Seminar on Information Security - Details

8/11/2019 Seminar on Information Security - Details

1/8

SEMINAR

ON

INFORMATION SECURITY

We can evade reality but

we cannot evade the

consequences of evading

reality."

Ayn Rand

Highlights

Information Security

IS Audit

Data Protection

IS Myth

GENERAL INFORMATION

Date: 31

st

Aug & 1st

Sep 2014(15 & 16 Bhadra 2071)

Time: 10 am 5 pm

Venue: Hotel Shanker, Lazimpat, KathmanduTitle: SEMINAR ON INFORMATION SECURITY

E mail: [email protected]


2/8

INFORMATION SECURITY

We cannot imagine any organization without any information, the main asset of any organization is

their secured information. For some types of information, confidentiality is a very important attribute

Examples include research data, medical and insurance records, new product specifications, and

corporate investment strategies. If there is loss of confidentiality in any organization then it will ham

per their whole business process.

Information security is the Practice of defending information from unauthorized access, use

disclosure, disruption, modification, perusal, recording or destruction. As well as Information securityis necessary for the risk management and smooth functioning in any business or the organization.

EXECUTIVE SUMMARY

SQA Enthusiast a Tech community in Nepal which has been working since 2011. This is a group of

software quality assurance enthusiast, penetration testers, and network/system admins, dedicated in

awareness creation, training, research and providing improvement solutions to improving the

information security for our country.

As we know Information Security is the most buzzed topic in todays world, a step has to be taken nowso that the system, software, resources that we use and develop today and tomorrow are secure asmuch as possible so that the data we use and store are at higher side of security considering. SinceNepal is taking a leap in Information technology, its a must do, and must attend event by anyorganizations, business houses, government bodies in Nepal. It will be a great event to learn which willhelp each one to think and act on their data they own, information security policy, and informationsecurity.


3/8

INFOGRAPHICS

What Statistics suggest is,

the most targeted areas are

Financial Sector (29.2%)

and Governmental Sector

(25.5%) among other

numerous sectors.


4/8

OUR TEAM

Sam

CISA, CRISC,CAIIB, GRC,

CIRMB, CBF

28+ years of experience in IS

Sam is a Core Banker

professional with 28 years of

experience. With the dynamic

changes in IT Industry he took

up the challenges in the area

of IS Risk Management &

Auditing in BANKING

Domain . He holds various IS

certification like CISA, CRISC,

CAIIB & Oracle GRC.

Currently he holds theposition of HEAD of IT

SECURITY & IT AUDITNG in

Head office of a BANK at Hy-

derabad. He has international

exposure in handling clients.

Somnath Bose

CSM, CISA, PMP, ITIL V3,CQA


Somnath is an astute profes-

sional presently practicing

project management and

mentoring project best

practices, managing IS audit,

F&A, design, development &

implementation, transition and

transformation projects worth

multi millions dollars globally.

SCOPE OF INFORMATION TECHNOLOGY

Information security doesnt belongs to only security of electronic data

it get change with the customer requirement and the changing

environment. Now information security also refers to security in

physical access to working place and the equipment use in office or by

the employee.

Information Security looks in different field like

Stored on databases, computer or any other storage device

Printed or hand written on paper, white boards etc.

During communication between employee within or outside

organization

OBJECTIVE

To aware people and organizations about information security

To share knowledge on Audit Standards

To promote the acquisition of appropriate technological skills,concepts, principles, methods and vocabulary regarding Information

Security.

To promote greater Information Security and opportunities among

Nepalese governments, organization and stakeholders.

To spread the knowledge regarding vulnerability and countermeas-ures


5/8


6/8

IMPORTANCE OF INFORMATION SECURITY

To protect data from being loss or damage from any natural or the illegaactivity

To run business or any organization smoothly in any situation

To ensure that important data, business documents and other confideinformation are protected from theft or unauthorized access.

To stabilize business with customer satisfaction and confidentiality atheir data and information

OUR TEAM

Habeeb Mohammed Khan

B.Com, CISA, PMP, OCP,

CA


Habeeb is an experienced,

matured and hardworking

CISA qualified professional

with pragmatic result oriented

approach in managing

finance, accounting,

reporting, IS Security and

Implementing Oracle ERP

business solutions likes

to take up challenges in

Oracle Implementations / IS

Audits. Have worked and

delivered projects globally in

(USA, Spain, Saudi Arabia,

Bahrain, UAE (Dubai & Abu

Dhabi), South Africa,

Singapore, Mexico) and

managed Offshore projects

from Hyderabad.

Narayan Koirala

Software Engineer

7+ years of experience in

Software Quality

An accomplished Software

Engineer and IT Entrepre-

neur with solid experience in

providing Software Quality

Assurance solutions to

corporate organizations,organizing national and local

level tech events, promoting

Software developers,

students towards Software

quality, secure development

and information technology

solutions.

PROBLEM

Why are we initiating this? Information security is the main buzzing word in Nepals corporate aren

All financial institutions are on the process of IT audit so each of us whave to know more about Information security, various standards, au

process, business risk associated etc.

The rate at which Nepalese websites are being hacked is increasi

rapidly making the situation critical and raising the importance

securing websites.

To improve the security of information are not the playground f

practicing hack.

GUESTS

Ministry of Science, Technol-

ogy & Environment

Department of Information

Technology

Nepal Rastra Bank

Nepal Police

Nepal Army

Telecommunication

Banking

PARTICIPANT

Government: IT Officials &

Policy Makers

Financial Sector: IT Officials

IT Officials of Medical Sector

IT Officials of Travel sector

IT Professionals from

Corporate Organizations

Software Companies

INGOs, NGOs


7/8

PROGRAM SCHEDULE (Tentative)

DAY I - 31stAugust 2014

10:00 10:15 Registration and Tea/Coffee/Cookies

10:15 10:45 Inaugural Ceremony

10:45 11: 15Presentation

Department of Information Technology (DoIT)

11:15 12:30Introduction to Information Security

Somnath Bose/Habeeb Khan

12:30 01:15 LUNCH BREAK

01:15 02:00Threats & Risks

Habeeb Khan/Sam

02:00 03:00 GRC (Governance, Risk Compliance )Sam/Habeeb Khan

03:00 03:30Presentation

Nepal Rastra Bank (NRB)

03:30 05:00ISMS

Sam/Somnath

05:00 05:30 Networking and Tea/Coffee/Cookies

DAY II - 1stSeptember 2014

10:00 10:15

Registration and Tea/Coffee/Cookies

10:15 11:30Evidence

Somnath Bose / Sam

11:30 12:30SQA/EW

Narayan Koirala

12:30 01:15 LUNCH BREAK

01:15 02:00Review & Documentation

Habeeb Khan/Somnath Bose

02:00 03:00

Presentation / Panel

Sam, Somnath, Habeeb, DoIT, NRB, IS Security Experts and

stakeholders of Nepal

03:00 03:30 Certificate Distribution by Narain Koirala

03: 30 04:00 Concluding Remarks

04:00 04:30 Business Networking with Tea/Coffee/Cookies


8/8

Contact Us

Give us a call for more

information

SQA EnthusiastGyaneshwor, Kathmandu

+977 01 4413100

[email protected]

Narayan Koirala

Event Organizer

9851140451

Anu Shrestha

Event Coordinator

9851152629

EXPECTED OUTCOME

Protecting our system, valuable data/ information is a major concern,

with each passing day, IT environment has become more and more

complex. Hardware and software manufacturers are constantly

developing innovative offerings with new capabilities, and your IT and

security needs likely continue to far outpace your IT and securitybudgets. The persistent rise in security threats, combined with limited

internal security resources and the increase in regulatory compliance

requirements, makes it essential for an organization to think strategically

when prioritizing IT initiatives.

We will deliver the following benefits;

Awareness about Information security

Awareness about various standards of audits

Provide Professional guidance in understanding threats, risks.

To improve the quality of the web system.

To make people aware about web quality. To improve the whole ecosystem of IT towards quality development.

Effectively monitor the security of your environment Quickly identify, analyze and respond to potential security threats Focus on your core business needs To tell people that we ourselves are responsible for maintaining

quality of web system not developer, not test engineer and nor

hosting company.

Sharpen self for quality development, quality testing, and periodic

health checkup of system.

Companies spend millions of dollars on firewalls, encryption and

secure access devices, and its money wasted, because none of

these measures address the weakest link in the security chain.

Kevin Mitnick

REGISTRATION:

Individual

Fee:NRs. 15,000/- Early Bird:NRs. 12, 000/- (Till 22ndAugust 2014, 12 noon)

Corporate:

For 3 Participant:NRs. 40, 000/- Early Bird:NRs. 30,000/- (Till 22ndAugust 2014, 12 noon)

For 5 Participant:NRs. 65, 000/- Early Bird:NRs. 50,000/- (Till 22ndAugust 2014, 12 noon)

Note:

Last Date: 28thAugust 2014 / 12thBhadra 2071

Payment have to be prior to the event date.

Excluding taxes

Includes Kits & Dine during seminar

Documents

Seminar on Information Security - Details