Embedding new GRC Technologies into business processes
25 & 26 February 2020
The Forum, Bryanston
Speaker
Johannes Myburgh
senior information security consultant, F-Secure Consulting South Africa
Johannes works primarily in the finance industry, which exposes him to various core banking systems on a daily basis. In addition to determining effective methodologies to assess the security of such systems, Johannes’ current focus pertains to the investigation of effective vulnerability management programs with consideration of how to maximise the benefit clients receive from their penetration testing activities.
Johannes Myburgh will be speaking on the following topic:
Case Study Risk Priority by Design, for effective technical controls and realistic remediation
The completion of an organisation’s annual penetration test typically exposes their vulnerabilities, revealing the latest ways to compromise critical assets. How does one move from a “what now” perspective to one where we are confident about our defences?
This talk aims to present a new way of thinking about and tackling this problem. It will explore the need to simplify and provide practical, prioritised steps that will have the largest impact on decreasing overall risk. This case study will highlight common issues across large enterprises. It aims to provide guidance on what organisations should be demanding from their pen testing teams to assist with answering these questions.
- How to better prioritise your business’s risk.
- Recommended approaches for risk reduction on your IT estate.
- Strategic guidance regarding how best to approach documented vulnerability findings.
Industry Insights Sponsors
F-Secure
F-Secure Consulting is a research-led cyber security consultancy, partnering with enterprises and early adopters worldwide. We exist to build resilience in an ever-changing digital world by providing evidence-based security advice. Our research and passion drive service innovation and excellence for our clients.
Please visit: www.f-secure.cog.
Puleng Technologies in partnership with RSA
Puleng Technologies
The Puleng Blueprint provides our customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has: its Data and Users while facilitating IT and business with a platform to build an efficient, collaborative and integrated Cybersecurity programme.
www.puleng.co.za
RSA
Learn more at www.rsa.com
Silver Sponsor
OneTrust GRC
OneTrust GRC enables risk, compliance and audit professionals to identify, measure, and remediate risk across their business. With OneTrust GRC, companies can seamlessly integrate risk management into their daily activities.
Please visit: www.onetrust.com.
Display Sponsor
ISACA
The South Africa Chapter covers all of South Africa; including the Western Cape (Cape Town), Eastern Cape (PE and East London), Gauteng (Johannesburg & Pretoria) and Kwazulu-Natal (Durban).
The South Africa Chapter (130) is the largest chapter in the Africa region, which comprises 17 ISACA chapters; and is the twelfth-largest chapter of ISACA’s 221 chapters worldwide.
Now in its 28th year of existence, the vision of the ISACA SA Chapter is to be the leading professional organisation in South Africa for business leaders in technology, information and cyber security, governance, risk and innovation.
The ISACA community is guided by our Purpose and Promise, which defines the essence of who we are and what we do. Our Purpose is the reason we exist—to help business technology professionals and their enterprises around the world realize the positive potential of technology. Our Promise is how we, as an organization and as individuals, deliver on our Purpose: inspiring confidence that enables innovation through technology. Our work, and the work of the professional community we support, has never been more important.
Please visit: engage.isaca.org.
RT @FSecure_Consult: We had a great time today meeting delegates at #ITWebGRC2020! Our highlight was a talk from our very own Johannes Mybu…
A panel discussion on what compliance and regulatory issues RegTech work solves, at the ongoing #ITWebGRC2020 https://t.co/owbdbY4OpE