top of page
Search
Writer's pictureReynaldo Pereira

PMI CHAPTER XCHANGE MUMBAI EVENT CYBERSECURITY AND PROJECT MANAGEMENT


Reynaldo Pereira – partner DMS Partners


PMI – PROJECT MANAGEMENT INSTITUTE, is a global community that allows all its members to share knowledge and best practices to assist/improve project management.


PMI Chapter Xchange is the collaboration of 23 chapters (PMI Chapter)

around the globe with 4 representations from each continent, one from the East

Middle East and two from Latin America (includes PMI Chapter Xchange São Paulo).


This initiative serves as a platform for all individuals belonging to the project management fraternity to share their ideas, interact with each other and learn from their peers from different countries and cultures.


A leader from each of these representations is part of the main team.


Every month a new theme is proposed, voted on and finalized.


The topic for September/2022 was “CyberSecurity and Project Management”.


Event held on 09/16/22 and which was summarized simply and objectively by

Greg Dubris, PMP CQM – General Manager at Talarith Research and Restoration Services, LLC, a company that provides geological mapping services and volcanic activities in Alaska, among others, including for the service of the American Armed Forces.


Below are your notes during the event, organized sequentially using the letters AI of the alphabet:


A – Awareness – organizations and individuals must be strongly aware of the importance of Cyber Security for projects as a standard of doing business;


B – Backup – we must backup our files, but also our systems;


C- Community – our communities are great resources for information and knowledge, including finding mentors outside of our organizations to provide new perspectives and challenge our thinking;


D – Defend – we must defend ourselves and organizations against cyber attacks. Use the Zero Trust method**;


E – Education and everyone – we must continually increase our knowledge which may include obtaining certifications, and recognizing that everyone is part of our cybersecurity system and, in a way, all cybersecurity projects;


F – Financial (Risk) – our projects must include contingency for financial risk for our projects and money will need to be appropriated to deal with this;


G – Guidelines – guidelines must be established by the organization that addresses cybersecurity (SOPs, multifactor authentication***, etc.);


H – Hybrid – Most of us, if not all, work in a hybrid environment and we use a combination of our cell phones, work computers, working from the office and on the go and there must be planning/contingency to address the hybrid work environment


I – Innovation – we must think outside the box and be open to changing and improving our ways of working and having contingency to deal with day zero hack”.


Sources:

PMI* ChapterXchange MUMBAI

Greg Dubois, PMP CQM – General Manager at Talarith Research and

Restoration Services, LLC

Reynaldo Pereira - DMS Partners Management Solutions

* PMI – Project Management Institute


Notes from the poster (Reynaldo Pereira):


** What is the Zero Trust model?


Forrester Research analyst John Kindervag in 2010 proposed the solution

called Zero Trust.


It was a shift in strategy from “trust but verify” to “never

trust, always check” .


The model is based on five basic principles:


  • All users are always considered hostile;

  • There are external and internal threats at all times;

  • Network locality is not enough to decide the reliability of a network;

  • Every device, user and network flow is authenticated and authorized;

  • Policies should be dynamic and calculated from as many data sources as possible.


*** Multi-factor authentication process.

The process requires at least two of the three authentication methods. They are

they:


Something you know

Checking user information (passwords, PIN and answers to secret questions)

Something you have

Verification of a specific item a user has in their possession (smartcard, security token)

Something you are

Verification of individual characteristics (fingerprint, facial recognition, voice, iris reading, etc.).


Source: Paulo Magalhães – Senior Information Security Analyst

(idblog)

0 views0 comments

Recent Posts

See All

Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page