DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?

Save this PDF as:

Size: px
Start display at page:

Download "DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?"

Transcription

1 HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS? Gregg Sommer, CAIA Head of Operational Risk Assessments St. Louis MERCER

2 CYBERSECURITY BREACHES 1. Target 2. JPMorgan 3. Code Spaces 4. Sony 5. Pentagon SEC reported that 74% of advisors and 88% of broker-dealers have had unauthorized access to their network 1 1 SEC cybersecurity examination sweep summary Feb 3, 2015 OCIE Volume IV, Issue 4 MERCER

3 HOW BIG IS THE PROBLEM? 270% increase in identified victims and exposed losses 1 Cyber crime costs the global economy up to $500 billion annually 1 90% of large organizations reported a breach successful attacks per week 3 Over the last four years cyber attacks on businesses have increased by 144% and the average time to resolve has increased by 221% 4 1 Merrill Lynch CIO Reports 2 Security Breaches Survey PWC Ponemon Institute 4 CYREN Cyber Threat Report, 2015 MERCER

4 WHY GLOBAL TREND WILL CONTINUE 1. Role of technology continues to expand 2. Motivation - Financial gain - Malicious intent - Promote beliefs - Challenge - Risk / Reward analysis MERCER

5 CYBERCRIME INCIDENTS Banking and Finance FINANCIAL FRAUD DENIAL OF SERVICE ATTACKS 29% FINANCIAL LOSSES COMPROMISED/STOLEN RECORDS IDENTITY THEFTS 20% NO INCIDENTS 20% 23% 23% 36% 0% 5% 10% 15% 20% 25% 30% 35% 40% SOURCE: PWC CYBERCRIME REPORT MERCER

6 POINTS OF ENTRY MOBILE BUSINESS DEVICES CONTACTS Employees WEBSITE & MARKETING SOCIAL MEDIA 3 RD PARTY VENDORS 3 rd Party Vendors EMPLOYEES FAMILY- FRIENDS SOCIAL MEDIA Organization 3 RD PARTY VENDORS MOBILE DATA DEVICES STORAGE (CLOUD) NETWORK HARDWARE Clients EMPLOYEES MERCER

7 INDUSTRY AND REGULATORY GUIDANCE NIST CYBERSECURITY FRAMEWORK 1 Identify Protect Detect Respond Recover 1 NIST website SEC RISK ALERT 2 Cybersecurity Governance (Policies, Procedures, and Oversight) Risk Associated with Remote Customer Access and Fund Transfer Requests Risks Associated with Vendors and any Third Parties Detection of Unauthorized Activity Experiences with Cyber Threats 2 Morgan Lewis summary of the SEC risk alert Feb 2015 BEST PRACTICES GOVERNANCE AND POLICIES EMPLOYEE TRAINING TECHNOLOGY THIRD PARTY ASSESSMENT MERCER

8 BEST PRACTICES GOVERNANCE AND POLICIES Culture Senior Management Engagement Accountable Oversight Proactive Approach Processes Documented Information Security Policy Cybersecurity and Risk Assessment Test Cyber Insurance Risk Transfer Monitor Cash Activity Daily Third Party / Vendor Due Diligence Policy MERCER

9 BEST PRACTICES EMPLOYEE TRAINING Awareness Passwords Public Wi-Fi Local Drives Communication Scam Preparation Phishing MERCER

10 BEST PRACTICES TECHNOLOGY Security Network, Physical, Data, Logical Systems Malware / Anti-virus Patching and Updates Intrusion Prevention System and Testing Cloud Technology Backup Process and Testing MERCER

11 BEST PRACTICES THIRD PARTY ASSESSMENT Tools Classify Vendors Define Assessment Process SLAs and Contract Management Monitor Business Relationships Plan For Vendors Not Meeting Requirements Independent Assessments (SSAE16 SOC Testing) MERCER

12 KEY TAKEAWAYS Cyber risk will continue to rise Conduct an assessment against industry best practices Monitor investment organizations and third parties Document your due diligence process Partner with expert providers for implementation MERCER

13

14 Important notices References to Mercer shall be construed to include Mercer LLC and/or its associated companies Mercer LLC. All rights reserved. This contains confidential and proprietary information of Mercer and is intended for the exclusive use of the parties to whom it was provided by Mercer. Its content may not be modified, sold or otherwise provided, in whole or in part, to any other person or entity, without Mercer s prior written permission. The findings, ratings and/or opinions expressed herein are the intellectual property of Mercer and are subject to change without notice. They are not intended to convey any guarantees as to the future performance of the investment products, asset classes or capital markets discussed. Past performance does not guarantee future results. Mercer s ratings do not constitute individualized investment advice. Information contained herein has been obtained from a range of third party sources. While the information is believed to be reliable, Mercer has not sought to verify it independently. As such, Mercer makes no representations or warranties as to the accuracy of the information presented and takes no responsibility or liability (including for indirect, consequential or incidental damages), for any error, omission or inaccuracy in the data supplied by any third party. This does not constitute an offer or a solicitation of an offer to buy or sell securities, commodities and/or any other financial instruments or products or constitute a solicitation on behalf of any of the investment managers, their affiliates, products or strategies that Mercer may evaluate or recommend. For the most recent approved ratings of an investment strategy, and a fuller explanation of their meanings, contact your Mercer representative. For Mercer s conflict of interest disclosures, contact your Mercer representative or see Mercer universes: Mercer s universes are intended to provide collective samples of strategies that best allow for robust peer group comparisons over a chosen timeframe. Mercer does not assert that the peer groups are wholly representative of and applicable to all strategies available to investors. The value of your investments can go down as well as up, and you may not get back the amount you have invested. Investments denominated in a foreign currency will fluctuate with the value of the currency. Certain investments carry additional risks that should be considered before choosing an investment manager or making an investment decision. MERCER

DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS?

DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS? HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS? FREEMAN WOOD HEAD OF MERCER SENTINEL NORTH AMERICA GREGG SOMMER HEAD OF OPERATIONAL RISK ASSESSMENTS MERCER

More information

CONNECTICUT RETIREMENT SECURITY BOARD DISCUSSION GUIDE FOR ANNUITY AND IRA ACCOUNT TYPES

CONNECTICUT RETIREMENT SECURITY BOARD DISCUSSION GUIDE FOR ANNUITY AND IRA ACCOUNT TYPES HEALTH WEALTH CAREER CONNECTICUT RETIREMENT SECURITY BOARD DISCUSSION GUIDE FOR ANNUITY AND IRA ACCOUNT TYPES November 4 th, 2015 Rashid Hassan Neil Lloyd Hartford, Connecticut MERCER S RECOMMENDATION

More information

MERCER WEBCAST MEETING TODAY S CHALLENGES FOR 401(K) SPONSORS OCTOBER 22, 2014. Liana Magner Amy Reynolds

MERCER WEBCAST MEETING TODAY S CHALLENGES FOR 401(K) SPONSORS OCTOBER 22, 2014. Liana Magner Amy Reynolds MEETING TODAY S CHALLENGES FOR 401(K) SPONSORS OCTOBER 22, 2014 Liana Magner Amy Reynolds Today s speakers Liana Magner, CFA Partner US Delegated DC Leader MERCER W EBCAST Amy Reynolds, ASA Partner US

More information

INVESTMENT MANAGER FEES: A CRITICAL LOOK

INVESTMENT MANAGER FEES: A CRITICAL LOOK HEALTH WEALTH CAREER INVESTMENT MANAGER FEES: A CRITICAL LOOK JULY 2015 In this short article, we suggest a number of ways in which the current and common structures for investment managers fees (for traditional,

More information

TARGET DATE FUNDS 10 YEARS LATER AND BEYOND

TARGET DATE FUNDS 10 YEARS LATER AND BEYOND TARGET DATE FUNDS 10 YEARS LATER AND BEYOND CPBI SOUTHERN ALBERTA P.D. DAY 29 May 2014 Neil Lloyd Evolution Of DC Investments A change in focus Do It Yourself (PAST) Do It For Me (PRESENT) Help me Prepare

More information

CHALLENGES FOR WEALTH MANAGEMENT FIRMS IN 2016: ARE YOU PREPARED?

CHALLENGES FOR WEALTH MANAGEMENT FIRMS IN 2016: ARE YOU PREPARED? HEALTH WEALTH CAREER CHALLENGES FOR WEALTH MANAGEMENT FIRMS IN 2016: ARE YOU PREPARED? David A. Hyman, CFA US Wealth Management Segment Leader Michael Curtin Senior Investment Consultant, Wealth Management,

More information

How to improve your employees retirement security at minimal cost Authors: Bruce Cadenhead Partner, Retirement, New York Steve Vernon FSA Research

How to improve your employees retirement security at minimal cost Authors: Bruce Cadenhead Partner, Retirement, New York Steve Vernon FSA Research Article Five in a Mercer and Stanford Center on Longevity series How to improve your employees retirement security at minimal cost Authors: Bruce Cadenhead Partner, Retirement, New York Steve Vernon FSA

More information

CYBERSECURITY EXAMINATION SWEEP SUMMARY

CYBERSECURITY EXAMINATION SWEEP SUMMARY This Risk Alert provides summary observations from OCIE s examinations of registered broker-dealers and investment advisers, conducted under the Cybersecurity Examination Initiative, announced April 15,

More information

WHOLE OF LIFE SUPERANNUATION

WHOLE OF LIFE SUPERANNUATION WHOLE OF LIFE SUPERANNUATION Challenging the status quo NOVEMBER 2012 INTRODUCTION There is no question that Australia is one of the most mature Defined Contribution markets in the world. But while Australia

More information

RATING REPORTS ON GLOBAL INVESTOR PROGRAMME ( GIP ) FUNDS

RATING REPORTS ON GLOBAL INVESTOR PROGRAMME ( GIP ) FUNDS RATING REPORTS ON GLOBAL INVESTOR PROGRAMME ( GIP ) FUNDS Contact Singapore introduced an independent fund rating exercise as a key element of the Global Investor Programme ( GIP ) Funds application and

More information

OCIE CYBERSECURITY INITIATIVE

OCIE CYBERSECURITY INITIATIVE Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.

More information

Cybersecurity. Are you prepared?

Cybersecurity. Are you prepared? Cybersecurity Are you prepared? First Cash, then your customer, now YOU! What is Cybersecurity? The body of technologies, processes, practices designed to protect networks, computers, programs, and data

More information

MEMO. Comparing Traditional and Roth IRAs. Connecticut Retirement Security Board. Mercer Traditional vs. Roth IRA. contributions.

MEMO. Comparing Traditional and Roth IRAs. Connecticut Retirement Security Board. Mercer Traditional vs. Roth IRA. contributions. 1166 Avenue of the Americas New York, NY 10036 www.mercer.com MEMO TO: DATE: FROM: SUBJECT: Mercer Traditional vs. Roth IRA Introduction The legislation anticipates that the Retirement Security Program

More information

Creating, Developing and Instituting an Effective Incident Response Plan. Webinar. 15 April 2015

Creating, Developing and Instituting an Effective Incident Response Plan. Webinar. 15 April 2015 Creating, Developing and Instituting an Effective Incident Response Plan Webinar 15 April 2015 Stan Hui Payment System Security Stephen J. Kopeck Verizon Visa Public Disclaimer The information or recommendations

More information

White Paper on Financial Industry Regulatory Climate

White Paper on Financial Industry Regulatory Climate White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during

More information

OCIE Technology Controls Program

OCIE Technology Controls Program OCIE Technology Controls Program Cybersecurity Update Chris Hetner Cybersecurity Lead, OCIE/TCP 212-336-5546 Introduction (Role, Disclaimer, Background and Speech Topics) SEC Cybersecurity Program Overview

More information

2 0 1 4 F G F O A A N N U A L C O N F E R E N C E

2 0 1 4 F G F O A A N N U A L C O N F E R E N C E I T G OV E R NANCE 2 0 1 4 F G F O A A N N U A L C O N F E R E N C E RAJ PATEL Plante Moran 248.223.3428 raj.patel@plantemoran.com This presentation will discuss current threats faced by public institutions,

More information

Cyber Security. Moderator: Marla J. Kreindler, Partner, Morgan, Lewis & Bockius LLP

Cyber Security. Moderator: Marla J. Kreindler, Partner, Morgan, Lewis & Bockius LLP Cyber Security Moderator: Marla J. Kreindler, Partner, Morgan, Lewis & Bockius LLP Speakers: Keith Overly, Executive Director, Ohio Deferred Compensation Program Raj Patel, Partner, Plante & Moran, PLLC

More information

Common Data Breach Threats Facing Financial Institutions

Common Data Breach Threats Facing Financial Institutions Last Updated: February 25, 2015 Common Data Breach Threats Facing Financial s Although exact figures are elusive, there is no question that the number of data security breaches both reported and unreported

More information

Cybersecurity Risks, Regulation, Remorse, and Ruin

Cybersecurity Risks, Regulation, Remorse, and Ruin Financial Planning Association of Michigan 2014 Fall Symposium Cybersecurity Risks, Regulation, Remorse, and Ruin Shane B. Hansen shansen@wnj.com (616) 752-2145 October 23, 2014 Copyright 2014 Warner Norcross

More information

HIGH YIELD BONDS UNDER STRESS?

HIGH YIELD BONDS UNDER STRESS? HEALTH WEALTH CAREER HIGH YIELD BONDS UNDER STRESS? DECEMBER 2015 2 WHAT PROMPTED THE MARKET DISRUPTION? News broke last week that the Third Avenue Focused Credit mutual fund suspended redemptions and

More information

SEC Cybersecurity Findings May Establish De Facto Standard

SEC Cybersecurity Findings May Establish De Facto Standard Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com SEC Cybersecurity Findings May Establish De Facto

More information

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.

More information

ENDOWMENT & FOUNDATION GOVERNANCE: FIDUCIARY OVERSIGHT AND IMPLEMENTATION MAY 2013

ENDOWMENT & FOUNDATION GOVERNANCE: FIDUCIARY OVERSIGHT AND IMPLEMENTATION MAY 2013 ENDOWMENT & FOUNDATION GOVERNANCE: FIDUCIARY OVERSIGHT AND IMPLEMENTATION MAY 2013 WHAT IS FIDUCIARY GOVERNANCE AND WHY IS IT IMPORTANT? Fulfillment of fiduciary responsibilities requires more than understanding

More information

Ayla Networks, Inc. SOC 3 SysTrust 2015

Ayla Networks, Inc. SOC 3 SysTrust 2015 Ayla Networks, Inc. SOC 3 SysTrust 2015 SOC 3 SYSTRUST FOR SERVICE ORGANIZATIONS REPORT July 1, 2015 To December 31, 2015 Table of Contents SECTION 1 INDEPENDENT SERVICE AUDITOR S REPORT... 2 SECTION 2

More information

PREPARE YOUR INCIDENT RESPONSE TEAM

PREPARE YOUR INCIDENT RESPONSE TEAM PREPARE YOUR INCIDENT RESPONSE TEAM JUNE 2015 Michael Harrington, Fidelis Cybersecurity It s a big problem... The ongoing cyber-thefts from The scale of international theft the In networks 2013, the of

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

FINRA Publishes its 2015 Report on Cybersecurity Practices

FINRA Publishes its 2015 Report on Cybersecurity Practices Securities Litigation & Enforcement Client Service Group and Data Privacy & Security Team To: Our Clients and Friends February 12, 2015 FINRA Publishes its 2015 Report on Cybersecurity Practices On February

More information

Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m.

Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m. Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m. Topics: Explain why it is important for firms of all sizes to address cybersecurity risk. Demonstrate awareness

More information

August 2010. State of Nevada Deferred Compensation Plan. Manager Due Diligence Education Session

August 2010. State of Nevada Deferred Compensation Plan. Manager Due Diligence Education Session August 2010 State of Nevada Deferred Compensation Plan Manager Due Diligence Education Session Fiduciary Responsibility Investment prudence relies on process, not investment results Three investment principles

More information

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against

More information

Client Update SEC Releases Updated Cybersecurity Examination Guidelines

Client Update SEC Releases Updated Cybersecurity Examination Guidelines Client Update September 18, 2015 1 Client Update SEC Releases Updated Cybersecurity Examination Guidelines NEW YORK Jeremy Feigelson jfeigelson@debevoise.com Jim Pastore jjpastore@debevoise.com David Sarratt

More information

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015 Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity

More information

Information for Management of a Service Organization

Information for Management of a Service Organization Information for Management of a Service Organization Copyright 2011 American Institute of Certified Public Accountants, Inc. New York, NY 10036-8775 All rights reserved. For information about the procedure

More information

Cybersecurity..Is your PE Firm Ready? October 30, 2014

Cybersecurity..Is your PE Firm Ready? October 30, 2014 Cybersecurity..Is your PE Firm Ready? October 30, 2014 The Panel Melinda Scott, Founding Partner, Scott Goldring Eric Feldman, Chief Information Officer, The Riverside Company Joe Campbell, CTO, PEF Services

More information

Big Data, Big Risk, Big Rewards. Hussein Syed

Big Data, Big Risk, Big Rewards. Hussein Syed Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data

More information

HEALTH WEALTH CAREER WHY DC PLANS NEED TO CONSIDER BROAD FINANCIAL WELLNESS AND OTHER ISSUES IN 2016

HEALTH WEALTH CAREER WHY DC PLANS NEED TO CONSIDER BROAD FINANCIAL WELLNESS AND OTHER ISSUES IN 2016 HEALTH WEALTH CAREER WHY DC PLANS NEED TO CONSIDER BROAD FINANCIAL WELLNESS AND OTHER ISSUES IN 2016 TODAY S SPEAKERS BETSY DILL US Financial Wellness Leader LIANA MAGNER, CFA US DC Investment Leader MERCER

More information

Cybersecurity and the Threat to Your Company

Cybersecurity and the Threat to Your Company Why is BIG Data Important? March 2012 1 Cybersecurity and the Threat to Your Company A Navint Partners White Paper September 2014 www.navint.com Cyber Security and the threat to your company September

More information

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA SITA Information Security SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA September, 2012 Contents 1. Introduction... 3 1.1 Overview...

More information

How a Company s IT Systems Can Be Breached Despite Strict Security Protocols

How a Company s IT Systems Can Be Breached Despite Strict Security Protocols How a Company s IT Systems Can Be Breached Despite Strict Security Protocols Brian D. Huntley, CISSP, PMP, CBCP, CISA Senior Information Security Advisor Information Security Officer, IDT911 Overview Good

More information

Cybercrime and Regulatory Priorities for Cybersecurity

Cybercrime and Regulatory Priorities for Cybersecurity NRS Technology and Communication Compliance Forum Cybercrime and Regulatory Priorities for Cybersecurity Copyright 2014 by K&L Gates LLP. All rights reserved. Sean P. Mahoney sean.mahoney@klgates.com K&L

More information

Cyber Security. John Leek Chief Strategist

Cyber Security. John Leek Chief Strategist Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity

More information

Cybersecurity: What CFO s Need to Know

Cybersecurity: What CFO s Need to Know Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction

More information

Top Fraud Trends Facing Financial Institutions

Top Fraud Trends Facing Financial Institutions Top Fraud Trends Facing Financial Institutions Presented on: October 7, 2015, 2-3 ET Presented by: Ann Davidson - VP of Risk Consulting at Allied Solutions Webinar Agenda 1. Fraud trends in 2015 and beyond

More information

MULTI-ASSET STRATEGIES REDEFINING THE UNIVERSE APRIL 2014

MULTI-ASSET STRATEGIES REDEFINING THE UNIVERSE APRIL 2014 MULTI-ASSET STRATEGIES REDEFINING THE UNIVERSE APRIL 2014 INTRODUCTION Loved by many, reviled by others, multi-asset strategies are undeniably a key feature of the investment landscape. In the US they

More information

The Business Case for Security Information Management

The Business Case for Security Information Management The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un

More information

Attachment A. Identification of Risks/Cybersecurity Governance

Attachment A. Identification of Risks/Cybersecurity Governance Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year

More information

Collateral Effects of Cyberwar

Collateral Effects of Cyberwar Your texte here. Collateral Effects of Cyberwar by Ilia Kolochenko for Geneva Information Security Day 9 th of October 2015 Quick Facts and Numbers About Cybersecurity In 2014 the annual cost of global

More information

Data Security and the Cloud

Data Security and the Cloud Data Security and the Cloud TABLE OF CONTENTS DATA SECURITY AND THE CLOUD EXECUTIVE SUMMARY PAGE 3 CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 PAGE 4 PAGE 5 PAGE 6 PAGE 8 PAGE 9 DATA SECURITY: HOW

More information

NATIONAL CYBER SECURITY AWARENESS MONTH

NATIONAL CYBER SECURITY AWARENESS MONTH NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the

More information

Cybersecurity: Protecting Your Business. March 11, 2015

Cybersecurity: Protecting Your Business. March 11, 2015 Cybersecurity: Protecting Your Business March 11, 2015 Grant Thornton. All LLP. rights All reserved. rights reserved. Agenda Introductions Presenters Cybersecurity Cybersecurity Trends Cybersecurity Attacks

More information

Transforming the Customer Experience When Fraud Attacks

Transforming the Customer Experience When Fraud Attacks Transforming the Customer Experience When Fraud Attacks About the Presenters Mike Young, VP, Product Team, Everbank Manages consumers and business banking products, as well as online and mobile banking

More information

FINANCIAL SERVICES Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors

FINANCIAL SERVICES Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors FINANCIAL SERVICES Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors By Robert R. Kiesel Schulte Roth & Zabel Like many companies, investment managers

More information

HEALTH WEALTH CAREER FIDUCIARY INVESTMENT ADVICE NEW DOL RULE IMPLICATIONS FOR RETIREMENT PLAN SPONSORS MAY 19, 2016

HEALTH WEALTH CAREER FIDUCIARY INVESTMENT ADVICE NEW DOL RULE IMPLICATIONS FOR RETIREMENT PLAN SPONSORS MAY 19, 2016 HEALTH WEALTH CAREER FIDUCIARY INVESTMENT ADVICE NEW DOL RULE IMPLICATIONS FOR RETIREMENT PLAN SPONSORS MAY 19, 2016 TODAY S SPEAKERS Amy Reynolds Partner Karen Willsky Principal Linda Delivorias Partner

More information

Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited

Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident

More information

Independent Thinking. The Changing Landscape for Wealth Management

Independent Thinking. The Changing Landscape for Wealth Management Independent Thinking The Changing Landscape for Wealth Management October 2015 1 Wealth Management Common Central Tenets Common central tenets to successful wealth management relationships: The Changing

More information

RETHINKING CYBER SECURITY Changing the Business Conversation

RETHINKING CYBER SECURITY Changing the Business Conversation RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.

More information

CYBER-LIABILITY COVERAGE: The $ 45 Million Dollar Exposure

CYBER-LIABILITY COVERAGE: The $ 45 Million Dollar Exposure CYBER-LIABILITY COVERAGE: The $ 45 Million Dollar Exposure CYBER-LIABILITY COVERAGE: The $ 45Million Dollar Exposure Today s Presenters: Mark J. Camillo, MBA, BS Head of Network Security and Privacy Products

More information

Managing Cyber Risk through Insurance

Managing Cyber Risk through Insurance Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes

More information

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS RRD Donnelley SEC Hot Topics Institute May 21, 2014 1 MANAGING CYBERSECURITY RISK AND DISCLOSURE OBLIGATIONS Patrick J. Schultheis Partner Wilson

More information

10 Smart Ideas for. Keeping Data Safe. From Hackers

10 Smart Ideas for. Keeping Data Safe. From Hackers 0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000

More information

PACB One-Day Cybersecurity Workshop

PACB One-Day Cybersecurity Workshop PACB One-Day Cybersecurity Workshop WHAT IS CYBERSECURITY? PRESENTED BY: JON WALDMAN, SBS CISA, CRISC 1 Contact Information Jon Waldman Partner, Senior IS Consultant CISA, CRISC Masters of Info Assurance

More information

Data Breaches and Cyber Risks

Data Breaches and Cyber Risks Data Breaches and Cyber Risks Carolinas Credit Union League Leadership Conference Presented by: Ken Otsuka Business Protection Risk Management CUNA Mutual Group CUNA Mutual Group Proprietary Reproduction,

More information

Cybersecurity Awareness. Part 1

Cybersecurity Awareness. Part 1 Part 1 Objectives Discuss the Evolution of Data Security Define and Discuss Cybersecurity Review Threat Environment Part 1 Discuss Information Security Programs s Enhancements for Cybersecurity Risks Threat

More information

Stocks: Quick-start guide part 3 - Orders & Tickets

Stocks: Quick-start guide part 3 - Orders & Tickets Saxo Academy Stocks: Quick-start guide part 3 - Orders & Tickets academy.tradingfloor.com 1. By clicking on one of the icons you can place a related Limit order and Stop order respectively. Once you have

More information

IT Security to Combat Today s Cyber Fraud

IT Security to Combat Today s Cyber Fraud IT Security to Combat Today s Cyber Fraud Thomas J. DeMayo, CISSP, CIPP, CEH, CPT, MCSE Director, IT Audit and Consulting - O Connor Davies, LLP Timothy M. Simons, CPA, CFA, CIPM, CSCP, CFP Senior Managing

More information

Information Security Addressing Your Advanced Threats

Information Security Addressing Your Advanced Threats Information Security Addressing Your Advanced Threats Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring What Is Information Security?

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

Cyber Risks in the Boardroom

Cyber Risks in the Boardroom Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing

More information

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS David Glockner, Managing Director strozfriedberg.com Overview The big picture: what does cybercrime look like today and how is it evolving? What

More information

Logging In: Auditing Cybersecurity in an Unsecure World

Logging In: Auditing Cybersecurity in an Unsecure World About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that

More information

7 th Annual Information Security Summit The Executive Forum. Information Security Management Overview

7 th Annual Information Security Summit The Executive Forum. Information Security Management Overview 7 th Annual Information Security Summit The Executive Forum Information Security Management Overview June 4, 2015 Copyright 2015. Citadel Information Group. All Rights Reserved. 2 Establishing Leadership.

More information

Cyber Security An Exercise in Predicting the Future

Cyber Security An Exercise in Predicting the Future Cyber Security An Exercise in Predicting the Future Paul Douglas, August 25, 2014 AUDIT & ACCOUNTING + CONSULTING + TAX SERVICES + TECHNOLOGY I www.pncpa.com I www.pntech.net What is Cyber Security? Measures

More information

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

More information

Cybersecurity and Insurance Companies

Cybersecurity and Insurance Companies Cybersecurity and Insurance Companies ACLI Forum 500 CEO Leadership Retreat Timothy J. Nagle Vice President & Chief Privacy Counsel Prudential Financial 1 May 13, 2015 What is cybersecurity? Protecting

More information

Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference

Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference Christopher T. Van Marter Senior Deputy Prosecuting Attorney Chief White Collar Crime Unit Department of the Prosecuting Attorney

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

PROPOSED INTERPRETIVE NOTICE

PROPOSED INTERPRETIVE NOTICE August 28, 2015 Via Federal Express Mr. Christopher J. Kirkpatrick Secretary Office of the Secretariat Commodity Futures Trading Commission Three Lafayette Centre 1155 21st Street, N.W. Washington, DC

More information

Exercising Your Enterprise Cyber Response Crisis Management Capabilities

Exercising Your Enterprise Cyber Response Crisis Management Capabilities Exercising Your Enterprise Cyber Response Crisis Management Capabilities Ray Abide, PricewaterhouseCoopers, LLP 2015 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved.

More information

DISCLAIMER. Any fact, assessment, analysis, forecasts, opinion and other information (collectively Information ) released by:

DISCLAIMER. Any fact, assessment, analysis, forecasts, opinion and other information (collectively Information ) released by: DISCLAIMER General This website can be accessed worldwide however the information on the website is related to Saxo Capital Markets CY Limited and is not specific to any other country. All clients will

More information

THE ROLE OF LIQUID ALTERNATIVES IN WEALTH MANAGEMENT

THE ROLE OF LIQUID ALTERNATIVES IN WEALTH MANAGEMENT HEALTH WEALTH CAREER THE ROLE OF LIQUID ALTERNATIVES IN WEALTH MANAGEMENT SEPTEMBER 2015 In this short paper, we focus on liquid alternative products and will, 1) explain the investment theses for investing

More information

The Practical Realities of Cybersecurity

The Practical Realities of Cybersecurity & present The Practical Realities of Cybersecurity Best practices for crafting policies and procedures to protect your company Andrew Morentz, Member Telecommunications Law Professionals PLLC email amorentz@telecomlawpros.com

More information

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :

More information

Vulnerability Assessment & Compliance

Vulnerability Assessment & Compliance www.pwc.com Vulnerability Assessment & Compliance August 3 rd, 2011 Building trust through Information security* Citizen-Centric egovernment state Consultantion workshop Agenda VAPT What and Why Threats

More information

How-To Guide: Cyber Security. Content Provided by

How-To Guide: Cyber Security. Content Provided by How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses

More information

Legal Notices. Purpose and Scope of Website. StanCorp Financial Group, Inc. Contact Us. Public Affairs. Special Investigations Unit

Legal Notices. Purpose and Scope of Website. StanCorp Financial Group, Inc. Contact Us. Public Affairs. Special Investigations Unit Legal Notices The following describes the policies and practices of StanCorp Financial Group, Inc ( StanCorp Financial ) and its affiliates, vendors, and licensors with regards to the collection and use

More information

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information

More information

THE EVOLUTION OF CYBERSECURITY

THE EVOLUTION OF CYBERSECURITY THE EVOLUTION OF CYBERSECURITY Identifying Best Practices June 2, 2015 Cerone F. Cy Sturdivant Managing Consultant Nashville, TN 1 TO RECEIVE CPE CREDIT Participate in entire webinar Answer polls when

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information

AHLA. N. HIPAA Security Breaches: What Should We Be Doing to Keep Us Out of the Headlines? Diane E. Felix Armstrong Teasdale LLP Saint Louis, MO

AHLA. N. HIPAA Security Breaches: What Should We Be Doing to Keep Us Out of the Headlines? Diane E. Felix Armstrong Teasdale LLP Saint Louis, MO AHLA N. HIPAA Security Breaches: What Should We Be Doing to Keep Us Out of the Headlines? Diane E. Felix Armstrong Teasdale LLP Saint Louis, MO Anthony J. Munns Brown Smith Wallace LLC Saint Louis, MO

More information

PRESENTATION TO THE UNIVERSITY SYSTEM OF MARYLAND S BOARD OF REGENTS

PRESENTATION TO THE UNIVERSITY SYSTEM OF MARYLAND S BOARD OF REGENTS CYBERSECURITY PRESENTATION TO THE UNIVERSITY SYSTEM OF MARYLAND S BOARD OF REGENTS by Dr. Lawrence A. Gordon (Lgordon@rhsmith.umd.edu) EY Professor of Managerial Accounting and Information Assurance Affiliate

More information

DATA BREACH COVERAGE

DATA BREACH COVERAGE THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000

More information

Data Security on Every Network Layer. Internet Security Days 2015, Phantasialand Brühl ADVA Optical Networking SE

Data Security on Every Network Layer. Internet Security Days 2015, Phantasialand Brühl ADVA Optical Networking SE Data Security on Every Network Layer Internet Security Days 2015, Phantasialand Brühl ADVA Optical Networking SE Agenda Impact of Cyber Crime and Data Theft Financial Service Sector Production Industry

More information

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion

More information

LIGC-ACC Presentation November 9, 2015

LIGC-ACC Presentation November 9, 2015 Bryan Frank, DDIS Info Sec Corp, panelist Jennifer M. Mone, Deputy General Counsel, Hofstra University, panelist Keith J. Frank, Partner, Forchelli, Curto, Deegan, Schwartz, Mineo & Terrana,. LLP, moderator

More information

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President

More information

Cybersecurity Opportunities. Presented to: National Professional Science Masters Association November 13, 2013

Cybersecurity Opportunities. Presented to: National Professional Science Masters Association November 13, 2013 Cybersecurity Opportunities Presented to: National Professional Science Masters Association November 13, 2013 Overall Themes For Discussion Advice for Grads Your Degree Is A Place To Start. It does not

More information

Perspectives on Cybersecurity in Healthcare June 2015

Perspectives on Cybersecurity in Healthcare June 2015 SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright

More information

Connect Smart for Business SME TOOLKIT

Connect Smart for Business SME TOOLKIT Protect yourself online Connect Smart for Business SME TOOLKIT WELCOME To the Connect Smart for Business: SME Toolkit The innovation of small and medium sized enterprises (SMEs) is a major factor in New

More information

Terminated Vested Cashouts Overcoming Common

Terminated Vested Cashouts Overcoming Common Terminated Vested Cashouts Overcoming Common Misconceptions Terminated Vested Cashouts Overcoming Common Misconceptions In the past few years, a growing number of defined benefit pension plans have been

More information