David Smith, the deputy commissioner and director of data protection for the United Kingdom Information Commissioner’s Office will discuss the challenges posted by personal privacy expectations from customers and regulators—and how IT professionals can strengthen public confidence in data protection—in his keynote presentation at ISACA’s European Computer Audit, Control and Security Conference (EuroCACS). This year, the event will be held 20-23 March in Manchester—one of the top 20 places to visit according to the New York Times’ “41 Places to Go in 2011.”
EuroCACS is an annual event drawing hundreds of global leaders in IT security, assurance and governance. Hosted by ISACA, a nonprofit association serving 95,000 IT professionals, the conference will feature 44 sessions divided into 12 streams:
Client Computing
Cloud Computing and Virtualization
Computer Forensics
Governance, Risk and Compliance
Information Architecture
Managing IT Investment
Outsourcing
Privacy, Information Protection and Loss Prevention
Regulations and Compliance
Risk Management
Social Computing, Social Networks and Human Factors
Sustainability
“EuroCACS is a great place for delegates to get the latest guidance on the issues that keep them awake at night. Attendees will learn valuable tips and solutions to add value to their enterprises,” said Peter Thompson, President, ISACA Northern England Chapter.
Summary of Select Streams:
Cloud Computing and Virtualization:
Cloud computing is something of a buzz term in the IT and business communities. Many maintain that it is the long-sought-after solution to cost and security concerns within an organization; others are resolutely unconvinced. Economic pressures have forced organizations to re-evaluate their IT solutions with specific regard to availability, scalability, efficiency and cost, so it is particularly important to assess the potential business benefits, risks and assurance considerations. Sessions in this stream will address the legal, security and governance issues surrounding the cloud.
Privacy, Information Protection and Loss Prevention:
Contemporary data security is perhaps the most pressing of all challenges facing IT professionals today—a fact that has resulted in unanimous agreement that a new type of security culture must be created. But what alterations must be made to reflect the current information security zeitgeist? Examining the latest security trends is the logical starting point, paying close attention to, for example, hacker tools, exploits, legislation, cybercrime news, and what private data encompasses and where it resides, all of which are conducive to achieving the IT culture required for the 21st century. By adopting frameworks such as ISACA’s Business Model for Information Security (BMIS), organizations can implement a new level of security requirements; one such example is the UK Government, which adopted the concepts of BMIS and will be featured in a EuroCACS session. Sessions in this stream will feature security case studies, the latest threats and trends, guidance to prevent data leakage and more.
Regulations and Compliance:
Evaluating compliance is a difficult job, and this stream reveals the most effective ways of completing it. Sessions include Emerging Standards in Software Security Assurance; Essentials of XBRL: The Emerging Financial Reporting Standard; PCI DSS 2.0: What the Standard Means for Companies; PCI DSS 2.0 Compliance: A Practical Approach; and Automating Security Configuration: Applying the US DoD Standard.
Social Computing, Social Networks and Human Factors:
With the advent of social-networking and increased consumerisation, the workplace has now become an extension of an employee’s private life—albeit a slightly restrictive one. Social networking web sites have created many marketing and communication opportunities; however, there are also significant risks involved. This stream will delineate the pros and cons of social computing and social networks, and attempt to direct its attendees toward achieving an appropriate level of control within the business environment. Sessions will discuss the risks and benefits of social media, how to create an effective policy, and how to control the uncontrollable.