I believe everyone has such feelings when you are asked about your company’s security posture. Why is that even when essential information security policies have been introduced, defense equipments have been purchased, and awareness trainings have been conducted, yet you are still not confident to say that your company is well prepared for cyber threats?
Information security risks faced by an organization can never be reduced down to zero, but through "effective" management, the probability and impact of information security risks can be drastically reduced and controlled.
The so-called effective management must start with the three aspects of ‘People’, ‘Process’, and ‘Technology’. In one sentence, ‘Technology’ can be effective only when ‘People’ comply with information security ‘Process’.
This agenda discusses the effectiveness of information security implementations from the three elements of building a more comprehensive information security system: People, Process and Technology.
1.Jung Chun has more than 26 years of IT experience. He used to be the manager of the application development department, the UHD department and the system analysis department. He has experience in requirements analysis and system development. In addition, he was also responsible for overseas information system development and had served as an architect. He is a professional in IT integrations for financial services.
2.In 2018, Jung Chun was responsible for the establishment of information security department, and has served as the CISO until now. To ensure that information security risks are under control, he has assisted in the implementation of information security governance and has established the company’s cybersecurity defense architecture.