECURITY: Is Your Business Ready?
CYBERSECURITY: Is Your Business Ready? Cybersecurity: Is your business ready? Cyber risk is just like any other corporate risk and it must be managed from the top. An organization will spend time monitoring
More informationCyber Security Solutions
Cyber Security Solutions Defending the Enterprise General Dynamics Information Technology defends mission-critical systems including government, health, finance, defence, large-enterprise and national
More informationCollateral Effects of Cyberwar
Your texte here. Collateral Effects of Cyberwar by Ilia Kolochenko for Geneva Information Security Day 9 th of October 2015 Quick Facts and Numbers About Cybersecurity In 2014 the annual cost of global
More informationCISM ITEM DEVELOPMENT GUIDE
CISM ITEM DEVELOPMENT GUIDE Updated January 2015 TABLE OF CONTENTS Content Page Purpose of the CISM Item Development Guide 3 CISM Exam Structure 3 Writing Quality Items 3 Multiple-Choice Items 4 Steps
More informationPriority III: A National Cyberspace Security Awareness and Training Program
Priority III: A National Cyberspace Security Awareness and Training Program Everyone who relies on part of cyberspace is encouraged to help secure the part of cyberspace that they can influence or control.
More informationMANY CERTIFICATES WHAT S THE WORTH?
MANY CERTIFICATES WHAT S THE WORTH? CLUSIT Security Summit Milano 17 Marzo 2016 Stefano Niccolini AIEA ISACA Milan Chapter (President) Basato su un lavoro di Umberto Annino, ISACA Switzerland Chapter (Certification
More informationCitation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit 2020. Abstract from Nordic ISACA Conference 2014, Oslo, Norway.
Aalborg Universitet Vision for IT Audit 2020 Berthing, Hans Henrik Aabenhus Publication date: 2014 Document Version Early version, also known as pre-print Link to publication from Aalborg University Citation
More informationCybersecurity on a Global Scale
Cybersecurity on a Global Scale Time-tested Leadership A global leader for more than a century with customers in 80 nations supported by offices in 19 countries worldwide, Raytheon recognizes that shared
More informationNorthrop Grumman Cybersecurity Research Consortium
Northrop Grumman Cybersecurity Research Consortium GUIRR Spring Meeting Washington DC 9 February 2011 Robert F. Brammer, Ph.D. VP Advanced Technology and Chief Technology Officer Northrop Grumman Information
More informationThe PCI Security Standards Council. Bob Russo June 2011
The PCI Security Standards Council Bob Russo June 2011 What are the threats to card data? How can you defend your card data? What is the Council doing to help you? What tools are available to get you secure?
More informationFedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov
FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the
More informationInformation Security Officer (# 1773) Salary: Grade 25 ($81,808-$102,167) / Grade 27 ($90,595 to $113,141) Summary of Duties. Minimum Qualifications
Thomas K. Lee, Executive Director/CIO Human Resources Department (518) 447-2906 Information Security Officer (# 1773) Salary: Grade 25 ($81,808-$102,167) / Grade 27 ($90,595 to $113,141) The New York State
More informationCybercrime & Cybersecurity: the Ongoing Battle International Hellenic University
Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Andreas Athanasoulias, CISM, CISSP Information Security Officer & Security Consultant Brief introduction My career path
More informationThreat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue
Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437 Specialist Security Training Catalogue Did you know that the faster you detect a security breach, the lesser the impact to the organisation?
More informationThe enemies ashore Vulnerabilities & hackers: A relationship that works
The enemies ashore Vulnerabilities & hackers: A relationship that works Alexandros Charvalias, Manager CISSP, CISA, ACDA Assurance & Enterprise Risk Services Cyber security maturity model How effectively
More informationCyber Risks in the Boardroom
Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing
More informationTen Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder
Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system
More informationCASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link
CASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link Peter Milla CASRO Technical Consultant/CIRQ Technical Advisor peter@petermilla.com Background CASRO and Standards CASRO takes
More informationCyber Security Market by Solution - Global Forecast to 2020
Brochure More information from http://www.researchandmarkets.com/reports/3287011/ Cyber Security Market by Solution - Global Forecast to 2020 Description: 'Cyber Security Market by Solution (IAM, Encryption,
More informationNew challenges in Data privacy.
New challenges in Data privacy. Zdravko Stoychev, CISM CRISC Information Security Officer Alpha Bank Bulgaria branch South East European Regional Forum on Cybersecurity and Cybercrime, 2013 11-13 Nov 2013
More informationIntroduction to Information Security Management
Introduction to Information Security Management CIS 8080 Security and Privacy of Information and Information Systems Richard Baskerville Georgia State University 1 Principles Information Security Management
More informationINSERT COMPANY LOGO HERE. Competitive Strategy Product Leadership Innovation Award and Leadership Award
2013 2014 INSERT COMPANY LOGO HERE 2014 2013 Mexican North American Managed SSL Security Certificate Solutions Competitive Strategy Product Leadership Innovation Award and Leadership Award Contents Background
More informationWHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.
WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. A guide for IT security from BIOS The Problem SME s, Enterprises and government agencies are under virtually constant attack today. There
More informationKevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor
IT Audit/Security Certifications Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor Certs Anyone? There are many certifications out there
More informationInformation Security in the undergraduate curriculum
Information Security in the undergraduate curriculum Chris Mitchell Royal Holloway, University of London www.isg.rhul.ac.uk/~cjm 1 Background I Some years ago, computer hacking was mainly done for fun.
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationTop 5 Global Bank Selects Resolution1 for Cyber Incident Response.
MAJOR FINANCIAL SERVICES LEADER Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. Automation and remote endpoint remediation reduce incident response (IR) times from 10 days to 5 hours.
More informationSecuring Critical Information Assets: A Business Case for Managed Security Services
White Paper Securing Critical Information Assets: A Business Case for Managed Security Services Business solutions through information technology Entire contents 2004 by CGI Group Inc. All rights reserved.
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationNanci Knight IBM Academic Initiative Ecosystem Development Relationship Manager West Region email: nknight@us.ibm.com cell: 707.529.
Nanci Knight IBM Academic Initiative Ecosystem Development Relationship Manager West Region email: nknight@us.ibm.com cell: 707.529.9603 IBM At A Glance IBM has 425,000 ee s worldwide 2012 Financials Revenue
More informationAll about CPEs. David Gittens CISA CISM CISSP CRISC HISP
All about CPEs David Gittens CISA CISM CISSP CRISC HISP The Designer David Gittens ISSA Barbados Past President Certified in ethical hacking and computer forensics Certified in security management and
More information(BDT) BDT/POL/CYB/Circular-002. +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int
2011 15 (BDT) BDT/POL/CYB/Circular-002 +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int 2008 2010 2010 International Telecommunication Union Place des Nations CH-1211 Geneva 20 Switzerland Tel: +41
More informationAn Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015
An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans NICE Annual Conference November 2015 Panelists David Brown, Director of CyberTalent at the SANS Institute, a new business unit
More informationCertified Information Security Manager (CISM)
Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security
More informationCYBER SECURITY INFORMATION SHARING & COLLABORATION
Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers
More informationAchieving Governance, Risk and Compliance Requirements with HISP Certification Course
Achieving Governance, Risk and Compliance Requirements with HISP Certification Course in corporation with A unique information security and regulatory compliance certification course that provides IT security
More informationBachelor of Science Degree Cyber Security Advancing the nation s workforce one graduate at a time
Flexible Online Bachelor s Degree Completion Programs Bachelor of Science Degree Cyber Security Advancing the nation s workforce one graduate at a time Cyber Security Major The Program You ve heard about
More informationRethinking Cyber Security Threats
Rethinking Cyber Security Threats (ISC)² Update U.S. Government Advisory Board Meeting February 17, 2010 Frank Chow CISSP ISSAP ISSMP CSSLP CGEIT CRISC CISM CISA Chairperson of Professional Information
More informationVal-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning
Val-EdTM Valiant Technologies Education & Training Services 2-day Workshop on Business Continuity & Disaster Recovery Planning All Trademarks and Copyrights recognized Page 1 of 8 Welcome to Valiant Technologies.
More informationPhone: +44 20 8123 2220 Fax: +44 207 900 3970 office@marketpublishers.com https://marketpublishers.com
Cyber Security Market by Solution (IAM, Encryption, DLP, Risk and Compliance Management, IDS/IPS, UTM, Firewall, Antivirus/Antimalware, SIEM, Disaster Recovery, DDOS Mitigation, Web Filtering, and Security
More informationIT risk management discussion 2013 PIAA Leadership Camp May 15, 2013
IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013 Debbie Lew Agenda Review what is IT governance Review what is IT risk management A discussion of key IT risks to be aware of Page 2
More informationLogical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110
Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Exam Information Candidate Eligibility: The CyberSec First Responder: Threat Detection and Response (CFR) exam
More informationW H I T E P A P E R C l i m a t e C h a n g e : C l o u d ' s I m p a c t o n I T O r g a n i z a t i o n s a n d S t a f f i n g
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R C l i m a t e C h a n g e : C l o u d ' s I m p a c t o n I T O r g a n i z a
More information