MCGlobalTech Consulting Service Presentation

Join our webinar hosted by MAGNET: The Manufacturing Advocacy and Growth Network. As the NIST and Ohio MEP program advocates, we’ve invited a leader of our technological and educational cybersecurity partner, Ignyte Institute, for a conversation on how to get on board with the emerging Cybersecurity Maturity Model Certification (CMMC). This webinar will give a detailed and realistic overview of all cybersecurity frameworks and regulations required to continue working on existing projects or bid on future contracts as Department of Defense (DoD) prime and subcontractor. Our goal is to help you assess your current state of Governance, Risk Management, and Compliance (GRC), and provide you overall guidance on a smooth transition to the new regulatory norms in order to ensure that Ohio-based businesses maintain their competitive edge in the Defense Industrial Base (DIB).

This presentation has been delivered by Kai Wittenburg at the PECB Insights Conference 2018 in Paris.

The document provides legal disclaimers and information about sustainable cybersecurity practices. It discusses starting cybersecurity at the administration level by making it cultural rather than technical, based on needs rather than vendor features, iterative and continuous. It also discusses establishing a data protection steering committee and reducing reliance on people by ensuring responsibilities are understood and policies and processes are documented. The document provides recommendations on cybersecurity frameworks, controls, and best practices.

Information Security assessment of companies in Germany, Austria and Switzerland, February 2015. Every day critical security incidents show the drastic extent of "successful" cyber attacks for organizations in terms of monetary and material loss. With increasing use of digital technologies and the growing spread of mobile and IoT cyber security is becoming a key factor for companies’ successful digital transformation. To analyze current challenges, trends and maturity of companies state of information security, Capgemini Consulting DACH conducted a survey in Germany, Austria and Switzerland. The 2014 Information Security Benchmarking Study shows that information security is insufficiently embedded in most companies‘ business strategy and operations to effectively safeguard organizations against current cyber threats. https://www.de.capgemini-consulting.com/resources/information-security-benchmarking

This document provides an overview of the Chief Information Security Officer (CISO) role including: 1) A sample CISO job description outlining responsibilities such as managing the information security program, performing risk assessments, ensuring disaster recovery plans, and more. 2) A discussion of the evolution of the CISO role from the 1990s to present day, noting changes in technologies, laws/regulations, security issues, and organizational structure. 3) An examination of what constitutes a leading information security program in 2016, highlighting areas like risk management, monitoring, policies/controls, awareness, and certifications/frameworks. 4) A look at how the 2016-2020 CISO will need to balance

The document discusses the key steps in developing an information security policy, including risk identification, asset inventory, threat modeling, vulnerability assessment, and risk assessment. It explains that risk identification involves determining risks to information assets from threats. The results inform the creation of security policies that define defenses to keep information secure. The document outlines various policy types an organization should have, such as an acceptable use policy, human resources policy, password management policy, and incident response policy.

Learn how to get around misguided thinking that leads to executive under investment in cyber security, and secure the resources you need. You'll learn how to: - Work around CEO and CFO human biases - Motivate decision makers to invest more in cyber infrastructure - Replace your CEO’s mental model with new success metrics - Compare your company’s performance with similar firms to overcome executive overconfidence Watch the full video recording!

The document discusses information security governance. It notes that there is no single model for organizational structure to ensure information security requirements are met, and there is uncertainty around what information security governance consists of. It also states that information security governance does not function in isolation. The document then provides statistics on how organizations globally and in the Middle East operate in regards to information security governance.

This document discusses the importance of information security policies and processes. It defines information and explains that information can take many forms and must be appropriately protected. It then discusses the importance of information, what constitutes information security, and why information security is needed to protect organizations. Key risks like data breaches are outlined. The document emphasizes that information security is an organizational issue, not just an IT issue, and stresses the importance of people, processes, and technology in an information security program. It provides an overview of some common information security standards and regulations like ISO 27001 and HIPAA.