This webinar will prepare your organization to understand the need for information security and data privacy, steps that can be taken to institute or augment your data security policies/procedures, and the implementation of the needed controls.
This webinar will introduce attendees to a set of known and respected best practice data security standards that can be employed by your organization to improve your security. Attendees will walk away with ideas to leverage the curriculum with their existing security infrastructure.
Why Should You Attend:
Information security and data privacy have become an important area for all enterprises. All organizations have sensitive data that requires protection.
This data may be proprietary or private company data, product data, employee data, customer data or any data considered sensitive by your organization. In the face of data loss or compromise, potential liability for all organizations is significant. Taking steps to protect data has become mandatory for all businesses and governmental entities.
Federal, state and local jurisdictions have taken notice of the potential negative effect caused by the loss of data on individuals and companies. In some cases, legislation has passed requiring companies that have been compromised to notify all effected individuals and entities.
This webinar targets recommended DO’s that your organization should consider when implementing or augmenting data security and privacy policies, procedures and controls. It will also discuss some definite DON’Ts of information security. Both electronic and physical issues will be addressed.
Data security best practices will be discussed. The webinar will provide a list of data security standards that your organization can review and use as a guide when developing your organization’s data security program.
Areas Covered in this Webinar:
• Policies, Procedures and Controls that govern Information Security and Data Privacy
Implementing and maintaining a set of written policies and procedures results in a comprehensive approach to data privacy and information security. The importance of these controls is stressed. The need for the identification of all of your organization’s system components including network devices/appliances, servers, computing devices, storage devices, data bases and applications will be stressed.
Identify your organization’s sensitive, critical data that must be protected. The level of protection is proportional to the relative importance and sensitivity of the data
• Safety and Security of Networks
Identify and implement all necessary security controls. Ensure that security policies and operational procedures for protecting stored sensitive, critical data are documented, in use, and known to all affected parties
• Monitoring security controls continuously
Track and monitor all accesses to network resources and sensitive, critical data on a daily basis. Implementation of audit trails and logs that are secure against alteration
Implement controls that ensure that your organization’s critical data can only be accessed by authorized personnel, systems and processes. Access to your critical data must be limited based on need to know and job responsibilities
• Controlling Use of Company Resources
Implementation of controls for physical and electronic access to your organization’s physical plant and physical/electronic access to your organization’s network(s)
• Software Development Life Cycle
Develop internal and external software applications (including web-based administrative access to applications) securely in accordance with industry security standards and/or best practices adopted by your organization as policy and Incorporating information security throughout the software-development life cycle
• Incident Reporting as part of a BRP: Observation, Orientation, Decision and Action
• U.S. laws that effect your organization’s potential liability for data loss
• A list of data security standards that will prove useful to your organization
Who Will Benefit:
• Executive Positions
• Compliance and Risk Management Personnel
• Vendor Management Personnel
• Data Security Personnel
• Data base/Network Administration Personnel
• Vendor Management Personnel
• Point of Sale Development Personnel
• Software Developers
• Business Owners
• All Organizations, Public or Private, that need to protect sensitive data and networks
• Any Business accepting payment cards (e.g. credit cards, payment cards, loyalty cards, etc.)
• Financial Institutions such as Credit Unions and Community Banks, Municipalities and other Governmental Entities, Non Profit Organizations, etc.
Marc Perl brings over 30 years of professional experience to Teknowlogy Associates. Marc’s diverse experience includes risk management, payments processing, data security, product development, software development and software quality assurance.
During 20 years at Visa, he was a key member of Visa’s Risk Management team, where he developed and managed the compliance program for the Payment Card Industry Data Security Standard (PCI DSS) as part of the Cardholder Information Security Program (CISP). Marc led the team that developed the business requirements for Visa’s Point-to Point Encryption (P2PE) solution. Marc continues to conduct risk reviews at financial institutions and processors globally.
For more detail please click on this below link:
Toll Free: +1-844-746-4244