Developing a Cyber Incident Response Program
The best way forward is an efficient Incident Response Program that allows an organization to respond with speed and agility, while empowering businesses to maintain continuous operations. Such a solution also reduces revenue loss, reduces fines and lawsuits and protects brand reputation.
Information Security, Governance & Risk, are all critical aspects of planning and execution of the Information Security Plan. Who in your organization has key responsibility to develop an information security governance program; review existing Information Security policies and standards to ascertain their adequacy in coverage scope against industry best practices, and update them as
appropriate, taking into account compliance recommendations?
Establish Key Performance Indicators (KPI) to determine if your Information Systems Incident Response program meets business objectives and operational metrics for ongoing process
improvement. We will discuss how to tailor & enhance your existing security training program and requirements for specific audiences based on the sensitivity of the information for which they are granted based on policies.
How to strengthen IT Risk Management - Integrate Information Security risk management with enterprise risk management, including using common business terminology, congruent methods, and common or linked
risk register, and establishing mechanisms for risk acceptance. How to build an IS regulation review process, schedule and regulation requirements.
Why should you Attend: Do you have great procedures in place to deal with a Breach, Malware and more? Are you willing to risk your Business Reputation on those procedures?
Risk Management Monitor quoted Vincent Weafer, Senior Vice President of McAfee Labs, "The year 2014 will be remembered as ‘the Year of Shaken Trust,’" said Vincent Weafer, senior vice president of McAfee Labs. "This unprecedented series of events shook industry confidence in longstanding Internet trust models, consumer confidence in organizations’ abilities to protect their data, and organizations’ confidence in their ability to detect and deflect targeted attacks in a timely manner. Restoring trust in 2015 will require stronger industry collaboration, new standards for a new threat landscape, and new security postures that shrink time to detection through the superior use of threat data."
Areas Covered in the Session:
- Adopting a systematic approach to risk tracking to enhance the effectiveness of the Cyber Incident Program
- Outlining the critical actions to take if an event affects the company or its partners
- Understanding an organizations’ susceptibility to a Cyber Attack
- Cyber Incident Response: Getting started, research, training, testing and maintaining
Who Will Benefit:
- Information Security Managers
- CEO, CIO, CFO, CSO
- Technology Managers
- Auditors
Michael is certified as a Lead Implementer in ISO 27001 Information Security Management, ISO 27035 Security Incident Response, ISO 22301 Business Continuity Management and ISO 21500 Project Management. She is a Certified Instructor for ISO Certification Courses through PECB. Also certified Project Manager PMP, and 2 Master Certifications (MBCP) (FBCI) in Disaster Recovery and CEM Emergency Management
She has consulted in the area of Cyber Security for clients in the arenas of Healthcare, Insurance, Financial and Manufacturing. Her projects have included:
SIEM Security information and event management which is Combining software products and services combining security information management (SIM) and security event management (SEM).
(CSIRT) which is Cyber Security Incident Response Programs, Plans, Playbooks, Training and Testing.
Audit of CSIRT programs and documentation.
Information Security Programs and Implementation.
She has 2 books which are coming out in 2016 and are being published by one of the Top International Publishers in the world. The first is a Cyber Security book and the second is a Business Continuity and Disaster Recovery book Michael has a series of Audio Training that receive CEU's from Disaster Recovery Institute (DRI) and other certifying organizations.
They are: Cyber Security Training for - 6 CEU's. Business Continuity Management for 20 CEU's. www.rwknowledge.com Michael's been honored as Top Woman in her field at a White House Luncheon and was selected out of the world to write the prolog for the chapter on RISK Management by the United Nations for their Disaster Book which was given to the head of state for every UN member nation. She has recently been named on the list of "Women of Distinction for 2015" by Women of Distinction Magazine for her work in Cyber Security. She was selected to speak on Cyber Security Incident Response and SIEM at such recent conferences as: International ISSA Conference in Chicago. NYS Cyber Security Conference - Co Spoke with Acting CISO for New York State. ISACA Western New York Conference. Metric Stream Round Table in New York City.