Focus areas 2017
Most institutions have strict security measures in place that are aimed at protecting their information and assets. In reality though, there is a possibility that malicious software can get through these defences by a user either clicking a link or opening an attachment in a phishing email.
It is therefore essential that users are continuously reminded about the importance of taking time to review a suspicious email before taking any action.
Gartner recommends moving “from a simple prevention-only approach, where security solutions would do their best to stop malicious files from ever landing on an endpoint, to today's reality where attacks will bypass defences and must be detected and responded to as quickly and effectively as possible.”
This can potentially be overcome by applying these five overarching themes:
Governance: Policies, procedures, and processes to manage and monitor an organisation’s regulatory, legal, risk, environmental, and operational requirements, and ensure that management is informed of cybersecurity risks.
Protect: Build the appropriate safeguards to ensure delivery of critical infrastructure services, and have the ability to manage cybersecurity risks to systems, assets, data, and capabilities.
Respond: Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event and put a process plan in place to act on a detected cybersecurity event. Maintain plans for resilience and restore any capabilities or services that were impaired by a cybersecurity event.
Educate: Raise awareness on cybersecurity issues via training and informative communications, and ensure that users are aware of their security-related duties and responsibilities consistent with related policies, procedures, and agreements.
Measure: Develop metrics designed to facilitate decision-making and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data, based on IT security performance goals and objectives.
The speakers at this year’s symposium will seek to address these topics while also sharing their knowledge and experience in the security field.
If you are interested in presenting at this year's symposium, please download and complete the CSSA 2017 presentation template and send it to email@example.com for review. Your submission should be no longer than two pages, plus a third page for author bios, and must be saved as a PDF document.If your submission is accepted this will become the short description of your session that appears on the conference website.
To participate, you will also need to register for the symposium.