CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION



Similar documents
CYBER RISK SECURITY, NETWORK & PRIVACY

How To Cover A Data Breach In The European Market

PROFESSIONAL INDEMNITY INSURANCE LEGAL SERVICES PRACTICE GROUP

Cyber/ Network Security. FINEX Global

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Mitigating and managing cyber risk: ten issues to consider

Cyber Risk Management

Cyber and Data Security. Proposal form

The Recover Report. It s business. But it s personal.

HCC International Information and Communication Technology

SMALL BUSINESS REPUTATION & THE CYBER RISK

2015 NETWORK SECURITY & CYBER RISK MANAGEMENT: THE FOURTH ANNUAL SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN EUROPE

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

Cybercrime: risks, penalties and prevention

Rogers Insurance Client Presentation

Cyber Security Strategy

Managing cyber risks with insurance

Managing Cyber Risk through Insurance

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security - What Would a Breach Really Mean for your Business?

Committees Date: Subject: Public Report of: For Information Summary

CYBER/ NETWORK SECURITY

Cyber and data Policy wording

ACE European Risk Briefing 2012

Cyber Liability Insurance Data Security, Privacy and Multimedia Protection

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

Who s next after TalkTalk?

Cyber Risk and Insurance What companies need to know

PCL2\ \1 CYBER RISKS: RISK MANAGEMENT STRATEGIES

NZI LIABILITY CYBER. Are you protected?

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

External Supplier Control Requirements

Information and Communication Technology, Cyber and Data Security

Course 4202: Fraud Awareness and Cyber Security Workshop (3 days)

Managing business risk

Cyber Liability Insurance Data Security, Privacy and Multimedia Protection

2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: A SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN THE ASIA-PACIFIC REGION

Information Security: Business Assurance Guidelines

2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: THE THIRD ANNUAL SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN EUROPE

Cyber Security Evolved

Enterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security

Making Sense of Cyber Insurance: A Guide for SMEs

Cybersecurity y Managing g the Risks

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

Unit title: Cyber Security Fundamentals (SCQF level 4)

What Data? I m A Trucking Company!

DATA BREACH BREAK DOWN LESSONS LEARNED FROM TARGET

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

Cyber Risks and Insurance Solutions Malaysia, November 2013

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Unit 3 Cyber security

National Cyber Security Policy -2013

WILLIS RETAIL PRACTICE REDUCING THE COST OF RISK

CGI Cyber Risk Advisory and Management Services for Insurers

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:

Cyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

A practical guide to IT security

EU Directive on Network and Information Security SWD(2013) 31 & SWD(2013) 32. A call for views and evidence

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

SMALL BUSINESS PRESENTATION

Cyber Risks in the Boardroom

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh

Small businesses: What you need to know about cyber security

Exercising Your Enterprise Cyber Response Crisis Management Capabilities

Insurance implications for Cyber Threats

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

A NEW APPROACH TO CYBER SECURITY

Intellectual Property Pursuit and Defence. Summary of Cover

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Care Providers Protecting your organisation, supporting its success. Risk Management Insurance Employee Benefits Investment Management

Transcription:

CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION

CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION In the ever-evolving technological landscape which we all inhabit, our lives are dominated by the internet, the computer and the smartphone. Increasingly our time is spent producing and saving data, uploading content, and sending and receiving email traffic. 2 This new digital world has brought obvious benefits but it has also created unavoidable by products: cyber-risks and cyber-crime. Examples of cyber risk could include failure of Computer Hardware, Loss of Data, Business Interruption, Infringement, Breach of Confidence and virus transmission. However, notwithstanding the fact that incidents are reported in the news every day, many board members and managers in all sizes of business still do not really fully understand cyber-risk. They are not therefore in a position to introduce and enforce staff training, implement appropriate internal risk management policies and procedures, or ensure that their external suppliers, business partners and professional advisers also have effective cyber-security. Cyber-crime and other forms of cyber-incident are not just a security risk. They are also potentially very damaging to commercial relationships. In the context of supply chains, business partnerships and relationships cyber-security is rapidly becoming a key differentiator. Customers and partners increasingly want to see clear evidence that cyber-security is taken seriously and that the information assets and computer functionality are properly protected by the businesses that they work with. Nevertheless, recent government statistics indicate that boards in all sizes of company still have not properly addressed cyber risks and that Small and Medium Enterprises (SMEs) have particularly weak cyber-security. Cyber-risk management, according to the same statistics is often a low priority and still perceived by many as complex, expensive and ultimately unnecessary. In reality, however, good cyber-security need not be expensive or complicated. In order to avert business interruptions and protect both their own information assets (and those belonging to third parties on their networks). Business of all sizes must now identify a quick, effective and economical way to implement appropriate technical, organisation, and physical defences; they require a means of demonstrating to actual and potential business partners that they meet a recognised standard of cyber-security.

CYBER-ATLAS, THE FIRST COMPREHENSIVE CYBER-SECURITY TOOLKIT FOR UK BUSINESSES, SUITABLE FOR SOLE TRADERS THROUGH TO MULTI-NATIONAL ORGANISATIONS. In order to address these needs Willis, in conjunction with Berrymans Lace Mawer LLP (BLM), Charles Taylor and esecurity Exchange, have developed Cyber-ATLAS, the first comprehensive cyber-security solution for UK businesses. Cyber-ATLAS is suitable for Sole Traders through to multi-national organisations and designed to address cyber-security across an entire organisation, from the shop floor to the board of directors. RESILIENCE RESPONSE 3 A T L A S ASSESSMENT Discover your cybervulnerabilities with an easy to complete online assessment TOOLKIT Access valuable tools and advice to help you avoid and respond effectively to a cyber-attack LEARNING Educate your staff on how to identify manage and address the cyber-risk profile within your organisation ACCREDITATION Receive an Accreditation to demonstrate your business has a recognised standard of cyber-security and reduce the cost of insurance SERVICES Access a full range of additional services to help you avoid cyber-security issues and deal with cyberincidents quickly and effectively Most cyber-security standards and educational materials use technical language which board members, managers and staff in companies find difficult to understand and interpret. The vast majority of marketing materials, legal and technical advice, and academic work have been designed for I.T. staff and professional risk managers in large organisations because these were, until relatively recently, perceived to be the key victims of cyber-risk.

CYBER-ATLAS - ASSESSMENT I.T. NETWORKS ARE AT THE HEART OF ALL COMPANIES 4 Computer system failure can result from computer attacks, operational and administrative errors and virus transmission. This can cause serious business interruption, halting day-to-day operations and costing companies a significant amount due to lost revenue. Personal data and/or confidential information can be lost by staff or stolen by hackers and/or industrial spies. This can, without exaggeration, be fatal to a business. Cyber-ATLAS Assessment identifies the areas where the organisation falls below recognised standards of cyber-resilience by identifying the organisation s exposures and weaknesses and the steps it needs to take to address them.

CYBER-ATLAS ASSESSMENT IS AN ONLINE ASSESSMENT: The cyber-risks to which an organisation is individually exposed such as denial of service attacks, system malfunctions, data breaches, theft of confidential information and cyber-extortion. The current status of the organisation s technical, organisational and physical cyber-security. 5 The report produced by the online assessment is checked and validated by one of our teams. A GREEN, AMBER or RED result is included, along with specific recommendations for improvement where necessary. Completion of the elearning package will increase the likelihood that your organisation will pass the assessment.

CYBER-ATLAS - TOOLKIT & LEARNING 6 At the core of Cyber-ATLAS is a unique elearning course for both staff and management with a Cyber-TOOLKIT of templates, examples, assessments, and techniques. Together these two components provide comprehensive cyber-education, training and practical guidance on all of the technical, legal and organisational aspects of cyber-risk management. CYBER-ATLAS TOOLKIT AND elearning IS: In plain easy to understand English Consultancy-free Consistent with the widest range of industry and government cyber-security standards Narration is provided by an actor s voice, and text accompaniment is provided to assist training of those with a hearing impairment If Cyber-ATLAS assessment establishes that an organisation s technical, physical and organisational security falls below recognised standards, it recommends that the organisation take the Cyber-ATLAS elearning course. THE CYBER-ATLAS elearning COURSE PROVIDES A COMPLETE COURSE OF EDUCATION FOR STAFF AND MANAGEMENT COMPRISING: Physical security Organisational security Technical security measures Ensuring the cyber-security of third party suppliers and for business partners Incident response and business continuity Cyber insurance Toolkit providing: a suppliers letter; information on key legal issues; practical guidance on implementing security measures and key legal and organisational documents you will need (e.g. computer use policy, incident response plan and practical guidance on encryption and remote working)

CYBER-ATLAS - ACCREDITATION Accreditation is automatic for any Cyber-ATLAS customer who gets a GREEN result on Cyber-ATLAS assessment or re-assessment. Once the course has been completed the business should complete the assessment again measuring itself against the cyber checklist standard: To receive accreditation in the form of the Safer e-trader Accreditation award the completed assessment will be checked by a Cyber-ATLAS consultant If the assessment shows a reasonable state of cyber-awareness then the business will qualify for: The Safer e-trader Accreditation award Improved rating risk exposure which can lead to reduced insurance premiums 7 CYBER-ATLAS ACCREDITATION PROVIDES AN EDGE FOR YOUR BUSINESS TO EVIDENCE ITS CYBER-RESILIENCE WHEN WINNING BUSINESS, COMMUNICATING WITH CUSTOMERS, MANAGING SUPPLIERS AND SECURING INSURANCE AT ADVANTAGEOUS PRICES.

CYBER-ATLAS - SERVICES 8 OPTIONAL PROFESSIONAL SERVICES TO FURTHER ASSIST IN THE MANAGEMENT OF RISK Despite achieving and maintaining an industry or government recognised cyber-security standard it may not be possible to avoid a cyber-incident, particularly if your business becomes a target for attack. In addition, some businesses may need technical and/or legal advice to deal with particular issues. Cyber-ATLAS, as a complete cyber-solution, includes a number of additional on-demand services to cater for these additional needs. 24/7 INCIDENT RESPONSE SERVICE Cyber-incidents are unique thanks to their technological and legal complexity and the exponential rate at which financial loss and reputational damage can grow. They give rise to a combination of interconnected technological, legal, forensic and insurance issues all of which may need to be addressed immediately after an incident has been discovered. Cyber-incidents cannot be managed by lawyers or I.T. professionals alone. Those managing a cyber-incident must have a range of technical, legal, forensic and crisis management skills so that in the case of incidents affecting the integrity of data or a computer network: Affected system can be repaired Evidence of the origins of the incident is identified and preserved Those affected are notified where appropriate Financial loss and damage to reputation is minimised Incidents are reported to the Information Commissioner where appropriate Legal claims both by and against the victim are efficiently handled and in cases arising from multimedia risk: Offending material is removed from a website as quickly as possible Legal consequences of the defamatory statement or intellectual property infringement in terms of expensive litigation can be minimised

CYBER-INCIDENTS ARE UNIQUE BECAUSE OF THEIR TECHNOLOGICAL AND LEGAL COMPLEXITY AND THE EXPONENTIAL RATE AT WHICH FINANCIAL LOSS AND REPUTATIONAL DAMAGE CAN GROW. ADDITIONAL TRAINING We have developed a range of c yber related training and awareness material to ensure that staff and contracted resources are fully aware of the threats, risks and vulnerabilities within their organisation. The training is delivered over two days at nominated locations agreed with the customer. The package incorporates structured lessons and advice as well as practical workshops for each module of the course, helping your staff to better understand the content in each subject area. An examination at the end of the course provides assurance that course attendees have fully understood the aims: The ability to classify assets Understanding of the threats in the wild Understanding of vulnerabilities that exist within organisations Understanding of the risks posed within cyberspace Awareness of available controls Understanding of organisational governance, risk management and compliance requirements / regimes Detailed understanding of the cyber standard TECHNICAL CONSULTANCY SERVICES Training services Auditing services Penetration testing Your exposure LEGAL SERVICES Emergency injunctions Injunctions Civil and criminal proceedings E-commerce Intellectual property law Defamation law Data protection and privacy law Law of confidence Contract, tort and insurance law ADVICE ON CYBER INSURANCE Gap analysis of existing insurance cover including policy comparisons Advice on appropriate cyber-insurance 9

10 FOR MORE INFORMATION VISIT WWW.CYBER-ATLAS.COM

Willis Limited The Willis Building 51 Lime Street London, EC3M 7DQ United Kingdom Tel: +44 (0)20 3124 6000 www.willisfinexglobal.com Willis Limited, Registered number: 181116 England and Wales. Registered address: 51 Lime Street, London, EC3M 7DQ. A Lloyd s Broker. Authorised and regulated by the Financial Conduct Authority. 12742/03/14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information