A Look At Cyber Security Frameworks And Standards

Steve Lavergne is a Principal Security Consultant with the Bank of Canada and holds several certifications including CISSP, GCPM, GSLC, GSNA, GSEC, CSXF, GRCP, Security+, and PSM. He has been volunteering for the last thirteen years in the local security community and currently serves as the President for the Information Systems Security Association (ISSA) Ottawa chapter.

He is also the cyber security Director and authorized CSXF Trainer for the ISACA Ottawa Valley chapter and has frequently taught the Cyber Security Fundamentals (CSXF) course focused on the protection of information as a critical function for all enterprises. ‘Cyber security is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of Information Technology,’ as he has written about the course.  

“Security risk is an operational risk that most organizations would consider to be a Tier 1 or top rated risk,” says Lavergne. “Security risk is often seen as pure risk (hazard and operational), but organizations should look at security risk more holistically and include speculative risk (strategic and financial).”

The Cyber Security Fundamentals

Lavergne was tasked with teaching the foundational areas of cyber security showing participants how to understand basic cyber security concepts and definitions, apply cyber security architecture principles, identify components of cyber security architecture, understand malware analysis concepts and methodology, and recognize the methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies.

However next month, Cyber Security Hub is tapping into Lavergne’s knowledge base on an expert panel to discuss “Dynamic Risk Management For The Evolving Threat Landscape.” He will join the session moderator Harry Perper, Cyber Security Engineer, NCCoE/NIST; Dan Heywood, Technical Director, Virgin Mobile UAE; and Dennis Leber, Cabinet for Health and Family Services, State of Kentucky.

More specifically, Lavergne will go into more detail to provide attendees with:

• The NIST cyber security framework implementation tips and tricks.
• A better understanding of how different Standards and Frameworks can work together.
• How basic tools can be leveraged to support decision making.

About The Cyber Security Digital Summit

Uniting cyber security professionals and thought leaders from across the world online for two days of free sessions, the Digital Summit delivers practical business tips, top challenges and solutions as they relate to enterprise security.

High-tech artificial intelligence, behavioral analytics and autonomous solutions mean that our arsenal is full when facing new threats. However innovative tools that can be used to prevent attacks can similarly be used by criminals against the enterprise, meaning that understanding and harnessing cutting-edge technology is vital to surviving.

Cyber Security Hub has united experts from every aspect of this space to present their most compelling case studies and real-world advice on subjects ranging from artificial intelligence, incident response, secure enterprise mobility, phishing, behavioral analytics, identity & access management and more. By the end of the event, you will have been provided with the tools you need to build a “360 plan” for your enterprise.

Join us over two days in May to learn from world-class cyber-security experts and share best practices with peers to help build a more robust cyber-security network without leaving your desk:

To view the Digital Summit sessions ON DEMAND, click here.