may 7, 2019 innovative... · 2019-05-08 · alm's law journal newsletters. panelists: david...
TRANSCRIPT
May 7, 2019
5/7 1 Copyright 2019. Innovative Computing Systems, Inc.
Moderator:
Steve Salkin, Esq.Managing EditorALM's Law Journal Newsletters
Panelists:
David Lam, CISSP, CPPVice President, Technology Management ServicesCitadel Information Group
Howard MillerSenior Vice PresidentLBW Insurance & Financial Services, Inc.
Michael KempsChief Executive Officer and FounderInnovative Computing Systems, Inc.
Debra GrayExecutive DirectorFrandzel Robins Bloom & Csato, L.C.President, Greater Los Angeles ALA
5/7 2 Copyright 2019. Innovative Computing Systems, Inc.
• Phishing/Web Attacks
• Hacking
• Third-Party Vendors
• Regulation
5/7 3 Copyright 2019. Innovative Computing Systems, Inc.
Risk ManagementA process of protectingorganizational assets
© 2019 Howard A. Miller. All rights reserved.5/7 4 Copyright 2019. Innovative Computing Systems, Inc.
Logical Classes
© 2019 Howard A. Miller. All rights reserved.5/7 5 Copyright 2019. Innovative Computing Systems, Inc.
Cyber Insurance – A PrimerTwo Sides of Cyber Insurance
1st Party
This Photo by Unknown Author is licensed under CC BY
3rd Party
© 2017 Howard A. Miller. All rights reserved. 65/7 6 Copyright 2019. Innovative Computing Systems, Inc.
• Information Security Management System
• Vendors should have their own information security management system in
place
• Vendors must patch
• Vendors should be doing third-party due diligence
• Vendors need to maintain expertise, especially considering the cloud
5/7 7 Copyright 2019. Innovative Computing Systems, Inc.
• Logging and monitoring
• Training = Vigilant users
• Advanced tools (Fortinet, Mimecast, Microsoft, etc.)
5/7 8 Copyright 2019. Innovative Computing Systems, Inc.
• Increase in Security Audits
• Documented Information Security Policies
• Documented Incident Response Plan
• Documented Business Continuity Plan
• Conduct Quarterly Vulnerability Scans of Your IT Network
5/7 9 Copyright 2019. Innovative Computing Systems, Inc.
• Security Awareness Training and Phishing Defense Training
• Classification and Inventory Controls
oPersonal and Financial Information
oBusiness and other Information Requiring Non-Disclosure
o Sensitive Information
5/7 10 Copyright 2019. Innovative Computing Systems, Inc.
• Substantial Employee Background Checks
oCredit Check
oCriminal/Civil Check
oDrug Screening
oBankruptcy Check
oAll Schools Verified
5/7 11 Copyright 2019. Innovative Computing Systems, Inc.
Debra Gray, [email protected]
David Lam, [email protected]
Howard Miller, [email protected]
Michael Kemps, [email protected]
Steve Salkin, [email protected]
5/7 12 Copyright 2019. Innovative Computing Systems, Inc.
5/7 13 Copyright 2019. Innovative Computing Systems, Inc.