Cyber Security and Emerging Risks

When:  Dec 19, 2019 from 08:30 to 16:30 (ET)
Associated with  Toronto Chapter

Session Highlights:

This seminar will focus on the risk, security and control issues related to cyber security and emerging technologies.

Key Learning Objectives:

  • Understand cyber security risk and control issues

  • Understand emerging risk areas

  • Discussion of security and audit tools and techniques

  • Understand current assessment frameworks and tools

     

    Specific Topic Areas Include:

    Understanding Cyber Security

  • Key concepts and relationship to business organizations

  • Cyber Threat Actors

     

    Understanding Emerging Threats and Risks

  • Overview of Threat Landscape / Organization use of emerging technologies

  • Advanced Persistent Threats (APT)

  • Kill Chain Analysis / Attack Frameworks

  • Client Endpoint / Mobile Device Security Risks

  • Malware / Ransomware

  • Command and Control; Remote Access Trojans; Keystroke Loggers

  • Distributed Denial of Service Attacks (DDoS)

  • USB / Removable Media

  • Internet of Things (IoT)

  • Social Engineering

  • Web / Mobile Application Threats

  • Social Media Risks

  • Supply Chain Risks

     

 Risk & Control Areas

  • NIST Cyber Security Framework

  • Mapping of NIST Framework Control Categories and Sub-Categories to Critical Security Controls, ISO/IEC 2700-2013

  • Cyber Security Governance

  • Risk Management

  • Key Cyber Security Controls:

    • Network Perimeter Security / Next Generation Firewalls

    • Network Access Control

    • Network Isolation & Segmentation

    • Security Configuration

    • Patch Management

    • Privilege Management

    • Vulnerability Management

    • Endpoint Protection

    • Malware management and Application Whitelisting

    • Threat Intelligence

    • SIEM

    • Data Loss Prevention

    • Incident Management

    • Security Awareness

    • Penetration Testing and Red Team Exercises

       

       

Cybersecurity Assessment Tools & Techniques

  • Assessment Tools and Frameworks

  • Security and audit tools and techniques

  • Resource List

Speaker Profile:

JOHN G. TANNAHILL, CA, CISM, CGEIT, CRISC, CSXP

John is an independent Information Security and Audit Services Consultant. His current consulting work areas are focused on information security in large information systems environments and networks, requiring detailed knowledge of the major operating systems encountered. Particular areas of technical security expertise include:

  • Windows Server

  • Unix and Linux

  • Oracle and Microsoft SQL Server

  • Network Security

John is a frequent speaker in Canada, the United States, Europe, Africa and Asia on the subject of Information Security. He is a member of the Institute of Chartered Accountants of Scotland.

 

Please Note:  There is a cancellation policy in effect

Location

Holiday Inn Conference Center
30 Fairway Rd. South
Kitchener, ON