In February, the National Institute of Standards and Technology released version 2.0 of the Cybersecurity Framework (CSF). This version introduces "Govern" as the sixth core function, complementing the existing five functions. To promote cyber governance, CSF version 2.0 echoes the critical role of cyber oversight highlighted by the United States Securities and Exchange Commission in its 2022 Commission Statement and Guidance on Public Company Cybersecurity Disclosures.

Few publicly-listed firms have established cyber governance committees or defined dedicated roles and responsibilities within them. Their frameworks or principles are still evolving and have not yet achieved certified standard status. From our first-hand observations, local cyber risk management has not been fully implemented. This begs the question: is cyber governance akin to medicine or merely a placebo? If cyber governance could indeed guide the cyber risk roadmap, what challenges do we encounter in creating such a roadmap? Furthermore, how does cyber governance relate to the Cybersecurity Framework and the cybersecurity of the supply chain   

In this digital age, cybersecurity governance has become a critical issue for ensuring the survival and development of enterprises. How should enterprises construct the most suitable cybersecurity governance blueprint, implement cybersecurity architecture and management policies, and apply these practices to different business environments? ISO 27001, as an internationally recognized standard for information security management systems, provides enterprises with a comprehensive and effective framework to address the growing challenges of information security.

In this seminar, cybersecurity experts from Symantec will share with you how enterprises can meet stakeholder requirements and implement key practices and best strategies for implementing ISO 27001. They will also share the latest Symantec solutions to help you establish a robust cybersecurity system and effectively respond to various security threats.

In recent years, innovations in information technology have evolved new business models to provide new technological experiences for the customers they serve, such as the technological development of financial technology. Whether it is Fintech or traditional financial institutions, controllers or processors of personal identification information The existing operating procedures and data protection risks of operators will be severely affected. Various industries are facing business challenges brought by ICT, digital transformation and even the metaverse. When it comes to information governance issues, security issues and organizational operational risks should be equally valued. In the past, the static risk assessment that was often used by the ISMS management system was bound to be unable to meet the requirements of corporate governance for operational goals! How to face the three lines of defense of the company's internal control and better control operational risks, it is imperative to develop dynamic decision-making models and governance strategies.