Search

Upcoming events

Latest ISLF News

Menu
Log in
Forgot password

Information Security Leadership Forum Interational

A Community of Today and Tomorrow's Leaders

Log in

2024 ISLF Work Group Projects

As you serve in the truest sense of community spirit, members participating in Work Groups will be networking with others who have professional experience in an organizational environment designing, implementing and maintaining topical programs aligned with our Work Groups. In addition to giving back to the community, you'll also be earning Continuing Professional Development hours, as well as being recognized as a contributing author of our next edition. CBKs serve as the ISLF's Official Study Guide for our associated existing or new courses.

Why do we need Work Groups? ISLF Work Groups are comprised of experienced pratitioners who are ready to roll up their sleeves and help less experienced ones learn from the benefit of their past successes and failures. We do this by selecting a standards or regulatory-based topic and do two things:

  1. develop a practice model and supporting methodology; and
  2. develop a supporting Common Body of Knolwdge (CBK) publication to help practitioners understand in a step-by-step approach, how to apply the standards/regulatory-based methodology, i.e., ISO 27001, into an organization.
All Work Group CBKs will be available for purchase from the ISLF online store, and will become the official study guide for a corresponding certification course offered through the ISLF.

Information Security Program Management Common Body Of Knowledge

Building on our draft first edition, work with the Information Security Leadership Forum's Project Leader and your peers to validate and expand the framework model and the ISO 27001 Common Body of Knowledge (CBK) for greater depth and breadth.

Topics covered in this CBK includes:

  • a structured approach to designing, developing, implementing, and managing your information security program;
  • understanding your organizational needs for information security;
  • building the business case for a formal information security program;
  • understanding the various components of an Information Security program; and
  • more


Information Security Risk Management Common Body of Knowledge


Building on from our framework model, we will be working with a group of Forum members to create our edition one Common Body of Knowldge (CBK) providing practitioners with a depth and breadth of knowledge in Information Security Risk Management.

Topics included in this CBK are:

  • understanding the risk management concepts;
  • a risk management framework based on ISO 27005;
  • a structured risk assessment model
  • risk mitigation strategies; and
  • more

Information Security Performance Management (Metrics) Common Body of Knowledge

Building on from our framework model we will be working with a group of Forum members to create our edition one Common Body of Knowldge (CBK) providing practitioners with a depth and breadth in Information Security (Metrics) Performance Management.

Topics included in this CBK are:

  • understanding the security metrics concepts;
  • a security metrics framework based on ISO 27004;
  • a structured approach to defining and measuring effectiveness of information security controls;
  • integrating control-based effectiveness measures into theme-based performance ratings; 
  • aligning theme-based measurements to ISMS to determine the overall performance of an information security management system (aka security program); and
  • more


SCADA / Industrial Control System (ICS) Security Common Body of Knolwedge


Leveraging the ISLF Framework design, this group will create the foundational model and work their way through to creating a full Common Body of Knowledge (CBK) for the development of a Supervisory Control and Data Acquisition (SCADA) / Industrial Control System (ICS) Security Program.

Topics in this CBK will include:

  • IT-supported central and distributed process control, monitoring and automation technology as well as IT systems used for their operation, such as programming and parameterization devices;
  • digital controllers and automation components such as control and field devices or PLCs, including digital sensor and actuator elements;
  • all further supporting IT systems used in the process control domain, e.g. for supplementary data visualization tasks and for controlling, monitoring, data archiving and documentation purposes;
  • the overall communications technology used in the process control domain, e.g. networks, telemetry, telecontrol applications and remote control technology;
  • digital metering and measurement devices, e.g. for measuring energy consumption, generation or emission values;
  • digital protection and safety systems, e.g. protection relays or safety PLCs;
  • distributed components of future smart grid environments;
  • all software, firmware and applications installed on above mentioned systems.

Artificial Intelligence (AI) Security Common Body of Knowledge

Leveraging the ISLF Framework design, this group will create the foundational model and work their way through to creating a full Common Body of Knowledge (CBK) for the development of an AI Security Program within an organization.

  • AI engine isolation
  • Interconnectivity and data sharing with the Learning Module
  • Data storage and processing
  • Access management
  • etc.



And ... More Work Groups Coming Soon!

To learn more about the ISLF Work Group methodology click on the button below.

ISLF Work Group Methodology