CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

May 4-6 at Taipei Nangang Exhibition Center, Hall 2

FINSEC Forum
  • May 6th (Thu)
  • 14:30 - 15:00
  • 7F 701A

Experience sharing on the effectiveness of information security implementations

I believe everyone has such feelings when you are asked about your company’s security posture. Why is that even when essential information security policies have been introduced, defense equipments have been purchased, and awareness trainings have been conducted, yet you are still not confident to say that your company is well prepared for cyber threats?

Information security risks faced by an organization can never be reduced down to zero, but through "effective" management, the probability and impact of information security risks can be drastically reduced and controlled.

The so-called effective management must start with the three aspects of ‘People’, ‘Process’, and ‘Technology’. In one sentence, ‘Technology’ can be effective only when ‘People’ comply with information security ‘Process’.

This agenda discusses the effectiveness of information security implementations from the three elements of building a more comprehensive information security system: People, Process and Technology.

General
Governance Security Strategy
Jung Chu Chen

Jung Chu Chen

CISO, E.SUN Bank

1.Jung Chun has more than 26 years of IT experience. He used to be the manager of the application development department, the UHD department and the system analysis department. He has experience in requirements analysis and system development. In addition, he was also responsible for overseas information system development and had served as an architect. He is a professional in IT integrations for financial services.

2.In 2018, Jung Chun was responsible for the establishment of information security department, and has served as the CISO until now. To ensure that information security risks are under control, he has assisted in the implementation of information security governance and has established the company’s cybersecurity defense architecture.