Cybersecurity Boardroom Workshop 2015, How Boards of Directors and CXOs Can Build the Proper Foundation to Address Today's Information Security Challenges
Cloud Computing, Cyber Security, Data Breach, Education, IT Security, Technology

How Boards of Directors and CXOs Can Address Today’s Information Security Challenges at Cybersecurity Boardroom Workshop 2015

Cybersecurity Boardroom Workshop 2015, How Boards of Directors and CXOs Can Build the Proper Foundation to Address Today's Information Security Challenges

Cybersecurity Boardroom Workshop 2015

In the days prior to Thanksgiving 2013, malware designed to steal credit card data at Target was surreptitiously installed. According to Bloomberg BusinessWeek, the company had installed a malware detection tool. Target had specialists in Bangalore to monitor its computers around the clock. Two days after Thanksgiving, the malware was spotted. The team in India got an alert and flagged Target’s security managers. And then?

Nothing happened. Target’s alert system had worked effectively. But then, Target stood by as 40 million credit card numbers flowed out of its computers. Only a few months later, CEO Gregg Steinhafel and CIO Beth Jacob were both out of the company.

Cybersecurity has become widely recognized as a critical corporate challenge. Boards and senior managements are putting it on their agenda, categorizing cybersecurity not as a compartmentalized risk for the information technology team, but as strategic and enterprise-wide.

However, a security program is only as strong as its weakest link. While a survey by the Institute of Internal Auditors found 58% of board members felt they should be actively involved in cybersecurity preparedness, only 14% said they were actively involved. Unfortunately, 65% also said their perception of the risk their organizations faced had increased.

Board members and senior managers need to become more educated about the topic to be able to ask questions that are strategic yet granular enough to address company-specifics. To go further, it will be imperative to join Cybersecurity Boardroom Workshop 2015, the first seminar targeted at strategic and executive leaders for whom cybersecurity readiness is a relatively new yet critically important area to be intelligently conversant about.

Cybersecurity Boardroom Workshop 2015 is specifically designed for board members and senior executives of public and private firms looking for new ways to gain and maintain competitive business advantage. Business executives with responsibility for IT, finance, compliance, risk management and procurement as well as entrepreneurs and innovators are welcome.

By the end of Cybersecurity Boardroom Workshop 2015, to be held in Dubai, March 8-9, Hong Kong, March 12-13, Seoul, March 19-20, Singapore, March 26-27, London, 9-10 April, and New York City, April 16-17, participants will:

  • Understand enterprise cybersecurity and the impact on shareholder value in the short and long term
  • Identify immediate security needs for the organization with actionable steps for senior management
  • Learn how to identify current and future challenges to better enable management to focus on threat reduction and operational reliability
  • Get up to speed on international and domestic approaches and frameworks for effective cybersecurity practices corporate wide

DAY 1: UNDERSTANDING THE CYBER WORLD

Understanding Cybersecurity

  • The trillion dollar global cyber risk environment
  • The enterprise-wide challenge of protecting the organization’s assets
  • The impact of cybersecurity attacks on shareholder value
  • Identity theft and the legal implications of data breaches

Social Engineering: The “Weakest Human Link” in Cybersecurity

  • The responsibility for cybersecurity in the organization
  • Assessing the quality of the cybersecurity workforce
  • Evaluating shortcomings in meeting cybersecurity workforce standards
  • Assessing the effectiveness of current professionalization tools

Understanding the Cybersecurity Testing Method

  • Reconnaissance: How to use tools to find vulnerable systems and devices
  • Packet sniffing: How to gather information from computer systems
  • Port scanning: How port information is exposed on computer systems
  • Password policy and cracking: What to consider when developing password policy
  • Vulnerability: How to reduce attacks by enforcing proactive compliance policies

Basics of Security Architecture for Board Members and CXOs

  • How architecture defines the structure of a system and makes it explicit
  • The fundamentals of layered architecture: presentation, business, data, and service layers
  • How the current computer network infrastructure was not designed originally to be secure
  • Embedding architecting security into systems from inception

DAY 2: RESPONDING TO THE CYBERSECURITY CHALLENGE

Introduction to NIST’s Cybersecurity Framework

  • Describing the enterprise’s current and target cybersecurity posture
  • Identifying and prioritizing opportunities for improvement
  • Assessing and accelerating progress toward the target state
  • Communicating with internal and external stakeholders about cybersecurity risk

The Five Core Functions of NIST’s Cybersecurity Framework

  • Identify: Organizational understanding to manage cybersecurity risk
  • Protect: Safeguards to ensure delivery of critical infrastructure services
  • Detect: How to identify the occurrence of a cybersecurity event
  • Respond: Taking action regarding a detected cybersecurity event
  • Recover: Maintaining plans for resilience and to restore any impaired capabilities

Introduction to Intelligence-driven Cyber Network Defenses

  • How investigations are based upon the scientific method: observing, hypothesis, evaluation, prediction and validation
  • How to leverage cutting edge technology, vigilant people and innovative processes
  • How to continuously improve the enterprise process for defending IT assets
  • How to empower people to resolve the problem with guidance and mentoring

Establishing or Improving a Cybersecurity Program

  • Prioritize and scope: Identifying business/mission objectives and high-level priorities
  • Orient: Identifying related systems and assets, regulatory requirements, and risk approach
  • Create a current profile: Developing a profile by indicating current degree of preparedness
  • Conduct a risk assessment: Analyzing the operational environment in order to discern the likelihood of an attack
  • Create a target profile: Describing the organization’s desired cybersecurity outcomes
  • Determine, analyze, and prioritize gaps: Determining gaps between current and target profiles
  • Implement action plan: Deciding which actions to take in regards to identified gaps

Cybersecurity Boardroom Workshop 2015 is produced by Golden Networking, the premier networking community for business and technology executives, entrepreneurs and investors. Panelists, speakers and sponsors are invited to contact Golden Networking by sending an email to information@goldennetworking.com.

Advertisements
Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Education, Finance

Top 5 cybersecurity risks for 2015

From identity theft and fraud to corporate hacking attacks, cybersecurity has never been more important for businesses, organizations and governments.

Hacking experts warn there are plenty more security risks ahead in 2015 as cyber criminals become more sophisticated. While “traditional” cybercrime such as internet password fraud will still be widespread in 2015, larger scale espionage attacks and hacking the Internet of Things (IoT) will also be risks.

Read More

Standard
Business, Cloud Computing, Cyber Security, cyber security legislation, Cybersecurity, E commerce, Education, Government, Healthcare, IT Security, Security, Technology

Cybersecurity Cooperation between China and United States to be Analyzed by The Speed Traders and Knightmare on Wall Street’s Edgar Perez at Golden Networking’s Cyber Security World Conference 2015 New York City

Cyber Security World Conference 2015 New York City

Cyber Security World Conference 2015 New York City

Cybersecurity has historically been a contentious issue between China and the United States, yet both countries would benefit from strategic cooperation in this area, according to the Capstone Report by the School of International and Public Affairs, Columbia University. The two global powers are vested stakeholders in an interconnected international system of trade, finance, and other globalized institutional systems. Cyber networks underpin the critical infrastructures of such systems, and cyber protection necessitates the information exchange of threats as well as coordinated efforts in managing defensive capabilities.

Because of the subtlety surrounding cultural values, it is necessary to pay attention to some distinct facets of Chinese culture, especially bureaucratic culture, which Chinese counterparts may reflect. To build productive dialogue, the report suggests, it is essential to understand the differences in culture and communications between the two countries. Unlike the U.S., Chinese strategic culture is characterized by ambiguity, disinformation and secrecy. Through this approach, China aims to achieve its strategic objectives, thereby “winning without fighting.” The way in which an entity shares information reflects its strategic culture, which in China is traditionally dominated by the state. Differences in cultural values and assumptions are usually invisible, often subconscious, and difficult to discern by an outside observer.

Amidst this critical differences, Edgar Perez (http://mredgarperez.com), author of Knightmare on Wall Street, will discuss the state of the cybersecurity dialogue between the United States and China at Cyber Security World Conference 2015 New York City (http://www.CyberSecurityWorldConference.com). The forum will provide a platform for information security authorities and innovative service providers to distil their latest research for hundreds of senior executives focused on protecting enterprise and government valuable assets. Cyber security experts will discuss subjects such as protecting individuals and companies against cyber-attacks, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks.

Mr. Perez has been engaged to present at the Council on Foreign Relations, Vadym Hetman Kyiv National Economic University (Kiev), U.S. Securities and Exchange Commission (Washington DC), Quant Investment & HFT Summit APAC 2012 (Shanghai), CFA Singapore, Hong Kong Securities Institute, Courant Institute of Mathematical Sciences at New York University, University of International Business and Economics (Beijing), Hult International Business School (London and Shanghai) and Pace University (New York), among other public and private institutions.

Mr. Perez is widely regarded as the preeminent global expert in technology and investing. He is the author of Knightmare on Wall Street and The Speed Traders and has been interviewed on CNN, CNBC, FOX BUSINESS, Bloomberg TV, CNN en Español, CCTV China, BNN, Bankier.pl, Leaderonomics, TheStreet.com, GPW Media, Channel NewsAsia’s Business Tonight and Cents & Sensibilities. Mr. Perez has been globally featured on FXFactor, Columbia Business, OpenMarkets, Sohu, News.Sina.com, Yicai, eastmoney, Caijing, ETF88.com, 360doc, AH Radio, CNFOL.com, CITICS Futures, Tongxin Securities, ZhiCheng.com, CBNweek.com, Caixin, Futures Daily, Xinhua, CBN Newswire, Chinese Financial News, ifeng.com, International Finance News, hexun.com, Finance.QQ.com, Finance.Sina.com, The Korea Times, The Korea Herald, The Star, The Malaysian Insider, BMF 89.9, iMoney Hong Kong, CNBC, Bloomberg Hedge Fund Brief, The Wall Street Journal, The New York Times, Dallas Morning News, Valor Econômico, FIXGlobal Trading, TODAY Online, Oriental Daily News and Business Times.

Mr. Perez was a vice president at Citigroup, a senior consultant at IBM, and a strategy consultant at McKinsey & Company in New York City. Mr. Perez has an undergraduate degree from Universidad Nacional de Ingeniería in Lima, Peru (1994), a Master of Administration from Universidad ESAN in Lima, Peru (1997) and a Master of Business Administration from Columbia Business School in New York, with a dual major in Finance and Management (2002). He belongs to the Beta Gamma Sigma honor society. Mr. Perez resides in the New York City area and is an accomplished salsa and hustle dancer.

About Cyber Security World Conference 2015

Renowned information security experts and innovative service providers will present at Cyber Security World Conference 2015 their latest thinking to hundreds of senior executives focused on protecting enterprises and governmental agencies.

Standard
Golden Networking's Cyber Security World Conference 2014 New York City
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Education, Finance, Government, IT Security, Security, Technology

State Department Computers Hacked, Email Shut Down while Repairing Possible Damage from Suspected Hacker Attack

The State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from a suspected hacker attack.

A senior department official said Sunday that “activity of concern” was detected in the system around the same time as a previously reported incident that targeted the White House computer network.

That incident was made public in late October, but there was no indication then that the State Department had been affected. Since then, a number of agencies, including the U.S. Postal Service and the National Weather Service, have reported attacks.

Read more

Standard
Business, Cyber Security, cyber security legislation, Cybersecurity, Defense, Education, Government, IT Security, Security, Technology

Sony hack renews cybersecurity push for ‘zombie bill’

Washington (CNN) — White House Economic Council Director Jeff Zients pointed fingers at Congress on Thursday for not acting fast enough on cybersecurity legislation, in the wake of news that North Korea was behind the Sony Entertainment cyberattack.

“We’re doing what we can within the executive authorities of the President to do what we can across the federal government — both protect the federal government assets and to work with the private sector — but in order to take this to the next level we need legislation,” he said at a Politico breakfast.

Read More

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Education, Finance, IT Security, Security, Technology

Apple must continue to improve cybersecurity as attacks increase

Several high-profile cyberattacks launched against Apple have revealed OS X and iOS aren’t as secure anymore, with criminals trying to compromise both operating systems. Enterprise workers are at risk because of Apple taking a “whack-a-mole” approach to security, which is a major threat with sophisticated spear-phishing attacks.

Read More

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Education, Finance, Government, IT Security, Security, Technology

FTC probe of Verizon holds valuable lessons in cyber security protocol

Companies can glean valuable guidance from the Federal Trade Commission ending its investigation into the security of Verizon Communications Inc.’s routers should they face such a probe.

Legal and insurance industry experts say it is critical for companies to maintain up-to-date cyber security standards as one way to avoid such regulatory scrutiny in the first place.

Experts also advise buyers to make sure their cyber insurance covers regulatory exposures.

Read More

Standard