Академический Документы
Профессиональный Документы
Культура Документы
STKI’s Cyber
40
Governance initiative
41
41
42
43
44
Cyber Governance Initiative
45
Determine business cyber
Demonstrate CEO main principles
BOARD their cyber
responsibility
Trek name:
Zero trust security: Get top management on board
45
Copyright@STKI_2018 Do not remove source or attribution from any slide or graph
46
47
Build cyber resilience
program
Trek name:
Design a Cyber Governance Plan
Copyright@STKI_2018 Do not remove source or attribution from any slide or graph
48
Non-regulated CISO
49
49
Copyright@STKI_2018 Do not remove source or attribution from any slide or graph
50
50
Organizations that want to participate in the betta program can contact tora@pmo.gov.il
Copyright@STKI_2018 Do not remove source or attribution from any slide or graph
51
52
53
Source: Einat Meyron cyber resilience consultant & The Cyber Security Source - 2017
Copyright@STKI_2018 Do not remove source or attribution from any slide or graph
54
זה ריגול יצרתם קשר איך זה משפיע על מתי תחזרו כמה
היה משהו מיוחד עם ההאקר? לפעילות? דורשים?
עסקי? הדו"ח הרבעוני?
בדרישה?
Copyright@STKI_2018 Do not remove source or attribution from any slide or graph
57
BCP
(Business Cyber
Continuity Plan)
Resilience
58
Look as GDPR
becomes standard
Keep up with existing
regulations
Implement Privacy
Protection Regulation
Trek name:
Adopt to changing regulations
59
GDPR Hype
GDPR
Cyber Security
60
61
62
63
Consent Management
One of the new tools needed to maintain compliance
64
Some organizations will have to appoint a DPO under
GDPR law
Informs and advises the organization and its employees The first point of contact for supervisory
about their obligations to comply with GDPR and other authorities and for individuals whose data is
data protection laws processed
Monitors compliance with GDPR and other data Advises on data protection impact assessments
protection laws, including managing internal data
protection activities Trains staff and conducts internal audits.
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/data-protection-officers/
Copyright@STKI_2018 Do not remove source or attribution from any slide or graph
65
GDPR and Israeli privacy act are touching the same areas
source: konfidas
Copyright@STKI_2018 Do not remove source or attribution from any slide or graph
66
67
Embrace new technologies and
prepare for new vulnerabilities
Re-adjust cyber security program
Enforce patches
Applying to new devices
(watches, pumps, cars, etc.)
Automate Cyber
Embrace Operations and Use
DevSecOps AI\ML
Trek name:
Cyber Security Operations
68
DevSecOps Manifesto:
69
70
70
70
71
71