By Dylana Milobar

Digital risk management in focus at upcoming TRU conference

Jan 26, 2019 | 8:45 AM

KAMLOOPS — Organizations and individual Internet users in Kamloops will have a chance to learn more about digital risk management at Thompson Rivers University’s Privacy and Security in the Digital Age Conference next week.

The conference will be held from the University’s Campus Activity Centre, starting at 8 a.m on Thursday (Jan. 31), until 3:30 p.m.

A variety of presenters will be appearing throughout the day, including keynote speaker, Ben Smith, who has been in the information security industry for 15 years, and is currently RSA Security’s Designated Field Chief Technology Officer.

Smith says his presentation will try to cover how organizations move through what he calls a ‘Digital Transformation Journey’.

“Leveraging the Internet, trying to deal with the threats that are on the Internet today. And most importantly, responding to a breach,” He explains, “If you have a breach or an incident where bad code gets into your network, or maybe an external adversary is trying to steal or exfiltrate information outside your network, what are some of the best practices, what are some of the steps you need to take before that happens?”

Boogie The Bridge

Boogie The Bridge Event Information

22h ago

Week in Review

Week in Review: Week of April 15

52m ago

Two and Out

PETERS: The Loop's eviction will show us what happens when a bandage is ripped off a gaping wound

20h ago

Smith says beyond worrying about personal data being compromised online, attacks can also come for other kinds of business information.

“Where you are shipping your product / products to could be very useful in the wrong hands. So anyone who is connected to the Internet today should be concerned,” However, Smith says, “We are as a industry, in much better form today, even versus 4 or 5 years ago. Folks better understand that we need to do a better job protecting the information that we have, and by in large, organizations. It might be baby steps, but we’re getting there as an industry to try and protect that critical information.”

While obviously learning the technical component of cyber-protection is critical, Smith says with human error still a very real possibility, its important for people to know what they’re doing as well.

“There’s always going to be technology that’s involved, but I think that at least as far as RSA is concerned, and some of our more mature customers, there’s a growing understanding and a growing respect of the human component inside these attacks,” He explains. “You can have the world’s best technology deployed to detect and protect your email, to protect your laptops and your servers, but you’ve got a human being who is susceptible to picking up the phone and talking to somebody that (for instance) represents from entity A, and they’re not from entity A.”

Smith stresses the importance of training employees to decipher which emails or offers are legitimate, and which could pose a security threat to the organization.

“Helping organizations train their users to detect that there is something not quite right about this email, or ‘I just got a call from somebody who said he was from my help desk, but he was asking for my password. Is that okay?’,” He says, “Getting us (human beings) a little more aware has to go hand-in-hand with the technology.”

His presentation will largely be focused on organization security measures and breach response plans, but Smith says there will be room at the end of the discussion for questions around individual concerns. 

For more information on the conference, click here.