Security First - Protect yourself, your clients, and sell more | Online workshop - Thursday, 12 August 2021
Event description
Security First - Protect yourself, your clients, and sell more | Online workshop
Thursday, 12 August 2021, 10am - 12.00pm
A security-first approach helps businesses protect themselves, clients and, if done properly, boost sales. As well as covering this approach, this workshop will explore three specific areas to help attract potential clients, and to improve business security. You will also receive tangible assets you can share with potential clients and improve your security posture.
This workshop is geared towards anyone interested in making it easier to sell to potential clients and improve their security posture at the same time, as well as those interested in a ‘security-first’ approach.
A Security-First Approach
This part of the session will answer the following questions.
- What is a Security-first approach?
- Who is involved? It's a culture that involves everyone and is not top-down. Everyone is responsible for security.
- How does Security-first compliance help and what does it look like? What are the data security regulatory requirements facing my business?
- Security-first design: how does that work?
- Security-first and DevSecOps: are they the same thing?
- Where do we start?
- What does the journey look like?
- Can you accelerate Security-first?
Policies and processes
- Create a master security policy catalogue
- Identify existing security policies and review for HIPAA (Health Insurance Portability and Accountability) compliance
- Update and document existing security policies
- Define new security policies and document
Security Assessments
- Security risk assessment
- Cyber posture assessment
- Security threat modelling
- Secure design review
- Secure configuration review
- Network vulnerability assessment
- Penetration test; web, application, API, internal network, external network, mobile
- Secure code assessment
- Password audit
Certification and accreditation
- Soc 2
- ISO 27001
- NIST (National Institute of Standards and Technology)
- Essential 8
- Others
Cost: Free
Presenters' Bios:
Ferdinand Hagethorn is Planit's Global Practice Director – Cybersecurity, covering Australia, New Zealand, India and the UK. Planit's Global Cybersecurity practice provides a wide range of software services and support, including DevSecOps, Penetration testing (web, mobile, external network, internal network), secure architecture design and reviews, secure configuration reviews, vulnerability assessments, cybersecurity strengthening, assessments of security implementation on system performance, and information security services.
Ferdinand has more than 22 years’ industry experience, and completed more than 500 projects across seven countries throughout Europe, North America, and Australasia. He is highly skilled in combining technical knowledge with pragmatic and holistic solutions, led security for a European nuclear fuel company, is a recognised leader in his field, and is highly active in the security community.
Craig Tait, Senior Security Consultant, brings a unique business perspective to projects, and has held multiple senior cybersecurity roles, including as an enterprise architect, security architect, and an expert in threat intelligence and qualified situation awareness. Tait is skilled in supporting businesses to improve their cyber posture, particularly around policies and processes. He has also enabled multiple businesses to reach the cyber posture they need to sell to larger clients.