As a business-oriented cybersecurity consulting firm, CST-360 focuses on the business side of cybersecurity. With our business-driven approach to cyber security, you can innovate and scale your business, while protecting what matters. A key component of our consulting practice focuses on Cyber Security Governance. We assist you and your organization in managing the cybersecurity risks associated with the technology you use and the cyberspace in which you operate. Our mission is to assess cyberspace risk that may negatively impact your business operations, prioritize and optimize security investments, and ultimately apply the right amount of security to protect what matters.See more: www.cst-360.com

Leading the Cyber security GRC and Digital Trust team.

Know-IT provide's practical Governance services.Our advisory emphasizes the Governance of IT, Security & Cyber, achieving a competitive advantage, while managing Risks relevant to the organization and comply with both internal and external requirements.Our work is based on Governance principles, leading standards, framework and practices. The experience & ability of transfer and align those principles into local culture and language (Hebrew) gives our clients true value. We are experienced with most Governance services and advisory, as we are engaged to develop and improve technological based processes throughout the organization.We are also experienced with IT related risk assessments and advising on leveraging findings into practical process improvement and risk management. We advise board members & senior management on how to align organization's IT towards its business goals while managing risk and achieving compliance required.We believe that Governance principles are the best way for board of directors and senior management to define and set the management frame serving all relevant shareholders in the business world we live in.Our duty is to develop and support technological processes enabling and sustaining organization's goals and objectives.

Our Cyber Secuirty sub committee main goals are:To have ISACA professional publications and books accessable for local professional community. To advise local entities and organizations with ISACA's framework, guidelines and recommendations. To lead educational behavior of proper and effective forms of Cyber Security and Cyber Resilience.Personally, also serve as Cyber Security Fundamentals instructor.

Lead Instructor in the fields of GRC - Governance, Risk & Compliance.Lecturer @ CISO courses, Leveraging the modern information security officer as a business enabler. While providing knowledge & experience in IT & Security technology alignment with business needs.

Implementing security processes and controls based on ISO 27001-2 framework (developing company's ISMS).Correlix business needs lead the processes development.The development is aligned with IT Governance practice (COBIT 4.1) and includes:Roles and Responsibilities (from BoD through end users)Risk Assessment (via penetration tests & external audit)Security and IT processes development (developing secured and controled processes followed by writing adhere polices & procedures)Adequate controls implementationThrough my work I'm also responsible for:- Managing the engagement with Correlix security external auditor (Dell SecureWorks) - Advising on Risk management issues & requirements- Developing DR concept to meet Correlix BC requirements

Information Technologies Risk & Advisory services.During my work at EY, I Managed a team of auditors and consultants supporting IT processes and regulations.As an ITGC specialist, I have vast experience in IT processes with business alignment.Among others, I was responsible for implementing Sox ITGC compliance in Israel leading companies such as Fortune 500 member, a world wide company in which I managed nine subsidiaries over 3 different continents, and many more.I performed a business Impact analysis (BIA) for a world wide enterprise and developing BCP-DR strategy.I specialized in a variety of IT frameworks, Standards & practices, such as: COBIT and other ISACA publications ISO 27799, 2700x and local Ministry of Finance circulars.

Implementing BI tools for Sales managers in large scale insurance agencies.Issuing and approving Technology components for large scale insurance agencies.Responsible for department's technology effectiveness & efficiency improvement.

Implementing BI tools in company's management and sales personnel emphasizing the use of company DataWare House (DWH).Ensuring business needs are clear and understood by DWH development and implementation teams.