2015 Information Security Awareness Catalogue

Size: px
Start display at page:

Download "2015 Information Security Awareness Catalogue"

Transcription

1 Contents 2015 Catalogue Wolfpack Engagement Model 4 Campaign Drivers 6 Offerings 8 Approach 9 Engaging Content 10 Stakeholder Change Management 12 Bundles 13 Content 14 Grey Wolf -Track compliance with our powerful Learning Management System (LMS) 18 Alert Africa - Our Public Initiative 20 About Us 22 Services Portfolio 23 Wolfpack 2015 Catalogue - Page 2 Wolfpack 2015 Catalogue - Page 3

2 2. ASSESS Wolfpack Engagement Model Predict Your Threats Internal External Industry Country Global RESEARCH & THREAT INTELLIGENCE 1. PREDICT SPECIALISED COLLABORATION PROJECTS Assess Your Vulnerabilities People Process Technology GOVERNANCE, RISK & COMPLIANCE ADVISORY SKILLS ASSESSMENTS TRAINING & AWARENESS PROGRAMMES 3. IMPROVE TALENT SOURCING & GRADUATE DEVELOPMENT Improve Your Defence Capability Wolfpack 2015 Catalogue - Page 4 Wolfpack 2015 Catalogue - Page 5

3 Campaign Drivers Creating an information security and privacy awareness and training programme is not a simple task. It can be very frustrating designing professional & engaging content. Remember - this is your brand to the business so it needs to look good! Providing your personnel with the security and privacy information they need, and ensuring they understand and follow the requirements, is a vital component to protecting your organisation, staff, trading partners & customers. Key Requirements: The need for a global awareness / culture campaign focusing on the protection of personal and confidential information Understanding of global and organisational stakeholder requirements The campaign must have impact & defined key performance / goal indicators Wolfpack Risk have established a comprehensive portfolio of training and awareness offerings. Research & Threat Intelligence Reports Programme Maturity Improvement Content Development Simulation, Animated Video & Cartoon Solutions Phishing & Social Engineering Assessments Governance, Risk Management & Compliance Curriculum Curriculum Forensics Curriculum Audit Curriculum Software Curriculum Wolfpack 2015 Catalogue - Page 6 Wolfpack 2015 Catalogue - Page 7

4 Offerings Approach SOLUTIONS Project Management Confidentiality Management Social Engineering Assessments Human Vulnerability Assessments The continual growth of regulatory requirements, complex business operations and increase in cyber threats demand a well thought-out and implemented approach to information risk management. Wolfpack Risk has extensive experience in this sector and draws considerable input from our Research, Threat Intelligence and Advisory units to offer a comprehensive awareness solution. Executive Cyber Vulnerability Assessments Grey Wolf Assessment And Learning Platform CONTENT Animated Video Series: 5 Privacy 7 Custom Development Posters / Cartoons / Screensavers Easy Policy Communicator Cybercrime Survival Guide & Induction Programme Simulations Interactive Sessions Phase 1: Plan Validate context and requirements for global awareness / culture campaign focusing on the protection of secret and confidential information Business Requirements Analysis Defined scope of work & campaign success factors Define stakeholder requirements for secret and confidential information leakage and relevant threat intelligence sources per location / industry Stakeholder Change Management The stakeholder change management framework will include a stakeholder matrix, change communication plan, key project metrics and content customisation / development blueprint Phase 2: Build Understand training and awareness requirements Executives Management Create Tailored Programme rollout programme for defined audience groups per region Tailored skills transfer programme for regional project champions Phase 3: Run Conduct pilot / full training and awareness programme Users and Third Parties Wolfpack 2015 Catalogue - Page 8 Wolfpack 2015 Catalogue - Page 9

5 Engaging Content Posters Protecting Personal Protecting Business Privacy Privacy POPI Compliance POPI Compliance POPI Compliance Protection of Personal Act Protection of Personal Act Protection of Personal Act Module 2 Module 1 Screensavers Interactive Simulations Module 3 Cybercrime Cyber Threat Password Safety & Account Management Cloud & Third Party Risks Protecting Your Family Social Engineering Employee & Contractor Risks Videos Cartoons Wolfpack 2015 Catalogue - Page 10 Wolfpack 2015 Catalogue - Page 11

6 Stakeholder Change Management Bundles Identify Stakeholders Starter Pack A fantastic way to enhance your organisation s awareness programme with professionally branded & engaging material. Objective What is included? 4 x Animated Videos (Cyber Threats / Social Engineering / PoPI / Privacy) 4 x Posters + Cartoons Training Workshop at Wolfpack offices Access to Cyber Pack Interest Group *All Starter Pack materials are Wolfpack branded. Message Add Add Add Medium Frequency Communicator Performance Metric Premium Pack Access Wolfpack s full range of awesome awareness content. Includes: All 12 x & Privacy Animated Videos (with more coming soon) Professional Posters, Screensavers & Cartoons Programme Toolkit (APT) to run strategy, comms, budget & more Grey Wolf LMS (Learning Management System) Run both & Training campaigns on one system Assess skills, track performance & compliance of all users Use either Wolfpack cloud system or implement in-house with full support *Includes local installation, initial setup, training & monthly telephonic support. Other Services Phishing & Executive Threat Assessments Easy Policy Communicator Induction, User & Executive Workshops Customisation Full Customisation of all our material available We can also create your own videos, posters, cartoons, banners, stickers & more Wolfpack 2015 Catalogue - Page 12 Wolfpack 2015 Catalogue - Page 13

7 Content POPI Compliance Modules The awareness content can be divided into two areas, namely and Privacy. Privacy Content Protecting Personal Looks at POPI and how it affects the protection of personal information, delivers the following key messages: Exercise caution when sending s containing sensitive information follow corporate guidelines Report any security incident promptly to your Department s Privacy or Team Protect the data you are handling as if it was your own Do not leave any confidential files or information in plain sight it s not yours to share. Protecting privacy is everyone s responsibility Protecting Business Privacy Identifies the implications that POPI has on business, delivers the following key messages: POPI aligns with the organisation s strategic focus to place the customer at the core of our business We wish to empower our staff to instill a culture of compliance with respect to the privacy and protection of our customer information Privacy protection is not a project with a start and end it is an attitude and approach that needs to be woven into the culture of the organisation POPI Compliance Module 1 Addresses the first three principles of POPI i.e. Accountability, Quality and Safeguards, the following key messages are delivered: You cannot outsource accountability be careful about who has access to personal information Maintain data quality Always ensure our information is up to date and complete Always ensure personal information is protected We are not just dealing with 1s and 0s. It s people s lives POPI Compliance Module 2 Addresses the following principles of POPI: Processing limitation, Purpose Specification and Further Processing Limitation. The following key messages are delivered: Respect the privacy of your client s personal information Always keep in mind the original reason for obtaining a client s personal information Innovation is encouraged but not at the expense of our client s right to privacy POPI Compliance Module 3 Addresses the following principles of POPI: Openness and Data Subject Participation.The following key messages are delivered: Ensure you are always open and honest with your clients regarding your intentions with their personal information Your clients have the right to question our management of their personal information Wolfpack 2015 Catalogue - Page 14 Wolfpack 2015 Catalogue - Page 15

8 Content Content Cybercrime Identifies the different types of cybercrime tactics employed by cybercriminals to exploit their victims. Delivers the following key messages: Perform background checks on new employees Don t use unauthorised software or media Protect both company and personal information You are a target for cyber criminals don t become the next victim Cyber Threat Provides an overview of the different cyber threats. Delivers the following key messages: The different cyber threats focusing on Cyber Warfare, Cyber Espionage and Cyber Crime Implications of cyber threats Password Safety and Account Management Highlights the importance of keeping passwords safe and secure. Delivers the following key messages: Protecting Your Family Highlights the threats faced by children when using the Internet and social media. Delivers the following key messages: Make sure you verify the details of who you are talking to online Never agree to meet up with someone you met online without your parents knowing If you do agree to meet the person, at least take someone you trust with you to the first meeting Ensure all family computers are in open view and are loaded with Parental Control Software The internet is a wonderful tool to use, as long as it issued responsibly Social Engineering Identifies the social engineering tactics used by cyber criminals. Delivers the following key messages: Always ask for identification from anyone entering your premises, do not allow tailgating Be cautious of what corporate and employee information is on social media sites Ensure that confidential information is shredded before disposal to bins accessible by the public Do not allow anybody in without some identification being in a hurry is no excuse Cloud and Third Party Risks Identifies the risks involved in using cloud and third party services. Delivers the following key messages: Think twice when you want to store sensitive data in the cloud and assess the impact if this data is exposed Maintain a local backup copy of your important data in case the service provide is offline Ensure the service provider has protection agreements in place Understand where your data is hosted and whether this impacts any privacy requirements Cloud computing offers an effective data solution, as long as you choose your provider wisely. Passwords must be a combination of upper and lower case letters, at least one special character and number Passwords must be a minimum of 7 characters and not exceed 30 characters Never write passwords down The same character should not be used consecutively You are a target for cyber criminals don t become the next victim Employee and Contractor Risks Identifies the risks of not doing thorough background checks on employees and contractors. Delivers the following key messages: Background verification checks on all candidates for employment and contractors should be carried out roles and responsibilities should be defined and clearly communicated to job candidates during the pre-employment process All employees and contractors who are given access to sensitive information should sign a confidentiality or non-disclosure agreement prior to being given access All employees and contractors should return all of the organisation s assets in their possession upon termination of their employment or contract Your company is a target for man risks don t risk the lives of your family and your employees Wolfpack 2015 Catalogue - Page 16 Wolfpack 2015 Catalogue - Page 17

9 Grey Wolf -Track compliance with our powerful Learning Management System (LMS) Course Home User Friendly Interfaces Track Student Progress Question Statistics Rewards Wolfpack 2015 Catalogue - Page 18 Wolfpack 2015 Catalogue - Page 19

10 Alert Africa - Our Public Initiative The Alert Africa website aims to educate the average internet users about differnt cyber threats that exists online, provides useful tips on how to not become a victim as well as where to report cybercrime to. The goal of the Cybercrime Survival Guide is to firstly raise awareness of the potential cyber risks you may face and to provide you with a non-technical approach to PROTECT yourself online. The guidance offers valuable tips for cloud users, personal computers and mobile devices to ensure that your own private and financially sensitive information is kept safe. You don t have to be a computer guru to use this guide. https://www.wolfpackrisk.com/awareness_docs/cybercrime_survival_guide.pdf Wolfpack 2015 Catalogue - Page 20 Wolfpack 2015 Catalogue - Page 21

11 About Us Services Portfolio Trusted information risk advisors to a growing base of government and private sector clients. We offer cutting-edge research & threat intelligence, professional advisory, custom training & awareness programmes. Level 2 BBBEE contributor Training IT Governance, Risk, Cyber & Privacy Training Foundation Intermediate Advanced Graduate Development Programme Talent Management Specialist Governance, Risk and Compliance Recruiting Co-Sourcing and Outsourcing Skills and Competency Assessments Research and Threat Intelligence Cyber Threat Intelligence Reports Local & Industry Analysis Quarterly Cybershield Publications Executive Threat Assessments Phishing Assessments Grey Wolf Assessment & Learning Platform Animated Video Poster Cartoon Series Advisory IT Governance, Risk, Cyber & Privacy Consulting Vulnerability & Threat Assessments ISO Certification ISO Certification https://www.wolfpackrisk.com Wolfpack 2015 Catalogue - Page 22 Wolfpack 2015 Catalogue - Page 23

Egress Switch Best Practice Security Guide V4.x

Egress Switch Best Practice Security Guide V4.x Egress Switch Best Practice Security Guide V4.x www.egress.com 2007-2013 Egress Software Technologies Ltd Table of Contents Introduction... 4 Best Practice Installation... 4 System Administrators... 5

More information

Nine Steps to Smart Security for Small Businesses

Nine Steps to Smart Security for Small Businesses Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...

More information

developing your potential Cyber Security Training

developing your potential Cyber Security Training developing your potential Cyber Security Training The benefits of cyber security awareness The cost of a single cyber security incident can easily reach six-figure sums and any damage or loss to a company

More information

Security Risk Solutions Limited is a privately owned Kenyan company that was established in 2007.

Security Risk Solutions Limited is a privately owned Kenyan company that was established in 2007. Information Security Management Present and Future By: Jona Owitti, CISA Director, Security Risk Solutions Limited Immediate Past Chairman, ISACA Kenya Chapter About SRS www.securityrisksolutions.net -

More information

Training and Awareness

Training and Awareness Training and Awareness Services Overview JANUS Associates, Inc. 1055 Washington Boulevard Stamford, CT 06901 203-251-0200 matthewl@janusassociates.com Providing your employees with information technology

More information

Are your people playing an effective role in your cyber resilience?

Are your people playing an effective role in your cyber resilience? Are your people playing an effective role in your cyber resilience? 01 Cyber attacks are now business as usual for organizations around the world. Organizations have typically trusted in technology to

More information

The Human Factor of Cyber Crime and Cyber Security

The Human Factor of Cyber Crime and Cyber Security The Human Factor of Cyber Crime and Cyber Security Challenges: September 11th has marked an important turning point that exposed new types of security threats and disclosed how cyber criminals pursuit

More information

A NEW APPROACH TO CYBER SECURITY

A NEW APPROACH TO CYBER SECURITY A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively

More information

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE

More information

A practical guide to IT security

A practical guide to IT security Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or

More information

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

P01 - Information Security Policy

<COMPANY> P01 - Information Security Policy P01 - Information Security Policy Document Reference P01 - Information Security Policy Date 30th September 2014 Document Status Final Version 3.0 Revision History 1.0 09 November 2009: Initial release.

More information

Physical Security Services

Physical Security Services Physical Security Services The ANVIL Group Physical Security Services The ANVIL Group is an internationally renowned and accredited security company specialising in Crisis Avoidance. Established in 1988,

More information

CUSTOMER SECURITY AWARENESS: A Key Defense Against Corporate Account Takeover & Cyber Fraud

CUSTOMER SECURITY AWARENESS: A Key Defense Against Corporate Account Takeover & Cyber Fraud CUSTOMER SECURITY AWARENESS: A Key Defense Against Corporate Account Takeover & Cyber Fraud Presented by Tom Garcia President / CEO InfoSight, Inc. 2014 InfoSight What we ll cover today 1. The MFA & NACHA

More information

Cyber Security and Data Security Courses

Cyber Security and Data Security Courses dsdsds Cyber Security and Data Security Courses Overview 01905 317173 @FriendlyNerdUK www.friendlynerd.co.uk Cyber Basics (half-day) To provide a basic foundation of cyber security knowledge for general

More information

Identify your future leaders with Kallidus Talent

Identify your future leaders with Kallidus Talent Identify your future leaders with Kallidus Talent kallidus.com/ Future proof and develop your team and safeguard your organisation Kallidus Talent Talent and succession planning needn t be difficult. Kallidus

More information

ISO 27001 Controls and Objectives

ISO 27001 Controls and Objectives ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements

More information

Global IT Security Risks

Global IT Security Risks Global IT Security Risks June 17, 2011 Kaspersky Lab leverages the leading expertise in IT security risks, malware and vulnerabilities to protect its customers in the best possible way. To ensure the most

More information

Data Access Request Service

Data Access Request Service Data Access Request Service Guidance Notes on Security Version: 4.0 Date: 01/04/2015 1 Copyright 2014, Health and Social Care Information Centre. Introduction This security guidance is for organisations

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

ISO27001 Controls and Objectives

ISO27001 Controls and Objectives Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the

More information

Qualification in Internal Audit Leadership (QIAL ) Exam Syllabus

Qualification in Internal Audit Leadership (QIAL ) Exam Syllabus QIAL SYLLABUS MARCH 2015 Qualification in Internal Audit Leadership (QIAL ) Exam Syllabus The QIAL assessment comprises five sections: Case study 1*: Internal Audit Leadership (3 hours and 45 minutes)

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

NATIONAL CYBER SECURITY AWARENESS MONTH

NATIONAL CYBER SECURITY AWARENESS MONTH NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the

More information

CYBER SECURITY STRATEGY AN OVERVIEW

CYBER SECURITY STRATEGY AN OVERVIEW CYBER SECURITY STRATEGY AN OVERVIEW Commonwealth of Australia 2009 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced by any process without

More information

CONSULTING IMAGE PLACEHOLDER

CONSULTING IMAGE PLACEHOLDER CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization

More information

by: Scott Baranowski Community Bank Auditors Group Best Practices in Auditing Record Retention, Safeguarding Paper Documents, GLBA and Privacy

by: Scott Baranowski Community Bank Auditors Group Best Practices in Auditing Record Retention, Safeguarding Paper Documents, GLBA and Privacy Community Bank Auditors Group Best Practices in Auditing Record Retention, Safeguarding Paper Documents, GLBA and Privacy June 10, 2015 MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT

More information

The 2012/3 SA Cyber Threat Barometer. Craig Rosewarne

The 2012/3 SA Cyber Threat Barometer. Craig Rosewarne The 2012/3 SA Cyber Threat Barometer Craig Rosewarne An improved cyber security framework for South Africa Research - Initiatives South Africa (Pty) Ltd Stakeholder Risk Management / Alignment to business

More information

Smart Security. Smart Compliance.

Smart Security. Smart Compliance. Smart Security. Smart Compliance. SRM are dedicated to helping our clients stay safe in the information environment. With a wide range of knowledge and practical experience, our consultants are ready to

More information

Information security controls. Briefing for clients on Experian information security controls

Information security controls. Briefing for clients on Experian information security controls Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face

More information

Addressing Cyber Risk Building robust cyber governance

Addressing Cyber Risk Building robust cyber governance Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber

More information

Promoting a cyber security culture and demand compliance with minimum security standards;

Promoting a cyber security culture and demand compliance with minimum security standards; Input by Dr. S.C. Cwele Minister of State Security, Republic of South Africa Cyber Security Meeting, Johannesburg 27 March 2014 I would like to thank the Wits School of Governance for inviting us to contribute

More information

Qatar Computer Emergency Team

Qatar Computer Emergency Team Cyber Security Division Qatar Computer Emergency Team An initiative Introduction Qatar aims to fully exploit information and communications technology to become one of the most successful knowledge-based

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

RUAG Cyber Security. More security for your data

RUAG Cyber Security. More security for your data RUAG Cyber Security More security for your data More security in cyberspace The RUAG Cyber Security Portfolio offers greater protection for your data through inspection, event analysis and decision-making

More information

CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY

CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY INTRODUCTION Information security has evolved. As the landscape of threats increases and cyber security 1 management becomes

More information

Procuring Penetration Testing Services

Procuring Penetration Testing Services Procuring Penetration Testing Services Introduction Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat

More information

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? Contents Introduction.... 3 What Types of Network Security Services are Available?... 4 Penetration Testing and Vulnerability Assessment... 4 Cyber

More information

Information Security Seminar 2013

Information Security Seminar 2013 Information Security Seminar 2013 Mr. Victor Lam, JP Deputy Government Chief Information Officer Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative

More information

SOMETHING PHISHY IS GOING ON!

SOMETHING PHISHY IS GOING ON! SOMETHING PHISHY IS GOING ON! Engaging, easy to understand, memorable training. WHAT WE DO We have created a series of training episodes that are highly engaging, easy to understand and memorable. They

More information

Sub-section Content. 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx

Sub-section Content. 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx Sub-section Content 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx 2 Job Purpose - To support the implementation of an Enterprise Risk Management

More information

UNIVERSITY BOARD SKILLS REVIEW MATRIX 2014. Page 1 of 5

UNIVERSITY BOARD SKILLS REVIEW MATRIX 2014. Page 1 of 5 UNIVERSITY BOARD SKILLS REVIEW MATRIX 2014 Each key skill is linked to relevant strategic objectives and/or the Board s Statement of Primary Responsibilities. To assist with the assessment of Board Members

More information

Education as a defense strategy. Jeannette Jarvis Group Program Manager PSS Security Microsoft

Education as a defense strategy. Jeannette Jarvis Group Program Manager PSS Security Microsoft Education as a defense strategy Jeannette Jarvis Group Program Manager PSS Security Microsoft Introduction to End User Security Awareness End User Security Awareness Challenges Understanding End User

More information

(Instructor-led; 3 Days)

(Instructor-led; 3 Days) Information Security Manager: Architecture, Planning, and Governance (Instructor-led; 3 Days) Module I. Information Security Governance A. Introduction to Information Security Governance B. Overview of

More information

Deloitte Service Code: D-G6-L4-543 December 2014

Deloitte Service Code: D-G6-L4-543 December 2014 Managed Cyber Security Cyber Intelligence Centre Deloitte LLP Service Deloitte Service Code: D-G6-L4-543 December 2014 Contents 1 Service Overview 1 2 Detailed Service Definition 2 3 Pricing 6 4 Ordering

More information

Cyber security in an organization-transcending way

Cyber security in an organization-transcending way Cyber security in an organization-transcending way EASEE-gas meeting March 19, 2015 Paul Bloemen ICT Security Manager Gasunie Chair Dutch Energy ISAC March 19, 2015 2 What to talk about Why is cyber security

More information

An article on PCI Compliance for the Not-For-Profit Sector

An article on PCI Compliance for the Not-For-Profit Sector Level 8, 66 King Street Sydney NSW 2000 Australia Telephone +61 2 9290 4444 or 1300 922 923 An article on PCI Compliance for the Not-For-Profit Sector Page No.1 PCI Compliance for the Not-For-Profit Sector

More information

Introduction to Cyber Security

Introduction to Cyber Security Introduction to Cyber Security Hossein Sarrafzadeh HoD Computing Director Cyber Security Centre CS4HS Workshop You are sitting in New Zealand s first joint research centre for cyber security Centre of

More information

Information Security It s Everyone s Responsibility

Information Security It s Everyone s Responsibility Information Security It s Everyone s Responsibility The University of Texas at Dallas Information Security Office (ISO) Purpose of Training Information generated, used, and/or owned by UTD has value. Because

More information

THE HUMAN COMPONENT OF CYBER SECURITY

THE HUMAN COMPONENT OF CYBER SECURITY cybersecurity.thalesgroup.com.au People, with their preference to minimise their own inconvenience, their predictability, apathy and general naivety about the potential impacts of their actions, are the

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date

More information

Cybersecurity The role of Internal Audit

Cybersecurity The role of Internal Audit Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government

More information

www.pwc.com Cybersecurity and Privacy Hot Topics 2015

www.pwc.com Cybersecurity and Privacy Hot Topics 2015 www.pwc.com Cybersecurity and Privacy Hot Topics 2015 Table of Contents Cybersecurity and Privacy Incidents are on the rise Executives and Boards are focused on Emerging Risks Banking & Capital Markets

More information

How-To Guide: Cyber Security. Content Provided by

How-To Guide: Cyber Security. Content Provided by How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses

More information

KEY TRENDS AND DRIVERS OF SECURITY

KEY TRENDS AND DRIVERS OF SECURITY CYBERSECURITY: ISSUES AND ISACA S RESPONSE Speaker: Renato Burazer, CISA,CISM,CRISC,CGEIT,CISSP KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures

More information

Information Governance Policy

Information Governance Policy Policy Policy Number / Version: v2.0 Ratified by: Audit Committee Date ratified: 25 th February 2015 Review date: 24 th February 2016 Name of originator/author: Name of responsible committee/individual:

More information

Cyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity

Cyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity IT ADVISORY Cyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity TABLE OF CONTENTS 1 Cyber security, a theme for the boardroom 3 2 What is cyber security? 4 3 Relevance to the boardroom

More information

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire

More information

Is your Organization SAFE?

Is your Organization SAFE? Is your Organization SAFE? About Enterprise Risk Management (ERM) About The Presenter Mike Sanchez, Senior Vice President at ERM Captain, USMC (Ret.) COBIT 5 Certified Possesses over 20 years of experience

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

HealthCare Information Security and Privacy Practitioner (HCISPP) Briefing Paper. Piloted by the Cyber Security Programme

HealthCare Information Security and Privacy Practitioner (HCISPP) Briefing Paper. Piloted by the Cyber Security Programme HealthCare Information Security and Privacy Practitioner (HCISPP) Briefing Paper Piloted by the Cyber Security Programme Published August 2015 2 Copyright 2015, Health and Social Care Information Centre.

More information

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...

More information

INFORMATION SECURITY AWARENESS & TRAINING PROGRAM

INFORMATION SECURITY AWARENESS & TRAINING PROGRAM INFORMATION SECURITY AWARENESS & TRAINING PROGRAM By Serah Francis MSc Student, Gjøvik University, Norway ISES Member IFIP TC3 ISES Project INTRODUCTION Africa has 167 million Internet Users and is estimated

More information

Qualifications for the Fire Sector

Qualifications for the Fire Sector Qualifications for the Fire Sector 1 Contents 3 Why choose Pearson Work Based Learning and Colleges for fire sector qualifications 4 Qualifications Fire Safety 4 Fire and Rescue Services in the Community

More information

I S O I E C 2 7 0 0 2 2 0 1 3 I N F O R M A T I O N S E C U R I T Y A U D I T T O O L

I S O I E C 2 7 0 0 2 2 0 1 3 I N F O R M A T I O N S E C U R I T Y A U D I T T O O L 7.1 EMPHASIZE SECURITY PRIOR TO EMPLOYMENT 7.1.1 VERIFY THE BACKGROUNDS OF ALL NEW PERSONNEL Do you check the backgrounds of all candidates for employment? Do you make sure that background verifications

More information

Information Security: Business Assurance Guidelines

Information Security: Business Assurance Guidelines Information Security: Business Assurance Guidelines The DTI drives our ambition of prosperity for all by working to create the best environment for business success in the UK. We help people and companies

More information

Deception scams drive increase in financial fraud

Deception scams drive increase in financial fraud ADDRESS 2 Thomas More Square London E1W 1YN WEBSITE www.financialfraudaction.org.uk DIRECT LINE 020 3217 8436 NEWS RELEASE EMAIL press@ukcards-ffauk.org.uk Deception scams drive increase in financial fraud

More information

TELEFÓNICA UK LTD. Introduction to Security Policy

TELEFÓNICA UK LTD. Introduction to Security Policy TELEFÓNICA UK LTD Introduction to Security Policy Page 1 of 7 CHANGE HISTORY Version No Date Details Authors/Editor 7.0 1/11/14 Annual review including change control added. Julian Jeffery 8.0 1/11/15

More information

Effective Software Security Management

Effective Software Security Management Effective Software Security Management choosing the right drivers for applying application security Author: Dharmesh M Mehta dharmeshmm@mastek.com / dharmeshmm@owasp.org Table of Contents Abstract... 1

More information

Executive Cyber Security Training. One Day Training Course

Executive Cyber Security Training. One Day Training Course Executive Cyber Security Training One Day Training Course INTRODUCING EXECUTIVE CYBER SECURITY TRAINING So what is all this we hear in the media about cyber threats? How can an organization understand

More information

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations

More information

State of South Carolina Policy Guidance and Training

State of South Carolina Policy Guidance and Training State of South Carolina Policy Guidance and Training Policy Workshop All Agencies Human Resource (HR) and Security Awareness July 2014 Agenda Questions & Follow-Up Open Questions Policy Workshop Overview

More information

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against

More information

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS ftrsecure.com Can You Separate Myths From Facts? Many Internet myths still persist that could leave you vulnerable to internet crimes. Check out

More information

MAXIMUM PROTECTION, MINIMUM DOWNTIME

MAXIMUM PROTECTION, MINIMUM DOWNTIME MANAGED SERVICES MAXIMUM PROTECTION, MINIMUM DOWNTIME Get peace of mind with proactive IT support Designed to protect your business, save you money and give you peace of mind, Talon Managed Services is

More information

HMG Security Policy Framework

HMG Security Policy Framework HMG Security Policy Framework Security Policy Framework 3 Foreword Sir Jeremy Heywood, Cabinet Secretary Chair of the Official Committee on Security (SO) As Cabinet Secretary, I have a good overview of

More information

FINRA Publishes its 2015 Report on Cybersecurity Practices

FINRA Publishes its 2015 Report on Cybersecurity Practices Securities Litigation & Enforcement Client Service Group and Data Privacy & Security Team To: Our Clients and Friends February 12, 2015 FINRA Publishes its 2015 Report on Cybersecurity Practices On February

More information

Report on CAP Cybersecurity November 5, 2015

Report on CAP Cybersecurity November 5, 2015 Agenda Number 7. Report on CAP Cybersecurity November 5, 2015 Phil Cook CISSP, CISM Manager, Information Technologies Risk #1 External Attacks PR 81 Protect and secure CAP's Information Technology assets

More information

Strategic Plan. Fiscal Year 2013-2014. Julie L. Jones Executive Director. Goals Objectives Strategies Measures

Strategic Plan. Fiscal Year 2013-2014. Julie L. Jones Executive Director. Goals Objectives Strategies Measures Strategic Plan Fiscal Year 2013-2014 Goals Objectives Strategies Measures Julie L. Jones Executive Director Public Safety Protect the lives and security of our residents and visitors through enforcement,

More information

Cybersecurity Protecting Yourself, Your Business, Your Clients

Cybersecurity Protecting Yourself, Your Business, Your Clients Cybersecurity Protecting Yourself, Your Business, Your Clients Global Summit of Women June 7, 2014 Celina B. Realuyo Professor of Practice of National Security Affairs William J. Perry Center for Hemispheric

More information

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper Safeguarding data through increased awareness November 2015 1 Contents Executive Summary 3 Introduction 4 Martime Security 5 Perimeters Breached

More information

SECURITY. Risk & Compliance Services

SECURITY. Risk & Compliance Services SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize

More information

Western Australian Auditor General s Report. Information Systems Audit Report

Western Australian Auditor General s Report. Information Systems Audit Report Western Australian Auditor General s Report Information Systems Audit Report Report 10 June 2012 Auditor General s Overview The Information Systems Audit Report is tabled each year by my Office. It summarises

More information

Cyber Security: from threat to opportunity

Cyber Security: from threat to opportunity IT ADVISORY Cyber Security: from threat to opportunity www.kpmg.com/nl/cybersecurity From threat to opportunity / Cyber security / 1 FOREWORD OPPORTUNITY-DRIVEN CYBER SECURITY Cyber security (also known

More information

CYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES

CYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES CYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES How can you better prepare and respond to cyber risks? ACE developed Loss Mitigation Services to help policyholders understand and gauge various areas

More information

Estate Agents Authority

Estate Agents Authority INFORMATION SECURITY AND PRIVACY PROTECTION POLICY AND GUIDELINES FOR ESTATE AGENTS Estate Agents Authority The contents of this document remain the property of, and may not be reproduced in whole or in

More information

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Third Party Security Requirements Policy

Third Party Security Requirements Policy Overview This policy sets out the requirements expected of third parties to effectively protect BBC information. Audience Owner Contacts This policy applies to all third parties and staff, including contractors,

More information

Care Providers Protecting your organisation, supporting its success. Risk Management Insurance Employee Benefits Investment Management

Care Providers Protecting your organisation, supporting its success. Risk Management Insurance Employee Benefits Investment Management Care Providers Protecting your organisation, supporting its success Risk Management Insurance Employee Benefits Investment Management Care providers are there to help those in need. But who helps the care

More information

BarnOwl. SA#Cyber# Opportunity &# Threat Landscape. Craig#Rosewarne# (Wolfpack#Information#Risk)

BarnOwl. SA#Cyber# Opportunity &# Threat Landscape. Craig#Rosewarne# (Wolfpack#Information#Risk) BarnOwl SA#Cyber# Opportunity &# Threat Landscape Craig#Rosewarne# (Wolfpack#Information#Risk) 393#(Q1#2015) 1215#(2014) 1004 (2013) The#Internet#of#Things Cloud#Technology 3D#Printing Advanced#Robotics

More information

Information Security Program CHARTER

Information Security Program CHARTER State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information

More information

corporategovernance twothousandfourteen

corporategovernance twothousandfourteen corporategovernance twothousandfourteen 2014 1 Corporate governance This Corporate Governance Statement for IOOF Holdings Limited (IOOF) sets out as required by the ASX Listing Rules details of IOOF s

More information

Service Children s Education

Service Children s Education Service Children s Education Data Handling and Security Information Security Audit Issued January 2009 2009 - An Agency of the Ministry of Defence Information Security Audit 2 Information handling and

More information

ISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters

ISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters When Recognition Matters WHITEPAPER ISO/IEC 27002:2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS www.pecb.com CONTENT 3 4 5 6 6 7 7 7 7 8 8 8 9 9 9

More information

1 Billion Individual records that were hacked in 2014 3.

1 Billion Individual records that were hacked in 2014 3. 783 Major data breaches in 204 up 27% from 203 2. Billion Individual records that were hacked in 204 3. 3 Fraud has changed The way we live and manage our finances today has changed radically from just

More information

INFORMATION TECHNOLOGY SECURITY STANDARDS

INFORMATION TECHNOLOGY SECURITY STANDARDS INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL

More information

JOB DESCRIPTION. Information Governance Manager

JOB DESCRIPTION. Information Governance Manager JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure

More information