Dedicated To The Handheld Hardware Sector, Featuring News, Press Releases, IT Directory & Links
ISACA reveals COBIT security secrets at Gartner Summit
Published 3rd October 2008
Roger Southgate, from ISACA, an association serving more than 86,000 IT governance professionals from 160 countries - will deliver a workshop on the subject of COBIT and Val IT for the Security professional at the Gartner Security Summit in London this Wednesday. Given against the backdrop of regular data losses and breaches being reported in the media - Roger will reveal how COBIT (Control Objectives for Information & related Technology) can greatly improve information security for any size of organisation.
Roger Southgate, the immediate past President of the London Chapter of ISACA commented, “All the recent data loss catastrophes have their origins in people and process. The COBIT security baseline enables a focused holistic approach to the people, process & technology issues that organizations today have to face.”
Roger Southgate continued, “If organizations get their employees to consider the following key points from the COBIT security baseline user survival kit, people will make the connection between attention, understanding and appropriate action in order to achieve long term security”.
Top 6 tips from the User Security Survival kit are:
1. Obtain guidance from qualified & reputable advisors (certified technicians) from time to time to ensure that the computer installation has no significant security flaws.
2. If you depend on computers to do business, sign up for onsite support & ensure the availability of an on-call facility should anything go wrong.
3. Obtain reputable security software. Protection packages can be obtained from all PC software dealers that include all the main functions necessary, e.g., antivirus, spyware, firewall & content filtering. If needed, use a specialist to ensure proper installation.
4. Sign up for automatic updates & maintenance on the security software to ensure that the protection is current and up to date.
5. Do not open unknown e-mail attachments, & be aware that e-mail addresses can be faked. Let the security software check all e-mails & follow the advice given by the tool.
6. Install only official, up-to-date operating systems, security software & applications; avoid installing anything that is not needed.
With information & related systems becoming increasingly critical to organizations’ survival, the associated risks have grown in number and severity. The COBIT Security Baseline was developed to help minimize these risks. It identifies 44 security practices based on the COBIT 4.1 framework & offers guidance & tools to help computer users of all levels protect their systems.
Security Baseline features information security “survival kits” for six levels of computer users, from individuals who use computers to senior executives with responsibility for information security in the workplace. The kits contain essential questions to ask & checklists to complete to improve security & minimize risk.
"With the provisions of the Companies Act 2006 about to pass into law, corporate governance is poised to become top of the agenda at management board meetings across the UK, just as it did five and half years ago in the US when the Sarbanes-Oxley Act came into force. I plan to explain to attendees how COBIT can be used to benefit almost any public & private sector business," Southgate said.
For further details of Roger's presentation: http://agendabuilder.gartner.com/sec9i/WebPages/SessionList.aspx?Speaker=700196
For further details of ISACA: http://www.isaca.org
Developed by the IT Governance Institute--the research affiliate of ISACA--COBIT is available as a free download at www.itgi.org/cobit
About ISACA
With more than 86,000 constituents in more than 160 countries, ISACA (www.isaca.org) is a recognized worldwide leader in IT governance, control, security & assurance. Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal, & develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor (CISA) designation, earned by more than 60,000 professionals since 1978; the Certified Information Security Manager (CISM) designation, earned by more than 9,000 professionals since 2002; & the new Certified in the Governance of Enterprise IT (CGEIT) designation.