This year’s conference on IT service management and project management, Together in Excellence, took place online from 16 to 18 March. Informatika’s dr. Andrej Bregar gave lecture titled Challenges and common information security management practices to successfully manage cyber risks in IT processes and services.
The lecture was very well received since information technologies and business systems are becoming substantially exposed to cyber security risks and vulnerabilities, especially recently in the context of industry 4.0, continuous operations, 24/7 services and remote work.
Cyber security and information security management is hence one of key factors that each organization must address to conduct its business. Because security management is complex, it is necessary to employ a strategic and systematic approach which utilizes appropriate best practices. This also requires project management skills and essential processes to ensure the success of all security efforts.
In his presentation Andrej discussed challenges, common practices, strategies and methodologies for cyber security with the purpose to efficiently prevent cyber attacks, cyber risks, security breaches and data misuses that pertain to informatized business processes and services. He established the cyber security process as an integral part of IT service management and identified a comprehensive set of elements that target key aspects and phases of the cyber security life cycle (prevention, detection, response and recovery), and also address information security management, risk management and incident management at different organizational levels.
Andrej also recapped recommended practices based on the cyber security capability maturity model (C2M2), as well as ITIL 4 and NIST CSF frameworks. He applied operational aspects of cyber security practices and strategies to the energy utilities sector and the underlying critical infrastructure.
The entire lecture can be viewed at this link.