This presentation will outline the design review process, highlight common problems and take a case study approach to show the risks posed by initial design, before discussing the changes which could be made to address these.
--------------------------------------------------------------------------------
SPEAKERS
Martin Pill LCCP CHECK CITP, Principal Security Consultant, BSI Cybersecurity and Information Resilience (UK) Ltd
--------------------------------------------------------------------------------
AGENDA
18:00 Registration
18:30 Presentation
19:30 Networking Session, including food, wine and soft drinks
--------------------------------------------------------------------------------
SYNOPSIS
In the rush to put everything online, time pressures and lack of security awareness regularly leads to design shortcomings which put the information held at risk. With GDPR mandating data protection by design and by default and regulators imposing heavy fines for those that fail, there has never been a better time to ensure that services appropriately protect the data they contain.
This presentation will outline the design review process, highlight common problems and take a case study approach to show the risks posed by initial design, before discussing the changes which could be made to address these.
--------------------------------------------------------------------------------
SPEAKER BIOGRAPHIES
Martin Pill is a Principal Consultant, experienced in providing security consultancy services for government and private sector clients and is an NCSC Certified Professional in multiple roles including Lead IA Architect. Martin has delivered a wide range of services including security architecture, operational security management, risk assessment and management, auditing against internal or external standards such as ISO/IEC 27001.
As an NCSC certified CHECK Pen Tester, Martin has experience of a wide range of infrastructure and web application security testing. He applies his knowledge of potential vulnerabilities in the design and configuration of systems and how they may be exploited to other areas of work, such as security architecture, risk management, and operational security.
--------------------------------------------------------------------------------
This event counts for two hours towards your CPD. More information is available at www.bcs.org/cpd.
Event Recording:
This event will not be recorded, a sharable handout will be provided for attendees.
For overseas delegates who wish to attend the event please note that BCS does not issue invitation letters.
--------------------------------------------------------------------------------
THIS EVENT IS BROUGHT TO YOU BY:
BCS Information Risk Management and Assurance (IRMA) SG
Visit www.bcs.org/membership/member-communities/irma-information-risk-management-and-assurance-specialist-group/
