ISSA Chicago

ISSA-Chicago Chapter Meeting – SAVE THE DATE

Date/time: Thursday February 3 at 3:15-4:00 PM CST

Venue: Zoom

Topic title: Hybrid Working: What About the Risk?

Presenter: Michael Rasmussen

Presenter Title: The Father of GRC

Bio: Michael is globally acknowledged as one of the leading experts in Governance, Risk and Compliance (GRC) — being the first to define and model the GRC market in February 2002 while at Forrester. Michael has contributed to U.S. Congressional reports and committees. Michael served on the ISSA International Board of Directors after founding the Milwaukee Chapter. More info on Michael is here: https://grc2020.com/2013/03/16/17michael-rasmussen-chief-grc-pundit/

Topic abstract: Michael Rasmussen will discuss how in the covid era the cyber security conversation has often turned to addressing the risks of the hybrid work environment. To address employees’ desires, demands, and needs as a result of the pandemic and provide a future of flexibility, many organizations are offering a hybrid option or complete remote working. For many organizations, this has been a quick reaction without really thinking it through carefully.

Michael will address:

  • IT/cyber/information security. This is the first thing that comes to mind, but it should not be the only thing. Careful attention has to be paid to the security of the remote office.
  • Physical security. This is often neglected. What about the security of the physical environment? What sensitive conversations can be overheard on the phone, conference calls, Zoom meetings, and more?
  • Where is work being done. This ties into the first two bullets. In a hybrid and remote work environment employees can work from anywhere
  • Conduct. As we moved to Zoom/online meetings because of the pandemic we saw a huge spike in conduct issues. People are working from home. They may be wearing their dress shirt in the video, but are wearing their pajama bottoms under the desk.
  • Culture. This brings us to culture, how do you develop and maintain a strong corporate culture in a remote and hybrid environment. This will require extra nurturing, fostering, and development. Employee engagement and interaction is critical.
  • Fatigue. Zoom/video conference fatigue is a reality. People start losing focus in online meetings after one-hour and are completely checked out in two-hours. Organizations need to restructure how they plan meetings, particularly frequency and length.

 

Date/time: Thursday, February 3 at 4:00-5:00 PM CST

Venue: Zoom

Topic title: Cybersecurity Metrics: What Good Looks Like.

Presenter: Jennifer Bayuk

Presenter Title: VP of Consulting, TAG Cyber and Principal, Jennifer L. Bayuk, LLC

Bio: Jennifer is widely regarded to be one of the world’s foremost authorities on Cybersecurity Risk Metrics. Jennifer’s CV includes, after a career at PwC and AT&T Bell Labs, more than a decade on Wall Street at JPMorgan Chase, Managing Director of Cybersecurity. Citi, Managing Director of Operational Risk Management. Bear Stearns & Co., CISO. Jennifer was the first female CISO. Jennifer has been a Professor at Stevens Institute of Technology More info on Jennifer is here: https://bayuk.com/ and https://www.tag-cyber.com/about/jennifer-bayuk

Topic abstract: Good metrics require a measurable underlying cybersecurity program. Industrial engineers intuitively understand that business critical processes must be instrumented for measurement in order to be successfully managed. Cybersecurity practitioners often try to skip this instrumentation step in aggressive pursuit of protection. Discussion of this topic includes:

  • “Good” Criteria
  • Asset Inventory
  • Threat-based Risk Register
  • Cybersecurity Architecture
  • Technology Device Inventory
  • Cybersecurity Control Inventory
  • Cybersecurity Operations
  • Issue Register
  • Specifications and Algorithms

Date

Feb 03 2022
Expired!

Time

CST
3:00 pm - 5:00 pm

Location

Virtual
Zoom Meeting

Speakers

  • Jennifer Bayuk
    VP of Consulting, TAG Cyber and Principal, Jennifer L. Bayuk, LLC

    Jennifer is widely regarded to be one of the world’s foremost authorities on Cybersecurity Risk Metrics. Jennifer’s CV includes, after a career at PwC and AT&T Bell Labs, more than a decade on Wall Street at JPMorgan Chase, Managing Director of Cybersecurity. Citi, Managing Director of Operational Risk Management. Bear Stearns & Co., CISO. Jennifer was one of the world’s first CISOs. Jennifer has been a Professor at Stevens Institute of Technology More info on Jennifer is here: https://bayuk.com and https://www.tag-cyber.com/about/jennifer-bayuk

  • Michael Rasmussen
    The Father of GRC

    Michael is globally acknowledged as one of the leading experts in Governance, Risk and Compliance (GRC) — being the first to define and model the GRC market in February 2002 while at Forrester. Michael has contributed to U.S. Congressional reports and committees. Michael served on the ISSA International Board of Directors after founding the Milwaukee Chapter. More info on Michael is here: https://grc2020.com/2013/03/16/17michael-rasmussen-chief-grc-pundit/