This workshop session will focus on the risk and control issues related to cyber security and emerging information security and technology, including key controls and how to audit them.
Session will use specific IT technologies as examples of control mappings including network components, operating systems and TCP/IP Services
Understanding Cyber Security
- Key concepts and relationship to business organizations
- Cyber Warfare / Terrorism / Hacktivism / Crime / Espionage
- South Africa National Cybersecurity Policy Framework (NCPF) and other cyber legislation such as Cybersecurity and Cybercrimes Bill
Understanding Emerging Threats and Risks
- Overview of Threat Landscape
- Advanced Persistent Threats (APT)
- Understanding Malware
- Key Attack Vectors including Social Engineering; Phishing; Watering Holes
KEY CYBERSECURITY CONTROLS
- Cyber Security Governance
- Risk Management
- Key Cyber Security Controls
- Key Control Requirements:
- Network Segmentation / Isolation
- Security Configuration
- Patch Management
- Privilege Management
- Anti-Malware Defense and Application Whitelisting
- Data Loss Prevention
- Incident Management
- Security Awareness
- Security and Audit Tools & Techniques
- Questions auditors should ask in relation to IT infrastructure and corporate information protection
- Useful reference material
CONDUCTING A CYBER SECURITY ASSESSMENT
Cyber Security Frameworks
- Key cyber security concepts and relationship to business organizations
- Cyber Security overview including industry threat trends and techniques using examples
- Cyber Security Governance controls and processes to manage Cyber Risk
- Cyber Risk considerations when performing technology platform, application and business audits
- NIST Cyber Security Framework & Functions, Categories etc.
- Audit Assessment Frameworks
- Top 4 Mitigation Strategies
- Critical Security Controls and Related Audit Objectives & Steps
- Discussion of current Cybersecurity Self-Assessment Tools
John Tannahill, CA, CISM, CGEIT, CRISC, CSXP is a management consultant specializing in information security and audit services. His current focus is on security and control in large information systems environments and networks.
Specific areas of technical expertise include Windows and Linux operating system security, network security, database security and cybersecurity. John is a frequent speaker in North America, Europe, Africa and Asia on the subject of cybersecurity, information security and IT audit.
John is a member of the Toronto ISACA Chapter and has spoken at many ISACA Conferences including CACS Conferences; CSX Conferences and ISACA Training Weeks.