security beyond compliance
Post on 22-Jan-2018
123 Views
Preview:
TRANSCRIPT
Security Beyond Compliance
http://www.isaca.lk/ info@isaca.lkThis work is licensed under a Creative Commons Attribution 3.0 Unported License.
Parakum Pathiranapresident@isaca.lkMSc, FBCS, CISA, CISM, CGEIT, CISSP, ISO 27001 LA, MCP, CHFI, QCS, ITIL
Disclaimer
• I’m employed in the #infosec industry, however not authorized to speak on behalf of my employer/ clients
• Everything I say can be blamed on the voices in your head
My credentials
• 10+ years in #Infosec field
• Tutor, consultant/ advisor, auditor, head of InfoSec
• Sectors: financial, leisure, manufacturing, advertising, gov, insurance, etc.
• Crazy about #cycling, #infosec, #socialmedia
• Still learning and not an expert at anything
• lk.linkedin.com/pub/parakum-pathirana/2/a52/2a2/
Findings from a survey done in 2008
1. Protecting reputation and brand has become a significant driver for information security.
2. Despite economic pressures, organizations continue to invest in information security.
3. International information security standards are gaining greater acceptance and adoption.
4. Many organizations still struggle to achieve a strategic view of information security.
5. Privacy is now a priority, but actions are falling short.
6. People remain the weakest link for information security.
7. Growing third-party risks are not being addressed.
8. Business continuity is still bound to information technology.
9. Most organizations are unwilling to outsource key information security activities.
10. Few companies hedge information security risks with cyber insurance.
Problem Statement
How many have deployed Information Security solutions purely to meet the compliance requirements? - According to a survey carried out at RSA Conference in 2015,
• over 61% of attendees admitted that they had
• nearly 70% of organizations don't believe they are getting the most from their security products because they think they are either too complicated, too time consuming or they don't believe they have the right expertise
top related