ISACA reveals COBIT security secrets at Gartner Summit

London, UK, 30th September 2008 - Roger Southgate, from ISACA, an association serving more than 86,000 IT governance professionals from 160 countries - will deliver a workshop on the subject of COBIT and Val IT for the Security professional at the Gartner Security Summit in London this Wednesday. Given against the backdrop of regular data losses and breaches being reported in the media - Roger will reveal how COBIT (Control Objectives for Information and related Technology) can greatly improve information security for any size of organisation.

Roger Southgate, the immediate past President of the London Chapter of ISACA commented, “All the recent data loss catastrophes have their origins in people and process. The COBIT security baseline enables a focused holistic approach to the people, process and technology issues that organizations today have to face.”

Roger Southgate continued, “If organizations get their employees to consider the following key points from the COBIT security baseline user survival kit, people will make the connection between attention, understanding and appropriate action in order to achieve long term security”.

Top 6 tips from the User Security Survival kit are:

  1. Obtain guidance from qualified and reputable advisors (certified technicians) from time to time to ensure that the computer installation has no significant security flaws.
  2. If you depend on computers to do business, sign up for onsite support and ensure the availability of an on-call facility should anything go wrong.
  3. Obtain reputable security software. Protection packages can be obtained from all PC software dealers that include all the main functions necessary, e.g., antivirus, spyware, firewall and content filtering. If needed, use a specialist to ensure proper installation.
  4. Sign up for automatic updates and maintenance on the security software to ensure that the protection is current and up to date.
  5. Do not open unknown e-mail attachments, and be aware that e-mail addresses can be faked. Let the security software check all e-mails and follow the advice given by the tool.
  6. Install only official, up-to-date operating systems, security software and applications; avoid installing anything that is not needed.
With information and related systems becoming increasingly critical to organizations’ survival, the associated risks have grown in number and severity. The COBIT Security Baseline was developed to help minimize these risks. It identifies 44 security practices based on the COBIT 4.1 framework and offers guidance and tools to help computer users of all levels protect their systems.

Security Baseline features information security “survival kits” for six levels of computer users, from individuals who use computers to senior executives with responsibility for information security in the workplace. The kits contain essential questions to ask and checklists to complete to improve security and minimize risk.

"With the provisions of the Companies Act 2006 about to pass into law, corporate governance is poised to become top of the agenda at management board meetings across the UK, just as it did five and half years ago in the US when the Sarbanes-Oxley Act came into force. I plan to explain to attendees how COBIT can be used to benefit almost any public and private sector business," Southgate said.

For further details of Roger's presentation:

With more than 86,000 constituents in more than 160 countries, ISACA ( is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor (CISA) designation, earned by more than 60,000 professionals since 1978; the Certified Information Security Manager (CISM) designation, earned by more than 9,000 professionals since 2002; and the new Certified in the Governance of Enterprise IT (CGEIT) designation.

For further details of ISACA:

Developed by the IT Governance Institute--the research affiliate of ISACA--COBIT is available as a free download at

Source: EskenziPR