How to Operationalize Cyber Security: Turning Policy into Action

The financial and reputational damages of cyber attacks cannot be underestimated as technology continues to advance. In 2017, the occurrence of data breaches increased by 45%. In 2018, cyber attacks cost companies an average of $8 million. Companies have therefore gone to great lengths to develop comprehensive policies that protect their assets. However, just because a policy exists doesn’t mean it’s followed across the organization.

Too often, organizations operate under the misconception that operationalizing cyber security is the responsibility of the IT department alone when, in reality, many departments (including information security, vendor management, finance, human resources, and more) hold pieces of cybersecurity information. Unfortunately, most organizations lack the ability to engage these departments and put the pieces together.

Taking a holistic, cross-functional approach to cybersecurity is the only way to achieve this level of engagement. This approach also simplifies the IS/IT audit process by ensuring controls designed to protect the company are effective and properly implemented.

In this session, we'll discuss which departments typically hold each piece of the cyber security puzzle, as well as how to communicate between departments in a common risk language. Attendees will discover the reciprocal benefits of developing an integrated, iterative, and proactive governance program.

Learning Objectives:

• Operationalize cyber security policies across departments and levels

• Determine clear cross-functional accountability for cyber security responsibilities

• Collect metrics that monitor the effectiveness of cyber security programs for IS audits

• Demonstrate best practices for reporting cyber security progress and effectiveness to the board and regulators

Presenters:

• Steven Minsky, CEO, LogicManager

• Brendan Colliton, Manager, Business Development, LogicManager

This event is sponsored by LogicManager, an OCEG GRC Solutions Council Member.

By registering for this event, you are agreeing that the sponsor of the event will receive your registration information. Please review the sponsor's privacy policy here: https://www.logicmanager.com/privacy/.

CPE Credit Notice

This is a group internet-based event for NASBA authorized continuing education credit. OCEG webinars are free for anyone to attend, but only Attendees who have an OCEG All Access Pass will receive a Certificate of Completion for the webinar indicating 1 hour of CPE credit.

OCEG is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have the final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.learningmarket.org. For information regarding administrative issues such as complaints or refunds, please contact OCEG at info@oceg.org.