Cyber Security, a theme for the boardroom

Size: px
Start display at page:

Download "Cyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity"

Transcription

1 IT ADVISORY Cyber Security, a theme for the boardroom

2 TABLE OF CONTENTS 1 Cyber security, a theme for the boardroom 3 2 What is cyber security? 4 3 Relevance to the boardroom 6 4 Attention must be paid to cyber security but with the proper nuance in line with an organisation s risk profile 7 5 Measures to be adopted in line with an organisation s risk appetite 11 6 Areas of concern within cyber risk management 13 7 And you, as a leader? 15 2 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 3

3 1 CYBER SECURITY, A THEME FOR THE BOARDROOM Cyber security has been under the spotlight for the past few years. Due to the number and seriousness of cyber incidents, the media s focus on such incidents, and the importance of tackling cyber issues in the extensive digitisation of most organisations, this area requires the attention of directors and managers everywhere. But it needs to be tackled in the appropriate way and with the required subtlety, as a component of integral risk management. Introduction The fact that cyber security is important to every organisation needs no further explanation. Almost on a daily basis, various incidents demonstrate how great the risks are and that individual hackers and professionallyorganised cyber criminals are extremely active. The heads of organisations need to ensure that their organisations have set the proper priorities. To many, however, this is not a simple task because the world of cyber security tends to be elusive due to its specialist character and the technical jargon used. Generalists have difficulty grasping the complexities. In addition, it is difficult to distinguish between primary and secondary issues, while media coverage contributes to a culture of fear leading to the idea that almost every organisation is helpless prey to malevolent forces. Almost no distinction is made between imposters on E-bay, hackers who crash websites and organised criminal gangs using a systematic strategy to try to steal company secrets (or crown jewels ). Such distinctions are extremely important because not all organisations are equally attractive to the different types of cyber criminals. Partly due to the fact that concepts are often interwoven, cyber security remains a troublesome theme to many organisation leaders. Nevertheless, this cannot be an excuse to devolve the issue to specialist professionals. It is truly essential that heads of organisations themselves actively lead the crusade for cyber security. Within the complexity of the area, leaders need to consider the relevant issues soundly and, at the very least, pose the right questions. But how should this be done? This article provides certain guidelines for the task, and brings cyber security back to basics. 4 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 5

4 2 WHAT IS CYBER SECURITY? Most relevant IT / cyber threats that may impact your organisation External Cyber security is the endeavour to prevent damage by disruption, outage or misuse of IT and, if damage does occur, the repair of this damage. The damage may consist of: impairment of the reliability of IT, restriction of its availability, and the breach of confidentiality and/or the integrity of information stored in the IT system 1. These disruptions, outages and/or misuse may be caused by various actors and have their cause in the entire supply chain. Threat Actors Third party Social engeneering Internet/ comms blackout Denial of service Hacking Political instability Espionage Malware Cloud Brand abuse Social media 1 Organised crime Worldwide, difficult to trace and prosecute Stable Power failure Identity theft Phishing IP theft Changing 2 States Cyber espionage and cyber warfare Data leakage 3 Hacktivists Hacking inspired by ideology IT complexity 4 5 The Insider Discontentment due to change and uncertainty Journalists Oriented to research journalism How to interpret the radar The size of the circle illustrates the frequency with which the threat is reported in our source information. Figure 2. IT risk radar. Internal Figure 1. Threat Actors 1 (source: National Cyber Security Strategy ). 6 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 7

5 3 RELEVANCE TO THE BOARDROOM The first question a reader might wish to ask is why this theme is relevant to the boardroom, boards of management and/or supervisory boards. After all, cyber security is nothing new. However, the rising number of incidents, as shown by the figures of the Dutch National Cyber Security Centre (NCSC), and the gravity of these, have increased to the extent that cyber security can form a substantial risk to almost any organisation. After all, organisations run not only a financial risk relating to fraud and loss of income, but also a risk with regard to reputational damage, as well as control over their intellectual property. In addition, in view of the far-reaching digitisation of many organisations, safeguarding an organisation s most important information (its crown jewels ) is also of great strategic importance. An organisation simply cannot allow itself to lose intellectual property, for example, which might bring it a market advantage. In addition, as a consequence of the rapidly growing number of widely-reported incidents, cyber security has attracted the attention of clients, the media and official supervisory bodies. Clients are rightly worried about the Number of incidents dealt with by the NCSC (10Q4 13Q1) rising number of incidents and wonder if their information is really being adequately protected. The mounting number of incidents has also been widely reported by the media, which is quick to publish information on such incidents and publicly demand organisations to account for the degree of protection given to client data, for example. Official supervisors, such as De Nederlandsche Bank for instance, are becoming involved in this issue by requiring that organisational leaders be held accountable, and by performing thematic research into the cyber security measures organisations can take. 4 ATTENTION MUST BE PAID TO CYBER SECURITY BUT WITH THE PROPER NUANCE IN LINE WITH AN ORGANISATION S RISK PROFILE The seriousness of the risks means that cyber security does require boardroom attention but in the appropriate context. Organisations need to avoid panicked responses which have not been thought through. The media regularly paint a dramatic picture of cyber security as if numerous organisations are helpless victims of cyber criminals. Moreover, all types of crime are lumped together, causing anxiety among organisations that is not based on the facts. A small or medium-size enterprise has a completely different profile than a multinational, and an SME need have few worries about many of the incidents reported in the media. The truth is more nuanced than the picture presented by the media. The risks are certainly controllable. Cyber criminals are not invincible geniuses, and the government and enterprises have significant knowledge of how to fight cybercrime. But we need to realise that 100% security is an illusion and that the pursuit of total security will lead not only to frustration but also possibly to a false sense of Key security. International requests for help Private incidents In fact, we ought to start considering cyber security as Government incidents business as usual, as a theme that deserves attention in much the same way as the risk of fire or fraud. These are themes that are tackled by management in a structural way, from a risk-management perspective, with the defences and responses therefore not founded on the idea of building a system that is completely watertight. We believe that many organisations need to examine cyber security differently. They should not take decisions on the basis of fear of what is happening outside, but reason from the standpoint of their own strengths, from an awareness of the risks run by their own organisation, in accordance with the risk profile of the organisation and its specific nature. The starting point of the exploration of an organisation s cyber risk is the determination of that organisation s risk profile. Questions that are relevant in determining this risk profile include: How interesting is the organisation to potential cyber criminals?, How dependent is the organisation on the services of other organisations and How much risk is the organisation willing to accept? Q4 11Q1 11Q2 11Q3 11Q4 12Q1 12Q2 12Q3 12Q4 13Q1 Figure 3. Number of incidents dealt with by the NCSC (source: NCSC). 8 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 9

6 5 Legislation 1 Business environment Cyber risk profile 2 Threats In order to determine an organisation s risk profile, we need to use a model that covers the following five aspects: 1. What is the organisation s business environment? In which markets is the organisation active? To what extent is the organisation dependent on the digitisation of the organisation s service provision? To what extent is the organisation linked to another organisation that could form an additional risk in this framework? 2. To which group of cyber criminals, and why, is the organisation an attractive target (threats)? Which resources could the attacker deploy? 4. What could be relevant targets within the organisation, and also within the chain in which the organisation is active? 5. What are the legislative requirements with regard to cyber security that pertain to the organisation? In this framework, new regulations are being developed both inside and outside the Netherlands, and these may be highly relevant to the organisation. 4 Intended targets 3 Vulnerabilities 3. Which vulnerabilities in the organisation could cyber criminals exploit? This concerns not only technical vulnerabilities but also human actions. Figure 4. Important aspects when determining a cyber risk profile. On the basis of an analysis of the five aspects mentioned above, an organisation is able to determine its risk profile as well the amount of risk it is willing to accept (its risk appetite ) and to implement the appropriate set of cyber security measures. As stated previously, it will never be possible to achieve 100% security, so there is no point in pursuing such an aim! 10 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 11

7 Intended targets Relevance to organisations 1 Organised crime Financial data Personal data including financial transactions Particularly banks and large multinationals (e.g. the energy sector) have been targets for some time and are reasonably prepared A shift to other organisations has recently been seen as a result 2 States Intellectual property Strategic, operational plans M&A activities Critical, vital infrastructures (for cyber warfare) Attacks go further than diplomatic, military targets, oriented at obtaining economic advantage Exceptional attention on M&A pricing data, specifically directed at members of the board of management. 3 Hacktivists Reputation public and media perception Publications websites Services disruptions Oriented towards organisations that provide services in the following areas, invest in obtaining raw materials (oil, gas etc.), perform animal testing or are active in other controversial areas themselves Anti-capitalist attacks 4 The Insider Client data Strategic plans, methods and techniques, process descriptions Worsening economic situation leads to data theft Cost-saving initiatives reducing the workforce can lead to unhappy personnel and consequently sabotage Confidential information through data leaks and hacking Undercover journalists investigate how organisations handle client information) 5 Journalists Figure 5. Overview of relevant actors, targets and relevance to organisations. 12 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 13

8 5 MEASURES TO BE ADOPTED IN LINE WITH AN ORGANISATION S RISK APPETITE In this framework, a number of considerations are relevant: 1. Focus on your crown jewels In view of the fact that it is impossible to protect everything, cyber security requires special attention regarding the protection of the organisation s most valued information. It is therefore vital that an organisation specify its crown jewels that need to be protected. The cyber risks can and must be mitigated by applying the necessary measures and by reacting effectively when an organisation is subjected to cyber attack. But how does one select the proper set of measures? 2. Humans remain the weakest link It is essential to have technical systems to protect, to identify intruders and to respond to an attack, but human beings are actually the weakest link in many organisations. However, humans may also be the best asset in the organisation s defence, if they are properly informed and trained. 2 3 Humans remain the weakest link, unless 1 Protect your crown jewels Shift from preventative to detective measures 3. Shift from preventative measures to detective measures Whereas organisations once primarily relied on preventative measures to avoid cyber security incidents, attention is increasingly being paid to the detection of attacks, in order to enable the organisation to react immediately and appropriately. We see a growing use of technical monitoring facilities in many organisations, to detect and analyse alien traffic. 4. Focus on an organisation s capacity to respond As mentioned previously, we believe it is unfortunately only a question of time before an organisation becomes a victim of a cyber incident. Instead of being a helpless victim, an organisation can prepare for a serious attack. As such, it is vital for organisations to include the processing of cyber incidents in their crisis plans. An important part of this is the formulation of a protocol to be used in communications during a cyber incident. 5 Cooperation needed (sectorial, NCSC, (IT) partners) Figure 6. Considerations when determining appropriate cyber security measures. 4 How to react if it happens in any case (and it will happen) 5. Cooperation is essential Besides being able to respond to incidents, it is crucial for organisations to remain up-to-date and informed of emerging threats, and to learn from other organisations how best to react to incidents. To facilitate this, there are organisations at various levels whose aim is to help other organisations in this area: at national level (the National Cyber Security Centre for example), at sector level in various International Sharing and Analysis Centres (ISACs), and occasionally there are informal cooperative associations, such as a group of chief information security officers (CISOs) who work together to combat cyber security incidents within a particular industry. With the objective of generating a proactive approach to cyber security, it is vital to promote the active participation of organisations in such networks, which will help the organisation to improve its own resilience. We must not forget, after all, that an incident at another organisation is also a potential threat to one s own organisation. 14 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 15

9 6 AREAS OF CONCERN WITHIN CYBER RISK MANAGEMENT In our view, this kind of integral approach to cyber risk management needs to include the following aspects: Technology alone is not the answer to cyber security issues. The answer lies in an integral approach to cyber security, focusing on both the softer elements such as governance, culture and behaviour, and the harder ones such as technology. Leadership and governance Human behaviour Leadership and governance An organisation s leaders need to demonstrate, in word and deed, that they regard themselves as the owners of cyber security, and show that they intend to manage the associated risks adequately. Human behaviour Cyber security involves not only the appropriate technical measures, but also the creation of a culture in which people are alert to, and aware of, ways in which they can contribute to security. Information Risk management An adequate approach to all-embracing and effective risk management with regard to information provision, also in relation to partner organisations. The application of a holistic model incorporating all the above elements brings the following benefits: The minimisation of the risk that the organisation will be hit by a cyber attack from outside and the minimisation of any consequences of a successful attack. Better decisions in the field of cyber security: the provision of information on measures, patterns of attack and incidents is thus optimised. Clear lines of communication on the theme of cyber security. Everyone knows his or her responsibilities and what must be done if incidents (or suspected incidents) occur. Cyber risk management Information Risk management Business continuity and crisis management Operations and technology Legislation Business continuity and crisis management Good preparation for possible incidents and the ability to minimise the impact of these incidents. This involves crisis and stakeholder management, among other aspects. Operations and technology The implementation of checks and control measures in the organisation in order to identify the cyber security risks and to minimise the impact of incidents. A contribution to a better reputation. An organisation that is well prepared and has seriously considered the theme of cyber security is able to communicate on this theme in a way that inspires confidence. The enhancement of knowledge and competences regarding cyber security. The benchmarking of the organisation in the field of cyber security in relation to its peers. Figure 7. Areas of concern within cyber risk management. Legislation Complying with legislation with regard to information protection. 16 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 17

10 7 AND YOU, AS A LEADER? Of course, you, as a leader for example, a member of the supervisory board), will wonder what your role should be in this area. The board of directors is responsible for the determination, implementation, monitoring and adjustment (where necessary) of the organisation s general policy regarding risk. And you, as part of the organisation s leadership, ought to be ratifying the risk policy at least once a year, as well as supervising the risk policy executed by the board of directors. In short, you, as a leader, have an important role to play in the determination of your organisation s risk profile and in the determination and supervision of the risk policy applied. This is just as true for cyber risks as for any other risks your organisation may face; after all, these can also be of great strategic significance to your organisation. In order to offer some assistance to help you fulfil this role, set out below is an overview of various points of concern and questions that need to be answered which, in our opinion, will enable you to play your part. How do you determine your organisation s cyber risk appetite and priority structure? How do you determine your organisation s acceptance of the risk of downtime, loss of data and privacy incidents, how do you establish the risk appetite, and how do you monitor this? What are the crown jewels that require the highest level of protection? Which operational processes are crucial to the continued existence of the organisation? How are you organised with regard to cyber security? What is the structure of your first and second lines of defence with regard to cyber security? How are cyber risks reported? How does the coordination between the various company functions take place with regard to cyber security? Is your organisation investing enough in cyber security at present? And are you getting good value for money? What are your planned investments in the field of cyber security for the coming three years? Is this sufficient to be adequately protected against this threat (in line with your risk appetite)? How do your investments relate to the cyber investments of your peers? How secure/resilient is your organisation at this moment? What were the most relevant security and privacyrelated incidents in your organisation (or in those of your peers) in the previous 12 months? What were the lessons learned? What does the organisation do differently now to prevent such incidents recurring? Is the organisation becoming less or more secure? Which KPIs are on your cyber risk dashboard? Is your organisation achieving the cyber risk targets it has formulated? How do the KPIs for cyber risks relate to those of your peers? How do you control the risks with regard to your external suppliers and other chain partners? How do you ensure that your suppliers, and their suppliers and other chain partners, do not expose your organisation to unacceptable cyber risks? How is cyber security embedded in your products and services? In what way is cyber security embedded in: 1. your current products and services? 2. the development of new products and services? 18 / Cyber security / Cyber security, a theme for the boardroom Cyber security, a theme for the boardroom / Cyber security / 19

11 Leaders of organisations can no longer ignore the theme of cyber security. The number and gravity of cyber security incidents, and the media attention in this area, as well as the attention of supervisors and clients, demand that cyber security be one of the themes on most organisations strategic risk agendas. Of course, this needs to be tackled with the proper emphasis, in line with an organisation s risk profile and on the basis of its defined risk appetite. It should be part of the organisation s risk appetite as usual. And isn t minimising risk one of the major aims in the genes of most organisational leaders? About the author John Hermans is a partner at KPMG Advisory NV, and is responsible for KPMG s service provision in the field of cyber security. He leads a team of over 50 professionals. He is also part of KPMG s global leadership in the domain of cyber security. He has worked for a great many organisations in almost all market segments, including financial service provision, oil & gas, energy, the government and other sectors. He has been involved in more than a hundred projects in the field of information security, at national and international level. He has supported client strategies in these projects, as well as building business cases, and carrying out programme management and quality assurance activities. Contact John Hermans Partner Tel: kpmg.com/nl/cybersecurity The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation., registered with the trade register in the Netherlands under number , is a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. The name KPMG, logo and cutting through complexity are registered trademarks of KPMG International

Institute of Internal Auditors Cyber Security. Birmingham Event 15 th May 2014 Jason Alexander

Institute of Internal Auditors Cyber Security. Birmingham Event 15 th May 2014 Jason Alexander Institute of Internal Auditors Cyber Security Birmingham Event 15 th May 2014 Jason Alexander Introduction Boards growing concern with Cyber Risk Cyber risk is not new, but incidents have increased in

More information

Cyber security guide for boardroom members

Cyber security guide for boardroom members Cyber security guide for boardroom members 2 Cyber security guide for boardroom members Cyber security at strategic level Our society is rapidly digitising, and we are all reaping the benefits. Our country

More information

CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY

CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY INTRODUCTION Information security has evolved. As the landscape of threats increases and cyber security 1 management becomes

More information

The five most common cyber security mistakes

The five most common cyber security mistakes The five most common cyber security mistakes Management s perspective on cyber security ADVISORY kpmg.nl 2 The Continuous five most auditing common and cyber continuous security monitoring: mistakes The

More information

A NEW APPROACH TO CYBER SECURITY

A NEW APPROACH TO CYBER SECURITY A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively

More information

Cyber Security: from threat to opportunity

Cyber Security: from threat to opportunity IT ADVISORY Cyber Security: from threat to opportunity www.kpmg.com/nl/cybersecurity From threat to opportunity / Cyber security / 1 FOREWORD OPPORTUNITY-DRIVEN CYBER SECURITY Cyber security (also known

More information

Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.bm

Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.bm Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom kpmg.bm Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom 1 Connecting the dots:

More information

Cyber security: it s not just about technology

Cyber security: it s not just about technology Cyber security: it s not just about technology The five most common mistakes kpmg.com b Cyber security: it s not just about technology Contents Preface 1 01 Understanding the cyber risk 3 02 The five most

More information

Cyber Security - What Would a Breach Really Mean for your Business?

Cyber Security - What Would a Breach Really Mean for your Business? Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber

More information

Cyber Security for audit committees

Cyber Security for audit committees AUDIT COMMITTEE INSTITUTE Cyber Security for audit committees An introduction kpmg.com/globalaci 2 Audit Committee Institute An introduction to cyber security for audit committees Audit committees have

More information

Cyber security: Are consumer companies up to the challenge?

Cyber security: Are consumer companies up to the challenge? Cyber security: Are consumer companies up to the challenge? 1 Cyber security: Are consumer companies up to the challenge? A survey of webcast participants kpmg.com 1 Cyber security: Are consumer companies

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

London Business Interruption Association Technology new risks and opportunities for the Insurance industry

London Business Interruption Association Technology new risks and opportunities for the Insurance industry London Business Interruption Association Technology new risks and opportunities for the Insurance industry Kiran Nagaraj Senior Manager, KPMG LLP February 2014 Agenda Introduction The world we live in

More information

Cyber security in an organization-transcending way

Cyber security in an organization-transcending way Cyber security in an organization-transcending way EASEE-gas meeting March 19, 2015 Paul Bloemen ICT Security Manager Gasunie Chair Dutch Energy ISAC March 19, 2015 2 What to talk about Why is cyber security

More information

Information Risk Management

Information Risk Management Information Risk Management Prepare, Partner, Evolve EMC Conference 10 February 2016 Dennis van Ham The information contained herein is of a general nature and is not intended to address the circumstances

More information

Cybercrime: risks, penalties and prevention

Cybercrime: risks, penalties and prevention Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,

More information

Assessing the strength of your security operating model

Assessing the strength of your security operating model www.pwc.com Assessing the strength of your security operating model May 2014 Assessing the strength of your security operating model Retail stores, software companies, the U.S. Federal Reserve it seems

More information

www.pwc.com Developing a robust cyber security governance framework 16 April 2015

www.pwc.com Developing a robust cyber security governance framework 16 April 2015 www.pwc.com Developing a robust cyber security governance framework 16 April 2015 Cyber attacks are ubiquitous Anonymous hacker group declares cyber war on Hong Kong government, police - SCMP, 2 October

More information

Addressing Cyber Risk Building robust cyber governance

Addressing Cyber Risk Building robust cyber governance Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber

More information

Central and Eastern European Data Theft Survey 2012

Central and Eastern European Data Theft Survey 2012 FORENSIC Central and Eastern European Data Theft Survey 2012 kpmg.com/cee KPMG in Central and Eastern Europe Ever had the feeling that your competitors seem to be in the know about your strategic plans

More information

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

More information

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity Nine recommendations for alternative funds battling cyber crime kpmg.ca/cybersecurity Cyber criminals steal user names and passwords and use it to conduct financial trading activity illicitly. Hackers

More information

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708

More information

The International MBA in Corporate Security Management (IMBASM) Distance Learning

The International MBA in Corporate Security Management (IMBASM) Distance Learning MEDITERRANEAN INSTITUTE FOR SCIENTIFIC RESEARCH The International MBA in Corporate Security Management (IMBASM) Distance Learning Module Content Modules: Aims and Objectives Mandatory Modules SS247M1:

More information

Information Security in Business: Issues and Solutions

Information Security in Business: Issues and Solutions Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future

www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence

More information

2015 Information Security Awareness Catalogue

2015 Information Security Awareness Catalogue Contents 2015 Catalogue Wolfpack Engagement Model 4 Campaign Drivers 6 Offerings 8 Approach 9 Engaging Content 10 Stakeholder Change Management 12 Bundles 13 Content 14 Grey Wolf -Track compliance with

More information

SMALL BUSINESS REPUTATION & THE CYBER RISK

SMALL BUSINESS REPUTATION & THE CYBER RISK SMALL BUSINESS REPUTATION & THE CYBER RISK Executive summary In the past few years there has been a rapid expansion in the development and adoption of new communications technologies which continue to

More information

The UK cyber security strategy: Landscape review. Cross-government

The UK cyber security strategy: Landscape review. Cross-government REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

The Cancer Running Through IT Cybercrime and Information Security

The Cancer Running Through IT Cybercrime and Information Security WHITE PAPER The Cancer Running Through IT Prepared by: Richard Brown, Senior Service Management Consultant Steve Ingall, Head of Consultancy 60 Lombard Street London EC3V 9EA T: +44 (0)207 464 8883 E:

More information

Cyber Risks and Insurance Solutions Malaysia, November 2013

Cyber Risks and Insurance Solutions Malaysia, November 2013 Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare

More information

Are your people playing an effective role in your cyber resilience?

Are your people playing an effective role in your cyber resilience? Are your people playing an effective role in your cyber resilience? 01 Cyber attacks are now business as usual for organizations around the world. Organizations have typically trusted in technology to

More information

Information security survey

Information security survey Information risk management Information security survey Six important signals Advisory Information security survey Introduction For many years now, information security has been an important topic for

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private

More information

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime? Cyber Warfare David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Cyber crime is the fastest growing economic crime up more than 2300% since 2009 1 in 10 companies

More information

Cyber Security Evolved

Cyber Security Evolved Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are

More information

Cyber security Keeping your business resilient

Cyber security Keeping your business resilient Intelligence FIRST helping your business make better decisions Cyber security Keeping your business resilient Cyber security is about keeping your business resilient in the modern technological age. It

More information

Unit 3 Cyber security

Unit 3 Cyber security 2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 1 September 2015 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning hours:

More information

Research Topics in the National Cyber Security Research Agenda

Research Topics in the National Cyber Security Research Agenda Research Topics in the National Cyber Security Research Agenda Trust and Security for our Digital Life About this document: This document summarizes the research topics as identified in the National Cyber

More information

Cyber threat intelligence and the lessons from law enforcement. kpmg.com/cybersecurity

Cyber threat intelligence and the lessons from law enforcement. kpmg.com/cybersecurity Cyber threat intelligence and the lessons from law enforcement kpmg.com/cybersecurity Introduction Cyber security breaches are rarely out of the media s eye. As adversary sophistication increases, many

More information

Business Plan 2012/13

Business Plan 2012/13 Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,

More information

Information Security Summit 2005

Information Security Summit 2005 Information Security Summit 2005 Forensically Sound Information Security Management in a Risk Compliance Era Keynote Opening Address by Mr. Howard C Dickson Government Chief Information Officer Government

More information

The Impact of Cybercrime on Business

The Impact of Cybercrime on Business The Impact of Cybercrime on Business Studies of IT practitioners in the United States, United Kingdom, Germany, Hong Kong and Brazil Sponsored by Check Point Software Technologies Independently conducted

More information

Cybercrime in the Automotive Industry How to improve your business cyber security

Cybercrime in the Automotive Industry How to improve your business cyber security Cybercrime in the Automotive Industry How to improve your business cyber security Robert Morbin, Project Co-ordinator, SMMT Simon Kendall, Cyber Security, Department for Business, Innovation and Skills

More information

SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE

SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to

More information

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Detection, analysis, and understanding of threat

More information

Cybersecurity and Hospitals. What Hospital Trustees Need to Know About Managing Cybersecurity Risk and Response

Cybersecurity and Hospitals. What Hospital Trustees Need to Know About Managing Cybersecurity Risk and Response Cybersecurity and Hospitals What Hospital Trustees Need to Know About Managing Cybersecurity Risk and Response This resources was prepared exclusively for American Hospital Association members by Mary

More information

Address C-level Cybersecurity issues to enable and secure Digital transformation

Address C-level Cybersecurity issues to enable and secure Digital transformation Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,

More information

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST Protecting Identities. Enhancing Reputations. IDT911 1 DATA BREACHES AND SUBSEQUENT IDENTITY THEFT AND FRAUD THREATEN YOUR ORGANIZATION

More information

Nine Steps to Smart Security for Small Businesses

Nine Steps to Smart Security for Small Businesses Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...

More information

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

our enterprise security Empowering business

our enterprise security Empowering business our enterprise security Empowering business Introduction Communication is changing the way we live and work. Ericsson plays a key role in this evolution, using innovation to empower people, business and

More information

RETHINKING CYBER SECURITY Changing the Business Conversation

RETHINKING CYBER SECURITY Changing the Business Conversation RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.

More information

Internet Reputation Management Guidelines Building a Roadmap for Continued Success

Internet Reputation Management Guidelines Building a Roadmap for Continued Success Internet Reputation Management Guidelines Building a Roadmap for Continued Success Table of Contents Page INTERNET REPUTATION MANAGEMENT GUIDELINES 1. Background 3 2. Reputation Management Roadmap 5 3.

More information

Welcome to this ACT webinar

Welcome to this ACT webinar Welcome to this ACT webinar Cybersecurity: threats and responses 02 June 2015 12.30-13.15 Sponsored BST by Sponsored by Introduction James Lockyer Development Director ACT Interactive widgets Please take

More information

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Ponemon Institute Research Report

More information

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation Combatting the Biggest Cyber Threats to the Financial Services Industry A White Paper Presented by: Lockheed Martin Corporation Combatting the Biggest Cyber Threats to the Financial Services Industry Combatting

More information

FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES

FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5,500 companies in 26 countries around the world

More information

Fighting Cyber Crime in the Telecommunications Industry. Sachi Chakrabarty

Fighting Cyber Crime in the Telecommunications Industry. Sachi Chakrabarty Fighting Cyber Crime in the Telecommunications Industry Sachi Chakrabarty Agenda Cyber Crime What s all the fuss about CyberCrime? DoS Attacks Telco Solutions Cybercrime? Cybercrime Definition All criminal

More information

Cyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.

Cyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril. Cyber Security Personal and commercial information is the new commodity of choice for the virtual thief, argues Adrian Leppard, Commissioner for City of London Police, as he sets out the challenges facing

More information

Internet Reputation Management Guide. Building a Roadmap for Continued Success

Internet Reputation Management Guide. Building a Roadmap for Continued Success Internet Reputation Management Guide Building a Roadmap for Continued Success About BrandProtect BrandProtect is the leader in multi-channel Internet threat monitoring and risk mitigation. The company

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

Cyber intelligence exchange in business environment : a battle for trust and data

Cyber intelligence exchange in business environment : a battle for trust and data Cyber intelligence exchange in business environment : a battle for trust and data Experiences of a cyber threat information exchange research project and the need for public private collaboration Building

More information

CONSULTING IMAGE PLACEHOLDER

CONSULTING IMAGE PLACEHOLDER CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization

More information

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes

More information

CFO Insights Cybersecurity: Five essential truths

CFO Insights Cybersecurity: Five essential truths CFO Insights Cybersecurity: Five essential truths Cyber risks, it seems, are everywhere. Retailers breached. Intellectual property stolen. Data hacked almost on a daily basis. It s enough to rattle even

More information

Cyber threat intelligence and the lessons from law enforcement. kpmg.com.au

Cyber threat intelligence and the lessons from law enforcement. kpmg.com.au Cyber threat intelligence and the lessons from law enforcement kpmg.com.au Introduction Cyber security breaches are rarely out of the media s eye. As adversary sophistication increases, many organisations

More information

How do we Police Cyber Crime?

How do we Police Cyber Crime? How do we Police Cyber Crime? Thursday 4 th June 2015 Craig Jones, SEROCU Presentation Content UK policing cyber crime programme Cyber threat landscape and impact Cyber business resilience Future Challenges

More information

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Pamela Passman President and CEO Center for Responsible Enterprise And Trade (CREATe.org)

More information

Consultative report. Committee on Payment and Settlement Systems. Board of the International Organization of Securities Commissions

Consultative report. Committee on Payment and Settlement Systems. Board of the International Organization of Securities Commissions Committee on Payment and Settlement Systems Board of the International Organization of Securities Commissions Consultative report Principles for financial market infrastructures: Assessment methodology

More information

www.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services

www.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services www.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse Finland Who are we? Bring a robust forensics team to the table to support your organisation Our practice can

More information

Australian Government Cyber Security Review

Australian Government Cyber Security Review Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and

More information

Cybersecurity: Learn Critical Strategies to Protecting Your Enterprise November 6, 2013 1:00PM EST

Cybersecurity: Learn Critical Strategies to Protecting Your Enterprise November 6, 2013 1:00PM EST Cybersecurity: Learn Critical Strategies to Protecting Your Enterprise November 6, 2013 1:00PM EST November 6, 2013 Copyright 2013 Trusted Computing Group 1 November 6, 2013 Copyright 2013 Trusted Computing

More information

CORPORATE IDENTITY FRAUD: A PRIMER

CORPORATE IDENTITY FRAUD: A PRIMER CORPORATE IDENTITY FRAUD: A PRIMER Hanim Norza Baba, Head of Graduate Studies Center, Universiti Teknologi MARA, Melaka, Malaysia. drhanimnorzababa@gmail.com ABSTRACT Corporate identity fraud occurs when

More information

Committee on Payments and Market Infrastructures. Board of the International Organization of Securities Commissions

Committee on Payments and Market Infrastructures. Board of the International Organization of Securities Commissions Committee on Payments and Market Infrastructures Board of the International Organization of Securities Commissions Principles for financial market infrastructures: Assessment methodology for the oversight

More information

MANAGING DIGITAL RISKS IN THE RETAIL WORLD

MANAGING DIGITAL RISKS IN THE RETAIL WORLD Risk Insight WILLIS RETAIL PRACTICE MANAGING DIGITAL RISKS IN THE RETAIL WORLD The retail sector has been revolutionised by developments in the digital world, opening up a whole new way to access consumers

More information

CYBER SECURITY PROTECTING YOUR BUSINESS James Hatch Director, Cyber Services BAE Systems Applied Intelligence 1 CYBER SECURITY AT BAE SYSTEMS Professional Services Technical Services Prepare Protect Cyber

More information

Big 4 Information Security Forum

Big 4 Information Security Forum San Francisco ISACA Chapter Proudly Presents: Big 4 Information Security Forum A Day-Long, Multi-Session Event, being held in San Francisco @ the Sir Francis Drake Hotel! *** PLEASE NOTE THIS EVENT WILL

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

Corporate Security in 2016.

Corporate Security in 2016. Corporate Security in 2016. A QA Report Study Highlights According to ThreatMetrix, businesses in the UK are at greater risk of cybercrime than any other country in the world. In a recent survey carried

More information

Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows

Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows 24 February 2015 Callum Sinclair Faith Jayne Agenda Top 10 legal need-to-knows, including: What is cyber

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

Fraud and Abuse Policy

Fraud and Abuse Policy Fraud and Abuse Policy 2015 FRAUD AND ABUSE POLICY 2015 1 Contents 4. Introduction 6. Policy Goal 7. Combatting Customer Fraud and Abuse 8. Reporting Breaches 9. How Alleged Breaches Will Be Investigated

More information

HMG Security Policy Framework

HMG Security Policy Framework HMG Security Policy Framework Security Policy Framework 3 Foreword Sir Jeremy Heywood, Cabinet Secretary Chair of the Official Committee on Security (SO) As Cabinet Secretary, I have a good overview of

More information

THE HUMAN COMPONENT OF CYBER SECURITY

THE HUMAN COMPONENT OF CYBER SECURITY cybersecurity.thalesgroup.com.au People, with their preference to minimise their own inconvenience, their predictability, apathy and general naivety about the potential impacts of their actions, are the

More information

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

More information

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.

More information

DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES

DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5500 companies in 26 countries around the world

More information

20+ At risk and unready in an interconnected world

20+ At risk and unready in an interconnected world At risk and unready in an interconnected world Key findings from The Global State of Information Security Survey 2015 Cyber attacks against power and utilities organizations have transitioned from theoretical

More information

Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI

Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI UNICRI s Main Goals The United Nations Interregional Crime and

More information

CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION

CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION In the ever-evolving technological landscape which we all inhabit, our lives are dominated by

More information

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming

More information

Cyber, Social Media and IT Risks. David Canham (BA) Hons, MIRM

Cyber, Social Media and IT Risks. David Canham (BA) Hons, MIRM IIA South Event 16 th June 2015 Cyber, Social Media and IT Risks 1 st and 2 nd Line Perspective David Canham (BA) Hons, MIRM Agenda This evening we ll cover the following: Who, why and what? Traditional

More information

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts CYBER SECURITY ADVISORY SERVICES Governance Risk & Compliance Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts The Financial Services Industry at Crossroads: Where to From Here? WELCOME What

More information