Webcast title in Verdana Regular

Size: px
Start display at page:

Download "Webcast title in Verdana Regular"

Transcription

1 Medical devices and the Internet of Things: A threelayer defense against cyber threats Webcast title in Verdana Regular The Dbriefs Industries series Veronica Lim, Principal, Deloitte & Touche LLP Russell Jones, Partner, Deloitte & Touche LLP Scott Read, Discovery Principal, Deloitte Transactions and Business Analytics LLP Terry Hisey, Principal, Deloitte Consulting LLP May 23, 2017

2 Agenda Life sciences and health care cyber threat landscape Medical devices and the IoT: A threelayer defense What might the next 5 years hold? Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 2

3 Life sciences and health care cyber threat landscape Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 3

4 Many medical devices are gaining new types of connectivity, making them potentially more vulnerable to cyber attacks Sensors A medical device is any health care product that does not make a chemical action or is metabolized A connected medical device is a medical device, which communicates via a private network, public Internet, or point-topoint connection (wired or wireless) or can be accessed in standalone mode via a user or machine interface Medical/ mobile apps Remote monitoring Implantable devices Connected medical device/ IoT ecosystem Health care IT Diagnostic devices Capital equipment Copyright 2017 Deloitte Development LLC. All rights reserved. 4

5 Hardware and software in medical devices have moved toward an increasingly connected environment over the last 50 years Evolution of the insulin pump 1960s/1970s s/1990s s/Present 3 Features: No connectivity No local data storage Low mobility Features: Limited connectivity Limited local data storage Limited mobility Features: Internet connectivity Local/cloud storage Highly mobile Future 4 Present day features, plus: Automated predictive care algorithms Connectivity that allows doctors to provide instant treatment updates Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 5

6 Polling question #1 In which part of the medical device/iot ecosystem does your organization operate? Medical device or component part manufacturer (i.e. implantables, diagnostic devices, capital equipment, etc.) Health care IT organization (i.e. mobile app/software developer, etc.) Medical device user (i.e. health care provider, device monitoring, etc.) Regulator Not in the medical device/iot ecosystem Don t know/na Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 6

7 Enabling technologies As medical device technology advances, the number of devices exposed to malicious threats increases Evolution of threats Before connectivity Internet age Connected age Common vulnerable components Device software Remote support/ maintenance Firmware Device hardware Removable media Network access/firewall Physical access Operating system Database and/or storage Ports/interface Clinical applications (e.g., treatment planning software) Source: OWASP Top 10, CWE/SANS Top 25 Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 7

8 There can be new cybersecurity and privacy implications for an increasingly connected world Cloud-based computing attacks Medtech security concerns Regulatory implications of cloud usage Ransomware Big data management Third-party access Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 8

9 Polling question #2 Has your organization experienced a cybersecurity incident during the past 12 months? Yes No Don t know Not applicable Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 9

10 The United States and international regulatory landscape United States FDA Premarket Guidance on Medical Device Cybersecurity FDA Postmarket Guidance on Medical Device Cybersecurity China Notice of the General Administration of the People's Republic of China on the Guidelines on the Publication of the Technical Guidelines for the Safety Registration of Medical Devices Networks (No. 13 of 2017) European Union Medical Device Regulation (MDR) Global Data Protection Regulation (GDPR) Japan Japanese Industry and Regulatory Activities on Medical Device Security Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 10

11 There are areas where the industry may be collectively maturing and there are areas of potential stagnation Industry appears to be maturing in terms of: Conducting technical security testing and security risk assessment on devices while in development Implementing coordinated vulnerability disclosure programs Proactively establishing relationships with customers to provide security information and assist in securing the devices during procurement Evolving to where health care providers can hold manufacturers more accountable to medical device security before purchasing devices Industry may be potentially stagnating in: Identifying and treating the risks of fielded and legacy devices Monitoring and responding to security events proactively Giving the proper amount of security training to product engineers and architects designing medical devices Addressing the full scope and quantity of the organization s medical devices Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 11

12 Integrated governance and oversight Enterprise information security can overlap with some components of product security Product security Information security Patient/customer/market services focus Security-by-Design Risk management/remediation Customer/patient threat/risk/ event response Security testing of products integrated into the product development process Regulatory compliance Control selection and implementation Security threat modeling Security event handling Secure development education and training Enterprise systems assets/ services focus Enterprise threat and vulnerability management Enterprise asset risk management/remediation Enterprise threat/risk/event response Information Security Operations Center (SOC) Create, manufacture & deliver secure products and services, per market demand Helps ensure confidentiality, integrity and availability of corporate information assets Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 12

13 Polling question #3 What do you think is the biggest challenge facing the medical device industry with regards to cybersecurity? Identifying and mitigating the risks of fielded and legacy devices Monitoring and responding to cybersecurity incidents Embedding vulnerability management into the design phase of medical devices Lack of collaboration on cyber threat management throughout connected medical device supply chain Meeting regulatory requirements Don t know/na Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 13

14 Medical devices and the IoT: A three-layer defense Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 14

15 Policies, security risk assessments, and forensic investigations can form a three-layer defense Policies address regulatory and compliance concerns related to securing connected devices Security risk assessments conducted throughout the product life cycle can help identify, measure, and mitigate cyber risks while informing the board and key stakeholders about the cyber risk landscape Forensic investigations can uncover breach sources to reduce exposure and reputational impact Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 15

16 Defense layer 1: A policy hierarchy can help organize and structure medical device security activities and governance Policy Product Security Policy Standards Security Risk Management, Security Event & Incident Handling, Security Education & Training, etc. Standard operating procedures Security Risk Assessment, Technical Security Testing, Security Event Handling, Security Incident Handling, etc. Work instructions and templates Security Risk Assessment, Technical Security Testing, Security Event Handling, Security Incident Handling, etc. Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 16

17 Security requirements procedure Security risk assessment procedure Technical security testing procedure Third-party component security procedure Threat intelligence procedure Patch & vulnerability management procedure Security event and incident handling procedure Vulnerability communication procedure Inquire response procedure Regulatory submission procedure Security authorization procedure Program process training procedure Product lifecycle training procedure Security awareness training procedure Secure development training procedure Key performance indicator procedure Product inventory procedure Program audit framework procedure Program assessment framework procedure Defense layer 1: Medical device security documentation maps to each component of the product security program and integrates into the QMS Product security policy Security risk management standard Security event & incident handling standard External communications standard Security education & training standard Program monitoring standard Work instructions and templates as appropriate Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 17

18 Defense Layer 2: Product security risk assessment A security risk assessment procedure should be utilized throughout the lifecycle of connected medical devices and medical apps to help identify security threats beyond the minimum medical device security requirements. Detailed breakdown of nine step end-to-end security risk assessment process, which aligns with FDA Guidance and AAMI TIR57: Identify mitigating controls Calculate the residual risk rating Calculate the risk rating of the vulnerabilities Identify vulnerabilities and pair with threats Conduct planning and information gathering Identify applicable device profiles Develop a component register Perform controls analysis Conduct threat modeling Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 18

19 Defense layer 3: The changing cyber landscape The investigation starts by gathering intelligence about the adversary including who attacked, why, and how? Who might attack? Cyber risk program and governance What are they after, and what are the key business risks I need to mitigate? What tactics might they use? SECURE Are controls in place to guard against known and emerging threats? VIGILANT Can we detect malicious or unauthorized activity, including the unknown? RESILIENT Can we act and recover quickly to minimize impact? Copyright 2017 Deloitte Development LLC. All rights reserved. 19

20 Defense layer 3: Data analysis for computer and cyber forensics Investigation Initial examination & data reduction Event analysis Data analysis Facts Copyright 2017 Deloitte Development LLC. All rights reserved. 20

21 Defense layer 3: Cyber forensic analysis also helps determine the type of attack that occurred and how to adapt in the future Advanced persistent threat A targeted attack from an individual or other credible organization with an intention to exfiltrate corporate data. Unauthorized access An individual gains logical or physical access without permission to a network, system, application, data, or other resource. Malicious code Successful installation of malicious software that infects an operating system or application. Improper usage Any incident resulting from violation of an organization s acceptable usage policies by an authorized user. Data breach The loss or theft of a computing device or media used by an employee. Post-incident activities Learning and fixing what went wrong in an incident is key to improving maturity. Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 21

22 What might the next 5 years hold? Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 22

23 What might the next five years hold? Potential threats to connected medical devices and its related ecosystem Organized crime targeting digital health data lakes for cyber attacks to perpetrate next generation medical identity theft. Hackers targeting a multi-state health care provider with ransomware resulting in thousands of patients being harmed due to unavailability of connected medical devices (e.g. smart infusion pumps) Hackers extorting a global medical device manufacturer due to a significant, patient safety impacting vulnerability in their Class 3 medical device that can be remotely exploited at scale Potential industry response The FDA may further strengthen their approval process for connected medical devices Industry development of an internationally recognized standard detailing cybersecurity and privacy requirements for connected medical devices Health care providers will likely require vulnerability assessments prior to procuring of connected medical devices The insurance industry factors cybersecurity into their product liability pricing for device manufacturers, product liability pricing could increase by 20 percent Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 23

24 Polling question #4 How prepared is your organization to address litigation, internal investigations or regulatory matters related to medical device cybersecurity incidents in the next 12 months? Very prepared Somewhat prepared Not prepared Other / no opinion Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 24

25 Considerations moving forward Life sciences Government Health plans Consumers Health care providers Technology companies Copyright 2017 Deloitte Development LLC. All rights reserved. 25

26 Polling question #5 Are you interested in subscribing to A View from the Center, Deloitte s Life Sciences & Health Care industry blog? Our blog provides weekly updates on the hottest trends and issues for health care providers, health plans, and life sciences companies. Yes, I would like to subscribe. No thanks. I already subscribe to receive updates on this blog. Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 26

27 Join us June 27 at 1 p.m. ET as our Life Sciences & Health Care series presents: M&A in health care: What s the forecast for 2017 and beyond? Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 27

28 Eligible viewers may now download CPE certificates. Click the CPE icon in the dock at the bottom of your screen. CPE Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 28

29 Contact information Terry Hisey Principal Deloitte Consulting LLP Connect with me on LinkedIn Veronica Lim Principal Deloitte & Touche LLP Connect with me on LinkedIn Russell Jones Partner Deloitte & Touche LLP Connect with me on LinkedIn Scott Read Discovery Principal Deloitte Transactions and Business Analytics LLP Connect with me on LinkedIn Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 29

30 This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation. Copyright 2017 Deloitte Development LLC. All rights reserved. Medical devices and the Internet of Things: A three-layer defense 30

31 About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ( DTTL ), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as Deloitte Global ) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the Deloitte name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see to learn more about our global network of member firms. Copyright 2017 Deloitte Development LLC. All rights reserved. 36 USC

Cyber Risk and Networked Medical Devices

Cyber Risk and Networked Medical Devices Cyber Risk and Networked Medical Devices Hot Topics Deloitte & Touche LLP February 2016 Copyright Scottsdale Institute 2016. All Rights Reserved. No part of this document may be reproduced or shared with

More information

MassMEDIC s 21st Annual Conference

MassMEDIC s 21st Annual Conference MassMEDIC s 21st Annual Conference Panel Discussion Moderators: William Greenrose and Mutahar Shamsi, Deloitte & Touche LLP May 3, 2017 Three critical regulatory issues facing MedTech Implementing the

More information

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust Managing Cyber Risk Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust Adam Thomas Principal Cyber Risk Services Deloitte & Touche LLP Give Us Your Feedback for this Session!

More information

Medical Devices and Cyber Issues JANUARY 23, American Hospital Association and BDO USA, LLP. All rights reserved.

Medical Devices and Cyber Issues JANUARY 23, American Hospital Association and BDO USA, LLP. All rights reserved. Medical Devices and Cyber Issues JANUARY 23, 2018 AHA and Cybersecurity Policy Approaches Role of the FDA FDA Guidance and Roles Pre-market Post-market Assistance during attack Recent AHA Recommendations

More information

Cyber Security Incident Response Fighting Fire with Fire

Cyber Security Incident Response Fighting Fire with Fire Cyber Security Incident Response Fighting Fire with Fire Arun Perinkolam, Senior Manager Deloitte & Touche LLP Professional Techniques T21 CRISC CGEIT CISM CISA AGENDA Companies like yours What is the

More information

Are we breached? Deloitte's Cyber Threat Hunting

Are we breached? Deloitte's Cyber Threat Hunting Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the

More information

Anticipating the wider business impact of a cyber breach in the health care industry

Anticipating the wider business impact of a cyber breach in the health care industry Anticipating the wider business impact of a cyber breach in the health care industry John Gelinne, Director Cyber Risk Services Deloitte & Touche LLP jgelinne@deloitte.com commodore_22 Hector Calzada,

More information

Medical Device Cybersecurity: FDA Perspective

Medical Device Cybersecurity: FDA Perspective Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological

More information

Data Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016

Data Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016 Data Protection Practical Strategies for Getting it Right Jamie Ross Data Security Day June 8, 2016 Agenda 1) Data protection key drivers and the need for an integrated approach 2) Common challenges data

More information

The HIPAA Security & Privacy Rule How Municipalities Can Prepare for Compliance

The HIPAA Security & Privacy Rule How Municipalities Can Prepare for Compliance The HIPAA Security & Privacy Rule How Municipalities Can Prepare for Compliance Russell L. Jones Partner Health Sciences Sector Deloitte & Touche LLP Security & Privacy IMLA 2013 Annual Conference San

More information

Cyber Security: Are digital doors still open?

Cyber Security: Are digital doors still open? Cyber Security: Are digital doors still open? Introduction Security is becoming a rapidly evolving and complex issue that various organizations are contending with today. It continues to be one of the

More information

The New Healthcare Economy is rising up

The New Healthcare Economy is rising up The New Healthcare Economy is rising up February 2017 The ever-rising costs of healthcare are fostering innovative solutions and disruptive business models Cybersecurity concerns come to medical technology

More information

Practical Guide to the FDA s Postmarket Cybersecurity Guidance

Practical Guide to the FDA s Postmarket Cybersecurity Guidance Practical Guide to the FDA s Postmarket Cybersecurity Guidance Presenter: Jarman Joerres Date: February 3, 2017 www.medacuitysoftware.com Agenda Introductions The Current Cybersecurity Landscape The FDA

More information

Addressing the elephant in the operating room: a look at medical device security programs

Addressing the elephant in the operating room: a look at medical device security programs Addressing the elephant in the operating room: a look at medical device security programs Ernst & Young LLP Presenters Michael Davis Healthcare Leader Baltimore +1 410 783 3740 michael.davis@ey.com Esther

More information

Internet of Things (IoT) Securing the Connected Ecosystem

Internet of Things (IoT) Securing the Connected Ecosystem Internet of Things (IoT) Securing the Connected Ecosystem June 2018 Making sense of the buzzwords: What is the Internet of Things Internet of Things (IoT) refers to a world of intelligent, connected devices

More information

Emerging Technologies The risks they pose to your organisations

Emerging Technologies The risks they pose to your organisations Emerging Technologies The risks they pose to your organisations 10 June 2016 Digital trends are fundamentally changing the way that customers behave and companies operate Mobile Connecting people and things

More information

From Dabbling to Doing The Age of the Intuitive Enterprise

From Dabbling to Doing The Age of the Intuitive Enterprise GMA Executive Forum From Dabbling to Doing The Age of the Intuitive Enterprise The Clorox Company Unilever Deloitte Consulting LLP please welcome our panelists Frank Tataseo EVP, New Business Development

More information

Cyber Espionage A proactive approach to cyber security

Cyber Espionage A proactive approach to cyber security Cyber Espionage A proactive approach to cyber security #DeloitteRA To mitigate the risks of advanced cyber threats, organisations should enhance their capabilities to proactively gather intelligence and

More information

Vulnerability Management. June Risk Advisory

Vulnerability Management. June Risk Advisory June 2018 Risk Advisory Contents A Better Way To Manage Vulnerabilities 4 Business Challenge 6 Vulnerability Management as a Service 7 Robust Service Architecture 8 Our Differentiators 9 Vulnerability

More information

Cybersecurity The Evolving Landscape

Cybersecurity The Evolving Landscape Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG

More information

Building and Testing an Effective Incident Response Plan

Building and Testing an Effective Incident Response Plan 14th Annual Building and Testing an Effective Incident Response Plan John Gelinne Deloitte & Touche LLP jgelinne@deloitte.com www.linkedin.com/in/jgelinne No battle plan ever survives contact with the

More information

Cyber Risks in the Boardroom Conference

Cyber Risks in the Boardroom Conference Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks

More information

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Cybersecurity Landscape Major Data Breaches (e.g., OPM, IRS) Data Breach Notification Laws Directors Derivative Suits Federal Legislation

More information

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating

More information

Internet of Things Toolkit for Small and Medium Businesses

Internet of Things Toolkit for Small and Medium Businesses Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors

More information

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents Services to Help You Prepare for and Quickly Respond to Security Incidents The Challenge The threat landscape is always evolving and adversaries are getting harder to detect; and with that, cyber risk

More information

Risk Advisory Academy Training Brochure

Risk Advisory Academy Training Brochure Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty

More information

Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,

Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager, Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager, Deloitte & Touche LLP 1 Speaker Introduction Sanjeev

More information

The Deloitte-NASCIO Cybersecurity Study Insights from

The Deloitte-NASCIO Cybersecurity Study Insights from The Deloitte-NASCIO Cybersecurity Study Insights from 2010-2016 August 21, 2018 Srini Subramanian State Government Sector Leader Deloitte Erik Avakian CISO Pennsylvania Michael Roling CISO Missouri Meredith

More information

IoT & SCADA Cyber Security Services

IoT & SCADA Cyber Security Services RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au

More information

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1 Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com

More information

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response Cyber Incident Response Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response 1 2 Today, no Canadian business is immune from a potential attack. It s no longer

More information

Headline Verdana Bold

Headline Verdana Bold Headline Verdana Bold Federal Banking Agencies Issue Proposal on Cyber Risk Management Standards Standards would require largest institutions to enhance operational resilience October 2016 Executive summary

More information

Spiros Angelopoulos Principal Solutions Architect ForgeRock. Debi Mohanty Senior Manager Deloitte & Touche LLP

Spiros Angelopoulos Principal Solutions Architect ForgeRock. Debi Mohanty Senior Manager Deloitte & Touche LLP Debi Mohanty Senior Manager Deloitte & Touche LLP Multi-factor (MFA) Authentication September 2018 Spiros Angelopoulos Principal Solutions Architect ForgeRock MFA Evolved Authentication Spiros Angelopoulos

More information

Cybersecurity Fortification Initiative (CFI) infrastructure whitepaper

Cybersecurity Fortification Initiative (CFI) infrastructure whitepaper Cybersecurity Fortification Initiative (CFI) infrastructure whitepaper Recently, Cybersecurity Fortification Initiative (CFI) have been a hot topic in the Hong Kong banking industry and financial institutions

More information

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on

More information

Cyber risk Getting the boardroom focus right

Cyber risk Getting the boardroom focus right Cyber risk Getting the boardroom focus right Cyber attacks have become substantially more malicious and larger scale over last few years, causing much greater harm to organisations and elevating cyber

More information

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.

More information

Autobot - IoT enabled security. For Private circulation only October Risk Advisory

Autobot - IoT enabled security. For Private circulation only October Risk Advisory For Private circulation only October 2018 Risk Advisory Table of contents Background 02 Common Challenges 03 About the AutoBot 04 Capabilities of the AutoBot 05 Future of Autobot 06 The success story

More information

Real estate predictions 2017 What changes lie ahead?

Real estate predictions 2017 What changes lie ahead? Real estate predictions 2017 What changes lie ahead? Cyber Risk 2017. For information, contact Deloitte Consultores, S.A. Real Estate Predictions 2017 2 Cyber Risk Rising cyber risk in real estate through

More information

Building a Resilient Security Posture for Effective Breach Prevention

Building a Resilient Security Posture for Effective Breach Prevention SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.

More information

The value of visibility. Cybersecurity risk management examination

The value of visibility. Cybersecurity risk management examination The value of visibility Cybersecurity risk management examination Welcome to the "new normal" Cyberattacks are inevitable. In fact, it s no longer a question of if a breach will occur but when. Cybercriminals

More information

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action 2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action April 11, 2018 Contact Information Casie D. Collignon Partner Denver 303.764.4037 ccollignon@bakerlaw.com

More information

GDPR: A QUICK OVERVIEW

GDPR: A QUICK OVERVIEW GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance

More information

The NIS Directive and Cybersecurity in

The NIS Directive and Cybersecurity in The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security

More information

Agenda. Security essentials. Year in review. College/university challenges. Recommendations. Agenda RSM US LLP. All Rights Reserved.

Agenda. Security essentials. Year in review. College/university challenges. Recommendations. Agenda RSM US LLP. All Rights Reserved. Agenda Agenda Security essentials Year in review College/university challenges Recommendations 2 About me Matt Franko Director, Risk Advisory Services matthew.franko@rsmus.com (216) 927-8224 11+ years

More information

MFA Enrollment Guide. Multi-Factor Authentication (MFA) Enrollment guide STAGE Environment

MFA Enrollment Guide. Multi-Factor Authentication (MFA) Enrollment guide STAGE Environment Multi-Factor Authentication (MFA) Enrollment guide STAGE Environment December 2017 00 Table of Contents What is MFA and how does it impact the way I sign into applications? 2 MFA Enrollment Log-in 3 Setup

More information

Plan a Pragmatic Approach to the new EU Data Privacy Regulation

Plan a Pragmatic Approach to the new EU Data Privacy Regulation AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General

More information

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE WHITEPAPER RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE CONTENTS Executive Summary........................................ 3 Transforming How We Think About Security.......................... 4 Assessing

More information

Bharath Chari Cyber Risk Sr. Manager, Deloitte & Touche LLP

Bharath Chari Cyber Risk Sr. Manager, Deloitte & Touche LLP Prioritizing & enabling internal during ERP/Cloud SaaS and other enterprise system implementations NASC Conference March 21, 2018 Introduction Moderator Presenters Jim Kennedy Senior Deputy Director of

More information

Achieving third-party reporting proficiency with SOC 2+

Achieving third-party reporting proficiency with SOC 2+ Achieving third-party reporting proficiency with SOC 2+ Achieving third-party reporting proficiency with SOC 2+ Today s organizations do business within a broad ecosystem. Customers, partners, agents,

More information

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby

More information

FDA & Medical Device Cybersecurity

FDA & Medical Device Cybersecurity FDA & Medical Device Cybersecurity Closing Keynote, February 19, 2017 Suzanne B. Schwartz, M.D., MBA Associate Director for Science & Strategic Partnerships Center for Devices and Radiological Health US

More information

13.f Toronto Catholic District School Board's IT Strategic Review - Draft Executive Summary (Refer 8b)

13.f Toronto Catholic District School Board's IT Strategic Review - Draft Executive Summary (Refer 8b) AGENDA ADDENDU TE REGULAR EETING OF TE AUDIT COITTEE COITTEE PUBLIC SESSION Tuesday, June 6, 2017 6:30 P.. Pages 13. Staff Reports 13.f Toronto Catholic District School Board's IT Strategic Review - Draft

More information

External Supplier Control Obligations. Cyber Security

External Supplier Control Obligations. Cyber Security External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place

More information

Keys to a more secure data environment

Keys to a more secure data environment Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting

More information

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager 2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager NIST Cybersecurity Framework (CSF) Executive Order 13636 Improving Critical Infrastructure Cybersecurity tasked the National

More information

3/3/2017. Medical device security The transition from patient privacy to patient safety. Scott Erven. Who i am. What we ll be covering today

3/3/2017. Medical device security The transition from patient privacy to patient safety. Scott Erven. Who i am. What we ll be covering today www.pwc.com Medical device security The transition from patient privacy to patient safety Scott Erven Who i am Scott Erven - Managing Director Healthcare Industries Advisory Cybersecurity & Privacy Medical

More information

Medical device security The transition from patient privacy to patient safety

Medical device security The transition from patient privacy to patient safety www.pwc.com Medical device security The transition from patient privacy to patient safety Scott Erven Who i am Scott Erven - Managing Director Healthcare Industries Advisory Cybersecurity & Privacy Medical

More information

Information Governance, the Next Evolution of Privacy and Security

Information Governance, the Next Evolution of Privacy and Security Information Governance, the Next Evolution of Privacy and Security Katherine Downing, MA, RHIA, CHPS, PMP Sr. Director AHIMA IG Advisors Follow me @HIPAAQueen 2017 2017 Objectives Part Part I IG Topic

More information

Building Resilience to Denial-of-Service Attacks

Building Resilience to Denial-of-Service Attacks Building Resilience to Denial-of-Service Attacks Building resilience to denial-of-service attacks Traditionally, organizations have relied on disaster recovery (DR) solutions to provide protection from

More information

CYBER RESILIENCE & INCIDENT RESPONSE

CYBER RESILIENCE & INCIDENT RESPONSE CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable

More information

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? What the new data regulations mean for your business, and how Brennan IT and Microsoft 365 can help. THE REGULATIONS: WHAT YOU NEED TO KNOW Australia:

More information

POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS

POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, 2017 14TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS 1 Fact vs. Myth Let s Play: Fact vs. Myth The FDA is the federal entity

More information

Global Mobile Consumer Survey, US Edition Overview of results

Global Mobile Consumer Survey, US Edition Overview of results Global Mobile Consumer Survey, US Edition Overview of results Smartphones front and center Mobile phones are still on the rise, in number and importance Smartphone ownership reached 85% (a YoY increase

More information

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002 ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION

More information

HEALTH CARE AND CYBER SECURITY:

HEALTH CARE AND CYBER SECURITY: HEALTH CARE AND CYBER SECURITY: Increasing Threats Require Increased Capabilities kpmg.com 1 HEALTH CARE AND CYBER SECURITY EXECUTIVE SUMMARY Four-fifths of executives at healthcare providers and payers

More information

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it

More information

European Union Agency for Network and Information Security

European Union Agency for Network and Information Security Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency

More information

CYBER SECURITY AIR TRANSPORT IT SUMMIT

CYBER SECURITY AIR TRANSPORT IT SUMMIT CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER

More information

Customer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach

Customer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach Customer Breach Support A Deloitte managed service Notifying, supporting and protecting your customers through a data breach Customer Breach Support Client challenges Protecting your customers, your brand

More information

Big data privacy in Australia

Big data privacy in Australia Five-article series Big data privacy in Australia Three actions you can take towards compliance Article 5 Big data and privacy Three actions you can take towards compliance There are three actions that

More information

Legal Issues Surrounding the Internet of Things and Other Emerging Technology

Legal Issues Surrounding the Internet of Things and Other Emerging Technology Legal Issues Surrounding the Internet of Things and Other Emerging Technology ACC Houston Chapter Meeting September 12, 2017 Jonathan Ishee Vorys Sater Seymour and Pease, LLP Dean Fisher RigNet Overview

More information

Why you should adopt the NIST Cybersecurity Framework

Why you should adopt the NIST Cybersecurity Framework Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive

More information

SOC for cybersecurity

SOC for cybersecurity April 2018 SOC for cybersecurity a backgrounder Acknowledgments Special thanks to Francette Bueno, Senior Manager, Advisory Services, Ernst & Young LLP and Chris K. Halterman, Executive Director, Advisory

More information

Cybersecurity, safety and resilience - Airline perspective

Cybersecurity, safety and resilience - Airline perspective Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,

More information

Cyber Security. June 2015

Cyber Security. June 2015 Cyber Security June 2015 Table of contents Section Pages Introduction and methodology 3 Key findings 4 Respondent profile 5-9 Cyber security practices 10-25 Resources for monitoring cyber security events

More information

CFOs in a new global environment Sandy Cockrell, Deloitte

CFOs in a new global environment Sandy Cockrell, Deloitte CFOs in a new global environment Sandy Cockrell, Deloitte CFOs in a new global environment 1 2 3 Background The CFO role CFOs Challenges Where does our data come from? How is the CFO role evolving in the

More information

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018 Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your

More information

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad

More information

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient? Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY

More information

Multi-factor authentication enrollment guide for Deloitte client or business partner user

Multi-factor authentication enrollment guide for Deloitte client or business partner user Deloitte OnLine eroom Global Technology Services December 2017 Multi-factor authentication enrollment guide for Deloitte client or business partner user What is multi-factor authentication (MFA) and how

More information

BREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response

BREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response BREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response INTRO PROTECT YOUR BUSINESS AND ITS DATA AGAINST ADVANCED ATTACKS Effective pre-compromise threat prevention is the cornerstone of cyber security,

More information

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

NYDFS Cybersecurity Regulations: What do they mean? What is their impact? June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing

More information

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015 Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report November 19, 2015 Table of contents Background Exercise objectives Quantum Dawn 3 (QD3) cyberattack scenario QD3 results

More information

Rethinking Information Security Risk Management CRM002

Rethinking Information Security Risk Management CRM002 Rethinking Information Security Risk Management CRM002 Speakers: Tanya Scott, Senior Manager, Information Risk Management, Lending Club Learning Objectives At the end of this session, you will: Design

More information

CYBER INSURANCE: MANAGING THE RISK

CYBER INSURANCE: MANAGING THE RISK CYBER INSURANCE: MANAGING THE RISK LEON FOUCHE PARTNER & NATIONAL CYBERSECURITY LEAD BDO AUSTRALIA MEMBER OF THE GLOBAL CYBERSECURITY LEADERSHIP GROUP ii CYBER INSURANCE: MANAGING THE RISK There s no doubt

More information

Cyber Insurance: What is your bank doing to manage risk? presented by

Cyber Insurance: What is your bank doing to manage risk? presented by Cyber Insurance: What is your bank doing to manage risk? David Kitchen presented by Lisa Micciche Today s Agenda Claims Statistics Common Types of Cyber Attacks Typical Costs Incurred to Respond to an

More information

Managing Cybersecurity Risk

Managing Cybersecurity Risk Managing Cybersecurity Risk Maureen Brundage Andy Roth August 9, 2016 Managing Cybersecurity Risk Cybersecurity: The Current Legal and Regulatory Environment Cybersecurity Governance: Considerations for

More information

On the board s agenda US Cyber risk in the boardroom: Accelerating from acceptance to action

On the board s agenda US Cyber risk in the boardroom: Accelerating from acceptance to action February 2018 On the board s agenda US Cyber risk in the boardroom: Accelerating from acceptance to action Cyber risk is a top-level business risk that boards may find challenging to oversee and difficult

More information

MEDICAL DEVICE SECURITY. A Focus on Patient Safety February, 2018

MEDICAL DEVICE SECURITY. A Focus on Patient Safety February, 2018 MEDICAL DEVICE SECURITY A Focus on Patient Safety February, 2018 WHO I AM Adam Brand I Am The Cavalry Director Privacy and Security, Protiviti Focus on Medical Device Healthcare Security Custom EEG Manufacturing,

More information

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank NJ Bankers Association Annual Convention May 19, 2017 Presented by: Jeremy Burris, Principal, S.R. Snodgrass,

More information

Securing Digital Transformation

Securing Digital Transformation September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated

More information

MEDICAL DEVICE CYBERSECURITY: FDA APPROACH

MEDICAL DEVICE CYBERSECURITY: FDA APPROACH MEDICAL DEVICE CYBERSECURITY: FDA APPROACH CYBERMED SUMMIT JUNE 9TH, 2017 SUZANNE B. SCHWARTZ, MD, MBA ASSOCIATE DIRECTOR FOR SCIENCE & STRATEGIC PARTNERSHIPS CENTER FOR DEVICES AND RADIOLOGICAL HEALTH

More information

The Future of IT Internal Controls Automation: A Game Changer. January Risk Advisory

The Future of IT Internal Controls Automation: A Game Changer. January Risk Advisory The Future of IT Internal Controls Automation: A Game Changer January 2018 Risk Advisory Contents Introduction 01 Future Operating Models for Managing Internal Controls 02 Summary 07 Introduction Internal

More information

Jeff Wilbur VP Marketing Iconix

Jeff Wilbur VP Marketing Iconix 2016 Data Protection & Breach Readiness Guide February 3, 2016 Craig Spiezle Executive Director & President Online Trust Alliance Jeff Wilbur VP Marketing Iconix 1 Who is OTA? Mission to enhance online

More information

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response STAY ONE STEP AHEAD OF THE CRIMINAL MIND F-Secure Rapid Detection & Response INTRO PROTECT YOUR BUSINESS AND ITS DATA AGAINST ADVANCED ATTACKS Effective pre-compromise threat prevention is the cornerstone

More information

Cybersecurity in Higher Ed

Cybersecurity in Higher Ed Cybersecurity in Higher Ed 1 Overview Universities are a treasure trove of information. With cyber threats constantly changing, there is a need to be vigilant in protecting information related to students,

More information

Back to the Future Cyber Security

Back to the Future Cyber Security Back to the Future Cyber Security A manifesto for Cyber Security and the Industrial Legacy Introduction Industrial facilities and infrastructure form the core of our economy and society. These advanced

More information

Institute of Internal Auditors 2018 IIA CHICAGO CHAPTER JOIN NTAC:4UC-11

Institute of Internal Auditors 2018 IIA CHICAGO CHAPTER JOIN NTAC:4UC-11 AUDITING ROBOTICS AND THE INTERNET OF THINGS (IOT) APRIL 9, 2018 PRESENTERS Kara Nagel Manager, Information Security Accenture Ryan Hopkins Assistant Director, Internal Audit Services Packaging Corp. of

More information