1. Introduction

Computer Security Day (CSD) is an annual event that is observed worldwide. It was started in 1988 to help raise awareness of computer related security issues. The goal of CSD is to remind people to protect their computers and information. Officially, CSD is November 30th. However, some organizations choose to have functions on the next business day if CSD falls on a weekend.

Computer Security Day is a great opportunity for information security professionals and their organizations to raise the level of awareness within their users. For 2008 the theme for CSD will be "A Good Defence”. Each individual is responsible and plays a part in protecting information assets and resources. These include:

Viruses

Firewalls

Using strong passwords

Social engineering

Physical security of information resources and assets

To observe the forthcoming Computer Security Day, National Computer Board, is proposing to organise an Information Security Week from the 1st to the 12th of December 2008.


2. Information Security Week

The main objective of the Information Security Week is to bring together international and local IT and security professionals, practitioners, industry experts and analysts to share their experiences, acquire knowledge and gain an understanding of the key tools, techniques and strategies needed to safeguard organisations’ most valuable asset – information.

The format of the event will be as follows:-

A 2-day Cyber Security Conference on the 1st & 2nd December 2008 with the participation of international high profile resource persons.

A half day workshop for senior executives on Critical Information Infrastructure Protection and Information Assurance for key stakeholders with the participation of CERT-In on 3rd December, 2008.

BS 25999 Implementers Training by BSI on 4th and 5th December, 2008

Certified BS 25999 Lead Auditor Training by BSI from 8th to 12th December 2008.


3. Cyber Security Conference

The conference programme would consist of both management and specialist concurrent streams. Presentations and workshops will include management and technical theory, applications and practical experiences on all aspects of information security topics.

The event will help business executives, senior management and Information Security professionals keeping up to date with the latest development in the following main Information security areas:-

Understand current and emerging information security threats that can impact their business.

Develop ways to identify if your organisation is adequately prepared to deal with a disaster.

Manage the challenge of regulatory compliance, policies and procedures.

Protect critical infrastructure through effective intrusion prevention strategies.

Maximise the returns on your information security investments.

Keep abreast on latest information security products and technologies.

It is proposed to invite international Information Security experts in the field for this event. The Cyber Security Conference will provide business and IT professionals with the ideal platform to:

Stay current on the latest developments in IT security theory and practice

Gain the necessary skills to create your own robust IT security practices

Learn from real life examples on how to fight IT security threats

Make new contacts and network with peers

The 4 tracks proposed for the Cyber Security Conference are:

a). Cyber Security at National Level and Internet Governance
b). Business Continuity: Always On, Always Working
c). IT Governance and Compliance in the Industry
d). Information Security Risk Management for Corporations


4. BS 25999 Implementer’s Training Course by BSI

BSI’s “Implementing BS 25999” course provides participants with practical tools and methods of implementing business continuity management. This implementation course is based on industry best practice and the Business Continuity Management (BCM) Code of Practice released by BSI, BS 25999-1:2006. Practical exercises provide students with the opportunity to gain skills to introduce BCM into an organization. Students will return to their organizations with the knowledge of how to implement a business continuity management system based on BS 25999.


5. BS 25999 Lead Auditor Training Course by BSI

BSI’s “BS 25999 Lead Auditor” course provides students with the skills and knowledge to conduct and lead effective business continuity management system audits in accordance with the requirements of BS 25999-2:2007 and ISO 19011:2002, “Guidelines for Quality and/or Environmental Management Systems Auditing.” The course explains the principles and practices of independent auditing for a business continuity management system and guides students through the entire audit process, from managing an audit program to reporting on audit results. Students will gain the necessary auditing skills through a balance of formal classroom tutorials, practical role-playing, group workshops, and open forum discussions.