The ISACA Central Maryland Chapter invites you to our virtual training event on Tuesday, October 12, 2021, A Workshop on API Risk Management and Zero Trust Model. ISACA Members, cyberaudit, assurance, Cybersecurity Nexus (CSX), risk management, governance, and internal control professionals and practitioners new to the field and those with years of experience will benefit from this event. The training event offers an opportunity to build onto your knowledge and skills. The training session is a webinar via a Zoom. After registration, you will receive the Zoom registration email.
Speaker: Baljeet Malhotra (Bios are located under the "Speakers" tab)
Topic: A Workshop on API Risk Management and Zero Trust Model
Session description:
APIs are transforming our digital worlds by enabling the next industrial revolution driven by AI/ML and IoT solutions. APIs impact organizations both positively (through innovations, newer business models, competitive differentiation, etc.) and negatively (due to security vulnerabilities, business disruptions, legal and compliance issues etc.). These impacts are growing profoundly with evolving API ecosystems within enterprises as well as globally.
Industry Trends
• 83% of internet traffic is via Web APIs. Source: Akamai 2019;
• 96% of applications contain some Open Source. Source: Black Duck 2020;
• 99% of Open Source applications contain some Web APIs. Source: TeejLab 2021;
• By 2022, API abuses will be the most frequent attack vector resulting in data breaches for web applications. Source: Gartner Research, "How to Build an Effective Security Strategy".
· Given these trends it is imperative for Security, Compliance and Audit professionals to get a handle on APIs before things get out of control, if not already, by managing API risks proactively. This session will first provide an overview of various API security and legal risks. Then we’ll discuss an API Governance framework to manage API security and compliance risks. This framework is inspired by the Zero Trust model that enterprises can adopt for effective API Risk Management. We’ll highlight best practices, both manual and automated, with relevant tool recommendations. Participants will have an opportunity to exercise use case(s) using these tools.
We promise you a high knowledge value session.
Earn 3 CPEs toward your CISM, CISA, or other certification (CPE credits are based on 50-minute increments)