ISACA, the global IT association, recently released COBIT 5 for Information Security - new guidance aimed at helping security leaders use the COBIT framework to reduce their risk profile and add value to their organizations. Join two ISACA leaders for an insider's look at how to use COBIT 5 for Information Security to:
Link information security with organizational strategic goals;
Create the appropriate governance and management framework;
Comply with the ever-growing number of relevant laws, regulations and contractual requirements.
Information is the currency of the 21st century enterprise. As such, effectively securing information is critical. To help enterprises with this challenging mission, global IT association ISACA has developed COBIT 5 for Information Security, which builds upon COBIT 5. COBIT is used by enterprises in all industries and all geographies to create trust in and value from information systems.
Among the major drivers for the development of COBIT 5 for Information Security:
The need to describe information security in an enterprise context, including all aspects that lead to effective governance and management of information security, such as organizational structures, policies and culture.
An ever-increasing need for the enterprise to maintain information risk at an acceptable (and regulatory compliant) level and to protect information against unauthorized disclosure, unauthorized or inadvertent modifications, and possible intrusions - all while containing the cost of IT services and technology protection.
The need to link together all major ISACA research, frameworks and guidance, with a primary focus on Business Management for Information Security (BMIS) and COBIT.
COBIT 5 for Information Security is designed for all stakeholders of information security, from the business to IT. Leading this session are two ISACA executives, Christos K. Dimitriadis, International Vice President, and Robert E Stroud, member of the ISACA Strategic Advisory Council. They will share insights on how to use this new guidance to:
View information security as a business enabler as well as a risk management tool;
Ensure effective governance by combining several different standards and good practices under a common framework, avoiding overlaps and additional complexity and cost;Understand and assess the relation between information security and corporate culture;
Ensure that services and systems are continuously available to internal and external stakeholders.
Dimitriadis is the head of information security at INTRALOT GROUP, a Greece-based multinational supplier of integrated gaming and transaction processing systems, where he manages information security in more than 50 countries in all continents. He has worked in information security for more than 12 years and has authored 80 security-related publications. He has provided information security services to the International Telecommunication Union, European Commission Directorate Generals, European Ministries and international organizations, as well as business consulting services to entrepreneurial companies. He is chair of ISACA's COBIT Security Task Force and has served as chair of ISACA's External Relations Committee and member of the Relations Board, Academic Relations Committee, ISACA Journal Editorial Committee and Business Model for Information Security Work Group.
VP - Strategy & Innovation, CA Technologies & Member - ISACA Strategic Advisory Council
Stroud served a four-year term as an ISACA international vice president and now serves on the ISACA Strategic Advisory Council and is chair of the ISO Liaison Taskforce. Stroud formerly served on the itSMF International Board as treasurer and director of Audit, Standards and Compliance, the itSMF ISO liaisons to multiple working groups. He is a social media leader, author, blogger and highly regarded public speaker An industry veteran, Stroud has significant practical industry experience and is a recognized industry thought leader and has contributed as a global authority on governance to multiple publications, including COBIT 4.0, 4.1 and COBIT 5, Guidance for Basel II and multiple ISO standards. Stroud spent more than 15 years in the finance industry successfully managing multiple initiatives in both the IT and retail banking sectors related to security, service management and process governance.