Da-Yu Kao is the Deputy Head of the Information Security Division of Bank SinoPac, Taiwan. His crucial responsibility focuses on establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS), Business Continuity Management (BCM), and Information Security Management System (ISMS) in the form of an extension to NIST Cybersecurity Framework (CSF) for keeping pace with the evolving cybersecurity landscape. These activities help the organization respond to and recover from potential threats as effectively as possible. He is also a part-time Professor at the Department of Information Management, Central Police University, Taiwan. He has an extensive background in law enforcement and a keen interest in information security, ICT governance, technology-based investigation, cyber forensics, human resource development, and public sector globalization. He was a detective and forensic police officer at Taiwan's Criminal Investigation Bureau (under the National Police Administration). With a Master's degree in Information Management and a Ph.D. in Crime Prevention and Correction, he has led several investigations in cooperation with police agencies from other countries over the past years.
This speech discusses the philosophy of knowing employees and the necessary skills to implement information security governance from the CISO perspective. CISOs must develop an incident response plan outlining the proper procedures for a security breach or incident. That includes identifying, collecting, examining, analyzing, and preserving the evidence. They should ensure that the organization complies with financial regulatory requirements. CISOs further work closely with other leaders in the organization to ensure that security, convenience, and resiliency are top priorities.
In conclusion, CISOs must have a comprehensive understanding of cyber security risks and the ability to develop and implement effective strategies. They must also be able to lead incident response efforts to manage or mitigate these risks effectively and efficiently.
The financial cyber security roadmap should be employed to establish, implement, maintain and continually improve a cybersecurity posture for incident response and digital forensics within the organization's context. This talk will demonstrate due diligence and good corporate governance based on day-to-day business activity. It also can reduce the expenses and time of an internal investigation and promote the evidence of court acceptance.
CYBERSEC 2023 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy .