Cyber, Social Media and IT Risks. David Canham (BA) Hons, MIRM
|
|
- John Joseph
- 8 years ago
- Views:
Transcription
1 IIA South Event 16 th June 2015 Cyber, Social Media and IT Risks 1 st and 2 nd Line Perspective David Canham (BA) Hons, MIRM
2 Agenda This evening we ll cover the following: Who, why and what? Traditional information security versus cyber risk management Impact of social media Is the message heard? Who is in charge of the cyber agenda in your organisation? Cyber insurance - where does it fit in?
3 Points to Consider as we Talk Three challenges Protect the Brand (Franchise / Reputation) Protect Yourself (All of yourself) Insurance for cyber
4 Who, Why and When? Hacktivist Criminal Nation State Inside Job?
5 So where is the Cyber Threat coming from? 28 August 2013 New York Times and Twitter struggle after Syrian hack 13 August 2013 Dalai Lama's Chinese website hacked and infected 27 August 2013 The Chinese-language website of the Tibetan government-in-exile, whose spiritual head is the Dalai Lama, has been hacked and infected with viruses China hit by 'biggest ever' cyber-attack China has said it has suffered its "biggest ever" cyber-attack, causing many websites based in the country to go temporarily offline. Pro-Assad Syrian hackers launching cyberattacks on western media Syrian Electronic Army claims responsibility for attack on Guardian and other organisations 13th August 2013 China denies cyber attack allegations A secretive branch of China's military is probably one of the world's "most prolific cyber espionage groups", a US cyber security firm has said. Mandiant said Unit was believed to have "systematically stolen hundreds of terabytes of data" from at least 141 organisations around the world.
6 Cyber Case Studies
7 The thin blue line or governance? Four Cornerstones: Delegated Authorities what people can do Committees How oversight is provided Organisational Policies High level organisational principles Risk Management Informed decision making
8 Delegated Authorities Traditional Approach Complex sign off loops Elements of bureaucratic behaviour and / or practice Paper production hoops to achieving sign off Where responsibility for information security resides? 19% Cyber Requirement 10% 48% Real Time decision making Clear accountability and pace Extended enterprise delegation 23% CEO CIO COO Other Delay or inaction could be more damaging than the incident itself
9 Committees 53% of the CIM Survey had an information security committee Traditional Approach Usually periodic and in some cases static agenda Paper lead, discussion predominantly around lag indicators Lack of clear accountability for decision making, management by committee Cyber Requirement Where possible lead indicators to be developed (do you have them?) Use of threat intelligence and case studies Targeted War games for preparedness Oversight of technology alongside and integral in business process and strategy Cyber governance movement from review by committee to reaction
10 Organisational Policies 65% of the CIM Survey did not know if their organisation was accredited to a information security standard Traditional Approach Technical in nature Unlikely to be integrated with HR and Learning Development interventions Sign off annually via a CBT Cyber Requirement Understand the culture, the blur between professional and private life and the audience Develop engaging awareness programmes across different communication channels Ensure that policies are reviewed and updated in line with pace of the threat faced Policies are shelf ware without appropriate engagement
11 Risk Management Its what we do is it not? Traditional Approach Bridge the gap between technicians and business staff Bring external insight and challenge to existing thinking Assists business leaders in setting risk appetite and / or tolerance across the institution Cyber Requirement Translate and cut through the media hype to give a balanced view Help develop the lead MI and analyse the external intelligence to bring insight Balance the impact and probability to other risks within the institution Has the role or technique changed or has the expectation increased
12 Cyber Auditing High Level Planning Traditional review of the organisational Risk Data External factors, extended enterprise, business conditions, past cases Control and Remediation Creating a test plan that acknowledges different control types, preventative, corrective & detective Time and pace of remediation, six month programmes versus immediate action Being even more robust with management in outlining expectations Pace of Audit Traditional control testing can be routine but additionally; Forensic support in the event of an incident Internal Audit as a weapon at managements disposal? Has the role or technique changed or has the expectation increased
13 Governance Conclusions Commitment on the corporate agenda Is it clear who is responsible and sponsorship achieved? Is there a clear view on investment over security being an overhead? Is the balance between technical control and cultural defence understood? Corporate or Personal Education or Both In an increasingly interconnected world with blurred boundaries do institutions have a moral and corporate responsibility to raise awareness amongst the workforce? Compliance, Regulation and the Law Do institutions aim for the minimum to get through favouring chasing growth? Increase in interest from regulatory bodies e.g. FCA/PRA/HMT Cyber Questionnaire Pace of the threat and organisational governance Pace of decision making when a cyber intrusion is discovered Clear on who takes the lead and the accountability e.g. Incident Management framework
14 Social, Internet and Mobile Universe
15 Some facts and figures from the turn of the year. An average FB user has 130 friends, and 25% do not bother with privacy controls 23% of FB users access there account more than 5 times a daily More than 25 billion pieces of FB content are shared monthly 100 million active users access FB on their mobile device Twitter gets more than 300,000 new users every day Twitter started as a simple text message service Over 60% of twitter users are outside of the US Linked in is the oldest of the mainstream sites, started in 2003 There are more 70m users of Linked in worldwide 80% of companies use Linked in as a recruitment tool 90% of Internet user know at least one social network
16 Protect Yourself - Social Media Case Study Emma Way, 21, tweeted in May: Definitely knocked a cyclist off earlier I have right of way he doesn t even pay road tax. Personal Accountability? Employer refuses to comment Lessons for an organisation? Lessons for an individual Guilty? BBC News Website:
17 Has the Message been Heard? 10 Steps EVERY board member should understand that can eliminate c.80% of Cyber threats 1. Home and mobile working 2. User education and awareness 3. Incident Management 4. Management of user privileges 5. Removable media controls 6. Monitoring 7. Secure configuration 8. Malware protection 9. Network Security 10. Information risk management regime Web address -
18 Who is Listening to your Message? / Who needs to? Social Media followers With so many different stakeholders, an organisation regardless of public, private, local or multinational will be subject to different views on compliance and security for instance, the regulator maybe considered to be black and white, the individual maybe more relaxed, in particular if they are a social media user?
19 Could we define coherently the cyber risk in business terms to all Internal and External stakeholders?
20 Insurance for Cyber Traditional Policies or Something new? Benchmark for control in underwriting a risk? BIS Cyber Essentials CREST / CBEST NIST Framework ISO27001 Then of course there is the issue of data and historic losses. Question will regulation such as the EU Data Privacy act lead to more insurance products being further developed?
21 Closing Thoughts - Protect Yourself (All of yourself) What salary would have to be offered before you accepted your dream job from that HR Agency via Linked in? How many holidays have you told me about via Facebook? Have you been trained not to open that attachment / click that link? Does your personal risk and work risk look different? Like all industries does Financial Services invest purely in work education or with such a blur between private and professional lives is it now imperative to cover both to be seen as an employer of choice?
22 Closing Thoughts - Protect the Brand - Some basic specifics to think about The Crown Jewels What can the organisation not live without, where is it stored and how is it protected The process value chain The internal, the external, the distributor network, do they apply all the same logic as you do to security Risk appetite / tolerance Is it clear the minimum and the maximum your organisation is prepared to accept in terms of the security agenda and the trade offs required Focus Is there sufficient focus, it s a crowded organisational agenda, there s a lot of short term pressures versus a longer term difficult to quantify threat Innovation Is there suitable innovation in your approach to cyber its not all bad, where's the opportunties
23 Closing Statement Personal Thoughts Awareness and interest at board level has increased Lack of substantive data within the Financial Services arena continues to pose a problem Media is hyped Cyber war! Where does the investment profile lie in the organisation, still with the CIO / CISO With an interconnected world, increase in mobile devices and digital solutions and social media, Information Security Risk continues to evolve. It is the challenge of all industries to respond both internally, through the extended enterprise and with their people
www.pwc.com Developing a robust cyber security governance framework 16 April 2015
www.pwc.com Developing a robust cyber security governance framework 16 April 2015 Cyber attacks are ubiquitous Anonymous hacker group declares cyber war on Hong Kong government, police - SCMP, 2 October
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationwww.pwc.com Cybersecurity and Privacy Hot Topics 2015
www.pwc.com Cybersecurity and Privacy Hot Topics 2015 Table of Contents Cybersecurity and Privacy Incidents are on the rise Executives and Boards are focused on Emerging Risks Banking & Capital Markets
More informationHow To Protect Your Business From A Cyber Attack
Intelligence FIRST helping your business make better decisions Cyber security Keeping your business resilient Cyber security is about keeping your business resilient in the modern technological age. It
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationCyber Security for audit committees
AUDIT COMMITTEE INSTITUTE Cyber Security for audit committees An introduction kpmg.com/globalaci 2 Audit Committee Institute An introduction to cyber security for audit committees Audit committees have
More informationCYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison
CYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison Gary Solway* Bennett Jones LLP The August release of the purported names and other details of over 35 million customers
More informationCyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties
Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Pamela Passman President and CEO Center for Responsible Enterprise And Trade (CREATe.org)
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationCYBER SECURITY THREAT REPORT Q1
CYBER SECURITY THREAT REPORT Q1 Moving Forward Published by UMC IT Security April 2015 0 U.S. computer networks and databases are under daily cyber-attack by nation states, international crime organizations,
More informationwww.pwc.nl/cybersecurity Cyber security Building confidence in your digital future
www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence
More informationACE European Risk Briefing 2012
#5 ACE European Risk Briefing 2012 IT and cyber risk respondent profiles The research was carried out between 13 April and 3 May 2012. The sample comprised 606 European risk managers, CROs, CFOs, COOs
More informationAISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY. 14 October 2015 OPENING ADDRESS LYNWEN CONNICK
1 AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY 14 October 2015 OPENING ADDRESS LYNWEN CONNICK Thanks Arno, and good morning everyone. Welcome to Australian Information Security Association
More informationThe UK cyber security strategy: Landscape review. Cross-government
REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationWHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.
WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. A guide for IT security from BIOS The Problem SME s, Enterprises and government agencies are under virtually constant attack today. There
More informationCyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.
Cyber Security Personal and commercial information is the new commodity of choice for the virtual thief, argues Adrian Leppard, Commissioner for City of London Police, as he sets out the challenges facing
More informationWho s next after TalkTalk?
Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many
More informationWhite Paper on Financial Industry Regulatory Climate
White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during
More informationA NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
More informationCybersecurity. Considerations for the audit committee
Cybersecurity Considerations for the audit committee Insights on November 2012 governance, risk and compliance Fighting to close the gap Ernst & Young s 2012 Global Information Security Survey 2012 Global
More informationSecure by design: taking a strategic approach to cybersecurity
Secure by design: taking a strategic approach to cybersecurity The cybersecurity market is overly focused on auditing policy compliance and performing vulnerability testing when the level of business risk
More informationPCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES
PCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES Cyber Attacks: How prepared are you? With barely a day passing without a reported breach of corporate information security, the threat to financial
More informationCYBER-ATTACKS THE GLOBAL RESPONSE
R E P R I N T CYBER-ATTACKS THE GLOBAL RESPONSE REPRINTED FROM: Risk, Governance & Compliance for Financial Institutions 2015 RISK GOVERNANCE & COMPLIANCE for F I N A N C I A L INSTITUTIONS 2 0 1 5 Visit
More informationIT AUDIT WHO WE ARE. Current Trends and Top Risks of 2015 10/9/2015. Eric Vyverberg. Randy Armknecht. David Kupinski
IT AUDIT Current Trends and Top Risks of 2015 2 02 Eric Vyverberg WHO WE ARE David Kupinski Randy Armknecht Associate Director Internal Audit Protiviti 317.510.4661 eric.vyverberg@protiviti.com Managing
More informationCommittees Date: Subject: Public Report of: For Information Summary
Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security
More information1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.
Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is
More informationAgenda. Introduction to SCADA. Importance of SCADA security. Recommended steps
Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually
More informationInternal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015
Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are
More informationCyber Security Threats: What s Next and How Do We Reduce the Risks?
Cyber Security Threats: What s Next and How Do We Reduce the Risks? Agenda Cyber Security: A necessity! What threats exist today? What does the future hold? How do we reduce the risks? Key for Risk Reduction
More informationManaging cyber risks with insurance
www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive
More informationSurviving the Ever Changing Threat Landscape
Surviving the Ever Changing Threat Landscape Kevin Jordan Cyber Security Specialist Dell GLBA FFIEC NCUA PCI HIPAA NERC CIP FISMA 700+ Percentage of U.S. adults who Federal named online and banking state
More informationCyber Risks and Insurance Solutions Malaysia, November 2013
Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare
More informationCyber Security key emerging risk Q3 2015
Cyber Security key emerging risk Q3 2015 The study is based on interviews with CIO:s, CISO:s and Head of Security in August and September 2015. November 2015 www.pwc.se Companies falling behind are more
More informationCyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen
Cyber Security : preventing and mitigating incidents Alexander Brown Robert Allen 07 & 08 October 2015 Cyber Security context of the threat The magnitude and tempo of [cyber security attacks], basic or
More informationKnowing Your Enemy How Your Business is Attacked. Andrew Rogoyski June 2014
Knowing Your Enemy How Your Business is Attacked Andrew Rogoyski June 2014 Why Cyber is the New Security 1986: Lawrence Berkeley NL discovers attempt to copy US Government Information on Arpanet 1988:
More informationTackling the growing risk of cyber crime
Financial Institutions Customer Industry Community Tackling the growing risk of cyber crime Discussion points for financial institutions Contents Introduction 3 The scale of cyber risk 4 Zurich survey
More informationThe Cancer Running Through IT Cybercrime and Information Security
WHITE PAPER The Cancer Running Through IT Prepared by: Richard Brown, Senior Service Management Consultant Steve Ingall, Head of Consultancy 60 Lombard Street London EC3V 9EA T: +44 (0)207 464 8883 E:
More informationThe Institute of Risk Management. Cyber Risk. Executive Summary
The Institute of Risk Management Cyber Risk Cyber Risk Our supporters Moving from a range to a single number risk allowance is a matter of judgement. 2014 The Institute of Risk Management. All rights reserved.
More informationFFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors
Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationCYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts
CYBER SECURITY ADVISORY SERVICES Governance Risk & Compliance Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts The Financial Services Industry at Crossroads: Where to From Here? WELCOME What
More informationENABLING THE BUSINESS WITH SOCIAL RELATIONSHIP PLATFORMS
WHITE PAPER ENABLING THE BUSINESS WITH SOCIAL RELATIONSHIP PLATFORMS AN EASY WIN FOR STRATEGIC CIOs THE ROLE OF THE IT LEADER IS CHANGING. CIOs must shift their focus from keeping the lights on to enabling
More informationRETHINKING CYBER SECURITY Changing the Business Conversation
RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.
More informationCYBERSECURITY IN HEALTHCARE: A TIME TO ACT
share: TM CYBERSECURITY IN HEALTHCARE: A TIME TO ACT Why healthcare is especially vulnerable to cyberattacks, and how it can protect data and mitigate risk At a time of well-publicized incidents of cybersecurity
More informationWRITTEN TESTIMONY OF
WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you
More informationBe Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience
Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience Mike O Neill Managing Director Graeme McGowan Associate Director of Cyber Security
More informationFacebook Advertising Playbook
Facebook Advertising Playbook TABLE OF CONTENTS I. INTRODUCTION 6 II. ABOUT THIS REPORT 6 III. ABOUT IMPARTURE 7 1. INTRODUCTION TO FACEBOOK ADVERTISING 8 1.1 UNDERSTANDING TERMINOLOGY 8 2. THE CASE FOR
More information$194 per record lost* 3/15/2013. Global Economic Crime Survey. Data Breach Costs. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP
David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Global Cyber Crime is the fastest growing economic crime Cyber Crime is more lucrative than trafficking drugs!
More informationHighlights from the Security Awareness Special Interest Group (SASIG) New Year 2014 event:
Highlights from the Security Awareness Special Interest Group () New Year 2014 event: Cyber security adopting a new approach to answer the Board s concerns Hosted by EY: 14th January 2014 The Security
More informationCyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015
Cyber Threats Insights from history and current operations Prepared by Cognitio May 5, 2015 About Cognitio Cognitio is a strategic consulting and engineering firm led by a team of former senior technology
More informationDefending yesterday. Financial Services. Key findings from The Global State of Information Security Survey 2014
www.pwc.com/security Defending yesterday While organizations have made significant security improvements, they have not kept pace with today s determined adversaries. As a result, many rely on yesterday
More information11/27/2015. Cyber Risk as a Component of Business Risk: Communicating with the C-Suite. Conflict of interest. Learning Objectives
Cyber Risk as a Component of Business Risk: Communicating with the C-Suite Jigar Kadakia DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily
More informationPROMOTION // TECHNOLOGY. The Economics Of Cyber Security
PROMOTION // TECHNOLOGY The Economics Of Cyber Security Written by Peter Mills Malicious cyber activity, from hacking and identity fraud to intellectual property theft, is a growing problem within the
More informationICAEW. Audit Insights. Cyber Security 2015
ICAEW Audit Insights Cyber Security 2015 BUSINESS WITH CONFIDENCE icaew.com/auditinsights About the ICAEW IT Faculty The ICAEW IT Faculty provides products and services to help its members make the best
More informationCybercrime: risks, penalties and prevention
Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,
More informationCyber security guide for boardroom members
Cyber security guide for boardroom members 2 Cyber security guide for boardroom members Cyber security at strategic level Our society is rapidly digitising, and we are all reaping the benefits. Our country
More informationSecurity and Privacy
Security and Privacy Matthew McCormack, CISSP, CSSLP CTO, Global Public Sector, RSA The Security Division of EMC 1 BILLIONS OF USERS MILLIONS/BILLIONS OF APPS 2010 Cloud Big Data Social Mobile Devices
More informationHow to Protect Sensitive Corporate Data against Security Vulnerabilities of Your Vendors
How to Protect Sensitive Corporate Data against Security Vulnerabilities of Your Vendors July 2014 Executive Summary Data breaches cost organizations millions and sometimes even billions of dollars in
More informationMike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program
Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat
More informationWHAT YOU NEED TO KNOW ABOUT CYBER SECURITY
SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes
More informationCyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things
Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations
More informationCyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis
Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?
More informationPCI DSS Investing wisely...
PCI DSS Investing wisely... Hotel webinar Neira Jones Head of Payment Security Barclaycard Global Payment Acceptance 25 th July 2011 Leading the way in secure payments global payment acceptance Hotel Security
More informationCOUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide
COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the
More informationCyberSecurity for Law Firms
CyberSecurity for Law Firms Cracking the Cyber Code: Recent Headlines, Reinforcing the Need and Response Planning July 16, 2013 Making the Case Matthew Magner Senior Underwriting Officer Chubb & Son, a
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Detection, analysis, and understanding of threat
More informationExperience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.
Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies
More informationTechnology and Cyber Resilience Benchmarking Report 2012. December 2013
Technology and Cyber Resilience Benchmarking Report 2012 December 2013 1 Foreword by Andrew Gracie Executive Director, Special Resolution Unit, Bank of England On behalf of the UK Financial Authorities
More informationAnthony J. Keane, MSc, PhD and Jason Flood, MSc Information Security & Digital Forensics Research Group Institute of Technology Blanchardstown
Anthony J. Keane, MSc, PhD and Jason Flood, MSc Information Security & Digital Forensics Research Group Institute of Technology Blanchardstown 1 Protected networks are continuously being successfully attacked
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Investment in cyber insurance Lockton Companies
More informationCyber-security: legal implications for financial institutions. IAPP Europe Data Protection Intensive 2013
Cyber-security: legal implications for financial institutions IAPP Europe Data Protection Intensive 2013 Vivienne Artz Managing Director and General Counsel, Citi Cyber threat landscape Kris McConkey Director,
More informationUnder control 2015 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint
Under control 2015 Hot topics for IT internal audit in financial services An Internal Audit viewpoint Introduction Welcome to our fourth annual review of the IT hot topics for IT internal audit in financial
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationCyber Risk: Global Warning? by Cinzia Altomare, Gen Re
Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in
More informationAssessing the strength of your security operating model
www.pwc.com Assessing the strength of your security operating model May 2014 Assessing the strength of your security operating model Retail stores, software companies, the U.S. Federal Reserve it seems
More informationYOUR TRUSTED PARTNER IN A DIGITAL AGE. A guide to Hiscox Cyber and Data Insurance
YOUR TRUSTED PARTNER IN A DIGITAL AGE A guide to Hiscox Cyber and Data Insurance 2 THE CYBER AND DATA RISK TO YOUR BUSINESS This digital guide will help you find out more about the potential cyber and
More informationServices. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure
Home Secure digital transformation SMACT Advise, Protect & Monitor Why Capgemini & Sogeti? In safe hands Capgemini & Sogeti Cybersecurity Services Guiding enterprises and government through digital transformation
More informationRISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer
RISK MANAGEMENT FRAMEWORK 1 SUMMARY The Risk Management Framework consists of the following: Risk Management policy Risk Management strategy Risk Management accountability Risk Management framework structure.
More informationAllianz Global Corporate & Specialty. Cyber Risks. Recent Trends. AIRMIC 15 th June 2015
Allianz Global Corporate & Specialty Cyber Risks Recent Trends AIRMIC 15 th June 2015 Copyright Allianz Global Corporate & Specialty 2014 1 Copyright Allianz Global Corporate & Specialty 2014 2 Allianz
More informationJanuary IIA / ISACA Joint Meeting Pre-meeting. Cybersecurity Update for Internal Auditors. Matt Wilson, PwC Risk Assurance Director
January IIA / ISACA Joint Meeting Pre-meeting Cybersecurity Update for Internal Auditors Matt Wilson, Risk Assurance Director Introduction and agenda Themes from The Global State of Information Security
More informationTLP WHITE. Denial of service attacks: what you need to know
Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...
More informationThe NIST Cybersecurity Framework Encouraging NIST Adoption Via Cost/Benefit Analysis
The NIST Cybersecurity Framework Encouraging NIST Adoption Via Cost/Benefit Analysis Paul A. Ferrillo March 2015 The NIST Cybersecurity Framework Encouraging NIST Adoption Via Cost Benefit Analysis Until
More informationDeveloping National Frameworks & Engaging the Private Sector
www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012
More informationCyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?
Cyber Warfare David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Cyber crime is the fastest growing economic crime up more than 2300% since 2009 1 in 10 companies
More informationGold study sponsor: Is cyber security now too hard for enterprises? Cyber security trends in the UK. Executive Summary
Gold study sponsor: Is cyber security now too hard for enterprises? Cyber security trends in the UK Executive Summary Core statements I. Cyber security is now too hard for enterprises The threat is increasing
More informationAuditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement
Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Copyright Elevate Consult LLC. All Rights Reserved 1 Presenter Ray Guzman MBA, CISSP, CGEIT, CRISC, CISA Over 25
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationCYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES
POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response
More informationBT Security Recruitment
BT Recruitment BT An Option For You? 1 Introduction - Tinker, tailor, soldier cyber-defender? (Taken from the BT Assure RUSI article: http://www.globalservices.bt.com/static/assets/pdf/defence/rusi_bt_v2.pdf)
More informationwww.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v8 2-25-14
www.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit (4:30-5:30) Draft v8 2-25-14 Common Myths 1. You have not been hacked. 2. Cyber security is about keeping the
More informationREPORT. Next steps in cyber security
REPORT March 2015 Contents Executive summary...3 The Deloitte and Efma questionnaire...5 Level of awareness...5 Level of significance...8 Level of implementation...11 Gap identification and concerns...15
More informationRisk Management Policy
Risk Management Policy June 2015 1 2 Contents 1. Policy Objectives and Background... 4 1.1. Policy Background... 4 1.2. Policy Objective... 4 1.3. Policy Sponsor and Maintenance... 4 2. Risk Types and
More informationMEMORANDUM. Date: October 28, 2013. Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance
MEMORANDUM Date: October 28, 2013 To: Federally Regulated Financial Institutions Subject: Guidance The increasing frequency and sophistication of recent cyber-attacks has resulted in an elevated risk profile
More informationMaritime Insurance Cyber Security Framing the Exposure. Tony Cowie May 2015
Maritime Insurance Cyber Security Framing the Exposure Tony Cowie May 2015 Table of Contents / Agenda What is cyber risk? Exposures - Should we be concerned about "Cyber"? Is Cyber covered under a Marine
More informationWelcome. HITRUST 2014 Conference April 22, 2014 HITRUST. Health Information Trust Alliance
Welcome HITRUST 2014 Conference April 22, 2014 HITRUST Health Information Trust Alliance The Evolving Information Security Organization Challenges and Successes Jason Taule, Chief Security and Privacy
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More information