Dos & Don'ts Related to Information Security and Data Privacy

Why Should You Attend:

Information security and data privacy have become an important area for all enterprises. All organizations have sensitive data that requires protection. This data may be proprietary or private company data, product data, employee data, customer data or any data considered sensitive by your organization. In the face of data loss or compromise, potential liability for all organizations is significant. Taking steps to protect data has become mandatory for all businesses and governmental entities.

Federal, state and local jurisdictions have taken notice of the potential negative effect caused by the loss of data on individuals and companies. In some cases, legislation has passed requiring companies that have been compromised to notify all effected individuals and entities.

This webinar targets recommended DOs that your organization should consider when implementing or augmenting data security and privacy policies, procedures and controls. It will also discuss some definite DON’Ts of information security. Both electronic and physical issues will be addressed; data security best practices will also be discussed. The program will provide a list of data security standards that your organization can review and use as a guide when developing your organization’s data security program.

Areas Covered in the Webinar:

• Policies, procedures and controls that govern information security and data privacy
• Monitoring security controls continuously
• Safety and security of networks
• Security of sensitive information
• Authentication
• Use of company resources
• Controls to limit the effect of social engineering
• Software development life cycle
• Production support
• Incident reporting as part of a BRP
• Disciplinary actions
• Data security standards that your organization may want to consult

Who Will Benefit:

• Executives
• Compliance Management
• Risk Management
• Vendor Management
• Data Security
• Network Administration
• Data Base Administration
• Software Development and Quality Assurance
• Retail Business Ownership

Instructor Profile:

Marc Perl brings over 30 years of professional experience to Teknowlogy Associates. Mr. Perl’s diverse experience includes risk management, payments processing, data security, product development, software development and software quality assurance. During his 20 years at Visa, he was a key member of Visa’s risk management team, where he developed and managed the compliance program for the Payment Card Industry Data Security Standard (PCI DSS) as part of the Cardholder Information Security Program (CISP). He led the team that developed the business requirements for Visa’s Point-to Point Encryption (P2PE) solution.

As a merchant acquiring expert, Mr. Perl built and managed Visa’s integrated debit platform to support merchants such as Walmart, Radio Shack, Kmart and others. He also served as project manager for Visa’s Y2K effort and assisted with the spin-off of Visa’s acquiring processor business into a joint venture with Total Systems Services (TSYS) called Vital Processing Services. In addition to his Visa experience, Mr. Perl has consulted with organizations as varied as Jet Propulsion Laboratories, TSYS Acquiring Solutions, and others. His early experience included computer operations, programming, creation of software development methodologies and software engineering. He holds a BA from California State University at Northridge.

Topic Background:

In essence, all organizations need an information security management system (ISMS). An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems and applies a set of risk management policies, procedures and controls to achieve its goal. A robust ISMS can help small, medium and large businesses in any sector keep information assets secure.

Follow us :