DATA PROTECTION &

SECURITY FOR
ORGANIZATIONS
Presenter : Prashil Kumar
 DISCLAIMER

The opinions expressed in this presentation and on the following

slides are solely those of the presenter and not necessarily those
of Fiji Airways.

Fiji Airways does not guarantee the accuracy or reliability of the

information provided herein.
AGENDA

• The 3 Pillars of Information Security

Management
• Risk Management
• Risk Communication
• Data Protection & Security Responsibilities
 THE 3 PILLARS OF INFORMATION
SECURITY MANAGEMENT

• Contents & Coverage around Data Protection

• CISO’s perspective on Data Protection &
Security
• Do we have a holistic view around the control
gaps?
THE 3 PILLARS OF INFORMATION SECURITY
MANAGEMENT
 ‘PEOPLE’ IN THE TRIAD

• People – The weakest link in any organization

• Understand impact of ‘People’ on Defense in Depth (DiD)
• Partner with third parties to deliver a secured solution
• Perform periodic health checks
• Create Security Awareness Programs
 ‘PROCESS’ IN THE TRIAD

• Connects People & Technology

• Difficult to Adopt in absence of Processes &
Procedures
• The famous backup & recovery process
 ‘TECHNOLOGY’ IN THE TRIAD

• Simply Technical Control’s.

• Adopt and Implement Defense in Depth
Strategy
• Automate Security Operations
• Partner with the ‘RIGHT’ vendors
 RISK MANAGEMENT

• Risk Identification
• Risk Analysis
• Risk Register
 RISK REGISTER & COMMUNICATION

• Risk Communication to Leadership / Senior Management Team

WHO IS RESPONSIBLE FOR DATA
PROTECTION & SECURITY??
THINK SECURITY !!!
 THANK
YOU

QUESTIONS ??