Workshop on Cyber Security
In the age of Cyber warfare, the organizations have a bigger responsibility to protect their data, systems and networks from any malicious attacks. This requires implementing a defense in depth approach that focuses on implementation of modern and effective technology governed by an efficient Information Security Management System.
This session will enable the participants to learn more about cyber security, latest threats and trends and the future challenges. It will also enable them to adapt a structured approach for defining their information security requirements, designing an enterprise security framework to address these requirements and what kind of controls are available to protect their information assets.
|Date:||November 27, 2013|
|Time:||10:00am – 1:00pm|
|Venue:||6th Floor, Arfa Software Technology Park, Ferozepur Road, Lahore.|
|The duration of the workshop will be approximately 3 hours with the following session break up:|
|Session 1:||Understanding Cyber Security||45 Min|
|Session 2:||Critical controls for Cyber Security||45 Min|
|Session 3:||Developing Enterprise Security Frameworks||45 Min|
|QA & Discussion||45 Min|
Who Should Attend?
- Information security professionals with proven experience
- Senior management responsible for developing information security frameworks
- Senior management responsible for Information Technology initiatives
Session 1: Understanding Cyber Security
- Defining Cyber Security
- Cyber Security & Information Security: facts and myths
- How it works
- Modern Day Threats
- Way Forward
Session 2: Critical Controls for Cyber Security
- Process based Controls
- Technology based Controls
Session 3: Developing Enterprise Security Frameworks
- Adapting a risk based approach
- Defense in Depth
- Integrating Standards, Studies and best practices
- Information Security Management System (ISO 27001)
- Information Security Risk Management (ISO 27002)
- Risk Management (ISO 31000)
- Business Continuity Management (ISO 23001)
- IT Governance (ISO 38500)
- Insider Threat Management
- Best practices of NIST
- Integrating Process & Technology for Security
- Developing an Enterprise Security Framework : A Case Study
Muhammad Furqan Khan
Furqan has over 20 years of experience in developing enterprise security frameworks, information security management systems, IS audits and quality management. He is an ISO 27001 Lead Auditor & ISO 9001 LA. He is the only SEI Authorized Trainer for CMMI in Pakistan. Over the last decade, Furqan has managed several consulting assignments related to information security across Pakistan & abroad with organizations like Saudi Aramco, Commercial Bank of Dubai, NetSol Technologies, Allied Bank of Pakistan, Ejada Systems and many more.
Syed Abid Ali
Abid has over 12 years of experience in technology management. He holds a degree in Technology Management from University of London. His notable work experience includes working for the Doha Asian Games held in Qatar in 2006 where he was responsible for technology management for the world’s largest sporting event ever. Over the last 7 years he is involved in information security management portfolio and have worked with technology partners like Raytheon & Lockheed Martin to server a diverse customer base in Pakistan, Qatar, Oman & Saudi Arabia. He has conducted numerous workshops on “Developing Enterprise Security Frameworks in Middle East & Pakistan.