Workshop on Cyber Security

In the age of Cyber warfare, the organizations have a bigger responsibility to protect their data, systems and networks from any malicious attacks. This requires implementing a defense in depth approach that focuses on implementation of modern and effective technology governed by an efficient Information Security Management System.

This session will enable the participants to learn more about cyber security, latest threats and trends and the future challenges. It will also enable them to adapt a structured approach for defining their information security requirements, designing an enterprise security framework to address these requirements and what kind of controls are available to protect their information assets.

Workshop Plan

The duration of the workshop will be approximately 3 hours with the following session break up:
Session 1: Understanding Cyber Security 45 Min
Session 2: Critical controls for Cyber Security 45 Min
Session 3: Developing Enterprise Security Frameworks 45 Min
QA & Discussion 45 Min

Who Should Attend?

  • Information security professionals with proven experience
  • Senior management responsible for developing information security frameworks
  • Senior management responsible for Information Technology initiatives

Workshop Outline

Session 1: Understanding Cyber Security

  • Defining Cyber Security
  • Cyber Security & Information Security: facts and myths
  • How it works
  • Modern Day Threats
  • Challenges
  • Way Forward

Session 2: Critical Controls for Cyber Security

  • Process  based Controls
  • Technology based Controls

Session 3:  Developing Enterprise Security Frameworks

  • Adapting a risk based approach
  • Defense in Depth
  • Integrating Standards, Studies and best practices
    • Information Security Management System (ISO 27001)
    • Information Security Risk Management (ISO 27002)
    • Risk Management (ISO 31000)
    • Business Continuity Management (ISO 23001)
    • IT Governance (ISO 38500)
    • Insider Threat Management
    • Best practices of NIST
  • Integrating Process & Technology for Security
  • Developing an  Enterprise Security Framework : A Case Study

Trainers Profile

Muhammad Furqan Khan

Furqan has over 20 years of experience in developing enterprise security frameworks, information security management systems, IS audits and quality management. He is an ISO 27001 Lead Auditor & ISO 9001 LA. He is the only SEI Authorized Trainer for CMMI in Pakistan. Over the last decade, Furqan has managed several consulting assignments related to information security across Pakistan & abroad with organizations like Saudi Aramco, Commercial Bank of Dubai, NetSol Technologies, Allied Bank of Pakistan, Ejada Systems and many more.

Syed Abid Ali

Abid has over 12 years of experience in technology management. He holds a degree in Technology Management from University of London. His notable work experience includes working for the Doha Asian Games held in Qatar in 2006 where he was responsible for technology management for the world’s largest sporting event ever. Over the last 7 years he is involved in information security management portfolio and have worked with technology partners like Raytheon & Lockheed Martin to server a diverse customer base in Pakistan, Qatar,  Oman & Saudi Arabia. He has conducted numerous workshops on “Developing Enterprise Security Frameworks in Middle East & Pakistan.

Event Details

November 27, 2013
10:00am - 1:00pm
6th Floor, Arfa Software Technology Park, Ferozepur Road, Lahore.