Overview: The best information security program becomes a mere token effort if the organization doesn't keep up with ongoing new and changing requirements and adjusting to an ever changing world. International standards like ISO/IEC27001:2013 call this process continual improvement. Indeed, being a mandatory requirement of the standard, compliance with the same can only be achieved by implementing a continual improvement program. The sheer number of sources of change to derive improvement actions from makes such program a real challenge. 

This webinar looks at a range of areas of change, associated challenges and strategies to address these. After a recap on continual improvement, we start from regulatory change, in particular the just starting transfer from ISO/IEC27001:2005 to ISO/IEC27001:2013. The new version of the standard puts a particular emphasis on improved risk management, management commitment and competence. All three are not new to the standard yet have been found to not having received enough attention in the past. 

We continue by looking into changed risk exposures due new and changing threats and vulnerabilities, in particular relating to new technologies. We also look into the impact of increased maturity of the information security management system as direct consequence of continual improvement activities. Finally, we discuss the changing expectations of consumers and other interested parties, i.e. the market. Every organization should have these subjects on the radar. 

Why should you attend: There's no question, Information Security Requirements are constantly evolving. Aside from keeping the existing Information Security Management System effective, organizations need to address new and updated international standards, regulations, laws and other requirements, eg the just recently published ISO/IEC27001:2013. Equally, threats to information security are not going away either, indeed with ongoing technical progress and new technologies, new threats and vulnerabilities are emerging all the time. A stark reminder are the countless and continuing information security incidents that have made headlines world-wide in recent years: confidential data stolen, websites stalled by attacks, accidental change of data, faulty processes causing misrepresentation to name just a few. Aside from the immediate damage, such incidents cause tremendous reputational harm. So, how can an organization stay ahead of the game and master all those challenges? This webinar presents the different challenges to ensure that you don't miss any due to a lack of awareness and then discusses strategies to address each challenge. 

Areas Covered in the Session:

• Why Change Matters to Your Information Security
• The Purpose of Continual Improvement
• Regulatory Change, in particular the Transfer from ISO/IEC27001:2005 to ISO/IEC27001:2013
• Changing Risk Management Requirements
• Changing Management Commitment Requirements
• Changing Competence Requirements
• New and Changing Threats and Vulnerabilities, in particular relating to New Technologies
• Impact of Increased Maturity of the Information Security Management System
• Market Matters and Changing Consumer Expectations
• Q&A

Who Will Benefit:

• Chief Executive Officers
• Chief Financial Officers
• Chief Operation Officers
• Chief Security Officers
• Chief Information Officers
• Risk Managers
• Compliance Managers