作者及译文:吴国鑫,张地
Author and Translator: Guoxin Wu, Di Zhang
美国中部时间2021年03月24日下午3:00,美国中国总商会芝加哥分会邀请到了三位行业内专业人士围绕国家、联邦及地方网络安全法规及政策,从风险评估、量化曝光、风险转移等角度进行了权威讲解。
At 3:00 pm on March 24, 2021, U.S. Central Time, the Chicago Chapter of the China General Chamber of Commerce U.S.A. invited three professionals within the IT industry to speak about national, federal, and local cybersecurity regulations and policies, for which the topics include risk assessment, quantitative exposure, risk transfer, etc. in a comprehensive manner.
演讲嘉宾介绍:
Speaker introduction:
Ted Augustinos 是国际律师事务所Lock Lord的合伙人,在那里他共同领导了隐私和网络安全实践小组,并带领了其事件响应团队。 Ted在数据收集,使用,共享和保护方面代表了各种规模和许多行业的公司。他曾代表客户为数据安全合规做准备,调查,以及响应。Ted是国际隐私专业人员协会 (International Association of Privacy Professionals) 认可的认证信息隐私专业人员。
Ted Augustinos is a partner of the international law firm Locke Lord, where he co-leads the Privacy & Cybersecurity Practice Group, and leads its Incident Response Team. Ted represents companies of all sizes and in many industry sectors on their collection, use, sharing and protection of data. He has represented clients in preparing for, investigating and responding to data security breaches. Ted is a Certified Information Privacy Professional, accredited by the International Association of Privacy Professionals.
Mike Lotas 是 Arete Incident Response的首席安全官兼全球事件响应负责人。在Mike 长达25年的职业生涯中,他为几乎所有业务领域的客户提供服务,从财富500强公司到小型的私人会计公司。 Mike参与了数百起事件响应工作,包括勒索软件和商业电子邮件妥协。他已经成功地为众多《财富》100强客户重新构造了网络安全体系。Mike已通过ISC2的CISSP认证20年。
Mike Lotas is the Chief Security Officer and Global Incident Response Leader for Arete Incident Response. Over Mike’s 25+ year career, he has served clients in virtually every business vertical, from Fortune 5 companies to small two-person accounting firms. Mike has worked on hundreds of Incident Response engagements, including Ransomware and Business Email Compromise. He has successfully rearchitected the cybersecurity stack for numerous Fortune 100 clients. Mike has been CISSP certified by ISC2 for 20 years.
Julian Sylvestro 是Hylant Group的副总裁兼网络风险业务负责人。Julian 目前为大型上市公司和私人公司以及大型非营利组织提供网络责任保险服务。Julian 帮助客户增强对网络风险和违规防范的理解。
Julian Sylvestro is a vice president and the Cyber Risk Practice Leader at Hylant Group. Julian currently serves large publicly traded and privately held companies as well as large non-profit organizations in the placement of Cyber Liability Insurance. Julian helps clients enhance understanding of cyber risk and breach preparedness.
网络安全问题多种多样,比如客户服务系统被勒索软件袭击,信息被盗取;企业重要财务信息流失;系统漏洞;不熟悉法律要求而带来的合规性漏洞等。这些问题一旦发生很有可能为企业经营带来不可估量的经济损失。另外,近年来,随着互联网科技的不断创新,出现的安全问题也越来越多样性,未知因素的不可控性更体现了风险识别的重要性呢。因此合理的预防、风险管理、危机事件处理、网络安全保险规划等措施在复杂多变的网络安全客观环境中尤为重要。
Network security issues are diverse, such as theft and ransomware attacks on systems containing customers’ information, loss of important corporate financial information, system vulnerability, and compliance vulnerability. All of these result from unfamiliarity with legal requirements, etc. Once these problems occur, it is likely to bring immeasurable economic losses to business operations. Besides, with the continuous innovation of Internet technology in recent years, more security problems have emerged, and more unknown factors have uncontrollable, reflecting the importance of identifying such security problems. Therefore, we need proper risk management, crisis handling, network security insurance planning, and other preventative measures that are particularly important in today’s complex and unpredictable network security environment.
美国社会各界对个人信息保护,网络环境治理,网络风险预防等方面十分重视,美国政府不断修订各项法规进一步加强对网络安全的管控力度。网络安全意识已经融入到了人们工作与生活的各方面,不管是企业经营者还是普通消费者,了解网络安全常识,建立风险评估意识都有重要的指导意义。本次讲座获得了听众的普遍好评,我们获得了9.3分(满分10分)。CGCC Chicago将陆续推出各类研讨会,针对会员企业普遍关注的问题进行专业解读,敬请关注!
Companies in the U.S. attach great importance to personal information protection, network environment governance, and network risk prevention. The U.S. government is constantly revising various laws and regulations to further strengthen network security. Network security awareness has been integrated into all aspects of people’s work and life. Whether it is a business operator or an ordinary consumer, understanding the common sense of network security and establishing risk assessment awareness have important guiding significance. This lecture was well received by the audience and was rated 9.3 out of 10 points. CGCC Chicago will successively launch various webinars to provide professional interpretations on issues concerned by our member companies, so let us all stay tuned!