DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS?

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS?"

Transcription

1 HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS? FREEMAN WOOD HEAD OF MERCER SENTINEL NORTH AMERICA GREGG SOMMER HEAD OF OPERATIONAL RISK ASSESSMENTS MERCER

2 THERE ARE ONLY TWO TYPES OF COMPANIES: THOSE THAT HAVE BEEN HACKED, AND THOSE THAT WILL BE. ROBERT MUELLER FBI DIRECTOR, 2012 MERCER

3 CYBERSECURITY BREACHES TARGET JPMORGAN CODE SPACES SONY PENTAGON SEC reported that 74% of advisors and 88% of broker-dealers have had unauthorized access to their network 1 1 SEC cyber-security examination sweep summary Feb 3, 2015 OCIE Volume IV, Issue 4 MERCER

4 HOW BIG IS THE PROBLEM? 270% increase in identified victims and exposed losses 1 Cyber crime costs the global economy over $400 billion annually successful attacks per week 3 90% of large organizations reported a breach 2 Over the last four years cyber attacks on businesses have increased by 144% and the average time to resolve has increased by 221%4 1 Merrill Lynch CIO Reports 2 Security Breaches Survey PWC Ponemon Institute 4 CYREN Cyber Threat Report, 2015 MERCER

5 WHY THE GLOBAL TREND WILL CONTINUE ROLE OF TECHNOLOGY CONTINUES TO EXPAND MOTIVATION Financial gain Malicious intent Promote beliefs Challenge Risk / Reward analysis MERCER

6 CYBERCRIME INCIDENTS INVESTMENTS, BANKING AND FINANCE FINANCIAL FRAUD 36% DENIAL OF SERVICE ATTACKS 29% FINANCIAL LOSSES COMPROMISED RECORDS 23% 23% IDENTITY THEFTS NO INCIDENTS 20% 20% 0% 5% 10% 15% 20% 25% 30% 35% 40% SOURCE: PWC CYBERCRIME REPORT MERCER

7 MULTIPLE POINTS OF ENTRY MOBILE DEVICES BUSINESS CONTACTS WEBSITE & MARKETING SOCIAL MEDIA 3 RD PARTY VENDORS 3 RD PARTY VENDORS EMPLOYEES EMPLOYEES ORGANIZATION 3 RD PARTY VENDORS FAMILY- FRIENDS SOCIAL MEDIA MOBILE DEVICES DATA STORAGE (CLOUD) CLIENTS EMPLOYEES NETWORK HARDWARE MERCER

8 INDUSTRY AND REGULATORY GUIDANCE NIST CYBERSECURITY FRAMEWORK 1 SEC RISK ALERT 2 BEST PRACTICES Identify Protect Detect Respond Recover Cybersecurity governance (policies, procedures, and oversight) Risk associated with remote customer access and fund transfer requests Risks associated with vendors and any third parties Detection of unauthorized activity Experiences with cyber threats Governance and policies Employee training Technology Third party assessment 1 National Institute of Standards and Technology (NIST) website. 2 Morgan Lewis summary of the SEC risk alert Feb 2015 MERCER

9 BEST PRACTICES GOVERNANCE AND POLICIES CULTURE Senior management engagement Accountable oversight Proactive approach PROCESSES Documented information Security policy Cybersecurity and risk assessment test Cyber insurance risk transfer Monitor cash activity daily Third party / Vendor due diligence policy MERCER

10 BEST PRACTICES EMPLOYEE TRAINING AWARENESS Passwords Public Wi-Fi Local drives communication Scam preparation Phishing MERCER

11 BEST PRACTICES TECHNOLOGY SECURITY Network, physical, data, logical SYSTEMS Malware / Anti-virus Patching and updates Intrusion prevention system and testing Cloud technology Backup process and testing MERCER

12 BEST PRACTICES THIRD PARTY ASSESSMENT TOOLS Classify vendors Define assessment process SLAs and contract management Monitor business relationships Plan For vendors that fail to meet requirements Independent assessments (SSAE16, SOC testing) MERCER

13 INVESTMENT PROGRAM RISK MANAGEMENT EXTENSIVE AND OVERLAPPING AREAS OF RISK MARKET RISKS Interest rates Commodity Credit spread Correlations Equity FX Liquidity Risk mgmt. failure Leverage 3 rd party internal risk taking / positions ENTERPRISE INVESTMENT RISK MANAGEMENT & GOVERNANCE COUNTERPARTY AND TRANSACTION RISKS Credit default Excess transaction costs Excess fees / costs Poor capabilities Morale Hazard 3 rd party errors Transaction errors Fraud Reputation Compliance Technology OPERATIONAL, FINANCIAL AND COMPLIANCE RISKS Trading errors Excess operations costs Regulatory and Legal risk Financial controls breakdowns MERCER

14 WHERE DOES CYBER RISK ASSESSMENT FIT IN? FRAMEWORK GOVERNANCE ORGANIZATIONAL STRUCTURE OPERATING MODEL OVERSIGHT COMPLIANCE & AUDIT RISK MANAGEMENT FUNCTIONS VALUATION AND ADMINISTRATION TRANSACTION EXECUTION 3RD PARTY SERVICE PROVIDERS FINANCE / ACCOUNTING SUPPORTING RESOURCES TECHNOLOGY HR LEGAL BC & DR December 18, 2015

15 CONCLUSIONS OPERATIONAL RISK CAN BE MATERIAL AND VERY COMPLEX CYBER RISK WILL CONTINUE TO RISE ASSESSMENT AGAINST INDUSTRY BEST PRACTICES IS IMPORTANT REGULAR MONITORING OF INVESTMENT ORGANIZATIONS AND THIRD PARTIES SHOULD OCCUR PARTNERING WITH EXPERT PROVIDERS MAY BE BENEFICIAL MERCER

16 QUESTIONS? QUESTIONS Please type your questions in the Q&A section of the toolbar and we will do our best to answer as many questions as we have time for. To submit a question while in full screen mode, use the Q&A button, on the floating panel, on the top of your screen. CLICK HERE TO ASK A QUESTION TO ALL PANELISTS FEEDBACK Please take the time to fill out the feedback form at the end of this webcast so we can continue to improve. The feedback form will pop-up in a new window when the session ends. MERCER

17 Important notices References to Mercer shall be construed to include Mercer LLC and/or its associated companies Mercer LLC. All rights reserved. This contains confidential and proprietary information of Mercer and is intended for the exclusive use of the parties to whom it was provided by Mercer. Its content may not be modified, sold or otherwise provided, in whole or in part, to any other person or entity, without Mercer s prior written permission. The findings, ratings and/or opinions expressed herein are the intellectual property of Mercer and are subject to change without notice. They are not intended to convey any guarantees as to the future performance of the investment products, asset classes or capital markets discussed. Past performance does not guarantee future results. Mercer s ratings do not constitute individualized investment advice. Information contained herein has been obtained from a range of third party sources. While the information is believed to be reliable, Mercer has not sought to verify it independently. As such, Mercer makes no representations or warranties as to the accuracy of the information presented and takes no responsibility or liability (including for indirect, consequential or incidental damages), for any error, omission or inaccuracy in the data supplied by any third party. This does not constitute an offer or a solicitation of an offer to buy or sell securities, commodities and/or any other financial instruments or products or constitute a solicitation on behalf of any of the investment managers, their affiliates, products or strategies that Mercer may evaluate or recommend. For the most recent approved ratings of an investment strategy, and a fuller explanation of their meanings, contact your Mercer representative. For Mercer s conflict of interest disclosures, contact your Mercer representative or see Mercer universes: Mercer s universes are intended to provide collective samples of strategies that best allow for robust peer group comparisons over a chosen timeframe. Mercer does not assert that the peer groups are wholly representative of and applicable to all strategies available to investors. The value of your investments can go down as well as up, and you may not get back the amount you have invested. Investments denominated in a foreign currency will fluctuate with the value of the currency. Certain investments carry additional risks that should be considered before choosing an investment manager or making an investment decision. MERCER

18 MERCER

DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?

DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS? HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS? Gregg Sommer, CAIA Head of Operational Risk Assessments St. Louis MERCER 2015 0 CYBERSECURITY BREACHES

More information

MERCER WEBCAST MEETING TODAY S CHALLENGES FOR 401(K) SPONSORS OCTOBER 22, 2014. Liana Magner Amy Reynolds

MERCER WEBCAST MEETING TODAY S CHALLENGES FOR 401(K) SPONSORS OCTOBER 22, 2014. Liana Magner Amy Reynolds MEETING TODAY S CHALLENGES FOR 401(K) SPONSORS OCTOBER 22, 2014 Liana Magner Amy Reynolds Today s speakers Liana Magner, CFA Partner US Delegated DC Leader MERCER W EBCAST Amy Reynolds, ASA Partner US

More information

CONNECTICUT RETIREMENT SECURITY BOARD DISCUSSION GUIDE FOR ANNUITY AND IRA ACCOUNT TYPES

CONNECTICUT RETIREMENT SECURITY BOARD DISCUSSION GUIDE FOR ANNUITY AND IRA ACCOUNT TYPES HEALTH WEALTH CAREER CONNECTICUT RETIREMENT SECURITY BOARD DISCUSSION GUIDE FOR ANNUITY AND IRA ACCOUNT TYPES November 4 th, 2015 Rashid Hassan Neil Lloyd Hartford, Connecticut MERCER S RECOMMENDATION

More information

CHALLENGES FOR WEALTH MANAGEMENT FIRMS IN 2016: ARE YOU PREPARED?

CHALLENGES FOR WEALTH MANAGEMENT FIRMS IN 2016: ARE YOU PREPARED? HEALTH WEALTH CAREER CHALLENGES FOR WEALTH MANAGEMENT FIRMS IN 2016: ARE YOU PREPARED? David A. Hyman, CFA US Wealth Management Segment Leader Michael Curtin Senior Investment Consultant, Wealth Management,

More information

INVESTMENT MANAGER FEES: A CRITICAL LOOK

INVESTMENT MANAGER FEES: A CRITICAL LOOK HEALTH WEALTH CAREER INVESTMENT MANAGER FEES: A CRITICAL LOOK JULY 2015 In this short article, we suggest a number of ways in which the current and common structures for investment managers fees (for traditional,

More information

TARGET DATE FUNDS 10 YEARS LATER AND BEYOND

TARGET DATE FUNDS 10 YEARS LATER AND BEYOND TARGET DATE FUNDS 10 YEARS LATER AND BEYOND CPBI SOUTHERN ALBERTA P.D. DAY 29 May 2014 Neil Lloyd Evolution Of DC Investments A change in focus Do It Yourself (PAST) Do It For Me (PRESENT) Help me Prepare

More information

HEALTH WEALTH CAREER WHY DC PLANS NEED TO CONSIDER BROAD FINANCIAL WELLNESS AND OTHER ISSUES IN 2016

HEALTH WEALTH CAREER WHY DC PLANS NEED TO CONSIDER BROAD FINANCIAL WELLNESS AND OTHER ISSUES IN 2016 HEALTH WEALTH CAREER WHY DC PLANS NEED TO CONSIDER BROAD FINANCIAL WELLNESS AND OTHER ISSUES IN 2016 TODAY S SPEAKERS BETSY DILL US Financial Wellness Leader LIANA MAGNER, CFA US DC Investment Leader MERCER

More information

WHOLE OF LIFE SUPERANNUATION

WHOLE OF LIFE SUPERANNUATION WHOLE OF LIFE SUPERANNUATION Challenging the status quo NOVEMBER 2012 INTRODUCTION There is no question that Australia is one of the most mature Defined Contribution markets in the world. But while Australia

More information

CYBERSECURITY EXAMINATION SWEEP SUMMARY

CYBERSECURITY EXAMINATION SWEEP SUMMARY This Risk Alert provides summary observations from OCIE s examinations of registered broker-dealers and investment advisers, conducted under the Cybersecurity Examination Initiative, announced April 15,

More information

RATING REPORTS ON GLOBAL INVESTOR PROGRAMME ( GIP ) FUNDS

RATING REPORTS ON GLOBAL INVESTOR PROGRAMME ( GIP ) FUNDS RATING REPORTS ON GLOBAL INVESTOR PROGRAMME ( GIP ) FUNDS Contact Singapore introduced an independent fund rating exercise as a key element of the Global Investor Programme ( GIP ) Funds application and

More information

OCIE CYBERSECURITY INITIATIVE

OCIE CYBERSECURITY INITIATIVE Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.

More information

HEALTH WEALTH CAREER FIDUCIARY INVESTMENT ADVICE NEW DOL RULE IMPLICATIONS FOR RETIREMENT PLAN SPONSORS MAY 19, 2016

HEALTH WEALTH CAREER FIDUCIARY INVESTMENT ADVICE NEW DOL RULE IMPLICATIONS FOR RETIREMENT PLAN SPONSORS MAY 19, 2016 HEALTH WEALTH CAREER FIDUCIARY INVESTMENT ADVICE NEW DOL RULE IMPLICATIONS FOR RETIREMENT PLAN SPONSORS MAY 19, 2016 TODAY S SPEAKERS Amy Reynolds Partner Karen Willsky Principal Linda Delivorias Partner

More information

ENDOWMENT & FOUNDATION GOVERNANCE: FIDUCIARY OVERSIGHT AND IMPLEMENTATION MAY 2013

ENDOWMENT & FOUNDATION GOVERNANCE: FIDUCIARY OVERSIGHT AND IMPLEMENTATION MAY 2013 ENDOWMENT & FOUNDATION GOVERNANCE: FIDUCIARY OVERSIGHT AND IMPLEMENTATION MAY 2013 WHAT IS FIDUCIARY GOVERNANCE AND WHY IS IT IMPORTANT? Fulfillment of fiduciary responsibilities requires more than understanding

More information

How to improve your employees retirement security at minimal cost Authors: Bruce Cadenhead Partner, Retirement, New York Steve Vernon FSA Research

How to improve your employees retirement security at minimal cost Authors: Bruce Cadenhead Partner, Retirement, New York Steve Vernon FSA Research Article Five in a Mercer and Stanford Center on Longevity series How to improve your employees retirement security at minimal cost Authors: Bruce Cadenhead Partner, Retirement, New York Steve Vernon FSA

More information

Cybersecurity. Are you prepared?

Cybersecurity. Are you prepared? Cybersecurity Are you prepared? First Cash, then your customer, now YOU! What is Cybersecurity? The body of technologies, processes, practices designed to protect networks, computers, programs, and data

More information

MEMO. Comparing Traditional and Roth IRAs. Connecticut Retirement Security Board. Mercer Traditional vs. Roth IRA. contributions.

MEMO. Comparing Traditional and Roth IRAs. Connecticut Retirement Security Board. Mercer Traditional vs. Roth IRA. contributions. 1166 Avenue of the Americas New York, NY 10036 www.mercer.com MEMO TO: DATE: FROM: SUBJECT: Mercer Traditional vs. Roth IRA Introduction The legislation anticipates that the Retirement Security Program

More information

OCIE Technology Controls Program

OCIE Technology Controls Program OCIE Technology Controls Program Cybersecurity Update Chris Hetner Cybersecurity Lead, OCIE/TCP 212-336-5546 Introduction (Role, Disclaimer, Background and Speech Topics) SEC Cybersecurity Program Overview

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

Creating, Developing and Instituting an Effective Incident Response Plan. Webinar. 15 April 2015

Creating, Developing and Instituting an Effective Incident Response Plan. Webinar. 15 April 2015 Creating, Developing and Instituting an Effective Incident Response Plan Webinar 15 April 2015 Stan Hui Payment System Security Stephen J. Kopeck Verizon Visa Public Disclaimer The information or recommendations

More information

White Paper on Financial Industry Regulatory Climate

White Paper on Financial Industry Regulatory Climate White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during

More information

Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m.

Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m. Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m. Topics: Explain why it is important for firms of all sizes to address cybersecurity risk. Demonstrate awareness

More information

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015 Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity

More information

2 0 1 4 F G F O A A N N U A L C O N F E R E N C E

2 0 1 4 F G F O A A N N U A L C O N F E R E N C E I T G OV E R NANCE 2 0 1 4 F G F O A A N N U A L C O N F E R E N C E RAJ PATEL Plante Moran 248.223.3428 raj.patel@plantemoran.com This presentation will discuss current threats faced by public institutions,

More information

Cyber Security. Moderator: Marla J. Kreindler, Partner, Morgan, Lewis & Bockius LLP

Cyber Security. Moderator: Marla J. Kreindler, Partner, Morgan, Lewis & Bockius LLP Cyber Security Moderator: Marla J. Kreindler, Partner, Morgan, Lewis & Bockius LLP Speakers: Keith Overly, Executive Director, Ohio Deferred Compensation Program Raj Patel, Partner, Plante & Moran, PLLC

More information

NATIONAL CYBER SECURITY AWARENESS MONTH

NATIONAL CYBER SECURITY AWARENESS MONTH NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the

More information

Common Data Breach Threats Facing Financial Institutions

Common Data Breach Threats Facing Financial Institutions Last Updated: February 25, 2015 Common Data Breach Threats Facing Financial s Although exact figures are elusive, there is no question that the number of data security breaches both reported and unreported

More information

Ayla Networks, Inc. SOC 3 SysTrust 2015

Ayla Networks, Inc. SOC 3 SysTrust 2015 Ayla Networks, Inc. SOC 3 SysTrust 2015 SOC 3 SYSTRUST FOR SERVICE ORGANIZATIONS REPORT July 1, 2015 To December 31, 2015 Table of Contents SECTION 1 INDEPENDENT SERVICE AUDITOR S REPORT... 2 SECTION 2

More information

Collateral Effects of Cyberwar

Collateral Effects of Cyberwar Your texte here. Collateral Effects of Cyberwar by Ilia Kolochenko for Geneva Information Security Day 9 th of October 2015 Quick Facts and Numbers About Cybersecurity In 2014 the annual cost of global

More information

Attachment A. Identification of Risks/Cybersecurity Governance

Attachment A. Identification of Risks/Cybersecurity Governance Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

Cybersecurity: Protecting Your Business. March 11, 2015

Cybersecurity: Protecting Your Business. March 11, 2015 Cybersecurity: Protecting Your Business March 11, 2015 Grant Thornton. All LLP. rights All reserved. rights reserved. Agenda Introductions Presenters Cybersecurity Cybersecurity Trends Cybersecurity Attacks

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Cybersecurity: What CFO s Need to Know

Cybersecurity: What CFO s Need to Know Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction

More information

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.

More information

Cyber Risks in the Boardroom

Cyber Risks in the Boardroom Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing

More information

Stocks: Quick-start guide part 3 - Orders & Tickets

Stocks: Quick-start guide part 3 - Orders & Tickets Saxo Academy Stocks: Quick-start guide part 3 - Orders & Tickets academy.tradingfloor.com 1. By clicking on one of the icons you can place a related Limit order and Stop order respectively. Once you have

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

Client Update SEC Releases Updated Cybersecurity Examination Guidelines

Client Update SEC Releases Updated Cybersecurity Examination Guidelines Client Update September 18, 2015 1 Client Update SEC Releases Updated Cybersecurity Examination Guidelines NEW YORK Jeremy Feigelson jfeigelson@debevoise.com Jim Pastore jjpastore@debevoise.com David Sarratt

More information

Cybersecurity Awareness. Part 1

Cybersecurity Awareness. Part 1 Part 1 Objectives Discuss the Evolution of Data Security Define and Discuss Cybersecurity Review Threat Environment Part 1 Discuss Information Security Programs s Enhancements for Cybersecurity Risks Threat

More information

SEC Cybersecurity Findings May Establish De Facto Standard

SEC Cybersecurity Findings May Establish De Facto Standard Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com SEC Cybersecurity Findings May Establish De Facto

More information

Logging In: Auditing Cybersecurity in an Unsecure World

Logging In: Auditing Cybersecurity in an Unsecure World About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that

More information

VENDOR MANAGEMENT. General Overview

VENDOR MANAGEMENT. General Overview VENDOR MANAGEMENT General Overview With many organizations outsourcing services to other third-party entities, the issue of vendor management has become a noted topic in today s business world. Vendor

More information

HIGH YIELD BONDS UNDER STRESS?

HIGH YIELD BONDS UNDER STRESS? HEALTH WEALTH CAREER HIGH YIELD BONDS UNDER STRESS? DECEMBER 2015 2 WHAT PROMPTED THE MARKET DISRUPTION? News broke last week that the Third Avenue Focused Credit mutual fund suspended redemptions and

More information

How a Company s IT Systems Can Be Breached Despite Strict Security Protocols

How a Company s IT Systems Can Be Breached Despite Strict Security Protocols How a Company s IT Systems Can Be Breached Despite Strict Security Protocols Brian D. Huntley, CISSP, PMP, CBCP, CISA Senior Information Security Advisor Information Security Officer, IDT911 Overview Good

More information

Questions You Should be Asking NOW to Protect Your Business!

Questions You Should be Asking NOW to Protect Your Business! Questions You Should be Asking NOW to Protect Your Business! Angi Farren, AAP Senior Director Jen Wasmund, AAP Compliance Services Specialist 31 st Annual Conference SHAPE YOUR FUTURE April 23, 2013 Regional

More information

Is Your IT Environment Secure? November 18, 2015. Sarah Ackerman, Greg Bernard, Brian Matteson Clark Schaefer Consulting

Is Your IT Environment Secure? November 18, 2015. Sarah Ackerman, Greg Bernard, Brian Matteson Clark Schaefer Consulting Is Your IT Environment Secure? November 18, 2015 Sarah Ackerman, Greg Bernard, Brian Matteson Clark Schaefer Consulting Clark Schaefer Consulting Serving elite and emerging companies with practical solutions

More information

Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference

Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference Christopher T. Van Marter Senior Deputy Prosecuting Attorney Chief White Collar Crime Unit Department of the Prosecuting Attorney

More information

August 2010. State of Nevada Deferred Compensation Plan. Manager Due Diligence Education Session

August 2010. State of Nevada Deferred Compensation Plan. Manager Due Diligence Education Session August 2010 State of Nevada Deferred Compensation Plan Manager Due Diligence Education Session Fiduciary Responsibility Investment prudence relies on process, not investment results Three investment principles

More information

is held and maintained at GAIN Capital who serves as the clearing agent and counterparty to your trades. GAIN Capital is a

is held and maintained at GAIN Capital who serves as the clearing agent and counterparty to your trades. GAIN Capital is a Last updated July 2, 2015 FOREX RISK DISCLOSURE STATEMENT Forex trading involves significant risk of loss and is not suitable for all investors. Increasing leverage increases risk. Before deciding to trade

More information

Cybersecurity..Is your PE Firm Ready? October 30, 2014

Cybersecurity..Is your PE Firm Ready? October 30, 2014 Cybersecurity..Is your PE Firm Ready? October 30, 2014 The Panel Melinda Scott, Founding Partner, Scott Goldring Eric Feldman, Chief Information Officer, The Riverside Company Joe Campbell, CTO, PEF Services

More information

10 Smart Ideas for. Keeping Data Safe. From Hackers

10 Smart Ideas for. Keeping Data Safe. From Hackers 0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000

More information

Exercising Your Enterprise Cyber Response Crisis Management Capabilities

Exercising Your Enterprise Cyber Response Crisis Management Capabilities Exercising Your Enterprise Cyber Response Crisis Management Capabilities Ray Abide, PricewaterhouseCoopers, LLP 2015 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved.

More information

Managing Cyber Risk through Insurance

Managing Cyber Risk through Insurance Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes

More information

Table of Contents... 1. Chapter 1 Introduction... 5. 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability...

Table of Contents... 1. Chapter 1 Introduction... 5. 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability... ... 1 Chapter 1 Introduction... 5 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability... 5 Chapter 2 Company Culture... 6 Chapter 3 Risk Management Governance... 7 3.1 Board of Directors...

More information

Top Fraud Trends Facing Financial Institutions

Top Fraud Trends Facing Financial Institutions Top Fraud Trends Facing Financial Institutions Presented on: October 7, 2015, 2-3 ET Presented by: Ann Davidson - VP of Risk Consulting at Allied Solutions Webinar Agenda 1. Fraud trends in 2015 and beyond

More information

Click to edit Master title style

Click to edit Master title style EVOLUTION OF CYBERSECURITY Click to edit Master title style IDENTIFYING BEST PRACTICES PHILIP DIEKHOFF, IT RISK SERVICES TECHNOLOGY THE DARK SIDE AGENDA Defining cybersecurity Assessing your cybersecurity

More information

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

More information

Cybersecurity Risks, Regulation, Remorse, and Ruin

Cybersecurity Risks, Regulation, Remorse, and Ruin Financial Planning Association of Michigan 2014 Fall Symposium Cybersecurity Risks, Regulation, Remorse, and Ruin Shane B. Hansen shansen@wnj.com (616) 752-2145 October 23, 2014 Copyright 2014 Warner Norcross

More information

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against

More information

How-To Guide: Cyber Security. Content Provided by

How-To Guide: Cyber Security. Content Provided by How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses

More information

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA SITA Information Security SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA September, 2012 Contents 1. Introduction... 3 1.1 Overview...

More information

Presented By: Corporate Security Information Security Treasury Management

Presented By: Corporate Security Information Security Treasury Management Presented By: Corporate Security Information Security Treasury Management Is Your Business Prepared for a Cyber Incident? It s not a matter of if, it s a matter of when Cyber Attacks are on the Rise; Physical

More information

MULTI-ASSET STRATEGIES REDEFINING THE UNIVERSE APRIL 2014

MULTI-ASSET STRATEGIES REDEFINING THE UNIVERSE APRIL 2014 MULTI-ASSET STRATEGIES REDEFINING THE UNIVERSE APRIL 2014 INTRODUCTION Loved by many, reviled by others, multi-asset strategies are undeniably a key feature of the investment landscape. In the US they

More information

THE ROLE OF LIQUID ALTERNATIVES IN WEALTH MANAGEMENT

THE ROLE OF LIQUID ALTERNATIVES IN WEALTH MANAGEMENT HEALTH WEALTH CAREER THE ROLE OF LIQUID ALTERNATIVES IN WEALTH MANAGEMENT SEPTEMBER 2015 In this short paper, we focus on liquid alternative products and will, 1) explain the investment theses for investing

More information

The Business Case for Security Information Management

The Business Case for Security Information Management The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un

More information

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion

More information

Data Security and the Cloud

Data Security and the Cloud Data Security and the Cloud TABLE OF CONTENTS DATA SECURITY AND THE CLOUD EXECUTIVE SUMMARY PAGE 3 CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 PAGE 4 PAGE 5 PAGE 6 PAGE 8 PAGE 9 DATA SECURITY: HOW

More information

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS RRD Donnelley SEC Hot Topics Institute May 21, 2014 1 MANAGING CYBERSECURITY RISK AND DISCLOSURE OBLIGATIONS Patrick J. Schultheis Partner Wilson

More information

Cybersecurity and the Threat to Your Company

Cybersecurity and the Threat to Your Company Why is BIG Data Important? March 2012 1 Cybersecurity and the Threat to Your Company A Navint Partners White Paper September 2014 www.navint.com Cyber Security and the threat to your company September

More information

SaxoTraderGO. Saxo Academy. Placing Forex Trade Orders. academy.tradingfloor.com

SaxoTraderGO. Saxo Academy. Placing Forex Trade Orders. academy.tradingfloor.com Saxo Academy SaxoTraderGO Placing Forex Trade Orders Please note, these notes are transcripts of the videos on Saxo Academy and are designed to accompany the SaxoTraderGO video series. Placing FX Trade

More information

Cyber Security. John Leek Chief Strategist

Cyber Security. John Leek Chief Strategist Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity

More information

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts CYBER SECURITY ADVISORY SERVICES Governance Risk & Compliance Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts The Financial Services Industry at Crossroads: Where to From Here? WELCOME What

More information

Cybercrime and Regulatory Priorities for Cybersecurity

Cybercrime and Regulatory Priorities for Cybersecurity NRS Technology and Communication Compliance Forum Cybercrime and Regulatory Priorities for Cybersecurity Copyright 2014 by K&L Gates LLP. All rights reserved. Sean P. Mahoney sean.mahoney@klgates.com K&L

More information

SaxoTraderGO. Saxo Academy. Trading Forex on Live Prices. academy.tradingfloor.com

SaxoTraderGO. Saxo Academy. Trading Forex on Live Prices. academy.tradingfloor.com Saxo Academy SaxoTraderGO Trading Forex on Live Prices Please note, these notes are transcripts of the videos on Saxo Academy and are designed to accompany the SaxoTraderGO video series. Making an FX Spot

More information

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS David Glockner, Managing Director strozfriedberg.com Overview The big picture: what does cybercrime look like today and how is it evolving? What

More information

7 th Annual Information Security Summit The Executive Forum. Information Security Management Overview

7 th Annual Information Security Summit The Executive Forum. Information Security Management Overview 7 th Annual Information Security Summit The Executive Forum Information Security Management Overview June 4, 2015 Copyright 2015. Citadel Information Group. All Rights Reserved. 2 Establishing Leadership.

More information

Access is power. Access management may be an untapped element in a hospital s cybersecurity plan. January 2016. kpmg.com

Access is power. Access management may be an untapped element in a hospital s cybersecurity plan. January 2016. kpmg.com Access is power Access management may be an untapped element in a hospital s cybersecurity plan January 2016 kpmg.com Introduction Patient data is a valuable asset. Having timely access is critical for

More information

SEC Convenes Cybersecurity Roundtable: Highlights Importance of Cybersecurity for Public Companies and Financial Market Participants

SEC Convenes Cybersecurity Roundtable: Highlights Importance of Cybersecurity for Public Companies and Financial Market Participants Corporate Finance and Securities Client Service Group Data Privacy and Security Team To: Our Clients and Friends April 4, 2014 SEC Convenes Cybersecurity Roundtable: Highlights Importance of Cybersecurity

More information

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation Combatting the Biggest Cyber Threats to the Financial Services Industry A White Paper Presented by: Lockheed Martin Corporation Combatting the Biggest Cyber Threats to the Financial Services Industry Combatting

More information

PACB One-Day Cybersecurity Workshop

PACB One-Day Cybersecurity Workshop PACB One-Day Cybersecurity Workshop WHAT IS CYBERSECURITY? PRESENTED BY: JON WALDMAN, SBS CISA, CRISC 1 Contact Information Jon Waldman Partner, Senior IS Consultant CISA, CRISC Masters of Info Assurance

More information

PROPOSED INTERPRETIVE NOTICE

PROPOSED INTERPRETIVE NOTICE August 28, 2015 Via Federal Express Mr. Christopher J. Kirkpatrick Secretary Office of the Secretariat Commodity Futures Trading Commission Three Lafayette Centre 1155 21st Street, N.W. Washington, DC

More information

Information Security Addressing Your Advanced Threats

Information Security Addressing Your Advanced Threats Information Security Addressing Your Advanced Threats Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring What Is Information Security?

More information

INDUSTRY OVERVIEW: HEALTHCARE

INDUSTRY OVERVIEW: HEALTHCARE ii IBM MSS INDUSTRY OVERVIEW: HEALTHCARE RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: OCTOBER 7, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW/KEY FINDINGS...

More information

Big Data, Big Risk, Big Rewards. Hussein Syed

Big Data, Big Risk, Big Rewards. Hussein Syed Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data

More information

Perspectives on Cybersecurity in Healthcare June 2015

Perspectives on Cybersecurity in Healthcare June 2015 SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright

More information

RETHINKING CYBER SECURITY Changing the Business Conversation

RETHINKING CYBER SECURITY Changing the Business Conversation RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.

More information

LIGC-ACC Presentation November 9, 2015

LIGC-ACC Presentation November 9, 2015 Bryan Frank, DDIS Info Sec Corp, panelist Jennifer M. Mone, Deputy General Counsel, Hofstra University, panelist Keith J. Frank, Partner, Forchelli, Curto, Deegan, Schwartz, Mineo & Terrana,. LLP, moderator

More information

FINANCIAL SERVICES Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors

FINANCIAL SERVICES Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors FINANCIAL SERVICES Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors By Robert R. Kiesel Schulte Roth & Zabel Like many companies, investment managers

More information

Information for Management of a Service Organization

Information for Management of a Service Organization Information for Management of a Service Organization Copyright 2011 American Institute of Certified Public Accountants, Inc. New York, NY 10036-8775 All rights reserved. For information about the procedure

More information

YEARENDED31DECEMBER2013 RISKMANAGEMENTDISCLOSURES

YEARENDED31DECEMBER2013 RISKMANAGEMENTDISCLOSURES RISKMANAGEMENTDISCLOSURES 2015 YEARENDED31DECEMBER2013 ACCORDINGTOCHAPTER7(PAR.34-38)OFPARTCANDANNEXXIOFTHECYPRUSSECURITIES ANDEXCHANGECOMMISSIONDIRECTIVEDI144-2007-05FORTHECAPITALREQUIREMENTSOF INVESTMENTFIRMS

More information

Cybersecurity and Insurance Companies

Cybersecurity and Insurance Companies Cybersecurity and Insurance Companies ACLI Forum 500 CEO Leadership Retreat Timothy J. Nagle Vice President & Chief Privacy Counsel Prudential Financial 1 May 13, 2015 What is cybersecurity? Protecting

More information

Vulnerability Assessment & Compliance

Vulnerability Assessment & Compliance www.pwc.com Vulnerability Assessment & Compliance August 3 rd, 2011 Building trust through Information security* Citizen-Centric egovernment state Consultantion workshop Agenda VAPT What and Why Threats

More information

Cybersecurity Opportunities. Presented to: National Professional Science Masters Association November 13, 2013

Cybersecurity Opportunities. Presented to: National Professional Science Masters Association November 13, 2013 Cybersecurity Opportunities Presented to: National Professional Science Masters Association November 13, 2013 Overall Themes For Discussion Advice for Grads Your Degree Is A Place To Start. It does not

More information

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Pamela Passman President and CEO Center for Responsible Enterprise And Trade (CREATe.org)

More information

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity Nine recommendations for alternative funds battling cyber crime kpmg.ca/cybersecurity Cyber criminals steal user names and passwords and use it to conduct financial trading activity illicitly. Hackers

More information

Cybersecurity y Managing g the Risks

Cybersecurity y Managing g the Risks Cybersecurity y Managing g the Risks Presented by: Steven L. Caponi Jennifer Daniels Gregory F. Linsin 99 Cybersecurity The Risks Are Real Perpetrators are as varied as their goals Organized Crime: seeking

More information

PREPARE YOUR INCIDENT RESPONSE TEAM

PREPARE YOUR INCIDENT RESPONSE TEAM PREPARE YOUR INCIDENT RESPONSE TEAM JUNE 2015 Michael Harrington, Fidelis Cybersecurity It s a big problem... The ongoing cyber-thefts from The scale of international theft the In networks 2013, the of

More information

Cyber Security and your Financial Institution: Are you ready for the increased scrutiny related to cyber risks?

Cyber Security and your Financial Institution: Are you ready for the increased scrutiny related to cyber risks? Cyber Security and your Financial Institution: Are you ready for the increased scrutiny related to cyber risks? August 27, 2014 Presented by: Terry Ammons, Partner, Porter Keadle Moore Tim Davis, Senior,

More information

THE WORLD MARKETS COMPANY PLC DESCRIPTION OF SERVICES AND CONFLICTS OF INTEREST DISCLOSURE STATEMENT MARCH 1, 2015

THE WORLD MARKETS COMPANY PLC DESCRIPTION OF SERVICES AND CONFLICTS OF INTEREST DISCLOSURE STATEMENT MARCH 1, 2015 THE WORLD MARKETS COMPANY PLC DESCRIPTION OF SERVICES AND CONFLICTS OF INTEREST DISCLOSURE STATEMENT MARCH 1, 2015 The World Markets Company plc (the World Markets Company ) provides a global foreign exchange

More information