London Business Interruption Association Technology new risks and opportunities for the Insurance industry

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "London Business Interruption Association Technology new risks and opportunities for the Insurance industry"

Transcription

1 London Business Interruption Association Technology new risks and opportunities for the Insurance industry Kiran Nagaraj Senior Manager, KPMG LLP February 2014

2 Agenda Introduction The world we live in Security & resilience Insurance products on the rise Types of impact Maturity assessment Tips and advice Insurance industry perspective

3 The world we live in Now, we know hackers steal people s identities and infiltrate private s. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy. President Obama, State of the Union address, 12 Feb 2013 There are only two types of companies, those that have been hacked and those that will be 27bn * Robert Mueller, Head of the FBI RSA Cyber Security Conference, 01 Mar 2012 * 3

4 Hacking and cyber attacks are only part of the problem Media hype tends to highlight certain types of events. But do you believe the media hype? Top Technology Risks IT complexity and legacy Lack of resilience vs. Major IT project failure Cyber crime Unauthorized system access Ineffective or erroneous change Fraud and data leakage Ineffective governance and compliance Third party management Source: KPMG Technology Risk Radar Go to kpmg.co.uk to download the Technology Risk Radar 4

5 Lack of IT resilience is increasingly becoming a cause of business interruption Some examples In August 2013, a major US market maker, lost about 70% of its market value potentially after incorrectly deploying code into their production environment. In December 2013, a leading bank had a major IT outage. Some analysts estimate costs could potentially add up to 1b. Also, in August 2013, there was a 3 hour trading halt at one of the largest US stock exchanges in the middle of the trading day potentially due to a failed backup system. 5

6 Cyber security vs. Resilience Cyber security, also referred to as information security, focuses on protecting computers, networks, programs and data from unintended or unauthorised access, change or destruction. Resilience is the ability of IT services to recover quickly and continue operating even when there has been an equipment failure, power outage or other disruption. Cyber risk is an important consideration for achieving technology resilience, but not the only one! Technology Risk is business risk specifically, the business risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an enterprise. Source: ISACA Aim for security AND resilience! 6

7 Insurance products are on the rise Recently, there have been reports that a large retailer could tap more than $100m in insurance to pay claims tied to the massive data breach that affected millions of customers last year. A global insurer reported that sales of Cyber Insurance have jumped 30% in 2013 Organisations cannot anticipate or prepare for all technology risks Insurance can complement risk management measures Standalone products for cyber / technology risks are increasing 7

8 Types of impact to consider A mix of quantitative and qualitative measures are used 8

9 Maturity assessment What to look for?. Organisation is prepared for a risk event and is able to prevent or minimise the impact through successful disaster recovery and crisis management Board demonstrating due diligence, ownership and risk management framework Roles and responsibilities for effective decision making Leadership and Governance Integrated risk culture that empowers and ensures the right people, skills, culture and knowledge Risk part of business-as-usual within IT Comprehensive and proportionate processes and control measures implemented to address identified risks Regulatory expectations and international certification standards Risk Analytics and Reporting Comprehensive use of well defined metrics such as KRIs / KPIs along with business agreed thresholds Risk Analytic capabilities such as threat modelling and scenario analysis Clearly articulated and documented approach to achieve comprehensive and effective risk management of information throughout the organisation and its delivery and supply partners 9

10 What should organisations do? Security Prepare Understand vulnerabilities and improve preparedness against cyber attack. Resilience Focus on broad operational goals and not just on IT components or infrastructure Protect Design and implement cyber defence infrastructure. Develop strong testing and change management practices Implement the building blocks of intelligence; use threat intelligence as a springboard for delivering effective cyber security. Incidents will happen! Drive continuous improvement from lessons learned The question is not if, but when! Be ready to detect and respond to cyber attacks. Adopt strategic approaches and not just stopgap fixes Transform - design and deliver a program of change to improve cyber security capability. Adopt predictive analytics and invest in monitoring and control Integrate - embed cyber security in the culture and decision making of client organisations. Define metrics and success criteria formally across IT 10

11 KPMGs top 10 tips for defending against cyber attack Prepare for war Prioritise Brace for impact Strategy Learn form your mistakes and others Watch and learn Don t go it alone Caution Plug the mobile leak Accept the consequences 11

12 Insurance industry perspective Factors limiting the demand for Tech. / Cyber Risk insurance Cost Economic conditions Cost - Gartner estimates cyber insurance premiums to be around $10,000 to $35,000 for $1 million in coverage Arrogance / ignorance Factors limiting the supply of Tech. / Cyber Risk Insurance Actuarial data Absence of sufficient historical underwriting / claims data makes it hard to price Limited ability to charge differential premiums Limited ability to quantitatively assess technology risks Ambiguity in risk and coverage Rapid change in technological landscape Cyber risk insurance is still evolving as a product Coverage not fully understood by the technology community Re-insurance Lack of historical actuarial data forcing reinsurers to be equally hesitant Demand appears to be growing Complimentary services. KPMG can help! Pre-sales and marketing driving customer growth Pre-bind risk assessment better underwriting Insurance claim support with forensics and claims settlement Remediation services in addition to insurance protection 12

13 Contact: Kiran Nagaraj +44 (0) The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation KPMG LLP, a UK limited liability partnership, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Printed in the United Kingdom. The KPMG name, logo and cutting through complexity are registered trademarks or trademarks of KPMG International Cooperative (KPMG International).

A NEW APPROACH TO CYBER SECURITY

A NEW APPROACH TO CYBER SECURITY A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively

More information

Cyber Security Evolved

Cyber Security Evolved Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are

More information

Cyber security: Are consumer companies up to the challenge?

Cyber security: Are consumer companies up to the challenge? Cyber security: Are consumer companies up to the challenge? 1 Cyber security: Are consumer companies up to the challenge? A survey of webcast participants kpmg.com 1 Cyber security: Are consumer companies

More information

Maritime Insurance Cyber Security Framing the Exposure. Tony Cowie May 2015

Maritime Insurance Cyber Security Framing the Exposure. Tony Cowie May 2015 Maritime Insurance Cyber Security Framing the Exposure Tony Cowie May 2015 Table of Contents / Agenda What is cyber risk? Exposures - Should we be concerned about "Cyber"? Is Cyber covered under a Marine

More information

Into the cybersecurity breach

Into the cybersecurity breach Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing

More information

Cyber threat intelligence and the lessons from law enforcement. kpmg.com.au

Cyber threat intelligence and the lessons from law enforcement. kpmg.com.au Cyber threat intelligence and the lessons from law enforcement kpmg.com.au Introduction Cyber security breaches are rarely out of the media s eye. As adversary sophistication increases, many organisations

More information

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity Nine recommendations for alternative funds battling cyber crime kpmg.ca/cybersecurity Cyber criminals steal user names and passwords and use it to conduct financial trading activity illicitly. Hackers

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Institute of Internal Auditors Cyber Security. Birmingham Event 15 th May 2014 Jason Alexander

Institute of Internal Auditors Cyber Security. Birmingham Event 15 th May 2014 Jason Alexander Institute of Internal Auditors Cyber Security Birmingham Event 15 th May 2014 Jason Alexander Introduction Boards growing concern with Cyber Risk Cyber risk is not new, but incidents have increased in

More information

Cyber Security: from threat to opportunity

Cyber Security: from threat to opportunity IT ADVISORY Cyber Security: from threat to opportunity www.kpmg.com/nl/cybersecurity From threat to opportunity / Cyber security / 1 FOREWORD OPPORTUNITY-DRIVEN CYBER SECURITY Cyber security (also known

More information

Cybersecurity. Are you prepared?

Cybersecurity. Are you prepared? Cybersecurity Are you prepared? First Cash, then your customer, now YOU! What is Cybersecurity? The body of technologies, processes, practices designed to protect networks, computers, programs, and data

More information

Cyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen

Cyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen Cyber Security : preventing and mitigating incidents Alexander Brown Robert Allen 07 & 08 October 2015 Cyber Security context of the threat The magnitude and tempo of [cyber security attacks], basic or

More information

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

More information

Defending against modern cyber threats

Defending against modern cyber threats Defending against modern cyber threats Protecting Critical Assets October 2011 Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Agenda 1. The seriousness of today s situation

More information

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response

More information

Beyond Data Breach: Cyber Trends and Exposures

Beyond Data Breach: Cyber Trends and Exposures Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in

More information

CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY

CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY INTRODUCTION Information security has evolved. As the landscape of threats increases and cyber security 1 management becomes

More information

Cybersecurity The role of Internal Audit

Cybersecurity The role of Internal Audit Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government

More information

Be Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience

Be Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience Mike O Neill Managing Director Graeme McGowan Associate Director of Cyber Security

More information

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity INFORMATION RISK MANAGEMENT KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity ADVISORY Contents Agenda: Global trends and BCM

More information

Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.bm

Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.bm Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom kpmg.bm Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom 1 Connecting the dots:

More information

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become

More information

Risk Considerations for Internal Audit

Risk Considerations for Internal Audit Risk Considerations for Internal Audit Cecile Galvez, Deloitte & Touche LLP Enterprise Risk Services Director Traci Mizoguchi, Deloitte & Touche LLP Enterprise Risk Services Senior Manager February 2013

More information

Rogers Insurance Client Presentation

Rogers Insurance Client Presentation Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com

More information

A Framework for Business Continuity to Provide High Availability in Floating LNG Operations

A Framework for Business Continuity to Provide High Availability in Floating LNG Operations A Framework for Business Continuity to Provide High Availability in Floating LNG Operations Pete Winn and Alex Lal Velrada Value without compromise. Today s agenda How does business continuity support

More information

Cyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity

Cyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity IT ADVISORY Cyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity TABLE OF CONTENTS 1 Cyber security, a theme for the boardroom 3 2 What is cyber security? 4 3 Relevance to the boardroom

More information

CBEST FAQ February 2015

CBEST FAQ February 2015 CBEST Frequently Asked Questions: February 2015 At this time, the UK Financial Authorities have only made CBEST available to firms and FMIs which they consider to be core to the UK financial system. Those

More information

Enterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security

Enterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security Enterprise Security Governance Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security Governance and Organisational Model Risk Mgmt & Reporting Digital Risk & Security

More information

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.

More information

Best Practices to Improve Breach Readiness

Best Practices to Improve Breach Readiness Best Practices to Improve Breach Readiness Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC http://blog.emc2.de/trust-security @RobtWesGriffin 1 Security Breaches 2 Security

More information

Managing Cyber Risk through Insurance

Managing Cyber Risk through Insurance Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes

More information

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures

More information

Managing cyber risks with insurance

Managing cyber risks with insurance www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive

More information

MEMORANDUM. Date: October 28, 2013. Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance

MEMORANDUM. Date: October 28, 2013. Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance MEMORANDUM Date: October 28, 2013 To: Federally Regulated Financial Institutions Subject: Guidance The increasing frequency and sophistication of recent cyber-attacks has resulted in an elevated risk profile

More information

Mitigating and managing cyber risk: ten issues to consider

Mitigating and managing cyber risk: ten issues to consider Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed

More information

Under control 2015 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint

Under control 2015 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint Under control 2015 Hot topics for IT internal audit in financial services An Internal Audit viewpoint Introduction Welcome to our fourth annual review of the IT hot topics for IT internal audit in financial

More information

Cyber Security & Managing KYC Data

Cyber Security & Managing KYC Data SPECIAL REPORT Cyber Security & Managing KYC Data The views and opinions expressed in this paper are those of the author(s) and do not necessarily reflect the official policy or position of Thomson Reuters.

More information

Cyber Risks and Insurance Solutions Malaysia, November 2013

Cyber Risks and Insurance Solutions Malaysia, November 2013 Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare

More information

Enterprise Security Architecture

Enterprise Security Architecture Enterprise Architecture -driven security April 2012 Agenda Facilities and safety information Introduction Overview of the problem Introducing security architecture The SABSA approach A worked example architecture

More information

Address C-level Cybersecurity issues to enable and secure Digital transformation

Address C-level Cybersecurity issues to enable and secure Digital transformation Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,

More information

Financial Services. Internal Audit: What s on the horizon? kpmg.co.uk

Financial Services. Internal Audit: What s on the horizon? kpmg.co.uk Financial Services Internal Audit: What s on the horizon? kpmg.co.uk Contents Introduction 1 Information Security 2 Integrated Assurance any gaps in the plan? 2 Change portfolio is your change portfolio

More information

www.pwc.com Developing a robust cyber security governance framework 16 April 2015

www.pwc.com Developing a robust cyber security governance framework 16 April 2015 www.pwc.com Developing a robust cyber security governance framework 16 April 2015 Cyber attacks are ubiquitous Anonymous hacker group declares cyber war on Hong Kong government, police - SCMP, 2 October

More information

Cyber threat intelligence and the lessons from law enforcement. kpmg.com/cybersecurity

Cyber threat intelligence and the lessons from law enforcement. kpmg.com/cybersecurity Cyber threat intelligence and the lessons from law enforcement kpmg.com/cybersecurity Introduction Cyber security breaches are rarely out of the media s eye. As adversary sophistication increases, many

More information

Achieving Cyber Resilience. By Garin Pace, Anthony Shapella and Greg Vernaci

Achieving Cyber Resilience. By Garin Pace, Anthony Shapella and Greg Vernaci Achieving Cyber Resilience By Garin Pace, Anthony Shapella and Greg Vernaci Cyber security has become the single most important risk to company Boards of Directors around the world. This is not a surprise

More information

Top 5 reasons incident response is failing. kpmg.com

Top 5 reasons incident response is failing. kpmg.com Top 5 reasons incident response is failing kpmg.com b Top 5 reasons incident response is failing Introduction The Incident Response function within an organization is responsible for assessing the integrity

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

The transformation of IT Risk Management. kpmg.com

The transformation of IT Risk Management. kpmg.com The transformation of IT Risk Management kpmg.com The transformation of IT Risk Management The role of IT Risk Management Scope of IT risk management Examples of IT risk areas of focus How KPMG can help

More information

REPORT. Next steps in cyber security

REPORT. Next steps in cyber security REPORT March 2015 Contents Executive summary...3 The Deloitte and Efma questionnaire...5 Level of awareness...5 Level of significance...8 Level of implementation...11 Gap identification and concerns...15

More information

SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE

SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to

More information

Cyber Security. The changing landscape. Financial Sector. March 4-5, 2014

Cyber Security. The changing landscape. Financial Sector. March 4-5, 2014 Cyber Security Discussioni The changing landscape 2nd Information Security Workshop for Financial Sector March 4-5, 2014 Agenda Agenda How vulnerable is the banking sector Closer look at the security threat

More information

CYBER RISK SECURITY, NETWORK & PRIVACY

CYBER RISK SECURITY, NETWORK & PRIVACY CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread

More information

Cyber Security Risks for Banking Institutions.

Cyber Security Risks for Banking Institutions. Cyber Security Risks for Banking Institutions. September 8, 2014 1 Administrative CPE regulations require that online participants take part in online questions Must respond to a minimum of four questions

More information

OECD PROJECT ON CYBER RISK INSURANCE

OECD PROJECT ON CYBER RISK INSURANCE OECD PROJECT ON CYBER RISK INSURANCE Introduction 1. Cyber risks pose a real threat to society and the economy, the recognition of which has been given increasingly wide media coverage in recent years.

More information

Cyber Insurance Presentation

Cyber Insurance Presentation Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance

More information

Cyber security: Are Australian CEOs sleepwalking or a step ahead? kpmg.com.au

Cyber security: Are Australian CEOs sleepwalking or a step ahead? kpmg.com.au Cyber security: Are Australian CEOs sleepwalking or a step ahead? kpmg.com.au Cyber attack is one of the biggest threats to Australian businesses, however many Chief Executive Officers (CEOs) admit a lack

More information

Addressing Cyber Risk Building robust cyber governance

Addressing Cyber Risk Building robust cyber governance Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber

More information

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title

More information

What you need to know and what you can t afford to ignore!

What you need to know and what you can t afford to ignore! Cyber Risk: What you need to know and what you can t afford to ignore! James Johnston Directors' and Officers' Insurance Underwriter Daniel Fletcher Cyber Insurance Underwriter Financial & Specialty Markets

More information

Presidential Summit Reveals Cybersecurity Concerns, Trends

Presidential Summit Reveals Cybersecurity Concerns, Trends Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Presidential Summit Reveals Cybersecurity Concerns,

More information

CYBER LIABILITY. Bring on tomorrow. Network Security and Privacy. May 15, 2014

CYBER LIABILITY. Bring on tomorrow. Network Security and Privacy. May 15, 2014 CYBER LIABILITY Network Security and Privacy Bring on tomorrow May 15, 2014 1 AGENDA I. Identify Exposures II. Identify how a breach can occur III. The Coverage (Third Party Liability + First Party Losses)

More information

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287

More information

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President

More information

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat

More information

CYBER SECURITY PROTECTING YOUR BUSINESS James Hatch Director, Cyber Services BAE Systems Applied Intelligence 1 CYBER SECURITY AT BAE SYSTEMS Professional Services Technical Services Prepare Protect Cyber

More information

Security Risk Management Strategy in a Mobile and Consumerised World

Security Risk Management Strategy in a Mobile and Consumerised World Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key

More information

AUSTRACLEAR REGULATIONS Guidance Note 10

AUSTRACLEAR REGULATIONS Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Executive Cyber Security Training. One Day Training Course

Executive Cyber Security Training. One Day Training Course Executive Cyber Security Training One Day Training Course INTRODUCING EXECUTIVE CYBER SECURITY TRAINING So what is all this we hear in the media about cyber threats? How can an organization understand

More information

An Introduction to Cyber Liability Insurance. Catherine Berry Senior Underwriter

An Introduction to Cyber Liability Insurance. Catherine Berry Senior Underwriter An Introduction to Cyber Liability Insurance Catherine Berry Senior Underwriter What is cyber risk? Exposures emanating from computer networks and the internet The Cyber Risk Phenomenon The incredible

More information

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014

More information

Cyber Security for audit committees

Cyber Security for audit committees AUDIT COMMITTEE INSTITUTE Cyber Security for audit committees An introduction kpmg.com/globalaci 2 Audit Committee Institute An introduction to cyber security for audit committees Audit committees have

More information

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming

More information

BT Assure Threat Intelligence

BT Assure Threat Intelligence BT Assure Threat Intelligence Providing you with the intelligence to help keep your organisation safe BT Assure. Security that matters At all times, organisations are vulnerable to all kinds of cyber attacks

More information

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Recognize Nefarious Cyber Activity and Catch Those Responsible with IBM InfoSphere Entity Analytic Solutions

Recognize Nefarious Cyber Activity and Catch Those Responsible with IBM InfoSphere Entity Analytic Solutions Building a Smarter Planet with Advanced Cyber Security Solutions Recognize Nefarious Cyber Activity and Catch Those Responsible with Highlights g Cyber Security Solutions from IBM InfoSphere Entity Analytic

More information

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

The Changing IT Risk Landscape Understanding and managing existing and emerging risks The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015

More information

Cyber Risks in the Boardroom

Cyber Risks in the Boardroom Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing

More information

Central and Eastern European Data Theft Survey 2012

Central and Eastern European Data Theft Survey 2012 FORENSIC Central and Eastern European Data Theft Survey 2012 kpmg.com/cee KPMG in Central and Eastern Europe Ever had the feeling that your competitors seem to be in the know about your strategic plans

More information

Big Data, Big Risk, Big Rewards. Hussein Syed

Big Data, Big Risk, Big Rewards. Hussein Syed Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data

More information

Business Continuity Management Systems. Protecting for tomorrow by building resilience today

Business Continuity Management Systems. Protecting for tomorrow by building resilience today Business Continuity Management Systems Protecting for tomorrow by building resilience today Vital statistics 31% 40% of UK businesses have been affected by bad weather related transport problems, power

More information

Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit

Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit 2014 Welcome to our third annual review of the IT hot topics facing Internal Audit functions within

More information

Exercising Your Enterprise Cyber Response Crisis Management Capabilities

Exercising Your Enterprise Cyber Response Crisis Management Capabilities Exercising Your Enterprise Cyber Response Crisis Management Capabilities Ray Abide, PricewaterhouseCoopers, LLP 2015 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved.

More information

How to measure your business resiliency

How to measure your business resiliency How to measure your business resiliency Define the KPI s/kri s and scorecards to control your security and business continuity capabilities Krzysztof Pulkiewicz BCMLogic krzysztof.pulkiewicz@bcmlogic.com

More information

Security & Privacy Current cover and Risk Management Services

Security & Privacy Current cover and Risk Management Services Security & Privacy Current cover and Risk Management Services Introduction Technological advancement has enabled greater working flexibility and increased methods of communications. However, new technology

More information

Risk Analytics for Cyber Security

Risk Analytics for Cyber Security Risk Analytics for Cyber Security Justin Coker, VP EMEA, Skybox Security IT Challenges 2015, Belgium 2nd October 2014 www.skyboxsecurity.com justin.coker@skyboxsecurity.com +44 (0) 7831 691498 Risk Analytics

More information

Cybersecurity Readiness & Incident Response. January 8, 2016

Cybersecurity Readiness & Incident Response. January 8, 2016 Cybersecurity Readiness & Incident Response January 8, 2016 Agenda Topic Minutes Introduction 3 Incident Statistics 7 Security Controls & Investigation Process 15 Mitigating Costs & Risks 15 Cyber Liability

More information

Australian Government Cyber Security Review

Australian Government Cyber Security Review Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and

More information

ASX SETTLEMENT OPERATING RULES Guidance Note 10

ASX SETTLEMENT OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Gold Sponsor of the study: Incident Response Management

Gold Sponsor of the study: Incident Response Management Gold Sponsor of the study: Incident Response Management How European Enterprises are Planning to Prepare for a Cyber Security Breach Y R A M SUM IVE T U C E PAC 2015 X E Telefonica company profile About

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh Navigating Cyber Risk Exposure and Insurance Stephen Wares EMEA Cyber Risk Practice Leader Marsh Presentation Format Four Key Questions How important is cyber risk and how should we view the cyber threat?

More information

CIS 523/423 Disaster Recovery Business Continuity

CIS 523/423 Disaster Recovery Business Continuity CIS 523/423 Disaster Recovery Business Continuity Course Description A study of disaster recovery and business continuity as related to the information technology function in organizations. Topics will

More information

Controls over CIS. Ryan O Halloran, Senior Manager KPMG Hobart. TAO Client Information Session. May 2015

Controls over CIS. Ryan O Halloran, Senior Manager KPMG Hobart. TAO Client Information Session. May 2015 Controls over CIS Ryan O Halloran, Senior Manager KPMG Hobart TAO Client Information Session May 2015 Agenda The KPMG presenters information: Ryan O Halloran Advisory Senior Manager, Hobart Tel: (03) 6230

More information

Insurance for Data Breaches in the Hospitality Industry

Insurance for Data Breaches in the Hospitality Industry The Academy of Hospitality Industry Attorneys The Pl Palmer House Hilton Chicago, IL April 25, 2014 Insurance for Data Breaches in the Hospitality Industry Presenters: David P. Bender, Jr. dbender@andersonkill.com

More information

Cyber Insurance as one element of the Cyber risk management strategy

Cyber Insurance as one element of the Cyber risk management strategy Cyber Insurance as one element of the Cyber risk management strategy Stéphane Hurtaud Partner Governance, Risk & Compliance Thierry Flamand Partner Insurance Leader Laurent de la Vaissière Director Governance,

More information

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance

More information

Cyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015

Cyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015 Cyber Threats Insights from history and current operations Prepared by Cognitio May 5, 2015 About Cognitio Cognitio is a strategic consulting and engineering firm led by a team of former senior technology

More information

eet Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry Power and Utilities Fact Sheet

eet Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry Power and Utilities Fact Sheet Power and Utilities Fact Sh Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry A holistic approach to business resiliency and disaster recovery

More information

Cyber Security From The Front Lines

Cyber Security From The Front Lines Cyber Security From The Front Lines Glenn A Siriano October 2015 Agenda Setting the Context Business Considerations The Path Forward Q&A Cyber Security Context Cyber Has Become a Boardroom Conversation

More information

Where insights lead Cybersecurity and the role of internal audit: An urgent call to action

Where insights lead Cybersecurity and the role of internal audit: An urgent call to action Where insights lead Cybersecurity and the role of internal audit: An urgent call to action The threat from cyberattacks is significant and continuously evolving. One estimate suggests that cybercrime could

More information

Five keys to a more secure data environment

Five keys to a more secure data environment Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational

More information