Information Governance: Mitigate Information Risk with Standards

David Fatscher, ICT Sector Development Manager, British Standards Institute
“Information can have great value as an organisational asset but can be a toxic liability if not handled properly” (Richard Thomas, UK Information Commissioner, 2008)

Advances in new technologies make it easier for organisations to collect greater amounts of data (especially personal data) and deliver more targetted services, but these same advances also raise concerns, not least about the ability of organisations to manage effectively such unprecedented volumes. These are challenges which can only be met by effective information governance.

Information governance is fast being recognized as a critical component of corporate governance and is about more than just ensuring data is secure. Data must also be collected, stored, retrieved, shared and destroyed in ways that enable an organisation to meet its objectives and customers’ needs, while still meeting legal obligations under data protection. With supply-chains becoming ever more complex, when organisations want reassurance that those with whom they do business operate to a common framework of information governance, standards are increasingly the accepted ‘lingua-franca’.
Jul 22 2010
31 mins
Information Governance: Mitigate Information Risk with Standards
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5247)
  • Upcoming (137)
  • Date
  • Rating
  • Views
  • This webinar will outline methods of deploying Fortinet Sandbox solution as a hardware inclusive service and creating a compelling offering that will help build value in your portfolio and lead to high margin revenue. We will discuss the reasons for the renewed demand for Sandboxing, the deliverables of FortiSandbox, compare it to competitive solutions and discuss sizing, productizing and pricing models.
  • Most IT providers have offers related to big data, cloud, mobility and security, and companies are looking at IT as the way to reduce costs and be competitive during an economic crisis. Investments in IT trends such as cloud computing and big data will rise thanks to a new player in the game: the business departments. This analyst briefing will show why companies are investing in IT, and what will change in 2015.

    Why you should attend:

    - Discover how many companies will adopt big data, cloud, mobility and security in 2015
    - Understand the current scenario of these trends in Latin America
    - Learn what will be different in 2015 regarding each trend
  • Providing a seamless user experience from browsing to purchase requires consistent uptime and performance, and seasonal traffic spikes require elastic scalability. In this webinar, we'll explore these and other big data challenges faced by e-commerce businesses and how the cloud can provide a winning solution. We’ll review mobile shops login data analysis, dynamic content, affiliate programs, infrastructure reference architecture, mobile plate- form integration with social media, and network integration and built-in instant messaging uses cases.
  • For any developer, choosing the right compute infrastructure and back-end database is a critically important decision. In this webinar, we'll explore specific challenges that mobile app and game developers face and how the cloud can provide a winning solution. We’ll also explore cloud solutions for big data challenges for MMOG, built-in analytics, online and offline MOG online modes, infrastructure reference architecture, and social network and cross-platform game use cases.
  • The risks and opportunities which digital technologies, devices and media bring us are manifest. Cyber risk is never a matter purely for the IT team, although they clearly play a vital role. An organisation's risk management function need a thorough understanding of the constantly evolving risks as well as the practical tools and techniques available to address them
  • Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Social engineering targets our most challenging assets - people! We'll share a case study on how a regulated, mid-sized company prioritized risks, developed a mitigation strategy, and delivered an innovative awareness campaign.

    What's unique about this example is the program we helped build to incorporate active control testing, user feedback, and metrics to improve employee training alongside traditional technical controls.
  • Channel
  • Channel profile
  • Understanding EMV, End-to-end encryption, and Tokenization. Mar 19 2015 5:00 pm UTC 60 mins
    Data breaches are a widespread problem with over 1.1 billion records compromised in the last 10 years. According to the Verizon 2014 Data Breach Investigations Report, the vast majority of breaches occurred against small to mid-sized companies.

    As a result many retailers are focused on bolstering payment security and reducing fraud by implementing solutions such us EMV, End-to-end encryption (E2EE), and Tokenization. These solutions can work in tandem to protect merchants, and enable them to exceed regulatory requirements by securing card data across all payment environments.

    In this session our experts will present and define the three technologies, address the drivers that are leading the United States to implement EMV, and explain the complementary role of Tokenization with respect to EMV and End-to-end encryption.
  • The State of the Internet of Things: Opportunities and Roadblocks - Expert Panel Mar 19 2015 4:00 pm UTC 60 mins
    The Internet of Things (IoT) has now become a mainstream term but much of the attention is focused on the latest gadgets rather than its potential in super-charging efficiencies of every industry sector. Whether it's using connected devices to monitor the health of a patient or an elderly relative in their homes, GE"s smart jet engines that transmit terabytes of data on its condition in-flight or ensuring miners' safety and productivity with integrated communications, tracking and real-time analytics; Internet of Things can have a monumental impact on global economy, with the forecast of over $14 trillion in the next two decades, according to latest research by Accenture.

    But what does this all mean for IT professionals? Beyond the trade show gadgets, IoT initiatives require immense support from all IT functions. Collecting, storing and alayzing immense amounts of data, which can be easily accessed in the cloud at any time and securely shared across connected devices is no easy feat. Moreso, a standardized set of guiding principles is essential for governance and proper implementation of every supported initiative.

    Join this expert panel session, featuring some of the leading industry minds, as they share unique perspectives and vision into into the future of IoT and join the conversation in an interactive Q&A session at the end of the presentation.

    Panelists include:
    - Mac Devine, Vice President SDN Cloud Services and CTO, IBM Cloud Services Division
    - Stephen Mellor, CTO, Industrial Internet Consortium
    - Jeff Smith, CTO & EVP, Numerex
    - Darin Andersen, CEO, CyberUnited
  • Five Tips to Make Sure That Your Customers Transact with Your App Mar 19 2015 4:00 pm UTC 45 mins
    Mobile apps present a unique challenge for e-commerce merchants. Not only do they need to positively engage your customers, they must also generate revenue for your company. 

    So what keeps customers happy and coming back for more? Apps that support the on-the-go lifestyle and are engaging enough to keep users interested for the long term.

    In this webinar, 5 Tips to make sure customers transact with your app, we'll provide a clear roadmap for success that focuses on specific dos and don'ts, including:

    - DO NOT be insensitive to data privacy concerns
    - Do pay close attention balancing functionality with download speed
  • Life in a Blackhat World: Security Truth vs. Hollywood Mar 18 2015 6:00 pm UTC 45 mins
    Join our FortiGuard Labs Senior Security Strategist as we recap the “best” hacking movies from Hollywood, and how real-life hackers have influenced threat protection needs and the overall threat landscape.

    • The Evolution of Hacking – “Where we were then, and where we are now”
    • FortiLabs Overview – Who are the Fortinet Labs Team of Experts and Research
    • The Current Threat landscape – Preventative Measures and Recommendations
  • APTs: How to protect your business through multi-layered detection Mar 18 2015 5:00 pm UTC 60 mins
    Advanced persistent threats (APT) are a growing concern to the world's companies and networks. This presentation will give an overview on how they work and examine real-world data breaches resulting from APTs. We’ll also look at how multi-layered proactive detection can combat this threat and offer a product overview of how ESET’s powerful endpoint solutions respond to APTs.

    Category: Research overview and ESET product presentation.
  • Extending ZeroTrust to the Endpoint Mar 18 2015 5:00 pm UTC 60 mins
    With exploit kits readily available to attackers, even ‘good’ applications can go ‘bad’. Many endpoint security approaches begin by trusting everything, and monitoring for patterns or malicious behaviors, while others attempt to whitelist trusted applications and block the rest.

    The “Zero Trust Model” of information security coined by Forrester, has traditionally been applied to network communications, but today’s advanced cyber threats warrants a new approach in which the Zero Trust model is extended to endpoints. The same rigor must be applied on the endpoint; on the OS, on connected devices, and in memory. This is particularly important as most resources an attacker might be most interested in – data and applications – will live on the endpoint. 

    Join Palo Alto Networks as we examine how an organization can and should extend a “never trust, always verify” philosophy to their endpoint security.
  • Optimize Your Data’s Footprint, Security & Protection in Virtual Environments Mar 18 2015 5:00 pm UTC 45 mins
    Do you know what’s in your virtual attic? As organizations have virtualized their data center, the virtual infrastructure is increasingly business-critical, with greater risks to availability, security and protection. And with corporate data distributed across hundreds of virtual machines (VM), every VM is a data black box, subject to unbridled growth, management neglect, as well as security and compliance issues.

    Join DataGravity Director of Technical Marketing, Tim Sherbak, as his discusses ways to address your growing data bloat, resolve hidden liabilities and extract greater value from your data. During this webinar, you’ll learn holistic strategies to:
    •Increase your visibility and understanding of your data sets
    •Rein in data growth and storage utilization
    •Enhance data compliance and security
    •Simplify protection and recovery
  • Detecting and Responding to Cyber Attacks Amidst a “No Rules” Cyber Battlefield Mar 18 2015 4:00 pm UTC 60 mins
    Most organizations realize it’s no longer a matter of ‘If’ their organization will be breached but ‘When’. The question to ask yourself is ‘How can we gain better visibility, sooner to the signs that our organization is under attack, and respond more quickly in a cyber-threat landscape that is void of rules of engagement?’ In this webinar John Kindervag, vice president and principal analyst at Forrester, and Chris Petersen, CTO/Co-founder of LogRhythm, will examine critical dynamics in the cyber threat landscape and how integrating security intelligence with a new and more efficient organizational approach to responding to cyber-attacks, can enable organizations to detect, block and respond to these threats faster and with greater precision than ever before.

    Attend this webinar if any of the following apply to your organization:
    · Ill-prepared to detect an advanced attack or breach when it happens.
    · Hampered by outdated organizational processes that restrict rapid response to cyber threats
    · Frustrated by the deficiencies of a first gen SIEM
    · Inundated by a deluge of uninteresting security “events” and false positives
    · Overly reliant on manual responses to security events
    · Looking for a better way improve your security intelligence
  • How to Detect System Compromise & Data Exfiltration with AlienVault USM Mar 18 2015 3:00 pm UTC 60 mins
    Have you ever wondered how the bad guys actually get control of a system? And, how they convert that system into a data-syphoning droid? Then you won't want to miss our next live demo, where AlienVault's security gurus Mark Allen & Garrett Gross will walk you through the steps of a system compromise, including how AlienVault USM detects these nefarious activities every step of the way.

    You'll learn:
    - How attackers exploit vulnerabilities to take control of systems
    - What they do next to find & exfiltrate valuable data
    - How to catch them before the damage is done with AlienVault USM

    Using a real-world example of a common vulnerability, Mark will show you how USM gives you the evidence you need to stop an attack in its tracks.
  • Security Beyond the SIEM Mar 18 2015 3:00 pm UTC 45 mins
    Security Information and Event Management (SIEM) tools are widely used in enterprise security organizations as a means to comply with industry regulations for data correlation. These tools are instrumental in aggregating alerts from multiple security devices and giving security operations teams easy access to all the threats targeting the organization. Or do they? With so many alerts, security teams are overwhelmed researching all the possible threats to the business that critical attacks are being missed. Limited context into each alert makes it even more challenging and time consuming to thoroughly research attack events, giving attackers weeks or even months to exploit their targets and steal data. In this presentation, we'll discuss the challenges of relying on SIEM for attack detection and investigation, as well as how to improve your organization's security beyond the SIEM.
  • Securing the “Internet of Things” When Everything has an IP Address Mar 17 2015 5:00 pm UTC 45 mins
    Endpoints are primary targets for cyber criminals. Traditional endpoints such as laptops, tablets, and smartphones support agents and can be centrally managed, configured, and protected. The Internet of Things will drive 4 times the volume of unmanaged devices on a network increasing the attack surface and creating welcome mats for unwanted threats. These unmanaged IP-based devices will be difficult to identify, unable to support an agent, and look like black boxes to security professionals. Without knowing the device type and its business criticality, containing a compromised endpoint will be challenging and time consuming.

    Attend this webinar to learn how to:
    • Identify and classify every IP device on your network without an agent
    • Correlate high fidelity security alerts with device context
    • Minimize the time from threat detection to containment
    • Secure the Internet of Things
  • Anatomy of a Cyber Attack Mar 17 2015 4:00 pm UTC 45 mins
    Victims of targeted attacks, or advanced persistent threats (APTs), make the headlines. Attend this webinar to learn how APTs work and how to defend your business from them. Pat Hill, HP TippingPoint Product Manager, and Bob Corson, Director, Solutions Marketing, discuss the anatomy of an attack and why it's critical to detect and isolate the attack at "patient zero," the initial point of infection.

    Attend this webinar to learn:
    · How the bad guys evade your security
    · The counter measures you need to detect and block them
    · How HP TippingPoint and Trend Micro have partnered to neutralize patient zero
  • Five Steps to a Zero Trust Network - From Theory to Practice Mar 17 2015 3:00 pm UTC 60 mins
    A Zero Trust network abolishes the quaint idea of a “trusted” internal network demarcated by a corporate perimeter. Instead it advocates microperimeters of control and visibility around the enterprise’s most sensitive data assets and the ways in which the enterprise uses its data to achieve its business objectives.
    In this webinar, guest speaker John Kindervag, Vice President and Principal Analyst at Forrester Research, and Nimmy Reichenberg, VP of Strategy at AlgoSec will explain why a Zero Trust network should be the foundation of your security strategy, and present best practices to help companies achieve a Zero Trust state.

    The webinar will cover:
    • What is a Zero Trust network, and why it should be a core component of your threat detection and response strategy
    • Turning theory into practice: Five steps to achieve Zero Trust information security
    • How security policy management can help you define and enforce a Zero Trust network
  • Data-centric Security Key to Digital Business Success Mar 11 2015 5:00 pm UTC 45 mins
    With the exponential growth of data generation and collection stemming from new business models fueled by Big Data, cloud computing and the Internet of Things, we are potentially creating a cybercriminal's paradise where there are more opportunities than ever for that data to end up in the wrong hands. The biggest challenge in this interconnected world is merging data security with data value and productivity. If we are to realize the benefits promised by these new ways of doing business, we urgently need a data-centric strategy to protect the sensitive data flowing through these digital business systems. In this webinar, Ulf Mattsson explores these issues and provides solutions to bring together data insight and security to safely unlock the power of digital business.
  • Securing Office 365 Mar 11 2015 5:00 pm UTC 45 mins
    As much as Silicon Valley startup execs love to portray Microsoft as a dinosaur, the fact is that Office 365 adoption is accelerating in the enterprise. Office 365 offers a promising compromise for enterprises deciding, “to cloud or not to cloud": Bring cloud-based productivity tools under the company’s security umbrella so that people can work the way they want to, without sending sensitive company data astray. The idea that you can simply shift responsibility for your company’s data security to Microsoft, however, couldn’t be further from the truth. You can achieve Office 365 data security... but only through a partnership that involves, at its core, a comprehensive in-house security plan, together with Office 365’s built-in security functionality.

    In this webinar, Rich Campagna, VP Products at Bitglass, and Chris Hines, Product Marketing Manager, will help you understand where Microsoft’s security responsibility ends, and where yours begins, highlighting key gaps to keep in mind as you make the move to Office 365, and how to solve them.
  • Get Complete IT Compliance: Reduce Risk and Cost Mar 10 2015 3:00 pm UTC 60 mins
    Reacting to threats and remediating breaches can’t wait. Your compliance plan may be in place – but can you execute fast?

    Join BMC Software and Qualys to see how to get complete IT compliance and reduce the risk and cost in your organization. In this webinar, you will learn to:

    ·Easily detect security issues with new automated, online technology
    ·Quickly analyze operational dependencies and the potential impact of proposed fixes
    ·Enforce governance policies and change approval requirements
    ·Execute validated remediation actions rapidly
    ·Document actions and results in real time


    Plus, learn how to improve communications between security and operations to ensure a speedy resolution to compliance issues.
  • Avoiding the Headlines: 5 Critical Security Practices to Implement Now Mar 5 2015 6:00 pm UTC 45 mins
    2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • The One-Man SOC: Habits of Highly Effective Security Practitioners Mar 5 2015 5:00 pm UTC 60 mins
    Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Endpoint Security Just Got Simpler Mar 4 2015 6:00 pm UTC 60 mins
    From unobtrusive advanced malware detection technologies to automated threat response and actionable mobile-friendly dashboard – manage security from any device, any time, ESET will present new solutions for securing your endpoints and new ways to manage them.
  • Maintaining Security in a Mobile World Mar 4 2015 6:00 pm UTC 45 mins
    The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
trends, developments, and technology
Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Information Governance: Mitigate Information Risk with Standards
  • Live at: Jul 22 2010 1:00 pm
  • Presented by: David Fatscher, ICT Sector Development Manager, British Standards Institute
  • From:
Your email has been sent.
or close
You must be logged in to email this