New Zealand Cyber Security Summit 2016 Report
|
|
- Gerard McCormick
- 7 years ago
- Views:
Transcription
1 New Zealand Cyber Security Summit 2016 Report KEEPING NEW ZEALAND S ECONOMY CYBER SECURE On 5 May 2016, 300 chief executives, board chairs, directors and senior business leaders took part in New Zealand s first Cyber Security Summit. The aim was to advance New Zealand s cyber security through a public private partnership.
2 Cyber incidents and attacks threaten our economy. They can undermine our strategic and competitive advantages and cost our economy millions of dollars each year. This Government takes the protection of our businesses and economy from this growing threat seriously. Businesses, both big and small, also need to accept that cybercrime poses an enormous and immediate risk to their bottom line. A discussion about cyber security needs to happen across business, from boardrooms to the front desk. PRIME MINISTER, RT HON. JOHN KEY Improving New Zealand s cyber security is not simply about employing the right technical tools. If you think cyber security is an issue that sits in the IT department, you ve missed the critical part of this. The conversation needs to shift to the boardroom and to the CEO s office. Cyber security represents one of the most serious risks to any major business and therefore must be an executive-level responsibility, informed by the very best internationally-sourced information. That s why we re all here. For our part, the Government is taking this issue extremely seriously. Just as on the national level we benefit from sharing information about threats and solutions, so too our agencies benefit from working with international colleagues. This is already happening. Several agencies are networked with partners in the Asia-Pacific region and beyond. CERT NZ will also play a major role in this, joining a network of CERTs once it is stood up. We also need to play our part in the broader international discussion on cybersecurity and cybercrime. ANNOUNCEMENTS CERT NZ will be a central part of New Zealand s cyber security architecture. NZ$22.2 million has been allocated in Budget The CERT will take reports of cyber incidents, analysing, triaging and referring them to the right agencies for assistance. The CERT will analyse incidents to understand active threats and trends. It will develop advice and alerts on threats, vulnerabilities and prevention. It will deliver information on mitigation of threats in real-time. It will support sectoral information sharing forums. CERT NZ will be a primary point of contact with CERTs and similar organisations from other countries. As a first step, CERT NZ will be established as a branded unit within MBIE. Nominations have been sought for a CERT Advisory Board. Cyber credentials scheme for small businesses: Self-assessment. Independent verification through a certification process. The Cyber Credentials scheme will provide targeted and accessible stepping stones for businesses to improve their cyber security maturity. It will enable businesses to indicate to their customers and suppliers their recognition of the cyber security issue and the actions they have taken to address it. MINISTER FOR COMMUNICATIONS, HON. AMY ADAMS
3 GLOBAL INSIGHTS James Lewis CENTER FOR STRATEGIC AND INTERNATIONAL STUDIES Matt Thomlinson MICROSOFT Richard Bejtlich FIREEYE Ten years ago, cybersecurity was not an issue. Now it is a central issue for policy. The digital economy is like electrification at the start of the 20th century it is transforming economies no one can ignore it. But the effects of the cyber revolution are more profound, as they involve global connectivity and information. New Zealand is not far away on the Internet just over a tenth of a second from Washington or Beijing. The issue for nations is how best to manage these new risks without sacrificing opportunity. Cyber security is a problem for national policy. Governments need to think how they can mobilise their societies; how they can orient them to take collective action to protect themselves. It requires sustained senior level political attention. And it is the same for companies it requires the attention of the c-suite. Cyber security is dynamic. You have to manage it. It s not like you can put something in place and go away and think you have fixed it. New Zealand faces real threats; companies are at risk. But it is a manageable risk if you take action. You need to take action in a way that empowers growth and innovation and at the same time protects our societies. New Zealand s Cyber Security Strategy is principles driven. It includes the core concepts and emphasises partnership. It has four specific goals and takes an agile approach to cyber security through an annual review and update of actions. The technical and policy challenges are intertwined. We need to work together the public sector and the private sector. We need the right risk management to stay ahead of the threat. The speed and scale of attacks, and the destructiveness of attacks are increasing. RANSOMWARE ON THE RISE A CASE STUDY: Between 22 February and 28 March 2016, ransomware as a percentage of blocked malware went from 33% to 91% worldwide. Dealing with ransomware: Block attacks at the front line: reduce easy entry points make it harder for the attacker. Contain attackers: isolate the damage from a compromise rapid response. Data backup: have a full back-up of your business s critical data stored offline. SPONSORS Cyber threats are like a campaign. It is not like a duel or a fight between two combatants where once it s over, it is over. It is a series of engagements over time.cyber adversaries are operating multiple mutually supportive tactics (such as phishing, internet-facing attacks, insider threats, physical access, etc). These tactics are all part of a campaign to get into your environment and steal your data. The threats are not static but iterative. Some questions chief executives could ask of their IT team: Who is responsible for finding intruders? How many bad things happened over the last year? How quickly did we detect those bad things? How long did it take to contain those bad things? The aim is fewer bad things ; and less time spent dealing with bad things. Score the game and figure out how well you are doing. TERABYTE KILOBYTE BYTE
4 WORKSHOP OUTCOMES CYBER RESILIENCE BUILDING A CERT CYBER CAPABILITY MAKING A DIFFERENCE TO THE CYBER SECURITY OF SMALL BUSINESSES To be successful CERT NZ should develop good public awareness, recognition and trust. It should have strong public and private partnerships domestically and internationally, and provide timely, relevant and valuable information. For the CERT to be an effective collaborative venture, it should be trusted, add value by being relevant to its customers, have a truly representative board and strong relationships with other CERTs and industry partners. There must be mutual benefit for partners. The CERT must have sufficient resources and capabilities. CERT NZ should be readily accessible and responsive to its customers. To ensure a Cyber Credentials scheme is effective participants agreed: it should be simple, low- cost, relevant, non-technical, and attractive to small businesses. Commercial incentives (or nudges ) might encourage small businesses to acquire a Cyber Credentials certificate. These could include linkages to insurance or procurement programmes, or as part of finance offerings. There is a role for larger companies to assist and mentor smaller businesses, including through requiring Cyber Credentials as part of their supply chain contractual requirements. Internet Service Providers or cloud services providers could play a role in driving take-up of Cyber Credentials by small businesses. Other initiatives to help small businesses improve their cyber security include on-line cyber security education tools, cyber security assessment apps, and promoting work experience opportunities for cyber security students with small businesses. A CERT Advisory Board will be appointed by August A project team based in MBIE is working to stand-up the CERT. CERT NZ will be operating by March A project reference group has been set up to provide advice and guidance on content and certification options for the development of a Cyber Credentials scheme by the end of A small business reference group will be established to test the effectiveness of the Cyber Credentials scheme by the end of August 2016.
5 CYBER CAPABILITY CLOSING THE CYBER SECURITY SKILLS GAP ADDRESSING CYBERCRIME CONNECTING SMART AND PREVENTING CYBERCRIME The cyber security skills shortage was highlighted as a key issue for New Zealand participants were keen to address this challenge. A public-private-academic taskforce could develop initiatives to build the cyber security workforce. This work must be driven by the private sector, with government input and support. Building a cyber security skills pipeline requires action across multiple fronts. This includes addressing diversity, retention of skills, links with industry, internships and practical training. Cyber hygiene skills should be front-loaded into the school curricula - start early to educate children. Our teachers need up-skilling to be able to do this. A follow-up workshop in June continued this conversation and set the scene for next steps. Participants identified opportunities to improve New Zealand s cyber capability and prevent cybercrime. Connect Smart material can be tailored to target audience(s), and use examples and case-studies of breaches to make it real. Practical, interactive tools should be developed for individuals and small businesses (e.g. the Cyber Credentials scheme or an online phishing awareness tool). Multiple media channels would lift visibility of Connect Smart (including possible use of a spokesperson to reiterate best practice following incidents reported in the media). The Connect Smart network of partners and members can become more involved in promoting cyber security messages (e.g. partners could give talks to each other s organisations). A public-private sector taskforce, involving participants from the workshop, will be set up to develop initiatives to build the cyber security workforce by August The National Cyber Policy Office will work with Connect Smart partners to extend the content of Connect Smart messages and develop new tools to help businesses improve their cyber security capability.
6 WHAT S AT STAKE FOR NEW ZEALAND? UNDERSTANDING THE THREATS AND OPPORTUNITIES. TAKING ACTION. New Zealand s geographical isolation is no barrier to cyber threats. The threat is real for New Zealand. Where do we want to sit as a country? How do we achieve both innovation and security? New Zealand s small scale could become an advantage including building good information-sharing across sectors. We need to manage risk, without sacrificing opportunities arising from technological innovations. Innovation cannot be stopped we need to make it safe. $34 billion COULD BE ADDED TO THE NEW ZEALAND ECONOMY if businesses made more effective use of the Internet. 1 Only 23% of boards of directors ACTIVELY PARTICIPATE IN SECURITY POLICY 2 Improving cyber security is not just about technical defences. We need to understand the human element. Cyber security is a risk that should be mainstreamed for business. Technical specialists need to speak to business leaders in ways that can be understood. CEOs can ask smart questions: Where are our weaknesses? How would they hack into us? What would be the impact on the business? Is there a role for independent audit? Trusted collaboration is the new black. No one owns the whole picture. The government has a role; the private sector has some capabilities. If we want to get on top of this threat, we need to work together. The problem is bigger than any one part of the system. No-one can handle it in isolation; no-one has all the competencies. This is a fast-changing 21st century issue we need agile responses. 3.9 million MOBILE PHONES ARE CONNECTED TO THE INTERNET 86 active connections for every 100 New Zealanders 3 AS A RANSOMWARE TARGET, New Zealand ranked 4th in the Asia Pacific and 21st globally with an average of 108 ransomware attacks per day 4 Connect Smart a public private partnership The Connect Smart partnership is a public-private collaboration focused on driving cyber security improvement in New Zealand. All New Zealanders will benefit if we can unlock the potential of the Internet by using it in a safe and secure way. Protect yourself online FIND OUT MORE ABOUT HOW TO CONNECT SMART: FOLLOW 1 The Value of Internet Services to New Zealand Businesses, 31 March 2014: 2 PwC Global State of Information Security Survey 2016, October 2015: 3 Internet Service Provider Survey, October 2015: 4 Internet Security Threat Report, April 2016:
Keeping New Zealand s Economy Cyber Secure
Keeping New Zealand s Economy Cyber Secure CYBER SECURITY SUMMIT 5 May 2016 MINISTERIAL FOREWORD Kia ora and welcome to New Zealand s first ever Cyber Security Summit. We can all agree that cyber security
More informationSecuring the Nation: Creating cyber security, resilience and readiness
NZTech Developing a National Technology Strategy NZTech Developing a National Technology Strategy A Cyber-Secure New Zealand The Role of Government Procurement B R I E F I N G P A P E R Securing the Nation:
More informationCyber Security Strategy
NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use
More informationAISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY. 14 October 2015 OPENING ADDRESS LYNWEN CONNICK
1 AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY 14 October 2015 OPENING ADDRESS LYNWEN CONNICK Thanks Arno, and good morning everyone. Welcome to Australian Information Security Association
More informationCyber Security Strategy
Cyber Security Strategy 2015 Action Plan A LIVING ACTION PLAN WITH ANNUAL REVIEWS New Zealand s Cyber Security Strategy provides a single cohesive framework to ensure that New Zealand is secure, resilient
More informationResilience and Cyber Essentials
Resilience and Cyber Essentials Richard Bach Assistant Director Cyber Security Talk outline Why Cyber Essentials: the Policy context What is Cyber Essentials: Scheme background How the Scheme works: accreditation,
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationThe Top Ten of Information Security - For 2015
7 th Annual Information Security Summit The Executive Forum Information Security Management Overview June 4, 2015 Copyright 2015. Citadel Information Group. All Rights Reserved. 2 Establishing Leadership.
More informationThe UK cyber security strategy: Landscape review. Cross-government
REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape
More informationREPORT. Next steps in cyber security
REPORT March 2015 Contents Executive summary...3 The Deloitte and Efma questionnaire...5 Level of awareness...5 Level of significance...8 Level of implementation...11 Gap identification and concerns...15
More informationIntroduction to Cyber Security
Introduction to Cyber Security Hossein Sarrafzadeh HoD Computing Director Cyber Security Centre CS4HS Workshop You are sitting in New Zealand s first joint research centre for cyber security Centre of
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationA NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
More informationAssessing the strength of your security operating model
www.pwc.com Assessing the strength of your security operating model May 2014 Assessing the strength of your security operating model Retail stores, software companies, the U.S. Federal Reserve it seems
More informationAustralian Government Cyber Security Review
Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and
More informationCollateral Effects of Cyberwar
Your texte here. Collateral Effects of Cyberwar by Ilia Kolochenko for Geneva Information Security Day 9 th of October 2015 Quick Facts and Numbers About Cybersecurity In 2014 the annual cost of global
More informationSeamus Reilly Director EY Information Security sreilly@uk.ey.com 0207 951 3179 Cyber Security
Seamus Reilly Director EY Information Security sreilly@uk.ey.com 0207 951 3179 Cyber Security An Internal Audit perspective on the threats and responses within the Retail Sector 15 th May 2014 Agenda Introductions
More informationCYBER SECURITY, A GROWING CIO PRIORITY
www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationThird party assurance services
TECHNOLOGY RISK SERVICES Third party assurance services Delivering assurance over your service providers The current third party service provider environment Corporate UK has been transformed in recent
More informationFFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors
Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed
More informationRoom for improvement. Building confidence in data security. March 2015
Building confidence in data security March 2015 Businesses have no choice but to engage online with users from external organisations and mobile workers; that is the way the world now operates. Transacting
More informationCONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response
CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE AIIA Response 14 November 2011 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing
More informationFlipping the Script: Law Firms Hunted by Cybercriminals
Flipping the Script: Law Firms Hunted by Cybercriminals Introduction As businesses put more resources into defending against cyber threats, cybercriminals have shifted tactics to focus on easier-to-exploit
More informationThe NIST Cybersecurity Framework (CSF) Unlocking CSF - An Educational Session
The NIST Cybersecurity Framework (CSF) Unlocking CSF - An Educational Session Robert Smith Systemwide IT Policy Director Compliance & Audit Educational Series 5/5/2016 1 Today s reality There are two kinds
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More information2015 Information Security Awareness Catalogue
Contents 2015 Catalogue Wolfpack Engagement Model 4 Campaign Drivers 6 Offerings 8 Approach 9 Engaging Content 10 Stakeholder Change Management 12 Bundles 13 Content 14 Grey Wolf -Track compliance with
More informationCYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts
CYBER SECURITY ADVISORY SERVICES Governance Risk & Compliance Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts The Financial Services Industry at Crossroads: Where to From Here? WELCOME What
More informationStatement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives
Statement for the Record Richard Bejtlich Chief Security Strategist FireEye, Inc. Before the U.S. House of Representatives Committee on Energy and Commerce Subcommittee on Oversight and Investigations
More informationCyber security: Are consumer companies up to the challenge?
Cyber security: Are consumer companies up to the challenge? 1 Cyber security: Are consumer companies up to the challenge? A survey of webcast participants kpmg.com 1 Cyber security: Are consumer companies
More informationidata Improving Defences Against Targeted Attack
idata Improving Defences Against Targeted Attack Summary JULY 2014 Disclaimer: Reference to any specific commercial product, process or service by trade name, trademark, manufacturer, or otherwise, does
More informationIT Governance: The Directors Cut. What Directors Need to Know
IT Governance: The Directors Cut What Directors Need to Know Company directors are responsible for good governance in organisations and, increasingly, this means safeguarding a burgeoning volume of sensitive
More informationGood morning. It s a pleasure to be here this morning, talking with the NZISF. Thank you for this opportunity.
Speech Notes for New Zealand Information Security Forum 11 April 2013 Paul Ash, Manager National Cyber Policy Office Department of Prime Minister and Cabinet CYBERSECURITY: WHY IT MATTERS FOR NEW ZEALAND
More informationOCIE CYBERSECURITY INITIATIVE
Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.
More informationCyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things
Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations
More informationwww.pwc.nl/cybersecurity Cyber security Building confidence in your digital future
www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationPerspectives on Cybersecurity in Healthcare June 2015
SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright
More informationTHE SECURITY EXECUTIVE S GUIDE TO A SECURE INBOX. How to create a thriving business through email trust
THE SECURITY EXECUTIVE S GUIDE TO A SECURE INBOX How to create a thriving business through email trust FORWARD Today the role of the CISO is evolving rapidly. Gone are the days of the CISO as primarily
More informationBuilding Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch
Building Blocks of a Cyber Resilience Program Monika Josi monika.josi@safis.ch About me Chief Security Advisor for Microsoft Europe, Middle East and Africa providing support to Governments and CIIP until
More informationStatement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives
Statement for the Record Richard Bejtlich Chief Security Strategist FireEye, Inc. Before the U.S. House of Representatives Committee on Foreign Affairs Subcommittee on Asia and the Pacific Reviewing President
More informationA strategic approach to fraud
A strategic approach to fraud A continuous cycle of fraud risk management The risk of fraud is rising at an unprecedented rate. Today s tough economic climate is driving a surge in first party fraud for
More informationCyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.
Cyber Security Personal and commercial information is the new commodity of choice for the virtual thief, argues Adrian Leppard, Commissioner for City of London Police, as he sets out the challenges facing
More informationWHITE PAPER. Managed Security. Five Reasons to Adopt a Managed Security Service
WHITE PAPER Managed Security Five Reasons to Adopt a Managed Security Service Introduction Cyber security presents many organizations with a painful dilemma. On the one hand, they re increasingly vulnerable
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationCYBER-ATTACKS THE GLOBAL RESPONSE
R E P R I N T CYBER-ATTACKS THE GLOBAL RESPONSE REPRINTED FROM: Risk, Governance & Compliance for Financial Institutions 2015 RISK GOVERNANCE & COMPLIANCE for F I N A N C I A L INSTITUTIONS 2 0 1 5 Visit
More informationIssues Derailing IT Team Innovation. Key Challenges Facing IT Teams in 2016
Issues Derailing IT Team Innovation Key Challenges Facing IT Teams in 2016 Introduction What are the key challenges facing IT teams that can keep mission critical applications and infrastructure from running
More informationWRITTEN TESTIMONY OF
WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you
More informationExperience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.
Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies
More informationReducing Cyber Risk in Your Organization
Reducing Cyber Risk in Your Organization White Paper 2016 The First Step to Reducing Cyber Risk Understanding Your Cyber Assets With nearly 80,000 cyber security incidents worldwide in 2014 and more than
More informationDevelopments in cybercrime and cybersecurity
Developments in cybercrime and cybersecurity Developments in cybercrime and cybersecurity As customers and clients increasingly go online to do their banking with convenience, privacy and security their
More informationPwC Cybersecurity Briefing
www.pwc.com/cybersecurity Cybersecurity Briefing June 25, 2014 The views expressed in these slides are solely the views of the presenters and do not necessarily reflect the views of the PCAOB, the members
More informationIoT & INFOSEC: A REPORT FROM THE TRENCHES - AGC IT Conference- July 2015 MIKE.ZUSMAN@CARVESYSTEMS.COM
IoT & INFOSEC: A REPORT FROM THE TRENCHES - AGC IT Conference- July 2015 SECURITY IS A PROCESS, NOT A STATE CARVE SYSTEMS LLC MIKE.ZUSMAN@CARVESYSTEMS.COM Carve s Roots (tl;dr)
More informationBSA GLOBAL CYBERSECURITY FRAMEWORK
2010 BSA GLOBAL CYBERSECURITY FRAMEWORK BSA GLOBAL CYBERSECURITY FRAMEWORK Over the last 20 years, consumers, businesses and governments 1 around the world have moved online to conduct business, and access
More informationSurvey: Small Business Security
Survey: Small Business Security A look at small business security perceptions and habits at each phase of business growth. www.csid.com SUMMARY Many small to medium-sized businesses (SMBs) are not taking
More informationNorth Texas ISSA CISO Roundtable
North Texas ISSA CISO Roundtable Roundtable Topic Threat Against Our Well Being The Most Effective Methods in Combating and Responding to the Cyber Attack Event Sponsor Moderator and Panelists David Stanton
More informationCyber, Social Media and IT Risks. David Canham (BA) Hons, MIRM
IIA South Event 16 th June 2015 Cyber, Social Media and IT Risks 1 st and 2 nd Line Perspective David Canham (BA) Hons, MIRM Agenda This evening we ll cover the following: Who, why and what? Traditional
More informationWHAT YOU NEED TO KNOW ABOUT CYBER SECURITY
SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes
More informationU.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW. November 12, 2012 NASEO
U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW November 12, 2012 NASEO ISER Response: from site focused to system focused Emergency Preparedness, Response, and Restoration Analysis and
More informationAnthony J. Keane, MSc, PhD and Jason Flood, MSc Information Security & Digital Forensics Research Group Institute of Technology Blanchardstown
Anthony J. Keane, MSc, PhD and Jason Flood, MSc Information Security & Digital Forensics Research Group Institute of Technology Blanchardstown 1 Protected networks are continuously being successfully attacked
More informationThreat Intelligence. Benefits for the enterprise
Benefits for the enterprise Contents Introduction Threat intelligence: a maturing defence differentiator Understanding the types of threat intelligence: from the generic to the specific Deriving value
More informationdeveloping your potential Cyber Security Training
developing your potential Cyber Security Training The benefits of cyber security awareness The cost of a single cyber security incident can easily reach six-figure sums and any damage or loss to a company
More informationMike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program
Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat
More informationSECURITY 2.0 LUNCHEON
PROTECTING YOUR ORGANIZATION SECURITY 2.0 LUNCHEON AGAINST CYBER THREATS Tommy Montgomery, Principal Consultant Viral Dhimar, Consultant Adam Ferguson, VP October 22, 2014 #SWCEvents Security 2.0: Next
More informationRiskAstute. Prepared for When.
RiskAstute Prepared for When. phishing Legal Threats ISO 27001/2 IT worms FCC Operations FERC process errors AM NTSB cyber-vandalism cyber-thef Accounting viruses SEC Dodd-Frank Customer Service SOX FAA
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More information11/27/2015. Cyber Risk as a Component of Business Risk: Communicating with the C-Suite. Conflict of interest. Learning Objectives
Cyber Risk as a Component of Business Risk: Communicating with the C-Suite Jigar Kadakia DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily
More informationSection A: Introduction, Definitions and Principles of Infrastructure Resilience
Section A: Introduction, Definitions and Principles of Infrastructure Resilience A1. This section introduces infrastructure resilience, sets out the background and provides definitions. Introduction Purpose
More informationSupporting information technology risk management
IBM Global Technology Services Thought Leadership White Paper October 2011 Supporting information technology risk management It takes an entire organization 2 Supporting information technology risk management
More informationGEARS Cyber-Security Services
Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments
More informationCYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES
CYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES How can you better prepare and respond to cyber risks? ACE developed Loss Mitigation Services to help policyholders understand and gauge various areas
More informationUtilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: What do large enterprises need in order to address increasingly
More informationCritical Infrastructure & Supervisory Control and Data Acquisition (SCADA) CYBER PROTECTION
Critical Infrastructure & Supervisory Control and Data Acquisition (SCADA) CYBER PROTECTION ALBERTO AL HERNANDEZ, ARMY RESERVE OFFICER, SOFTWARE ENGINEER PH.D. CANDIDATE, SYSTEMS ENGINEERING PRESENTATION
More informationControl Systems Security: Australian Government Activities. Dr. Jason Smith Asst. Director, Operations CERT Australia Attorney-General s Department
Japan Computer Emergency Response Team Coordination Center 電子署名者 : Japan Computer Emergency Response Team Coordination Center DN : c=jp, st=tokyo, l=chiyoda-ku, email=office@jpcert.or.jp, o=japan Computer
More informationMiddle Class Economics: Cybersecurity Updated August 7, 2015
Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest
More informationCybersecurity: A View from the Boardroom
An Executive Brief from Cisco Cybersecurity: A View from the Boardroom In the modern economy, every company runs on IT. That makes security the business of every person in the organization, from the chief
More information5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in Your Business. An IDology, Inc. Whitepaper
5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in Your Business An IDology, Inc. Whitepaper No matter how big your company is or what industry you are in, every business typically
More informationICAEW. Audit Insights. Cyber Security 2015
ICAEW Audit Insights Cyber Security 2015 BUSINESS WITH CONFIDENCE icaew.com/auditinsights About the ICAEW IT Faculty The ICAEW IT Faculty provides products and services to help its members make the best
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More information1. This report outlines the Force s current position in relation to the Policing of Cyber Crime.
Agenda Item No. 5 COMMUNITY OUTCOMES MEETING SUBJECT: CYBER CRIME 4 August 2015 Report of the Chief Constable PURPOSE OF THE REPORT 1. This report outlines the Force s current position in relation to the
More informationISOLATE AND ELIMINATE FRAUD THROUGH ADVANCED ANALYTICS. BENJAMIN CHIANG, CFE, CISA, CA Partner, Ernst and Young Advisory Singapore
With ever-increasing data volumes, more sophisticated fraud patterns, and a drive for strong corporate governance, how can organisations build a culture of integrity and compliance? Learn how data analytics
More informationSPRING 2013 SENIOR MANAGEMENT SURVEY RESULTS
SPRING SENIOR MANAGEMENT SURVEY RESULTS WELCOME RESULTS OF OUR CORNERSTONE SPRING SURVEY As a world-ranked recruiting and leadership development organisation, we seek to inform and advise businesses on
More informationNew challenges in Data privacy.
New challenges in Data privacy. Zdravko Stoychev, CISM CRISC Information Security Officer Alpha Bank Bulgaria branch South East European Regional Forum on Cybersecurity and Cybercrime, 2013 11-13 Nov 2013
More informationCourse 4202: Fraud Awareness and Cyber Security Workshop (3 days)
Course introduction It is vital to ensure that your business is protected against the threats of fraud and cyber crime and that operational risk processes are in place. This three-day course provides an
More informationStrong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment
Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1
More informationThe changing role of the IT department in a cloud-based world. Vodafone Power to you
The changing role of the IT department in a cloud-based world Vodafone Power to you 02 Introduction With competitive pressures intensifying and the pace of innovation accelerating, recognising key trends,
More informationHOW TO ADDRESS THE CURRENT IT SECURITY SKILLS SHORTAGE
HOW TO ADDRESS THE CURRENT IT SECURITY SKILLS SHORTAGE ISACA S CYBER SECURITY NEXUS Ivan Sanchez-Lopez Senior Manager Information Security, IT Risk & Continuity, DHL Global Forwarding ISACA Luxembourg
More informationInformation Security in Business: Issues and Solutions
Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information
More informationDeloitte Cyber Risk Services Providing trust in a digital world
Deloitte Cyber Risk Services Providing trust in a digital world June 2015 Deloitte Cyber Risk Services Providing trust in a digital world Our aim Your organization, whether functioning in the public or
More informationNATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA
NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies
More informationCOUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide
COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the
More informationTHE HUMAN COMPONENT OF CYBER SECURITY
cybersecurity.thalesgroup.com.au People, with their preference to minimise their own inconvenience, their predictability, apathy and general naivety about the potential impacts of their actions, are the
More informationThe battle to contain fraud is as old as
22 SPONSORED FEATURE COMBATTING DIGITAL FRAUD Combatting digital fraud Combatting digital fraud has become a strategic business issue for today s CIOs. The battle to contain fraud is as old as business
More informationPacific Islands Telecommunications Association
Pacific Islands Telecommunications Association 8 th Fl, Dominion Hse PHONE : (679) 331 1638 PO BOX 2027, Govt Bldg FAX : (679) 330 8750 SUVA, FIJI Islands E-mail: pita@connect.com.fj www.pita.org.fj INVITATION
More information