"SSHhhhhh".....Discover Secrets to Governing An Unknown Access Gap
When: Oct 12th at 1PM Eastern
Please join our own compliance expert Fouad Khalil and our guest speaker and author Ed Moyle, from ISACA, as they discuss the information contained in the new Audit SSH: Practitioner Considerations guide!
ISACA and SSH Communications Security have partnered in an effort to bring visibility to an unknown access gap - SSH keys. Contributions for the guidance have come from practitioners, industry experts and SSH Communications Security to help the audit community be able to identify potential risks and provide information as to how audit professionals can take action to address assurance considerations. The collective compliance and audit community have been able to leverage best practices in order to deliver a new guidance titled “SSH: Practitioner Considerations.”
SSH keys are everywhere in enterprises and they aren’t just an “IT” issue. Many organizations are unknowingly putting themselves at risk of not properly managing SSH keys and when combined with new compliance regulations such as GDPR the risks can easily be compounded.
In this session you will learn more about:
The background and history of SSH keys
The relationship between SSH keys access and protecting what’s important
Key areas to consider when evaluating SSH keys usage as it relates to impact and controls
How to assess risks associated with unmanaged SSH keys
Walk away with best practice control implementations to ensure continuous compliance
- Free copy of the Practioner Considerations & earn CPE credit(s)
Introducing The Presenters!
ISACA, Director, Thought Leadership & Research
Ed Moyle is currently Director of Thought Leadership and Research for ISACA. Prior to joining ISACA, Ed was Senior Security Strategist with Savvis and a founding partner of the analyst firm Security Curve. In his 20 years in information security, Ed has held numerous positions including: Senior Manager with CTG's global security practice, Vice President and Information Security Officer for Merrill Lynch Investment Managers, and Senior Security Analyst with Trintech. Ed is co-author of Cryptographic Libraries for Developers and a frequent contributor to the Information Security industry as author, public speaker, and analyst.
SSH Communications Security, VP of Compliance
Fouad Khalil is the VP of Compliance at SSH Communication Security with extensive experience in the technology space with more than 25 years spanning disciplines in software development, IT support, program and project management and most recently IT Security and Compliance management. Mr. Khalil has held several positions within the technology sector during his career including; network, system and database administration, software programming, system, software and GUI design, project and product development, solution implementation and much more.
His most recent focus specializes in data security, security investigations, security training and awareness and most of all Security Compliance. Key areas of compliance and IT security focus include: Information Technology, National Institute of Standards and Technology, Internal Controls over financial reporting, Sarbanes-Oxley, PCI DSS, HIPAA and HITECH and the Monetary Authority of Singapore compliance to name a few. Fouad is experienced in security training and awareness as part of corporate governance and regulatory compliance.