This seminar will help you to establish Key Performance Indicators (KPI) to determine if your Information Systems Incident Response program meets business objectives and operational metrics for ongoing process improvement. We will discuss:
- How to tailor & enhance your existing security training program and requirements for specific audiences based on the sensitivity of the information for which they are granted based on policies.
- How to strengthen IT Risk Management - Integrate Information Security risk management with enterprise risk management, including using common business terminology, congruent methods, and common or linked risk register, and establishing mechanisms for risk acceptance.
- How to build an IS regulation review process, schedule and regulation requirements.
Information Security, Governance & Risk, are all critical aspects of planning and execution of the Information Security Plan. Who in your organization has key responsibility to develop an information security governance program; review existing Information Security policies and standards to ascertain their adequacy in coverage scope against industry best practices, and update them as appropriate, taking into account compliance recommendations?
Do you feel safe enough to bet your reputation on your current CSIRT Plan?
Your Organization must be prepared to respond to a Cyber Incident. Here are some of the cases which happened recently:
- On October 3, 2013, The Adobe Systems Incorporated in the United States of America discovered that there was a cyberattack Hackers made it through their network during its regular monitoring of security check.
- As Target continues to respond to the security breach that has now been estimated to affect up to 110 million people by NBC News.com, analysts continue to zero in on the statements and actions by CEO, Gregg Steinhafel.
- TJX Corporation, a major retailer with stores in the United States, Puerto Rico, and even the United Kingdom, experienced one of the largest security breaches. Millions of their customer’s credit and debit card information were stolen over a seventeen month period. TJX is the parent company of chains such as TJ Maxx, Marshalls, Homegoods, and a host of retail stores across the US and Canada.
Learning Objectives:
Cyber Security Incident Response Program is a must for any organization using the Internet. It must be robust yet flexible. Unfortunately in spite of all of the Cyber Events, many companies are taking a long time to respond. Teams must be trained and have written procedures. Time is critical in responding to an incident. Every incident costs the organization, money and reputation,
In this session you will learn:
- Best practices and the standards that make up a great Cyber Incident Response Program
- Learn what teams should be part of your CSIRT Team
- Get insight into how to create CSIRT Playbooks and Management Plans
- Learn how to conduct inexpensive tests of the CSIRT Teams and Programs
- This program will help you determine your current Gaps and provide milestones for correcting the Gaps
In-Person Seminar going Virtual with increased learner satisfaction.
Yes, attend this seminar from anywhere. We are making it real and more interactive – Here's a sneak peek:Our enhanced delivery process and technology provides you an immersive experience and will allow you to access:
- The real-time and live presentation as in in-person events
- Private chat for company-specific conversation – the same as you would get in an in-person seminar
- Opportunities to connect with your peers to share knowledge at a different time and have group discussions
- Live workshop activities
- Live Q&A during the event and offline Q&A assistance after the event
- As usual more content, activities and case studies and now adding homework for a comprehensive understanding
- Certification
Areas Covered:
Key points to be discussed at the session include:
- Adopting a systematic approach to risk tracking to enhance the effectiveness of the Cyber Incident Program
- Outlining the critical actions to take if an event affects the company or its partners
- Understanding an organizations’ susceptibility to a Cyber Attack
- Cyber Incident Response: Getting started, research, training, testing and maintaining
- Standards and Best Practice: ISO 27001, ISO 27035, ISO 27005. NIST, FFIEC, HIPPA AND HITRUST
Attendees will get below tools and templates:
- Best Practices
- Standards
- Organizing
- Researching
- Documenting for your Organization
- Testing for your Organization
- How to maintain the program and keep it current
Who will Benefit:
Any company that deals with health information or Credit Card Information:
- Chief Security Officer
- Risk Managers
- Chief Information Officer
- Chief Operations Officer
- Insurance
- Financial
- Registration Process: 8:30 AM – 9:00 AM
- Session Start Time: 9:00 AM
- Cyber Security Incident Response Program (CSIRT): Where to Start
- Standards and Best Practices
- ISO and Information Security as a Guideline
- Researching Your Industry
- Event vs Incident
- NIST, SANS and More
- Planning Team
- Operation Sequencing for CSIRT
-
- Developing and documenting your Program
- Developing and documenting your Plan
- Developing and documenting your Playbooks
- Creating your CSIRT Team
- Team Training
- Testing and Types of Tests
- Maintenance
Michael C Redmond
CEO and Lead Consultant, Redmond Worldwide
Dr. Michael C. Redmond, PhD, is a certified project manager, PMP, has two master certifications in business continuity/disaster recovery MBCP and FBCI and is certified in emergency management. She is active in cyber security and holds multiple ISO certifications (ISO/IEC 27001 Information Security Management, ISO/IEC 27032 Lead Cyber Security Manger, ISO/IEC 27035 Security Incident Response, ISO/IEC 22301 Business Continuity Management Systems, ISO/IEC 21500 Project Management, and ISO/IEC 41001 Environmental Management). She is an international consultant, speaker and published author.
Her past experience includes 13 years as a senior manager with Deloitte, KPMG and Chubb in the areas of: compliance, crisis management, business continuity, disaster recovery, emergency management, internal audit/ gap analysis. She was a business continuity/disaster recovery manager with the Bank of New York. She consults for clients in diverse industries such as banking, manufacturing, pharmaceutical, hospitals, government agencies, colleges and universities, law firms, and media.
Dr. Redmond spent 4 years on active duty with the army and 18 1/2 years as National Guard and Reserve before retiring as a major. She is a graduate of Command & General Staff College (Fort Leavenworth), attended civil affairs courses at the US Army JFK School of Special Warfare and is Hazmat trained and DOD certified. The White House honored Dr. Redmond at a luncheon as one of the Top Women in Her Field of Business Continuity.
Register Now
Online using Credit card
Get the Invitation
Pre-Register yourself and get the official Invite when venue and dates are announced for this seminar.
Call here to register +1-888-717-2436 or email at [email protected]
Other Registration Option
- Download the Order Form
- Fill this form with attendee details & payment details
- Fax it to +1-650-362-2367, or
- Email it to [email protected]
Payment Mode
ComplianceOnline (MetricStream, Inc),
6201 America Center Drive Suite 240
San Jose, CA 95002
USA
Register / Pay by Wire Transfer
Please contact us at +1-888-717-2436 to get details of wire transfer option.Terms & Conditions to Register for the Seminar/Conference/Event
Your registration for the seminar is subject to following terms and conditions. If you need any clarification before registering for this seminar please call us @ +1-888-717-2436 or email us @ [email protected]
Payment:
Payment is required 2 days before the date of the conference. We accept American Express, Visa and MasterCard. Make checks payable to MetricStream Inc. (our parent company).Cancellations and substitutions for In-person Seminars:
Written cancellations through fax or email (from the person who has registered for this conference) received at least 10 calendar days prior to the start date of the event will receive a refund - less a $300 administration fee. No cancellations will be accepted - nor refunds issued - within 10 calendar days before the start date of the event.On request by email or fax (before the seminar) a credit for the amount paid minus administration fees ($300) will be transferred to any future ComplianceOnline event and a credit note will be issued.
Substitutions may be made at any time. No-shows will be charged the full amount.
We discourage onsite registrations, however if you wish to register onsite, payment to happen through credit card immediately or check to be submitted onsite. Conference material will be given on the spot if it is available after distributing to other attendees. In case it is not available, we will send the material after the conference is over.
In the event ComplianceOnline cancels the seminar, ComplianceOnline is not responsible for any airfare, hotel, other costs or losses incurred by registrants. Some topics and speakers may be subject to change without notice.
