Name: Dr Asaad Moosa
Organization: British Forces Broadcasting Service
Topic: CISO in Action: Building a Global Information Security Program
Date of Webinar: 27th August, 2019
Time and Location: 3pm BST/ 7:30pm IST/ 10am EST
Speaker Bio: Dr Asaad is Chief Information Security Officer (CISO) at the British Forces Broadcasting Service (BFBS). Asaad is specialised in building global information security programmes and enterprise security architectures. He has over 20 years of experience in information technology and cyber security both public sector (central government) and private sector (financial, trading, insurance, banking, energy, health, retail, legal, property and asset management). Asaad holds several professional certifications, including CCISO, CISSP, TOGAF, OSCP, ISO 27001 Lead Implementer/Auditor, CIPP/E, CIPM, GDPR-P, and ITIL v4. He also holds a PhD in cyber security from the University of Reading, UK, in which he developed novel algorithms in artificial immune systems, artificial neural networks, and swarm intelligence. He also worked as a lecturer of Computer Science at Reading University and has supervised over 20 MSc projects in cyber security.
Topic Abstract: Ransomware, spear phishing, DDoS, zero-days, APTs, and recently, cyber weapons – let’s face it: malicious hackers are ahead in the game and are rapidly becoming way advanced than one can stop. Classical security controls are failing, and more spending on ‘preventative’ measures does not necessarily guarantee better security. It is vital to comprehend the real depth of the cyber threats facing businesses today, how to integrate InfoSec ‘holistically’ to support business objectives, and how to efficiently maximise security ROI in implementing global information security programmes that can survive cyber attacks of today.
The question that I get asked most of the time is what the secret is to be a CISO who can design and implement a successful information security programme? What does it take to become a real CISO? In this session, I will take you in a quick journey to show you the step-by-step roadmap of how to become a successful CISO. I will provide a walkthrough of how to build a global information security programme and how to implement ISO 27001 programme globally. I will cover various international standards and security frameworks, including ISO 27001, ISO 27002, ISO 27005, NIST Cyber Security Framework, COBIT 5, TOGAF Enterprise Architecture, ITIL v4. I will also help you putting all the pieces of the cyber security puzzle together, including SOC, SIEM, SOAR, GRC, penetration testing, security architecture, zero-days, APT, cyber-kill chain, MITRE ATT&CK.