Menu Close Menu

Menu

Account

How to Operationalize Cyber Security: Turning Policy into Action - ENCORE EVENT

Watch Webinar Recording Download Slides

View original event info

In this session, we'll discuss which departments typically hold each piece of the cyber security puzzle, as well as how to communicate between departments in a common risk language. Attendees will discover the reciprocal benefits of developing an integrated, iterative, and proactive governance program. This is a recording of a previous event. There may be references to future events, special offers and free downloads that are not available at this time.

The financial and reputational damages of cyber attacks cannot be underestimated as technology continues to advance. In 2017, the occurrence of data breaches increased by 45%. In 2018, cyber attacks cost companies an average of $8 million. Companies have therefore gone to great lengths to develop comprehensive policies that protect their assets. However, just because a policy exists doesn’t mean it’s followed across the organization.

Too often, organizations operate under the misconception that operationalizing cyber security is the responsibility of the IT department alone when, in reality, many departments (including information security, vendor management, finance, human resources, and more) hold pieces of cybersecurity information. Unfortunately, most organizations lack the ability to engage these departments and put the pieces together.

Taking a holistic, cross-functional approach to cybersecurity is the only way to achieve this level of engagement. This approach also simplifies the IS/IT audit process by ensuring controls designed to protect the company are effective and properly implemented.

In this session, we'll discuss which departments typically hold each piece of the cyber security puzzle, as well as how to communicate between departments in a common risk language. Attendees will discover the reciprocal benefits of developing an integrated, iterative, and proactive governance program.

Learning Objectives:

• Operationalize cyber security policies across departments and levels

• Determine clear cross-functional accountability for cyber security responsibilities

• Collect metrics that monitor the effectiveness of cyber security programs for IS audits

• Demonstrate best practices for reporting cyber security progress and effectiveness to the board and regulators

Presenters:

Steven Minsky

Brendan Colliton

CPE Credit Notice

This is a group internet-based event for NASBA authorized continuing education credit. OCEG webinars are free for anyone to attend, but only Attendees who have an OCEG All Access Pass will receive a Certificate of Completion for the webinar indicating 1 hour of CPE credit.

OCEG is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have the final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.learningmarket.org. For information regarding administrative issues such as complaints or refunds, please contact OCEG at info@oceg.org.

Related Resources
Back to top
OCEG © 2002 - 2024 OCEG

Terms of Service

Privacy Policy

support@oceg.org

Contact Us

Information & Billing:
+1 (602) 234-9278

Principled Performance, Driving Principled Performance, Putting Principles Into Practice, OCEG, GRC360°, ActiveLearning, EventDay and LeanGRC are registered trademarks of OCEG.

Protector Skillset, Protector Mindset, Protector Code, Lines of Accountability, GRC Professional, GRCP, GRC Fundamentals, GRC Auditor, GRCA, GRC Audit Fundamentals, Data Privacy Fundamentals, Integrated Data Privacy Professional, IDPP, Policy Management Fundamentals, Integrated Policy Management Professional, IPMP, Integrated Audit & Assurance Professional, IAAP, Integrated Governance & Oversight Professional, IGOP, Integrated Strategy & Performance Professional, ISPP, Integrated Risk Management Professional, IRMP, Integrated Decision Management Professional, IDMP, Integrated Compliance & Ethics Professional, ICEP, Integrated Business Continuity Professional, IBCP, Integrated Information Security Professional, IISP are trademarks of OCEG.