On February 8, 2019, at the Institut & Akademie Interne Revision GmbH in Vienna, Schönbrunnerstr. 218 - 220, under the direction of Manfred Scholz, the seminar Seminar Security Awareness - the human firewall will take place. This seminar teaches the necessary elements of successful security awareness campaigns. Starting from psychological aspects and the typical challenges, [...]
From January 21 to 22, 2019, a training course on the topic of the General Data Protection Regulation (GDPR) Audit Approaches and Impacts on Internal Audit Activities will be held at the Academy of Internal Auditing in Vienna. Primary target group are interested persons in the audit department, IT department, security and data protection officers [...]
On November 22, 2018, Manfred Scholz will lead a seminar entitled "IT Security in Industry" at the Institute for Internal Auditing Austria in Vienna. Special focus will be the IEC 62443 series of standards defining the state of the art in industry. Terms such as Industry 4.0 or IoT stand for the dawn of a [...]
For 15 years now, the Hagenberg Circle has been organizing the Security Forum, the annual ICT security conference in Hagenberg, directly on the campus of the Hagenberg University of Applied Sciences. The approximately 200 participants from all over Austria, Germany and Switzerland appreciate the high quality of the presentations and the professional atmosphere of the [...]
Date 6: Audit approaches to demonstrate accountability. In preparation for the General Data Protection Regulation, SEC4YOU is offering a series of events that focus on the what and how. In the last workshop of the event series, we look at the upcoming audit approaches to demonstrate accountability. In our workshops, defined results of the [...]
Follow the recommendation of experts: perform an infrastructure penetration test at least once a year. When performing penetration tests, we pay attention to a structured approach. To this end, we divide our technical audits into phases according to the recommendation of the German Federal Office for Information Security (BSI): Preparation Information gathering and automatic [...]
Date 5: Risk analysis as a preliminary step to data protection impact assessment. In preparation for the General Data Protection Regulation, SEC4YOU offers a series of events that focus on the what and how. This time, we look at risk analysis as a precursor to data protection impact assessment (DPIA). In workshops, defined results [...]
More and more often we are asked how to train data protection and the requirements of the GDPR. For internal data protection officers (DPOs) or, if you don't have a DPO, for the internal data protection contact person, there are numerous training courses and courses for further training in the GDPR requirements. However, familiarization [...]
The security of data must be guaranteed by appropriate technical and organizational measures. Important objectives include protection against unauthorized access, data loss and manipulation. This principle refers to a wealth of technical and organizational measures that must be taken when storing and processing personal data. Since the terms pseudonymization and encryption are mentioned several times [...]
Personal data must be deleted, for example, after the purpose of the processing no longer applies and the necessary retention periods have expired. It is therefore not permissible to retain personal data for an unlimited period of time. This principle can be implemented most easily by means of a company-wide deletion concept. Here, the different [...]
