Task Forces

The General Data Protection Regulation (GDPR) and other international privacy laws impose legal requirements for the collection, use, and protection of personal information. These requirements include breach notifications to regulatory authorities and restrictions on the transport of personal information. To comply with these laws and regulations, enterprises must now consider the geographic location of personal information, including information processed and stored in the Cloud.

Operational Technology is the hardware and software that, through monitoring and control, detects or changes a state, respectively, within industrial equipment.  Operational technology can alter the chemical composition and volume of liquids in various processes, such as oil refinement and water treatment. Therefore, these technologies must be protected from nation-state and other security threats from the Internet.  However, many of the security controls applied to information technology have not been implemented in OT environments, frustrating and concerning CISOs.

Security metrics can drive improvements to the cybersecurity program, monitor risks and controls effectiveness, and convey security posture to the Boardroom. However, many companies struggle identifying which metrics will be most effective and which graphic representations will be most useful.

The security of internally developed and acquired software is a continuing challenge for most enterprises. Pressures to develop or acquire more application functionality in shorter time periods have driven organizations to agile development and containerization methodologies and to relying on open-source code. These decisions have impacted the way security is addressed within the Systems Development Lifecycle (SDLC) and in testing (e.g., code reviews, and vulnerability scans).

Monitoring the computing environment for potential compromises is a key component of an information security program. Traditionally, the Security Operations Center (SOC) has been the monitoring organization and Security Information and Event Management (SIEM) systems have been used to analyze logs for indicators of compromise.  Today, SOCs are facing challenges with staffing and demands for additional capabilities, like threat monitoring. Unable to build their own SOCs, companies rely on using Managed Security Service Providers (MSSPs), who may overlook indicators of compromise because of the challenges of monitoring multiple companies.

Incident Management, which includes response plans and playbooks, has been a foundational control of a cybersecurity program.  However, in recent years, as entities recognize the increasing likelihood of being attacked, incident management has become an even more critical component of the cybersecurity program. Board members and regulators are inquiring about the robustness of the incident response plan to address not only potential breaches, but also third party and critical software vulnerabilities.

Over the years, security has evolved as a primary topic in the Boardroom. This evolution has posed three challenges to CISOs: (1) educating Board members of basic security principles; (2) defining and gaining acceptance of Board member security responsibilities; and (3) communicating the entity’s security posture to Board members. Please join us for a scoping meeting, during which we will hear your concerns, proposed discussion topics, and desired deliverables for our upcoming Security and the Boardroom Task Force. Open to all task force eligible members!

Although organizations recognize the importance of security awareness as a key component of their cybersecurity programs, creating engaging and effective training for employees has been a challenge, especially in an era of ransomware and constant social engineering attacks. This Task Force led by Tom Scurrah aims to address these challenges and develop an executive guide to security awareness.