Addressing Cyber Risk Building robust cyber governance
|
|
- Dorothy Walters
- 8 years ago
- Views:
Transcription
1 Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services
2 The future of security The business environment is changing The IT environment is changing The cyber threat environment is changing Cyber security must be addressed at the most senior levels Cyber security must be business back rather than technology forward Move from protecting the perimeter to protecting data Refresh cyber security strategies to address rapidly evolving business needs and threats If the information security function does not change, the result will be losing influence, control and in this environment a real opportunity for impact with the business?
3 The future of security The scale of change to ship 1 million units 2 years 74 days 28 days 2012 Deloitte LLP. Private and confidential.
4 The future of security A changing business environment A greater reliance on: - Data (business information, competitive advantage, as the business) - Technology for employees and customers Globalisation and 24x7 operations - Offices, users and IT assets around the globe Changing customer perceptions - Baby Boomers to Generation X, and now Generation Y not forgetting Generation G Competitive advantage is difficult - the economy makes it even harder
5 The future of security Technology change dealing with complexity Cloud Security Fraud risk Data loss Privacy Social media Cyber security Online fraud System downtime Encryption Threat Intelligence Corporate Espionage Securing mobile devices The insider threat Hacking Vulnerability Management Identity Management e-crime Prevention
6 The future of security A changing threat environment - they only have to win once... Anonymous and other Hackivists From waste management to e-crime Low risks and high rewards mean that the security threat landscape is changing. Targets of choice, not chance Organised crime Increasing third party access Insider threats Statesponsored cyber threats APTs Stuxnet, Conficker
7 The future of security Your security capability? Activities are still largely reactive and compliance-driven: Largely compliance focused Developing policies Meeting industry baselines Audit Often limited visibility or interest to the business unless something goes wrong Touching some change programmes Limited future watching Low operational agility Political forces Environmental forces Social forces Organisation Technological forces Legislative forces Economic forces
8 Practical steps to a step change 8 Presentation title
9 Approach to tackling cyber Identify Risks Map Capabilities Identify assets Identify threats Capability and control maturity Identify Key asset lists and owners. Map Critical business processes and owners. Identify current and emerging threats. Perform Risk assessment. Assess Business Impact. Identify key capabilities for each risk area. Identify emerging capability requirement from threat trends. Map key controls to business risks. Identify capability and control stakeholders. Assess and Benchmark Set Risk Appetite Assess current state of control maturity. Assess current capability maturity. Derive target state of capability maturity from high level costs versus business impact mitigation. Validate target against peer and sector benchmark. Prioritise & Execute Prioritisation and Planning Identify major risk exposures and quick wins. Identify strategic capability improvements and break down in to bounded deliverables. Prioritise strategic improvement roadmap. Continue monitoring of threat landscape to identify required changes of focus.
10 Comprehensive Cyber Governance This is not a technology issue people, technology and process Cyber Security Steering Committee Executive governance by making policy and investment decisions. Members include business and IT leaders as well as the CISO Cyber Security Advisory Board The brain trust a forum for sharing and discussing tactics and best practise amongst security leaders Business Partners IT Functions - security architecture - system design - security operations - security training Corporate Body - risk strategy - security policy - security awareness GOVERNANCE Business Partners Business Units - risk management - security awareness Cyber Security Comms Forum Often an distribution list of security practitioners used to communicate management decisions and best practises CyberSecurity Programme Strategic coordination of security initiatives normally sponsored and governed by the Security Steering Committee
11 Integrating cyber into ERM Board level Oversight Tone at the top Risk Governance Executive Management Common risk architecture (people process technology) Risk Infrastructure Risk Processes Identify Asses Respond Design Implement Monitor Business Units Risk classes Risk ownership Data System Compliance Reporting 11
12 Developing the capability is a journey with costs. Proactive Threat Management Media & SMEs Consumer Business & Life Sciences Retail Banks & Energy Providers Investment Banks Military & Defence Blissful Ignorance Basic Network Protection Acceptable Usage Policy IT BC & DR Exercises Transformation Ad Hoc Infrastructure & Application Protection Ad Hoc System / Malware Forensics Ad-hoc Threat Intelligence Sharing with Peers Commercial & Open Source Threat Intelligence Feeds Network & System Centric Activity Profiling General Information Security Training & Awareness IT Cyber Attack Simulations Enterprise-Wide Infrastructure & Application Protection Operational Excellence Basic Online Brand Monitoring Automated Malware Forensics & Manual Electronic Discovery Government / Sector Threat Intelligence Collaboration Criminal / Hacker Surveillance Workforce / Customer Behaviour Profiling Targeted Intelligence-Based Cyber Security Awareness Business-Wide Cyber Attack Exercises Identity-Aware Information Protection Situational Awareness of Cyber Threats Online Brand & Social Media Policing Automated Electronic Discovery & Forensics Global Cross-Sector Threat Intelligence Sharing Baiting & Counter-Threat Intelligence Real-time Business Risk Analytics & Decision Support Business Partner Cyber Security Awareness Sector-Wide & Supply Chain Cyber Attack Exercises Adaptive & Automated Security Control Updates Brand Monitoring E-Discovery & Forensics Intelligence Collaboration External Threat Intelligence Behavioural Analytics Training & Awareness Cyber Attack Preparation Asset Protection IT Service Desk & Whistleblowing Security Log Collection & Ad Hoc Reporting 24x7 Technology Centric Security Event Reporting External & Internal Threat Intelligence Correlation Cross-Channel Malicious Activity Detection Security Event Monitoring Traditional Signature-Based Security Controls Periodic IT Asset Vulnerability Assessments Automated IT Asset Vulnerability Monitoring Targeted Cross-Platform User Activity Monitoring Tailored & Integrated Business Process Monitoring Internal Threat Intelligence Cyber Security Maturity Levels Level 1 Level 2 Level 3 Level 4 Level 5 12
13 The future of security The business environment is changing The IT environment is changing The cyber threat environment is changing Cyber security must be addressed at the most senior levels Cyber security must be business back rather than technology forward Move from protecting the perimeter to protecting data Refresh cyber security strategies to address rapidly evolving business needs and threats If the information security function does not change, the result will be losing influence, control and in this environment a real opportunity for impact with the business?
14 Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited ( DTTL ), a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see for a detailed description of the legal structure of DTTL and its member firms. Deloitte LLP is the United Kingdom member firm of DTTL. This publication has been written in general terms and therefore cannot be relied on to cover specific situations; application of the principles set out will depend upon the particular circumstances involved and we recommend that you obtain professional advice before acting or refraining from acting on any of the contents of this publication. Deloitte LLP would be pleased to advise readers on how to apply the principles set out in this publication to their specific circumstances. Deloitte LLP accepts no duty of care or liability for any loss occasioned to any person acting or refraining from action as a result of any material in this publication Deloitte LLP. All rights reserved. Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC and its registered office at 2 New Street Square, London EC4A 3BZ, United Kingdom. Tel: +44 (0) Fax: +44 (0) Member of Deloitte Touche Tohmatsu Limited
The enemies ashore Vulnerabilities & hackers: A relationship that works
The enemies ashore Vulnerabilities & hackers: A relationship that works Alexandros Charvalias, Manager CISSP, CISA, ACDA Assurance & Enterprise Risk Services Cyber security maturity model How effectively
More informationISO27032 Guidelines for Cyber Security
ISO27032 Guidelines for Cyber Security Deloitte Point of View on analysing and implementing the guidelines Deloitte LLP Enterprise Risk Services Security & Resilience Contents Foreword 1 Cyber governance
More informationUnder control 2015 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint
Under control 2015 Hot topics for IT internal audit in financial services An Internal Audit viewpoint Introduction Welcome to our fourth annual review of the IT hot topics for IT internal audit in financial
More informationThe cyber security imperative. Protect your organization from cyber threats
The cyber security imperative Protect your organization from cyber threats Contents Cyber threats are real and growing... 1 A full range of cyber security solutions... 2 Managed Security Services (MSS)...
More informationKeeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit
Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit 2014 Welcome to our third annual review of the IT hot topics facing Internal Audit functions within
More informationRobotic Process Automation Overview and RPA Case Study. November 2015
Robotic Process Automation Overview and RPA Case Study November 2015 Big data?! Effective data management?! 2 What is Robotic Process Automation (RPA)? Software! Robots are Robots are not Computer coded
More informationA NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
More informationThe Internal Audit fraud challenge Prevention, protection, detection
The Internal Audit fraud challenge Prevention, protection, detection Contents Introduction to survey 1 Key findings 2 What are the views of senior management? 3 Adequately resourced? 6 Current trends and
More informationCyber Security Evolved
Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are
More informationTransforming customer management in the water sector How to become a leader in customer service
Transforming customer management in the water sector How to become a leader in customer service management strategies have always been important to water companies, with a focus on resolving issues first
More informationCIIA South West Analytics in Internal Audit - Tackling Fraud
CIIA South West Analytics in Internal Audit - Tackling Fraud 10 December 2014 Agenda Intro to Analytics When to use analytics and how to get started Risk Monitoring and Control Automation Common Pitfalls
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationMike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program
Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationDevelopmental assignments Enablers not solutions
Developmental assignments Enablers not solutions In this article we will look at the roots of this phenomenon, and outline some strategic principles followed by organisations which successfully optimise
More informationGlobal Mobility for Professional Practices Managing a mobile workforce
Global Mobility for Professional Practices Managing a mobile workforce Overview Global Mobility has become a prominent theme as Professional Practice Firms have expanded internationally. Their global strategies,
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More information01/ 02/ 03/ 04/ 05/ Beyond borders Deloitte Discovery April 23 rd 2015 Cyprus 1 Going beyond borders to move our clients ahead Deloitte Discovery Services - Deloitte Legal 2 The Deloitte
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationD-G4-L4-231 Data Governance Assessment Design and Implementation Deloitte LLP Service for G- Cloud IV
D-G4-L4-231 Data Governance Assessment Design and Implementation Deloitte LLP Service for G- Cloud IV September 2013 Contents 1 Service Overview 1 2 Detailed Service Description 4 3 Commercials 8 4 Our
More informationCyber security: everybody s imperative. A guide for the C-suite and boards on guarding against cyber risks
Cyber security: everybody s imperative A guide for the C-suite and boards on guarding against cyber risks Secure Enhance risk-prioritized controls to protect against known and emerging threats, and comply
More informationMobility cost optimisation Managing the whole mobility investment
Mobility cost optimisation Managing the whole mobility investment Extract of article published in International HR Adviser Magazine June 2014 We don t have budget for this! is a common cry from business
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationDeloitte Shared Services, GBS & BPO Conference Shared Services Design Through to Implementation
Deloitte Shared Services, GBS & BPO Conference Shared Services Design Through to Implementation Jo Hart & Charlotte Allen, Deloitte 22 23 September 2015 Berlin, Germany Agenda Shared Services Approach
More informationIdentity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015
Identity & Management The Cloud Perspective Andrea Themistou 08 October 2015 Agenda Cloud Adoption Benefits & Risks Security Evolution for Cloud Adoption Securing Cloud Applications with IAM Securing Cloud
More informationSYMANTEC CYBERV ASSESSMENT SERVICE OVER THE HORIZON VISIBILITY INTO YOUR CYBER RESILIENCE MORE FOCUS, LESS RISK.
SYMANTEC CYBERV ASSESSMENT SERVICE OVER THE HORIZON VISIBILITY INTO YOUR CYBER RESILIENCE Cyberspace the always-on, technologically hyperconnected world offers unprecedented opportunities for connectivity,
More informationFinance Transformed. Changing the focus Finance Business Partnering
Finance Transformed Changing the focus Finance Business Partnering Contents Out of the shadows of the back office 1 Striking the right balance in finance 2 Finance finds multiple barriers to becoming a
More informationThe Changing IT Risk Landscape Understanding and managing existing and emerging risks
The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015
More informationCybersecurity. Considerations for the audit committee
Cybersecurity Considerations for the audit committee Insights on November 2012 governance, risk and compliance Fighting to close the gap Ernst & Young s 2012 Global Information Security Survey 2012 Global
More informationThe Internet of Things Risks and Challenges
The Internet of Things Risks and Challenges Providing the insight that enables our customers to make informed business decisions. Antony Price 03rd March 2015 Contents Internet of Things - The next threat
More informationInformation Security in Business: Issues and Solutions
Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information
More informationAnnual Shared Services and BPO Conference 2013 Shared services from feasibility through to implementation. Tibor Nagy & Jeppe Larsen
Annual Shared Services and BPO Conference 2013 Shared services from feasibility through to implementation Tibor Nagy & Jeppe Larsen Key considerations Will the corporate vision and goals be reached by
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationFinance Business Partnering Less than the sum of the parts. Organisational perception of Finance, percentage of respondents agreeing with statements
Finance Business Partnering Less than the sum of the parts Key points Deloitte s research into Finance Business Partnering has analysed the responses of 75 senior Finance executives from UK headquartered
More informationCYBER SECURITY, A GROWING CIO PRIORITY
www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------
More informationDeloitte Service Code: D-G6-L4-543 December 2014
Managed Cyber Security Cyber Intelligence Centre Deloitte LLP Service Deloitte Service Code: D-G6-L4-543 December 2014 Contents 1 Service Overview 1 2 Detailed Service Definition 2 3 Pricing 6 4 Ordering
More informationDeloitte Shared Services, GBS & BPO Conference SMAC / Enabling Technologies and Shared Services in the Public Sector
Deloitte Shared Services, GBS & BPO Conference SMAC / Enabling Technologies and Shared Services in the Public Sector Carolyn Williamson, Hampshire County Council; David Harker, Deloitte 22 23 September
More informationManaging Complex Transformations Achieving excellence
Managing Complex Transformations Achieving excellence A summary of our transformation management and programme leadership capability in the mining industry February 2009 Contents Introduction 1 Our approach
More informationCharity Audit Committee performance evaluation Self assessment checklist. October 2014
Charity Audit Committee performance evaluation Self assessment checklist October 2014 With increasing responsibilities and complexities, being a member of the Audit Committee has never been more challenging
More informationOn the horizon 2016 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint
On the horizon 2016 Hot topics for IT internal audit in financial services An Internal Audit viewpoint Introduction Welcome to our fifth annual review of the information technology hot topics for internal
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationCYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES
POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response
More informationwww.pwc.nl/cybersecurity Cyber security Building confidence in your digital future
www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence
More informationEnhanced Portfolio Management in uncertain times
Enhanced Portfolio Management in uncertain times How businesses can generate and protect value through enhanced, risk return techniques improving portfolio and capital allocation decisions Contents Executive
More informationCybercrime: risks, penalties and prevention
Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,
More informationD-G4-L4-126 Police contact management and demand reduction review Deloitte LLP Service for G-Cloud IV
D-G4-L4-126 Police contact management and demand reduction review Deloitte LLP Service for G-Cloud IV September 2013 Contents 1 Service Overview 1 2 Detailed Service Description 2 3 Commercials 6 4 Our
More informationCurrent issues and trends in the Aerospace supply chain
Current issues and trends in the Aerospace supply chain Iain Subtitle Kirwan runs here 1 line max Director Supply Chain Consulting Global A&D insights and trends Overall global A&D industry expected to
More informationFaculdade de Direito, Lisboa, 02-Jul-2014. The Competitive Advantage of Cybersecurity
Faculdade de Direito, Lisboa, 02-Jul-2014 The Competitive Advantage of Cybersecurity Thales Key highlights (I) A global company with 65,000 employees and 14,2 billion in revenues, R&D 2,5 billion * We
More informationClose the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle
Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not
More informationESKISP6054.01 Conduct security testing, under supervision
Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to
More informationExtract of article published in International HR Adviser magazine 2013. The role of HR in global mobility
Extract of article published in International HR Adviser magazine 2013 The role of HR in global mobility Increasingly the regional HR director for Asia Pacific for many large multinationals will be based
More informationCyber threat intelligence and the lessons from law enforcement. kpmg.com.au
Cyber threat intelligence and the lessons from law enforcement kpmg.com.au Introduction Cyber security breaches are rarely out of the media s eye. As adversary sophistication increases, many organisations
More informationCYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY
CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY INTRODUCTION Information security has evolved. As the landscape of threats increases and cyber security 1 management becomes
More informationA guide to investing. Appendix 10 Choice of business entity
A guide to investing in Wales Appendix 10 Choice of business entity August 2013 Appendix 10 Choice of business entity 1. Principal forms of doing business Business organisations in the UK usually take
More informationCyber intelligence exchange in business environment : a battle for trust and data
Cyber intelligence exchange in business environment : a battle for trust and data Experiences of a cyber threat information exchange research project and the need for public private collaboration Building
More informationMalware isn t The only Threat on Your Endpoints
Malware isn t The only Threat on Your Endpoints Key Themes The cyber-threat landscape has Overview Cybersecurity has gained a much higher profile over the changed, and so have the past few years, thanks
More informationAnnual Shared Services and BPO Conference 2013 Continuous improvement end to end - who dares wins. Geoff Gibbons & Mathew Shreeve
Annual Shared Services and BPO Conference 2013 Continuous improvement end to end - who dares wins Geoff Gibbons & Mathew Shreeve Agenda Who Dares Wins Introduction What tools should you have in your shared
More informationJanuary 2015. Senior Insurance Managers Regime Strengthening accountability in insurance
January 2015 Senior Insurance Managers Regime Strengthening accountability in insurance Contents Introduction 1 Key points 2 Implementing Solvency II 3 Implications for Non Executive Directors 4 Practical
More informationUK Indirect Tax Conference 2015 Automating Indirect Tax Compliance. Jilly McCullagh 11 November 2015
UK Indirect Tax Conference 2015 Automating Indirect Tax Compliance Jilly McCullagh 11 November 2015 What we will cover today Setting the scene Step 1 Understanding the problem Step 2 - Outline current
More informationInternal Audit at the University of Cambridge.
Internal Audit at the University of Cambridge. Contents Introduction to Deloitte 1 Our team 2 What is Internal Audit? 4 Our approach to Internal Audit 5 Authority and reporting lines 7 Planning 8 Ad Hoc
More informationD-G4-L4-025 Mobile Working Technology Feasibility Study for a Healthcare Body Deloitte LLP Service for G-Cloud IV
D-G4-L4-025 Mobile Working Technology Feasibility Study for a Healthcare Body Deloitte LLP Service for G-Cloud IV September 2013 Contents 1 Service Overview 1 2 Detailed Service Description 2 3 Commercials
More informationPersonal Information Threats & Risks: Responding to an Evolving Landscape with an Integrated Data Protection Approach
Personal Information Threats & Risks: Responding to an Evolving Landscape with an Integrated Data Protection Approach Don MacPherson January 2012 Discussion Items 1. Threats and risks to personal information
More informationFull-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform
Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Solution Brief Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Finding
More informationREPORT. Next steps in cyber security
REPORT March 2015 Contents Executive summary...3 The Deloitte and Efma questionnaire...5 Level of awareness...5 Level of significance...8 Level of implementation...11 Gap identification and concerns...15
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationCyber Security key emerging risk Q3 2015
Cyber Security key emerging risk Q3 2015 The study is based on interviews with CIO:s, CISO:s and Head of Security in August and September 2015. November 2015 www.pwc.se Companies falling behind are more
More informationBusiness Plan 2012/13
Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,
More informationA guide to investing. Appendix 12 Checklist of items to consider when planning a project
A guide to investing in Wales Appendix 12 Checklist of items to consider when planning a project August 2013 Appendix 12 Checklist of items to consider when planning a project Early in the evolution of
More informationThis image cannot currently be displayed. D-G4-L4-241 Predictive analytics (software as service) Deloitte LLP Service for G-Cloud IV
This image cannot currently be displayed. D-G4-L4-241 Predictive analytics (software as service) Deloitte LLP Service for G-Cloud IV September 2013 Contents 1 Service Overview 1 2 Detailed Service Description
More informationRich Baich Principal March 22, 2012
Cyber espionage The harsh reality of advanced security threats Rich Baich Principal March 22, 2012 Agenda Introductions Threat landscape update How organizations are responding Other discussion topics
More informationThreat Intelligence. Benefits for the enterprise
Benefits for the enterprise Contents Introduction Threat intelligence: a maturing defence differentiator Understanding the types of threat intelligence: from the generic to the specific Deriving value
More informationAnnual Shared Services and BPO Conference 2013 The art of the possible for shared services how to streamline your local finance organisation
Annual Shared Services and BPO Conference 2013 The art of the possible for shared services how to streamline your local finance organisation Denes Lang & Vazul Toth DIAGEO AND GLOBAL SHARED SERVICES The
More informationG Cloud III Framework Lot 4 (SCS) Project Management
G Cloud III Framework Lot 4 (SCS) Project Management Contents Executive Summary 3 Project Management 4 Why Deloitte? 6 SFIA Rate Card 7 Contact 8 Service Definition (a) to (p) 9 Executive Summary PROJECT
More informationBusiness Effectiveness and Costs in UK
Advertising effectiveness Budget Battles Proving our Worth Thursday, 25 June 2015 Agenda Advertising effectiveness over the business cycle Measuring digital and traditional media effectiveness 2 2014 Deloitte
More informationRethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council
Rethinking Information Security for Advanced Threats CEB Information Risk Leadership Council Advanced threats differ from conventional security threats along many dimensions, making them much more difficult
More informationMiFID II/MiFIR. Implications for Fund Managers. May 2014. 2014 Deloitte LLP. All rights reserved.
/MiFIR Implications for Fund Managers May 2014 Webinar participants Manmeet Rana Senior Manager Audit Deloitte UK mrana@deloitte.co.uk +44 20 7303 8624 Manmeet Rana is a Senior Manager within Deloitte
More informationCyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things
Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations
More informationAhead of the threat with Security Intelligence
Ahead of the threat with Security Intelligence PITB Information Security Conference 2013 Zoaib Nafar Brand Technical Sales Lead 2012 IBM Corporation 1 The world is becoming more digitized and interconnected,
More informationCan We Become Resilient to Cyber Attacks?
Can We Become Resilient to Cyber Attacks? Nick Coleman, Global Head Cyber Security Intelligence Services December 2014 Can we become resilient National Security, Economic Espionage Nation-state actors,
More informationHow To Manage Risk On A Scada System
Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives (Revised March 2012) Disclaimer: To the extent permitted by law, this document
More informationInternal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015
Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are
More informationCyber Security - What Would a Breach Really Mean for your Business?
Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber
More informationCyber security in healthcare
Cyber security in healthcare Julian Meyrick, Vice President IBM Security Services Europe julian_meyrick@uk.ibm.com Healthcare is one of the top 5 industries that continue to offer attackers the most significant
More informationKey Cyber Risks at the ERP Level
Key Cyber Risks at the ERP Level Process & Industrial Products (P&IP) Sector December, 2014 Today s presenters Bhavin Barot, Sr. Manager Deloitte & Touche LLP Goran Ristovski, Manager Deloitte & Touche
More informationGovernment Procurement Service
www.pwc.co.uk Government Procurement Service PwC and the G-Cloud: knowledge, experience, value V1.0 PwC Service Definition 9: G-Cloud Cyber Security Design and Assurance 06 October 2015 www.pwc.co.uk Table
More informationERM Symposium April 2009. Moderator Nancy Bennett
ERM Symposium April 2009 RI4-Implementing a Comprehensive Privacy Program John Kelly Joseph Nocera Moderator Nancy Bennett Data & Identity Theft: Keeping sensitive data out of the wrong hands Presented
More informationInstitute of Internal Auditors Cyber Security. Birmingham Event 15 th May 2014 Jason Alexander
Institute of Internal Auditors Cyber Security Birmingham Event 15 th May 2014 Jason Alexander Introduction Boards growing concern with Cyber Risk Cyber risk is not new, but incidents have increased in
More informationAchieving Information Security
Achieving Information Security Beyond penetration testing and frameworks ISACA Athens Conference 25 November, 2014. All good information security presentations start with a Bruce Schneier quote - Not Bruce
More information1. Understanding Big Data
Big Data and its Real Impact on Your Security & Privacy Framework: A Pragmatic Overview Erik Luysterborg Partner, Deloitte EMEA Data Protection & Privacy leader Prague, SCCE, March 22 nd 2016 1. 2016 Deloitte
More informationBe Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience
Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience Mike O Neill Managing Director Graeme McGowan Associate Director of Cyber Security
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationCommittees Date: Subject: Public Report of: For Information Summary
Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security
More informationCYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison
CYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison Gary Solway* Bennett Jones LLP The August release of the purported names and other details of over 35 million customers
More informationLow Default Portfolio (LDP) modelling
Low Default Portfolio (LDP) modelling Probability of Default (PD) Calibration Conundrum 3 th August 213 Introductions Thomas Clifford Alexander Marianski Krisztian Sebestyen Tom is a Senior Manager in
More informationD-G5-L4-318 Data Integration Hub Deloitte LLP Service for G-Cloud V
D-G5-L4-318 Data Integration Hub Deloitte LLP Service for G-Cloud V April 2014 Contents 1 Service Overview 1 2 Detailed Service Description 2 3 Commercials 6 4 Our G-Cloud Services 7 5 About Deloitte 8
More informationDo what matters to you. School leaver opportunities
Do what matters to you School leaver opportunities Whatever it is, you ll find it here Keep learning and get some more qualifications under your belt? Or start earning and develop your experience in the
More informationFuture Threat Landscape - How will technology evolve and what does it mean for cyber security?
James Hanlon CISSP, CISM Security Strategist Office of the CTO EMEA Future Threat Landscape - How will technology evolve and what does it mean for cyber security? Think > What does the future of technology
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationDefending against modern cyber threats
Defending against modern cyber threats Protecting Critical Assets October 2011 Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Agenda 1. The seriousness of today s situation
More information