Stone Fang

Shin Kong Financial Holding Company / Vice President, Information Security Department

Current position:

-Vice President of Information Security Department of Shin Kong Financial Holding Company

-Cyber Security Cousultant of CIAA(INSURANCE AGENCY ASSOCIATION OF THE REPUBLIC OF CHINA.)

Work experience:(33 years fo IT and IS)

-Executive Secretary of F-ISAC(Financial Information Sharing and Analytic Cenetr)

-Senior Vice Presidentof Security Control Department of FISC(Financial Information Service Company)

-Vice President of Information Section of CTBC Investment Company

-Manaing Director of Informaion Technology Division of Taiwan Lottery Company

-Vice President of InformationTechnology Infrastructure Services Department of Chinatrust Commercial Bank

-With multiple management skills of Information Technology、 Cyber Security and Personal Information

-Possess CISSP(970766)、CEH、CSA、ISO27001 LA、BS10012 LA centificates

Stone Fang
SPEECH
4/17 (Thu.) 15:05 - 15:35 7F 701A FINSEC Forum
IS Cybersecurity guy just all mouth? A brief discussion on the division of labor and cooperation between the first (IT) and second lines (IS) of cybersecurity defense

When the CISO segregated the duties with the CIO, how should the scope of "information security(IS)" be defined? The disaster recovery is addressed "Availability", issues, which is one of the CIA triad, and application-level vulnerability scan is for cybersecurity, so should them all be under IS management?

After 40 or 50 IS systems are implemented, should'nt we consider the effectiveness and measurability in addition to availability and efficiency? In addition, is the total cybersecurity budget only the budget of the IS unit? 

More