Title: Mobile Device Risk Assessment
With the consumerization of IT, organizations everywhere are feeling the pressure to incorporate a broader spectrum of mobile devices into the corporate environment. Meanwhile, the threat environment for mobile devices is unique and changing, and security capabilities are lagging behind mobile functionality. In order to successfully incorporate a broader variety of mobile devices into the corporate environment, organizations must thoroughly assess the risks and develop a risk mitigation plan.
This session will review available risk assessment models, unique considerations when conducting a risk assessment for mobile devices, as well as a case study of a recent mobile device risk assessment.
David Frei is a member of the Capital One IS Audit team, serving as Digital and Information Security Specialist. David brings 10 years of experience from KPMG providing security advisory, IT attestation, and external audit services to various clients in Financial Services, Insurance, Consumer Products, Healthcare, Energy/Mining, Telecommunications, Federal, and Local Governments. His certifications include: Certified Information Systems Security Professional (CISSP) and Certified Information Privacy Professional (CIPP).
David has strong information security/digital experiences that include assessing mobile devices and applications, consulting on information governance frameworks, performing sensitive data flow analyses, assessing security and privacy controls to prevent and detect data loss across the information lifecycle, developing and evaluating Information Security Management Systems and third-party vendor risk assessment programs, performing vulnerability assessments, and managing IT and business process components of internal controls readiness and attestation projects.
Click here to view the presentation slides.