Petit Déjeuner des PME. Crisis management and Attacks
|
|
- Monica Franklin
- 7 years ago
- Views:
Transcription
1 Petit Déjeuner des PME Crisis management and Attacks Nicolas Vernaz 27 April 2016
2 Agenda What is the scale of security incidents? Are companies prepared against cyber attacks? Behaviour during a Cyber Attack What is a crisis? Concrete Examples Crisis management? Complex vocabulary, norms and standards 10 fix the problem points Petits déjeuners des PME et start-up - Cybercriminalité 2
3 Security incidents are constantly on the rise - In today s business landscape, information security incidents are a question of when, not if Cybercrime is the 2nd most reported economic crime in It has always been in the top 5 since it first appeared in our Global Economic Crime Survey back in Top three most commonly reported types of economic crime in 2016 In 2015, Swiss organisations detected a 330% increase in security incidents. It is troubling that respondents who do not know the number of incidents has doubled compared to Average number of security incidents in Switzerland 64% 32% 24% Asset misappropriation Cybercrime Bribery and corruption Steady increase in the reporting of cybercrime since % 24% 32% CH % 7'247 CH-2014 CH '186 2'130 Don t know 7 % 10 % Rank 4th 4th 2nd Source: PwC s Global Economic Crime Survey 2016 February 2016 Source: PwC s Global State of Information Security Survey 2016 October 2015 Petits déjeuners des PME et start-up - Cybercriminalité 3
4 However, most organisations are still not adequately prepared against cyber-attacks Do organisations have Incident Response Plans to deal with cyber-attacks? 63% of organisations have not a fully operational incident response plan Astoundingly, 31% have no plan at all, and of these, more than half don t think they need one Should a cyber crisis arrive, only 40% of companies have personnel that are fully trained to act as first responders Source: PwC s Global Economic Crime Survey February 2016 Petits déjeuners des PME et start-up - Cybercriminalité 4
5 Cyber Attacks Cyber Crime focus Prepared Unprepared Ransomware Malware DDoS Trojans ZeroDay Phishing Virus And many more Pro-Active Re-Active Leads to a CRISIS Petits déjeuners des PME et start-up - Cybercriminalité 5
6 What is a crisis? A crisis is any event that is, or is expected to lead to, an unstable and dangerous situation with potential serious consequences, affecting an individual, group, or a whole company and for which habitual behaviors, procedures and process are not adapted. Origin of a crisis can be multiple Natural or Environmental (storm, flood, epidemic, fire, explosion.), Human (insider threat, human error.), Technology (IT issue, virus ) and for sure it can be the result of a Cyber Attack! It can come from the 3 dimensions : People, Process, Technology and affect Confidentiality, Integrity and Availability People Process Technology Petits déjeuners des PME et start-up - Cybercriminalité 6
7 Concrete Examples People Process Techno Company Cyber Crime Hyatt Hotels Leakage Process and Techno Boston Hospital Ransomware Techno Swiss Banks Digitec Migros Webshops Dyre Trojan or DDoS attacks DDoS People, Process and Techno Process and Techno Fribourg SME 1M CHF stolen Hacking/Trojan People Petits déjeuners des PME et start-up - Cybercriminalité 7
8 Crisis management? Preparation before the crisis Identification of critical assets and risks Creation of an Urgency toolkit and response plans Get prepared to crisis communications and people training Crisis management starts before the crisis happened Crisis management Situation analysis Evolution anticipation Action list Crisis has to be managed Post Crisis Back to normal Communication Lessons learned New normal New normal has to be accepted Petits déjeuners des PME et start-up - Cybercriminalité 8
9 Complex Vocabulary Norms and Standards DRP BCP IT Continuity Plan Incident Response team Incident Management System Crisis Management Incident Response Plan Petits déjeuners des PME et start-up - Cybercriminalité 9
10 There is no magic bullet for effective cybersecurity, it is a path that starts with the right mix of technologies, processes, and people skills. The Cyber Security Roadmap - 10 steps to fix the problem 1 Cyber Risk Assessment Perform internal and external risk assessments on security, availability, confidentiality, and privacy. 2 Roles & Responsibilities Have a CISO /CSO in charge of Security and obtain commitment from the Top 3 Information Security Program Define an information security program based on recognized security framework (e.g. NIST, ISO) 4 Crown jewels (e.g. health records, donors data, Intellectual property) - What are they? Where are they? Who owns them? 5 Fix the basics policies, standards, user access management, technology safeguards 6 People matters Personnel background checks, and employee security awareness training program 7 Third-Party risks Have security baselines for third parties and evaluate them periodically 8 Detection capabilities Conduct Threat assessments and internal / external penetration tests 9 Get ready for D-Day Define incident-management response process and exercise it through real live scenario 10 Join forces Collaborate with your peers to facilitate knowledge sharing and maintain a communication channel with authorities Petits déjeuners des PME et start-up - Cybercriminalité 10
11 Thanks
12 Nicolas Vernaz Qualification 2014 : Certification COBIT Foundation, ACE Palo Alto 2013 : Certification CISM 2011 : Certification CBCI 2009 : Certification Lead Auditor : MBA MSSI MAS MSSI (Information System Security Management) At IAE Aix en Provence (F) and HEG Geneva (CH) 2008 : Certification ITIL v3 foundations 2004 : Swiss Federal IT Certificate Senior Manager PricewaterhouseCoopers AG 50 avenue Giuseppe Motta 1202 Genève Office: Mobile: Nicolas.vernaz@ch.pwc.com Languages French (mother tongue), English (fluent) Career Development Nicolas has over 15 years of experience in IT, Cyber Security and management in a rapid growing and complex environment. He is specialized in Industry and SME and has delivered several international projects and had missions in many countries. During the past 12 years, he was leading the group infrastructure and security for an international oil and gas company. He acquired competencies in the implementation and in the management of Projects and Teams, IT Risk assessment, IT Audits, Technical architecture setup, IS Security Policy, IS Security Governance, IS Security roadmap, DRP and BCP Relevant Experience Nicolas has experience in leading and managing a team to run day to day Network, Infrastructure and Security, but also project teams, local or worldwide, from small to large teams (up to 30). He has lead the implementation of various Security components, such as Firewalls, IDS, Vpn, Mobile Security, Proxy, Antispam, Log Monitoring, Network segregation, Secured Wifi, User management and provisioning, Single sign on. He was responsible for a group wide risk assessment and definition of IS Security Policy, Mobile Security Policy and DRP/BCP policy and procedures. He was managing IT Security for an international company, that included dealing with auditors (SOX), but also defining IS Security roadmaps. Nicolas is member of the committee of the Clusis, the Swiss Security Association, and president of the ISMA, the alumni of the Geneva Security Masters. (HEG and Infosec) Petits déjeuners des PME et start-up - Cybercriminalité 12
January IIA / ISACA Joint Meeting Pre-meeting. Cybersecurity Update for Internal Auditors. Matt Wilson, PwC Risk Assurance Director
January IIA / ISACA Joint Meeting Pre-meeting Cybersecurity Update for Internal Auditors Matt Wilson, Risk Assurance Director Introduction and agenda Themes from The Global State of Information Security
More informationAppendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises
Appendix Key Areas of Concern i. Inadequate coverage of cybersecurity risk assessment exercises The scope coverage of cybersecurity risk assessment exercises, such as cybersecurity control gap analysis
More informationCollateral Effects of Cyberwar
Your texte here. Collateral Effects of Cyberwar by Ilia Kolochenko for Geneva Information Security Day 9 th of October 2015 Quick Facts and Numbers About Cybersecurity In 2014 the annual cost of global
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationCybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015
Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key
More informationSecuring the Cloud: Making Cloud an Opportunity to Enhance Security
Securing the Cloud: Making Cloud an Opportunity to Enhance Security February 2016 Greg Coughlin Director, IBM Security @JGCoughlin 1 The rise of Shadow IT? 2 Security reality we have all been compromised
More informationour enterprise security Empowering business
our enterprise security Empowering business Introduction Communication is changing the way we live and work. Ericsson plays a key role in this evolution, using innovation to empower people, business and
More informationIntroduction to Business Continuity Planning
Introduction to Business Continuity Planning Business Continuity and Disaster Resilience Forum May 10, 2012 Rizal Ballroom A, Makati Shangri-la Manila, Philippines Dr Goh Moh Heng President BCM Institute
More informationCASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link
CASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link Peter Milla CASRO Technical Consultant/CIRQ Technical Advisor peter@petermilla.com Background CASRO and Standards CASRO takes
More informationCyber Security 2014 SECURE BANKING SOLUTIONS, LLC
Cyber Security CHAD KNUTSON SECURE BANKING SOLUTIONS 2014 SECURE BANKING SOLUTIONS, LLC Presenter Chad Knutson Senior Information Security Consultant Masters in Information Assurance CISSP (Certified Information
More information2 0 1 4 F G F O A A N N U A L C O N F E R E N C E
I T G OV E R NANCE 2 0 1 4 F G F O A A N N U A L C O N F E R E N C E RAJ PATEL Plante Moran 248.223.3428 raj.patel@plantemoran.com This presentation will discuss current threats faced by public institutions,
More informationPwC s Advanced Threat and Vulnerability Management Services
www.pwc.ch PwC s Advanced Threat and Vulnerability Management Services Our comprehensive approach PwC s security assessment services A joint business relationship provides clients with access to High-Tech
More informationTestimony of Eunice Santos. House Oversight and Government Affairs Committee Subcommittee on Information Technology
Testimony of Eunice Santos Before the House Oversight and Government Affairs Committee Subcommittee on Information Technology Federal Efforts to Improve Cybersecurity June 20 th, 2016 Chicago, Illinois
More informationCONSULTING IMAGE PLACEHOLDER
CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization
More informationTop Ten Cyber Threats
Top Ten Cyber Threats Margaret M. McMahon, Ph.D. ICCRTS 2014 Introduction 2 Motivation Outline How malware affects a system Top Ten (Simple to complex) Brief description Explain impacts Main takeaways
More informationDeveloping National Frameworks & Engaging the Private Sector
www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012
More informationHow to protect yourself against cyber crime in 7 practical steps
How to protect yourself against cyber crime in 7 practical steps Fox Harbour, NS Presented by: Date: Scott Crowley, Regional Managing Partner, MNP Ken Taylor, President, ICSPA Stephen Warden, Partner,
More informationThe Hungarian digital security and data protection specialist. www.quadron.hu
The Hungarian digital security and data protection specialist www.quadron.hu WHY IS IT SECURITY IMPORTANT? The abuse of computers is an increasingly common phenomenon of both the business and the public
More informationCYBERSECURITY NEXUS ROBERT E STROUD INTERNATIONAL PRESIDENT, ISACA RAMSÉS GALLEGO INTERNATIONAL VICE PRESIDENT, ISACA
CYBERSECURITY NEXUS ROBERT E STROUD INTERNATIONAL PRESIDENT, ISACA RAMSÉS GALLEGO INTERNATIONAL VICE PRESIDENT, ISACA Robert Stroud International President, ISACA VP Strategy & Innovation, CA Technologies
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationIT AUDIT WHO WE ARE. Current Trends and Top Risks of 2015 10/9/2015. Eric Vyverberg. Randy Armknecht. David Kupinski
IT AUDIT Current Trends and Top Risks of 2015 2 02 Eric Vyverberg WHO WE ARE David Kupinski Randy Armknecht Associate Director Internal Audit Protiviti 317.510.4661 eric.vyverberg@protiviti.com Managing
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationCyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist
Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended
More informationBUILD YOUR CYBERSECURITY SKILLS WITH NRB
BUILD YOUR CYBERSECURITY SKILLS WITH NRB BECOME A PECB CERTIFIED ISO 27001 AUDITOR OR INSTRUCTOR NRB established a partnership with the Professional Evaluation and Certification Board (PECB) to enrich
More informationFour Top Emagined Security Services
Four Top Emagined Security Services. www.emagined.com Emagined Security offers a variety of Security Services designed to support growing security needs. This brochure highlights four key Emagined Security
More informationWestern Intergovernmental Audit Forum
Western Intergovernmental Audit Forum Business Continuity & Disaster Recovery Planning September 12, 2013 Presented by: City of Phoenix City Auditor Department Aaron Cook, Sr Internal Auditor IT Audit
More informationCyber Security Incident Management
Cyber Security Incident Management Dr Syed Naqvi syed.naqvi@bcu.ac.uk Outline Introduction Stages of Cyber Incident Response Challenges of Cyberspace Best practices 2 3 Cyber Incident Response 4 Preparation
More informationInformation Security Services
Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual
More informationCentral Asian Information Security Survey Results (2014) Insight into the information security maturity of organisations, with a
Central Asian Information Security Survey Results (2014) Insight into the information security maturity of organisations, with a focus on cyber security Introduction and Executive summary From September
More informationManaging cyber risks with insurance
www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive
More informationEl costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada
El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada The Traditional Approach is Changing. Security is no longer controlled and enforced through the
More informationSecurity Risk Management Strategy in a Mobile and Consumerised World
Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key
More informationInformation Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza
Information Security Management System (ISMS) Overview Arhnel Klyde S. Terroza May 12, 2015 1 Arhnel Klyde S. Terroza CPA, CISA, CISM, CRISC, ISO 27001 Provisional Auditor Internal Auditor at Clarien Bank
More informationCybersecurity Awareness. Part 1
Part 1 Objectives Discuss the Evolution of Data Security Define and Discuss Cybersecurity Review Threat Environment Part 1 Discuss Information Security Programs s Enhancements for Cybersecurity Risks Threat
More informationCyber Security key emerging risk Q3 2015
Cyber Security key emerging risk Q3 2015 The study is based on interviews with CIO:s, CISO:s and Head of Security in August and September 2015. November 2015 www.pwc.se Companies falling behind are more
More informationVIGILANCE INTERCEPTION PROTECTION
MINIMIZE CYBERTHREATS VIGILANCE INTERCEPTION PROTECTION CYBERSECURITY CDW FINANCIAL SERVICES 80 million identities were exposed by breaches in financial services in 2014. 1 1 symantec.com, Internet Security
More informationCOBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)
COBIT 5 For Cyber Security Governance and Management Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE) Cybersecurity Governance using COBIT5 Cyber Defence Summit Riyadh, KSA
More informationISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters
When Recognition Matters WHITEPAPER ISO/IEC 27002:2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS www.pecb.com CONTENT 3 4 5 6 6 7 7 7 7 8 8 8 9 9 9
More informationThe Emergence of the ISO in Community Banking Patrick H. Whelan CISA IT Security & Compliance Consultant
THE MARKET LEADER IN IT, SECURITY AND COMPLIANCE SERVICES FOR COMMUNITY FINANCIAL INSTITUTIONS The Emergence of the ISO in Community Banking Patrick H. Whelan CISA IT Security & Compliance Consultant Agenda
More informationWhere insights lead Cybersecurity and the role of internal audit: An urgent call to action
Where insights lead Cybersecurity and the role of internal audit: An urgent call to action The threat from cyberattacks is significant and continuously evolving. One estimate suggests that cybercrime could
More informationAdopting a Cybersecurity Framework for Governance and Risk Management
The American Hospital Association s Center for Healthcare Governance 2015 Fall Symposium Adopting a Cybersecurity Framework for Governance and Risk Management Jim Giordano Vice Chairman & Chair of Finance
More informationCybersecurity Strategic Consulting
Home Overview Challenges Global Resource Growth Impacting Industries Why Capgemini Capgemini & Sogeti Cybersecurity Strategic Consulting Enabling business ambitions, resilience and cost efficiency with
More informationKEY TRENDS AND DRIVERS OF SECURITY
CYBERSECURITY: ISSUES AND ISACA S RESPONSE Speaker: Renato Burazer, CISA,CISM,CRISC,CGEIT,CISSP KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures
More informationMaking Sense of Cyber Insurance: A Guide for SMEs
Making Sense of Cyber Insurance: A Guide for SMEs abi.org.uk @BritishInsurers 2 abi.org.uk Contents Introduction 4 Six Key Areas to Look Out For in Cyber Insurance Policies 5 Potential Exclusions to Look
More informationRETHINKING CYBER SECURITY Changing the Business Conversation
RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.
More informationwww.pwc.com/us/cyber Statement of Qualifications Cybercrime & data breach
www.pwc.com/us/cyber Statement of Qualifications Cybercrime & data breach Contents Countering cyber threats and fraud Cyber forensics and investigative services Cyber forensics and investigations Past
More informationCYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts
CYBER SECURITY ADVISORY SERVICES Governance Risk & Compliance Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts The Financial Services Industry at Crossroads: Where to From Here? WELCOME What
More informationINFORMATION SECURITY FOR YOUR AGENCY
INFORMATION SECURITY FOR YOUR AGENCY Presenter: Chad Knutson Secure Banking Solutions, LLC CONTACT INFORMATION Dr. Kevin Streff Professor at Dakota State University Director - National Center for the Protection
More informationSecuring the Microsoft Cloud
Securing the Microsoft Cloud Securing the Microsoft Cloud Page 1 Securing the Microsoft Cloud Microsoft recognizes that trust is necessary for organizations and consumers to fully embrace and benefit from
More informationExercising Your Enterprise Cyber Response Crisis Management Capabilities
Exercising Your Enterprise Cyber Response Crisis Management Capabilities Ray Abide, PricewaterhouseCoopers, LLP 2015 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved.
More informationwww.pwc.com Cybersecurity and Privacy Hot Topics 2015
www.pwc.com Cybersecurity and Privacy Hot Topics 2015 Table of Contents Cybersecurity and Privacy Incidents are on the rise Executives and Boards are focused on Emerging Risks Banking & Capital Markets
More informationPCI DSS Investing wisely...
PCI DSS Investing wisely... Hotel webinar Neira Jones Head of Payment Security Barclaycard Global Payment Acceptance 25 th July 2011 Leading the way in secure payments global payment acceptance Hotel Security
More informationEffective Methods to Detect Current Security Threats
terreactive AG. Swiss Cyber Storm 2015. Effective Methods to Detect Current Security Threats Enrico Petrov Director Managed Security Services terreactive October 21 st, 2015 terreactive Background. About
More informationCombatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation
Combatting the Biggest Cyber Threats to the Financial Services Industry A White Paper Presented by: Lockheed Martin Corporation Combatting the Biggest Cyber Threats to the Financial Services Industry Combatting
More informationCyber Security Evolved
Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are
More informationPacific Islands Telecommunications Association
Pacific Islands Telecommunications Association 8 th Fl, Dominion Hse PHONE : (679) 331 1638 PO BOX 2027, Govt Bldg FAX : (679) 330 8750 SUVA, FIJI Islands E-mail: pita@connect.com.fj www.pita.org.fj INVITATION
More informationI n f o r m a t i o n S e c u r i t y
We help organizations protect INFORMATION The BorderHawk Team has significant experience assessing, analyzing, and designing information protection programs especially in Critical Infrastructure environments.
More informationHelmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com
Promoting a Cybersecurity Culture: Tunisian Experience ITU Regional Cybersecurity Forum for Eastern and Southern Africa Lusaka, Zambia, 25-28 August 2008 Helmi Rais CERT-TCC Team Manager National Agency
More informationGovernance and Management of Information Security
Governance and Management of Information Security Øivind Høiem, CISA CRISC Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector secretary for information
More informationInformation Security for the Rest of Us
Secure Your Way Forward. AuditWest.com Information Security for the Rest of Us Practical Advice for Small Businesses Brian Morkert President and Chief Consultant 1 Introduction President Audit West IT
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationTHE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS
THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.
More informationCertified Cyber Security Analyst VS-1160
VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The
More informationEffective Methods to Detect Current Security Threats
terreactive AG. Swiss Cyber Storm 2015. Effective Methods to Detect Current Security Threats Taking your IT security to the next level, you have to consider a paradigm shift. In the past companies mostly
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationManaging Network-related Risk for SMEs
Managing Network-related Risk for SMEs SANS Information Security Webcast 20 Mar 2012 Geneva, Switzerland version 1b Jim Herbeck Managing Partner, Nouvel Strategies JHerbeck@NouvelStrategies.com Member
More informationCybersecurity Audit Why are we still Vulnerable? November 30, 2015
Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event
More informationNine Cyber Security Trends for 2016
Nine Cyber Security Trends for 2016 12-17-15 Boxborough, MA 2016 will see an increasing number of attacks and the emergence of new targets; the complexity and sophistication of attacks, initiated by increasingly
More informationWhy you should adopt the NIST Cybersecurity Framework
www.pwc.com/cybersecurity Why you should adopt the NIST Cybersecurity Framework May 2014 The National Institute of Standards and Technology Cybersecurity Framework may be voluntary, but it offers potential
More informationThe STAGEnet Security Model
NDSU 2015 Cyber Security Conference The STAGEnet Security Model Peeling Away the Layers March 17, 2015 NDSU Memorial Union Rose Room NDSU 2015 Cyber Security Conference Art Bakke Enterprise Information
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationCYBER SECURITY, A GROWING CIO PRIORITY
www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------
More informationCYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY
CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY INTRODUCTION Information security has evolved. As the landscape of threats increases and cyber security 1 management becomes
More informationCFIR - Finance IT 2015 Cyber security September 2015
www.pwc.dk Cyber security Audit. Tax. Consulting. Our global team and credentials Our team helps organisations understand dynamic cyber challenges, adapt and respond to risks inherent to their business
More informationCyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity
IT ADVISORY Cyber Security, a theme for the boardroom www.kpmg.com/nl/cybersecurity TABLE OF CONTENTS 1 Cyber security, a theme for the boardroom 3 2 What is cyber security? 4 3 Relevance to the boardroom
More informationCYBERSECURITY INVESTIGATIONS
CYBERSECURITY INVESTIGATIONS Planning & Best Practices May 4, 2016 Lanny Morrow, EnCE Managing Consultant lmorrow@bkd.com Cy Sturdivant, CISA Managing Consultant csturdivant@bkd.com Michal Ploskonka, CPA
More informationNIST Cybersecurity Framework & A Tale of Two Criticalities
NIST Cybersecurity Framework & A Tale of Two Criticalities Vendor Management & Incident Response Presented by: John H Rogers, CISSP Advisory Services Practice Manager john.rogers@sagedatasecurity.com Presented
More informationCYBERSECURITY EXAMINATION SWEEP SUMMARY
This Risk Alert provides summary observations from OCIE s examinations of registered broker-dealers and investment advisers, conducted under the Cybersecurity Examination Initiative, announced April 15,
More informationCYBERSECURITY: ISSUES AND ISACA S RESPONSE
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures Mobile devices Social media Cloud services
More informationTHE CYBERSECURITY SKILL GAP: WHAT EMPLOYERS WANT YOU TO KNOW
www.isaca.org/cyber THE CYBERSECURITY SKILL GAP: WHAT EMPLOYERS WANT YOU TO KNOW ROBERT E STROUD CGEIT CRISC INTERNATIONAL PRESIDENT ISACA & VP STRATEGY & INNOVATION CA TECHNOLOGIES February 2015 ISACA
More informationCertified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) Course Introduction Course Introduction Module 01 - The Process of Auditing Information Systems Lesson 1: Management of the Audit Function Organization of the
More informationSecurity Controls What Works. Southside Virginia Community College: Security Awareness
Security Controls What Works Southside Virginia Community College: Security Awareness Session Overview Identification of Information Security Drivers Identification of Regulations and Acts Introduction
More informationThe Big Deal With Big Data: New Security Tools Are Needed
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com The Big Deal With Big Data: New Security Tools Are
More informationESKISP6046.02 Direct security architecture development
Overview This standard covers the competencies concerned with directing security architecture activities. It includes setting the strategy and policies for security architecture, and being fully accountable
More informationwww.pwc.com Surviving Contact with Reality Crisis exercises as a key element of cyber incident and crisis management response.
www.pwc.com Surviving Contact with Reality Crisis exercises as a key element of cyber incident and crisis management response. What Happened to the Dinosaurs Avoiding the Extinction- Level Event Corporations
More informationAuditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement
Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Copyright Elevate Consult LLC. All Rights Reserved 1 Presenter Ray Guzman MBA, CISSP, CGEIT, CRISC, CISA Over 25
More informationIs Penetration Testing recommended for Industrial Control Systems?
Is Penetration Testing recommended for Industrial Control Systems? By Ngai Chee Ban, CISSP, Honeywell Process Solutions, Asia Pacific Cyber Security Assessment for Industrial Automation Conducting a cyber-security
More informationCLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY
CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationDON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?
HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS? Gregg Sommer, CAIA Head of Operational Risk Assessments St. Louis MERCER 2015 0 CYBERSECURITY BREACHES
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,
More informationData Breaches and Cyber Risks
Data Breaches and Cyber Risks MD/DC Credit Union Association 2015 Volunteer Leadership Conference Presented by: Ken Otsuka Business Protection Risk Management CUNA Mutual Group CUNA Mutual Group Proprietary
More informationBusiness Continuity Trends and Risk Considerations Financial Executives International Portland Chapter June 12 2013
Business Continuity Trends and Risk Considerations Financial Executives International Portland Chapter June 12 2013 Chitra Gopalakrishnan Director KPMG LLP Agenda Introduction Business Continuity / Disaster
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationCyber Security solutions
Cyber Security solutions The scenario IT security has become a highly critical issue for all businesses as a result of the growing pervasiveness and diffusion of ICT technology. Risks can arise both inside
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationExecutive Order 13636: The Healthcare Sector and the Cybersecurity Framework. September 23, 2014
Executive Order 13636: The Healthcare Sector and the Cybersecurity Framework September 23, 2014 Executive Order: Improving Critical Infrastructure Cybersecurity It is the policy of the United States to
More informationCyber Security Trends 2016. Market trends from leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK
Cyber Security Trends 2016 Market trends from leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK December, 2015 Cyber security Trends 2016 What do new technologies and
More informationISE Northeast Executive Forum and Awards
ISE Northeast Executive Forum and Awards October 3, 2013 Company Name: Project Name: Presenter: Presenter Title: University of Massachusetts Embracing a Security First Approach Larry Wilson Chief Information
More information