ICT security management - what does that mean?
The ISSS association dedicated its 2016 St. Gallen conference to the topic of "ICT security management in companies and administrations".
The association Information Security Societey Switzerland (ISSS) has taken up the cause of security, privacy, risk, compliance and governance. Founded in 1993, the organization is made up of over 1100 professionals from Switzerland. The ISSS, swissICT's official security specialist partner, holds regular events: The association dedicated its "St. Gallen Conference" in March to the topic of "Security Management in Companies and Administrations".
Speaker Walter Brenner from the Institute for Business Informatics at the HSG positioned security management from an overall perspective. He emphasized that digitization is affecting virtually all areas of the economy and society and is creating new challenges in terms of security. Companies are required to proactively deal with these new aspects, he said. Brenner used the example of the automotive industry to illustrate the increasing digital dependency and its dangers.
Marcel Eberle, Head of Information Security, Canton of St. Gallen, gave a practical illustration of how the cantonal employer briefed its approximately 6,000 employees - from sewage workers to teachers: Every year, they are presented with a witty learning module on the subject of IT security, including a test. Eberle sees this regular training as part of a holistic security management program.
Alexander Odenthal from Raiffeisen Group highlighted the challenges of ICT security management in the financial sector, touching on topics such as governance, processes, IT architecture and cyber risk management.
Finally, Daniel Felix Maurer, Temet AG, gave a glimpse into the daily work of a vendor-neutral IT security consultant based on two concrete practical examples. Due to a lack of time, he was unfortunately unable to shed light on the topic of "Return on Security Investment" - this aspect would probably be worth a conference of its own. (rs)
The next ISSS events are called:
- "Secure Electronic Archiving? Obligations - Risks - Applications - Experiences - Perspectives", June 8, 2016 (9-17.30 h), Hotel Widder, Zurich
- 19th Bern Information Security Conference, November 22, 2016 (13.30-17.30), Bern
