ADVISORY/Forrester and Consul Demonstrate How Managing Information Security is a Part of Operational Risk.Business Editors/High-Tech Writers ADVISORY...for Tuesday (May 25) HERNDON, Va.--(BUSINESS WIRE)--May 18, 2004 Free Webinar Addresses Risk Analysis Assessment, Operational Risk and Reporting Relationships between Security Risk and IT More than ever, organizations face the pressures of compliance to regulations and legislation related to how they manage their information. Sarbanes-Oxley, HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, , GLBA GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GLBA Gay and Lesbian Business Association GLBA Great Lakes Booksellers Association GLBA Glacier Bay National Park and Preserve , Basel II, CA SB 1386, EU Data Protection, PIPEDA PIPEDA Personal Information Protection and Electronic Documents Act (Canada) , FISMA--the list of regulations and standards is long and intimidating as organizations are tasked with managing information security as a part of operational risk. Join Michael Rasmussen, principal security analyst and research leader for Forrester Research, Inc. and Consul risk management, Inc. on Tuesday, May 25, 2004 for a free online Webinar entitled, "Managing Information Security as a Part of Operational Risk." During this session, the presenters will discuss approaches to risk analysis assessment, the view and definition of operational risk, reporting relationships, and integration between risk and IT. Attendees will learn: -- How the integration and management of security, as a part of operational risk, requires careful structure and alignment with business needs; -- How to identify operational risk within an organization through internal and external threats, policy violations and regulatory compliance challenges, inefficient security processes and the lack of data to conduct a forensic investigation; and -- Tools and techniques experts employ to create an enterprise comprising an operational risk management function to manage the facets of information security, physical security, business continuity, insurance, privacy, assessment, and legal and compliance functions.
Who: Michael Rasmussen, Forrester Research, and Consul risk
management, Inc.
What: "Managing Information Security as a Part of Operational Risk"
When: Tuesday, May 25th, 11:00 a.m. EDT
How: To register, visit: http://www.consul.com/webinar/20040525
About Michael Rasmussen, principal security analyst/research leader, Forrester Research, Inc. Mr. Rasmussen, a Certified Information Systems Security Professional Certified Information Systems Security Professional (CISSP) is a vendor-neutral certification governed by the non-profit International Information Systems Security Certification Consortium (commonly known as (ISC)²). (CISSP (Certified Information Systems Security Professional) The award for successful completion of an examination in computer security administered by the International Information Systems Security Certification Consortium (ISC)2. ) with more than 10 years of security-related experience, provides advice to clients around the globe on issues pertaining to security risk management, information security standards The term "standard" is sometimes used within the context of information security policies to distinguish between written policies, standards and procedures. Organizations should maintain all three levels of documentation to help secure their environment. , regulations and legislation, and technical security architectures. He has worked in both the consulting and enterprise sectors. Mr. Rasmussen currently serves as the vice president of standards and public policy on the Information System Security Association (ISSA (Information Systems Security Association, Bellingham, WA, www.issa.org) A membership organization that promotes effective management practices for computer security. Founded in 1982, ISSA has chapters in more than 20 countries and hosts an annual conference. ) international board and as the chairman for the Generally Accepted Information Security Principles (GAISP GAISP Generally Accepted Information Security Principles ), an ISSA initiative to set common principles for information security governance Information Security Governance, Information Security Governance or ISG, is a subset discipline of Corporate Governance focused on information Security systems and their performance and risk management. and requirements. Considered one of the foremost authorities in understanding the broad view and impact of information security standards, regulations and legislation, Mr. Rasmussen has worked closely with large commercial organizations and government agencies. His involvement in government initiatives has included contributions to U.S. Congressional Reports and working with the President's Critical Infrastructure Protection Department of Defense (DOD) program to identify and protect assets critical to the Defense Transportation System. Loss of a critical asset would result in failure to support the mission of a combatant commander. Board on the National Strategy to Secure Cyberspace In the United States government, the National Strategy to Secure Cyberspace, is a component of the larger National Strategy for Homeland Security. The National Strategy to Secure Cyberspace was drafted by the Department of Homeland Security in reaction to the September 11, 2001 . Mr. Rasmussen earned a B.S in business with a focus in information systems from the University of Phoenix. About Consul risk management, Inc. Consul risk management, Inc., is a leading worldwide provider of policy-based access detection and information protection solutions with more than 300 customers in 20 countries. Consul's audit and compliance monitoring and enforcement solutions secure business-critical information from loss and misuse. As a result, customers can increase their chances of avoiding a variety of penalties--ranging from regulatory fines to loss of corporate reputation--to ensure their survival. Consul's products are the first step in protecting business information from any internal or external users with access to the network and the required next step toward compliance, enforcement and forensic investigations. Consul has dual corporate headquarters in the United States and the Netherlands, and is represented by 25 partners worldwide. Consul's clients include the Philadelphia Stock Exchange Philadelphia Stock Exchange (PHLX) A securities exchange trading American and European foreign currency options on spot exchange rates. , Fidelity Information Services, Kroger, Wachovia, Norfolk Southern, The New York Times, Blue Cross/Blue Shield, Office Depot, Ford and numerous state governments and local municipalities. For additional information about Consul and its products and services, please contact Consul at 1-800-258-5077 or +31(0) 15-251-3333 (Worldwide), or at www.consul.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion