The document discusses data protection and security for organizations. It covers the three pillars of information security management - people, process, and technology. For people, it discusses security awareness programs and partnering with third parties. For process, it discusses procedures like backups and recoveries. For technology, it discusses defense in depth strategies and automating security operations. It also discusses risk management processes like identification, analysis, and maintaining a risk register. Finally, it emphasizes that data protection and security is a shared responsibility and encourages organizations to prioritize security.
The document discusses data protection and security for organizations. It covers the three pillars of information security management - people, process, and technology. For people, it discusses security awareness programs and partnering with third parties. For process, it discusses procedures like backups and recoveries. For technology, it discusses defense in depth strategies and automating security operations. It also discusses risk management processes like identification, analysis, and maintaining a risk register. Finally, it emphasizes that data protection and security is a shared responsibility and encourages organizations to prioritize security.
The document discusses data protection and security for organizations. It covers the three pillars of information security management - people, process, and technology. For people, it discusses security awareness programs and partnering with third parties. For process, it discusses procedures like backups and recoveries. For technology, it discusses defense in depth strategies and automating security operations. It also discusses risk management processes like identification, analysis, and maintaining a risk register. Finally, it emphasizes that data protection and security is a shared responsibility and encourages organizations to prioritize security.
SECURITY FOR ORGANIZATIONS Presenter : Prashil Kumar DISCLAIMER
The opinions expressed in this presentation and on the following
slides are solely those of the presenter and not necessarily those of Fiji Airways.
Fiji Airways does not guarantee the accuracy or reliability of the
information provided herein. AGENDA
• The 3 Pillars of Information Security
Management • Risk Management • Risk Communication • Data Protection & Security Responsibilities THE 3 PILLARS OF INFORMATION SECURITY MANAGEMENT
• Contents & Coverage around Data Protection
• CISO’s perspective on Data Protection & Security • Do we have a holistic view around the control gaps? THE 3 PILLARS OF INFORMATION SECURITY MANAGEMENT ‘PEOPLE’ IN THE TRIAD
• People – The weakest link in any organization
• Understand impact of ‘People’ on Defense in Depth (DiD) • Partner with third parties to deliver a secured solution • Perform periodic health checks • Create Security Awareness Programs ‘PROCESS’ IN THE TRIAD
• Connects People & Technology
• Difficult to Adopt in absence of Processes & Procedures • The famous backup & recovery process ‘TECHNOLOGY’ IN THE TRIAD
• Simply Technical Control’s.
• Adopt and Implement Defense in Depth Strategy • Automate Security Operations • Partner with the ‘RIGHT’ vendors RISK MANAGEMENT