Presentazione standard di PowerPoint
Transcription
Presentazione standard di PowerPoint
ENABLING BUSINESS SECURITY An ISACA VENICE Chapter conference in collaboration with 20 May 2016 Trieste AGENDA From 9:00 to 13:30 Title Welcome speech Agenda Threat Landscape Perspectives and Predictions for 2016 Cyber Risk Management, from the CSIRT to the Board, and Back Speaker Company Vladimir Nanut Dean Marco Salvato President MIB School of Management ISACA VENICE Chapter Mo Cashman Director, Enterprise Architecture Intel Security Andrea Zapparoli Manzoni Head of Cyber Security KPMG Advisory Coffee break Surviving as a security leader in the cyberspace era Responsive Risk Management, a new approach Supporting Cybersecurity with ISACA Closing speech Andreas Gaetje Head of Group IT Risk & Security Assicurazioni Generali Francesca Gomez Senior Manager Digital Risk Deloitte LLP Mauro Bregolin CSX Trainer, Board of Directors KIMA ISACA VENICE Chapter Marco Salvato President ISACA VENICE Chapter Lunch PROGRAM Title Abstract Threat Landscape The intervention will review a number of industry security trends, including McAfee Labs Perspectives and Q1 Threat Report information, and provide some insight into the necessary security Predictions for outcomes for building a resilient enterprise in the face of the threat landscape. 2016 Since the rising frequency and complexity of cyber-attacks now represents a real threat Cyber Risk to an enterprise profitable existence, effectively managing cyber risks has now become a Management, strong competitive advantage. from the CSIRT to Firms should adopt a company-wide boardroom-backed cyber readiness program, aided the Board, and by robust cyber governance and incident management structures and reinforced by Back training and testing from the bottom-up, in order to develop an effective cyber risk management process. Surviving as a This session shows how to develop and direct information security programs and security leader in activities and how to bridge the gap between business needs and risks. the cyberspace era Digital has changed how organisations do business and the risk landscape that they now operate in. The fast pace and high interconnectivity of digital is characterising the likelihood and impact of risks facing the business and controls to manage these need new characteristics if they are to operate effectively. Integrated controls design, business Responsive Risk enablement and continuous risk management are becoming key to managing risk in a Management, a way that supports an organisation’s execution of its digital strategy. By looking at a series new approach of practical examples at digital product development we will explore how different organisations are adapting their risk management approach for digital. We will define principles for an approach to control design to manage risk in digital and look at practical ways of embedding these in an organization. Cyber security threats are on the rise - be they related to services on the web, mobile apps, wearables, the Internet of Things, data delocalization (the cloud), blurred Supporting perimeters (corporate life vs. personal life). Think of big data, geolocation tracking, Cybersecurity with pervasive surveillance / espionage, rampant malware, privacy issues. A seemingly ISACA endless proliferation of technologies, an ever-increasing number of vulnerabilities and the commoditization of the exploitation process further complicate the picture. How do we cope with such a shifting landscape threat? SPEAKERS Speaker BIO Mo Cashman is the Director of the Enterprise Architecture team at Intel Security. He has over 15 years’ experience designing, implementing and managing cyber security solutions for large government and enterprise customers globally. In his Mo Cashman current role, Mo advises large customers in Government, Finance, Service Director, Enterprise Providers and Critical Infrastructure on security transformation and business resilience. In previous roles, Mo was the Chief Security Officer for the Global Architecture Public Sector team at McAfee and just prior to joining McAfee, lead the Computer Security Incident Response Team for the US Defense Department in Europe. Andrea Zapparoli Manzoni has 16 years of professional experience in ICT Security Member of the Board (since 2012) for CLUSIT (Italian Association for Information Security). Member of the Board (since 2011) for Assintel (Italian Association of ICT Companies) and chairman of the ICT Security WG. Board Advisor for CSCSS (Centre for Strategic Cyberspace + Security Science – London). Lecturer for CLUSIT on topics like Social Media and Mobile Security, Cybercrime, Cyber Intelligence, Andrea Zapparoli Incident Handling. Lecturer at the Italian "Master in Homeland Security" (for Manzoni civilian and military officers). Lecturer at the NATO RSSCD (Regional Summer Head of Cyber Security School on Cyber Defense). In the last 15 years, lecturer and speaker at hundreds of conferences both in Italy and abroad on Cyber Security topics. Co-author of several white papers, i.e. Italian National Health Records, Return on Security Investment, Social Business Security, Online Cyber Frauds. Co-author of CLUSIT's yearly "Rapporto sulla Sicurezza ICT in Italia" (since 2011). Co-author of the Italian "Framework Nazionale di Cyber Security" - 2015. Since 2014 he is Head of Cyber Security Services for KPMG Advisory in Italy. Andreas Gaetje, CISA, CGEIT is Head of Group IT Risk and Security in Generali. He manages global security standards and coordinates security activities. As from Andreas Gaetje April 1st, he is additionally responsible for Security and Identity Management in Head of Group IT Risk & Generali Infrastructure Services. Andreas has more 14 years of experience in Security Insurance business and held several positions mainly focused on Governance, Auditing and Security. He is member of ISACA Germany Chapter SPEAKERS Speaker BIO Francesca Gomez is a digital risk specialist who brings together a background in innovative technology and risk management to find practical solutions to managing risk in the digital era. From designing controls for fast moving key Francesca Gomez strategic digital partnerships to managing large scale remediation plans, Senior Manager Digital Francesca has seen how control design can make or break a business. Now Risk helping clients manage their digital risk at Deloitte, she will be sharing her experience and first-hand knowledge on how to build a risk management framework that supports a digital business. Mauro Bregolin, CISA, CRISC, CSX Trainer, QSA, PA-QSA, serves in the Board of Mauro Bregolin Directors of ISACA VENICE Chapter where he coordinates CSX training, and has 25 CSX Trainer, Board of years of industry experience, 15 in information security. His primary focus of interest is application security. He is primarily involved with application auditing Directors and PCI DSS auditing services. Who Should Attend? IT audit, assurance, security, cyber security, control and governance professionals, consultants, IT Risk Manager, Operational Risk Manager, students and new graduates. Destinatari Manager, Responsabili organizzazione, Professionisti nel settore IT, Auditor, IS Auditor, Addetti ai Sistemi Informativi, Addetti alla Sicurezza delle informazioni, Responsabile della sicurezza delle informazioni, Consulenti, IT Risk Manager, Responsabile Qualità dei Dati, Responsabile Rischi Operativi, Studenti universitari o Neolaureati. L’evento sarà in lingua inglese - The event will be held in English language Logistica Sede: Palazzo Ferdinandeo - MIB School of Management - L.go Caduti di Nasiriya 1 - 34142 Trieste. Data: venerdì 20 Maggio 2016 Orario: 09:00 – 13.30 Partecipazione gratuita previa iscrizione soggetta a conferma. Inviare la scheda di adesione a [email protected] entro il 15 Maggio 2016. CPE L’evento permette di acquisire 5 ore CPE per le certificazioni CISA, CISM, CGEIT, CRISC, ISO27000LA, CSSP. Evento in collaborazione con: Realizzato grazie a: Con il patrocinio di: LA PARTECIPAZIONE È GRATUITA per l’iscrizione compilare la scheda e inviarla a [email protected]. Per motivi organizzativi i partecipanti saranno avvisati con mail di conferma. ISACA VENICE Chapter si riserva la facoltà di apportare qualsiasi modifica al programma dell’evento. ISACA – Information Systems Audit & Control Association As a nonprofit, global membership association for IT and information systems professionals, ISACA is committed to providing its diverse constituency of more than 140,000 professionals worldwide with the tools they need to achieve individual and organizational success. The benefits offered through our globally accepted research, certifications and community collaboration result in greater trust in, and value from, information systems. Through more than 200 chapters established in more than 80 countries, ISACA provides its members with education, resource sharing, advocacy, professional networking, and a host of other benefits on a local level. ISACA’s constituency is characterized by its diversity. The global community of ISACA members and certified cover a variety of professional IT-related positions—some of which include IS auditor, consultant, educator, IS security professional, risk professional, chief information officer and internal auditor. Some are new to the field, others are at middle management levels and still others are in the most senior ranks. ISACA constituents work in nearly all industry categories, including financial and banking, public accounting, government and the public sector, utilities and manufacturing. Members rely on ISACA for resources that enhance their skills, expand their professional knowledge and connect them with a vibrant community of peers. ISACA VENICE Chapter ISACA VENICE Chapter è un'associazione non profit costituita in Venezia nel novembre 2011 da un gruppo di professionisti del Triveneto che operano nel settore della Gestione e del Controllo dei Sistemi Informativi. Riunisce coloro che nell'Italia del Nord Est svolgono attività di Governance, Auditing, Controllo e Security dei Sistemi Informativi promuovendo le competenze e le certificazioni professionali sviluppate da ISACA. L'associazione favorisce lo scambio di esperienze, promuove un processo di sensibilizzazione di tutti i livelli organizzativi aziendali alla necessità di stabilire adeguati criteri di controllo sia di affidabilità dell'organizzazione sia di sicurezza dei sistemi. Maggiori informazioni su www.isacavenice.org ISACA VENICE PER L’ATTIVITA’ SVOLTA NEL 2015 HA RICEVUTO I SEGUENTI RICONOSCIMENTI: • Honorable mention per il K. Wayne Snipes Best Chapter Award 2015 • Communications Commendation 2015. Scheda di Iscrizione da inviare a [email protected] entro 15.05.2016 Enabling Business Security 20 May 2016 Trieste Per motivi organizzativi i partecipanti saranno avvisati con mail di conferma. LOCATION MIB School of Management Largo Caduti di Nasiriya 1 - 34142 Trieste [email protected] tel. +39 040 9188111 - fax +39 040 9188112 Coordinate GPS: 45.645391,13.810564 In automobile: Trieste è raggiungibile in automobile, utilizzando l'autostrada A4 da Venezia-Mestre o l'autostrada A23 da Tarvisio-Austria, con uscita obbligata al casello del Lisert. Dopo il casello: - Proseguire per l'autostrada attraverso l'altipiano carsico fino all’uscita Trieste Centro (circa 25 km). - oppure prendere l'uscita di Sistiana-Strada Costiera, strada panoramica ma più trafficata che conduce in centro città (km 18). Dopo il casello di Lisert: Continuare lungo l’autostrada fino all’uscita "Cattinara" e proseguire tenendo la destra in direzione "Cattinara - Centro Città". Passata la rampa e lasciato sulla sinistra il bivio per l'ospedale di Cattinara, si prosegua diritti per circa un chilometro fino a raggiungere sulla destra il parco e il palazzo del Ferdinandeo, complesso ottocentesco color ocra, sede della Scuola.
Similar documents
Sicurezza e governance nell`era dell`Internet of Things
informazioni, Consulenti, IT Risk Manager, Responsabile Qualità dei Dati, Responsabile Rischi Operativi, Studenti universitari o Neolaureati.
More information