David Kim. ITPG Secure Compliance. SVP, Governance Risk and Compliance
Your organization has little over a year to comply with the new PCI DSS v3.2 standard. If you have yet to assess your current security controls against these new standards, it’s time to start. We’ll highlight the key changes, the issues to think about, and the time required to assess, plan and implement. As a PCI Qualified Security Assessor, we know what can trip organizations up and how to avoid missteps.
Dow A. Williamson; Executive Director, SCIPP International, Inc.
No matter what kind of data you are charged with protecting or how much money you spend on expensive security technology solutions, your end-users are still the number one culprit for your data loss prevention problem. Stop your leaks before they get any worse – at the “Human Level”. Over the past decades, numerous studies have concluded that inadequate end-user security awareness training is the leading cause of security breaches, data misuse, and information theft. Don’t be the next statistic! SCIPP International’s ANSI-accredited security awareness certificate programs provide your end-users the awareness they need and the quality training your executive management, auditors, and shareholders expect.
Measuring the maturity of your BCM and IT DRM programs shouldn’t require hours of time, pages of documentation and teams of people to execute. This session will provide an overview of Gartner’s BCM Activity Cycle as well as our BCM/IT DRM Maturity self-assessment model.
Three standards for business continuity and management have been the subject of much debate since late last year, BS 25999, NFPA 1600 and the new ASIS BCM standard currently under development.
While there is an impressive “battle” raging on which standard is best or most all-encompassing, continuing this argument only distracts organizations from implementing a business continuity process and reaping the benefits of resiliency because many are waiting for the dust to settle concerning not only the standards wars, but the finalization of Title IX. A decision to do nothing could be the worst decision of your life.
This webinar is meant to help attendees understand, at a high-level, the state of the standards, their purpose and intent, and why you should do “something” rather than just stand there waiting for the dust to settle and possibly consider the recommendations of all available standards to identify the most applicable and appropriate strategies for your organization.
At the avenues of information security and business continuity, organizations are arming themselves against the amassing risks to critical resources. The strongest defense is a tight interconnection between specialized professionals: InfoSec and BC management personnel. This presentation will explore the role of each management team within an organization, and how they must interrelate to achieve true business resiliency.
SCIPP International was formed to develop, define and promote best business practices for security awareness training with a singular focus on increasing understanding and instilling positive behavioral changes as they relate to protecting information assets. SCIPP International was founded in 2006 and relies on a distinguished Board of Advisors which is composed of an international body of information security luminaries, business executives and training professionals from around the globe. Complete biographies and security awareness course offerings for general end-users and web application developers are available on our website: www.SCIPPinternational.org