Florida Chapter of CFA: Cybersecurity in 2016

Description
In this Cybersecurity conference, we will discuss the reputational, financial, operational and compliance impact of cyber-attacks. We will discuss the following topics:

• NCSA study showing that small companies could go out of business in half a year after a security breach
• Verizon’s data breach report presenting $400MM in financial loss for 2015
• How compliance with PCI, FISMA, GLBA, HIPPA and SOX could be significantly affected in an environment with no cybersecurity
• Techniques black hat hackers use to gain access to enterprise information resources
• How to reduce that risk with frameworks like COSO, COBIT and NIST

1. Have you received a formal security training in the last year?
2. Are there formal security P&P and are they known by employees?
3. Is there an incident response plan that has been tested?
4. Is there a formal risk assessment (with Board involved) that considers cyberattacks?
5. If dealing with Payment Card transactions OR the company is public, has a Vulnerability Assessment or Pentest been performed during the last year?

If your answer to any of the questions was NO, then it is time to have a serious conversation about your security environment.