Loading…
BSides Boston 2016 has ended
Saturday, May 21 • 3:00pm - 3:45pm
We bought some tools - now what?
Everyone knows that information security isn’t something that can be ignored. Most people are doing something about it. But how do you know if you’re focusing on the right things, and where your gaps are? Is your focus based on a checklist your CIO read in a magazine? The key to a successful information security program is organization and documentation, the less fun but still vital part of information security. In this presentation I plan on outlining the steps to setting up a formal information security program and identifying gaps for current programs.
- Creating the main framework document & what should be in it
- What to do when your boss gives you a security checklist he read in a magazine.
- Strategies on selecting a security framework SANS Top 20, NIST, ISO 27001, Cyber Essentials
- Establishing a security council
- IR plan & template
- Policies
- Change management
- Vulnerability management

Speakers
JB

Jim Bowker

Jim Bowker, CISSP, has been in IT for over 20 years with the last decade or so focusing on information security. He has a Bachelor's in Computer Technology from Purdue University, a Master's in Information Assurance from Northeastern University. He currently head up the Information... Read More →


Saturday May 21, 2016 3:00pm - 3:45pm
NERD 1 Memorial Dr
  • Room Paul