Sherlock in Cyberland: The Case of Organizational Security

When we think of 'cybersecurity,' our minds often conjure images of ethical hacking, penetration testing, Security Operations Centers (SOC), forensics, and all the technical intricacies that protect our digital landscapes. However, there exists another realm within the cybersecurity domain that often goes unnoticed—the realm of organizational cybersecurity. This facet is a linchpin in securing an organization's digital infrastructure, and it revolves around the principles of GRC ("Governance": refers to the establishment and enforcement of policies, processes, and decision-making structures within an organization to ensure its goals are achieved effectively, ethically, and following applicable laws and regulations. "Risk Management": recognizing and understanding the threats and vulnerabilities that could impact the confidentiality, integrity, and availability of information assets, and implementing strategies to manage or minimize those risks. "Compliance": ensures that the organization follows specific security requirements and best practices. This includes data protection laws, industry regulations, and international standards to avoid legal consequences and maintain a secure operating environment).

You can picture this realm as the Sherlock Holmes of the cyber landscape, dealing with compliance with laws, standards, and guidelines like GDPR, ISO 27K, CSP SWIFT, DNSSI, and an alphabet soup of 05-20 & 09-08 laws. It's a domain of audits, where meticulous checks ensure that the cyber ship is sailing in accordance with these vital benchmarks.

But fear not, this talk isn't a dry exploration of legalese and regulations. It's an introduction to the side of cybersecurity that doesn't always make it into the blockbuster cyber movies – the side that involves Security Awareness Training and the delicate art of making cyber principles relatable to everyone in the organization.

This talk is dedicated to the tech-savvy engineers pondering a switch to making organizational decisions, managing risks, and constructing grand action plans to gracefully waltz through incidents, and for the students eyeing a future in cybersecurity who might be interested in a field that demands not just tech prowess but also a flair for strategic thinking.


Ouissal Elkorri

Ouissal Elkorri
A human being | Adventurous soul | Super Mentor at DigiGirlz Mentorship Program| Women TechMakers Ambassador| Cybersecurity Engineer - GRC Consultant

I am a human being who loves nature, practices Bodyboarding, Yoga/Meditation, Basketball, and Skateboarding, and loves wild traveling. On the other side, I'm a Cybersecurity Engineer - GRC Consultant at SEKERA Services. I was a mentor in the DigiGirlz Mentorship Program in 2021, a Team Leader of DigiGirlz Uit Kenitra from 01/2022 to 08/2022, and now I'm a Super Mentor. Also, I am a Women TechMakers Ambassador.

I love sharing what I know and exchange with other human beings.

Since my childhood, I've always loved extreme sports, so besides studies, if I wasn't playing Basketball or skating, I was either bodyboarding, practicing yoga, or traveling...

My purpose in life is to travel the world and share kindness.

Want to join? Make sure to get your ticket and join 5 days of learning, networking and fun in Darija

Made with ❤️ by Geeksblabla Team

| © 2024 Geeksblabla | All Rights Reserved