Sandra will explain how cyber risk for both IT and OT (IACS) is managed enterprise-wide based on the company's Enterprise Cyber Security Governance Framework, which is comprised of two main elements - the Cyber Security Risk Management process and the integrated Control Framework. Sandra will explain the main elements of the Cyber Risk Management process and how it is applied to both IT and OT, reflecting a risk-based approach whilst at the same time meeting the compliance requirements of various standards and regulations, both global and country specific. The Control Framework includes multiple relevant standards such as NIST, IEC/ISA 62443, ISO27001+, multiple countries' Data Protection standards (e.g. EU, UK, Canada, Malaysia, Australia, etc), OWASP and PCI DSS.
Learn how to create and apply a GRC framework for cybersecurity risk governance and management, that can be applied to both IT and OT (IACS), whilst addressing multiple standards, and diverse country and industry requirements
Learn practical tips and advice on deploying and implementing the framework to diverse stakeholders
Head of Cyber Security Risk and Policy,
PETRONAS Digital Sdn Bhd
You must be logged in and own this session in order to