Follow the Risk with Adaptive Cybersecurity Assessments

Logo
Presented by

Gideon T. Rasmussen – Consulting Principal, Virtual CSO, LLC

About this talk

This session provides practical cybersecurity assessment advice. It details the end-to-end process including: scoping, work papers, scheduling, on-site assessment, report preparation and presentation. The first assessment example leverages the NIST Cybersecurity Framework to ensure coverage across security domains. Sample scoping questions will be provided, along with tips and examples to add controls based on business processes, insider threat, privacy and fraud. This session also addresses follow-on assessments. Attendees are encouraged to evaluate lines of business and to take deep dives into critical functions. Tips and examples are provided to leverage best practices, creating specific testing procedures. Upon returning to work, attendees should be able to conduct an assessment and understand how to develop new testing procedures, adapting to changes in the threat landscape.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (107)
Subscribers (21170)
(ISC)² Security Congress channel contains digital content of activities at (ISC)2's Flagship conference event. You'll find keynotes, sessions and related items.