Cyber resilience, information security and operational continuity
|
|
- Coleen Joseph
- 6 years ago
- Views:
Transcription
1 Cyber resilience, information security and operational continuity Global Payments Week Torino, September 20/2016
2 Introduction The CPMI published earlier this year the Guidelines for cyber resiliency for financial market infrastructures, aimed at helping FMIs to improve their cyber resilience frameworks. Recent cyber attacks have highlighted the increasing importance that cyber security has taken for central banks and, in general, for financial institutions. Due to their potential to create havoc, cyber attacks pose important risks to the financial system. Considering the role that central banks play in financial stability, is of utmost importance that these institutions analyze the risks that cyber threats represent. 2
3 Threats Attacks and attackers are becoming highly sophisticated, meticulously organized and cross-border. Financial institutions, including central banks, now confront an organized criminal industry Financial services have become particularly IT-intensive, with products mostly being offered through electronic channels. By compromising the confidentiality and integrity of information, cyber attacks can disrupt financial services and undermine public trust. Additionally, the financial industry is highly interconnected. Thus, the consequences of a succesful cyber attack could spread rapidly and may be hard to contain, affecting financial services that are time-critical. 3
4 Challenges Cyber risks evolve constantly. Cyber criminals can adapt much faster to new tools and technology than traditional financial institutions, and their motivations are diverse. It is difficult to characterize them and to establish one-size-fits-all mechanisms to contain them. Financial institutions personnel can be willing or unwilling participants in cyber attacks. How to achieve a balance between efficient and secure operating processes? How to make sure that only qualified and trusted staff are in charge of critical systems and processes? FMIs need to comply with the 2-hour RTO established by PFMIs, even in case of a cyber attack. 4
5 Preparation Central banks have experience regarding cyber security and operational continuity, given their role as FMI operators. However, additional steps are required to be fully prepared. Disaster Recovery Plans (DRPs) and Business Continuity Plans (BCPs) need to be set up and continuously tested. Central banks have to establish minimum requirements on cyber security and operational continuity on their regulation and supervise them continuously. Cooperation among central banks and financial institutions is fundamental to sharing information and preventing propagation of cyber attacks and threats. 5
6 Bank of Mexico s experience Bank of Mexico has implemented several actions in order to enhance its cyber security framework: Participation in international groups to share information, to stay updated on new cyber threats. Yearly internal and external cyber security evaluations of the technological infrastructure used by the payment systems, in particular by the Mexican RTGS, SPEI. Implementation of high availability mechanisms in SPEI, in case the main site is unavailable. Establishment of cyber security and operational continuity requirements for participants in the payments systems operated by the central bank. A permanent supervision program of those requirements. Initial steps to establish a working group on cyber security and operational continuity for SPEI Development of the BCP for SPEI. Regular DRP exercises with participants. 6
7 Discussion Central banks need to take cyber threats very seriously. In particular, the LAC region has to enhance its level of preparedness to handle and contain cyber attacks. In this session, we will discuss and share experiences in this important subject. How your institution has been affected by cyber attacks? How operational risk is handled by central banks and FMIs? How coordination and sharing of information help to improve cyber incident management? What actions have been taken by your institutions to regulate and supervise cyber and operational continuity requirements? We hope that this session will be helpful and promote effective actions in our own jurisdictions. 7
8
Wiebe Ruttenberg & Emran Islam DG Market Infrastructure & Payments. From Cyber Threats via Cyber Security to Cyber Resilience
Wiebe Ruttenberg & Emran Islam DG Market Infrastructure & Payments From Cyber Threats via Cyber Security to Cyber Resilience AMISeCo meeting, 7 March 2017 Rubric Cyber threats landscape Cyber threats are
More informationCOMMENTARY. Federal Banking Agencies Propose Enhanced Cyber Risk Management Standards
November 2016 COMMENTARY Federal Banking Agencies Propose Enhanced Cyber Risk Management Standards The Board of Governors of the Federal Reserve System ( Federal Reserve Board ), the Federal Deposit Insurance
More informationSpecial Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)
Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation) December 15, 2000 1. Goals of the Special Action Plan The goal of this action plan is to protect
More informationGeneral Framework for Secure IoT Systems
General Framework for Secure IoT Systems National center of Incident readiness and Strategy for Cybersecurity (NISC) Government of Japan August 26, 2016 1. General Framework Objective Internet of Things
More informationENISA s Position on the NIS Directive
ENISA s Position on the NIS Directive 1 Introduction This note briefly summarises ENISA s position on the NIS Directive. It provides the background to the Directive, explains its significance, provides
More informationCyber Security and Cyber Fraud
Cyber Security and Cyber Fraud Remarks by Andrew Ross Director, Payments and Cyber Security Canadian Bankers Association for Senate Standing Committee on Banking, Trade, and Commerce October 26, 2017 Ottawa
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationBusiness Continuity Planning Keeping Pace with New Technology
Business Continuity Planning Keeping Pace with New Technology Old issues, new threats Force Majeure Increasing severe weather incidents, terrorist attacks Legacy modernization Cutover issues, system crashes,
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationBusiness Continuity Planning
Business Continuity Planning The Unexpected Happens Be Ready Copyright -Business Survival Partners, llc. 2011 - All Rights Reserved www.survivalpartners.biz RISK 2 Risks to National Security A secure and
More informationG7 Bar Associations and Councils
COUNTRY PAPER UNITED STATES G7 Bar Associations and Councils SEPTEMBER 14, 2017 ROME, ITALY The American Bar Association P R E F A C E As we have witnessed, cyber terrorism is an extremely serious threat
More informationCybersecurity, safety and resilience - Airline perspective
Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,
More informationAgenda. About TRL. What is the issue? Security Analysis. Consequences of a Cyber attack. Concluding remarks. Page 2
Security Insert the Vulnerabilities title of your of the presentation Connected here Car Presented Presented by by Peter Name Vermaat Here Principal Job Title ITS - Date Consultant 24/06/2015 Agenda 1
More informationSWIFT Response to the Committee on Payments and Market Infrastructures discussion note:
SWIFT Response to the Committee on Payments and Market Infrastructures discussion note: Reducing the risk of wholesale payments fraud related to endpoint security 28 November 2017 SWIFT thanks the Committee
More informationRegulatory Update Cyber Security
Regulatory Update Cyber Security Mr Brian Lee Division Head Hong Kong Monetary Authority 25 September 2015 Disclaimer This presentation is provided for training purposes and does not form part of the formal
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationGUIDANCE NOTE ON CYBERSECURITY
GUIDANCE NOTE ON CYBERSECURITY AUGUST 2017 GUIDANCE NOTE ON CYBERSECURITY PART I Preliminary 1.1 Title 1.2 Authorization 1.3 Application 1.4 Definitions PART II Statement of Policy 2.1 Purpose 2.2 Scope
More informationand 1 Cybersecurity Cross-Border 1Settlement Infrastructure 0
010101010110101010101001011101010101010010111010101010101010010111001010101 101010101001011100101010101011100101110101011010101101010101011010101101010 010101010110101010010111010101010101010010111001010101010111001011101010101
More informationEndpoint Security for Wholesale Payments
Endpoint Security for Wholesale Payments 2018 CHICAGO PAYMENTS SYMPOSIUM EMILY CARON MANAGER, FMI RISK & POLICY FEDERAL RESERVE BOARD The views expressed in this presentation are those of the speaker and
More informationGuidelines. on the security measures for operational and security risks of payment services under Directive (EU) 2015/2366 (PSD2) EBA/GL/2017/17
GUIDELINES ON SECURITY MEASURES FOR OPERATIONAL AND SECURITY RISKS UNDER EBA/GL/2017/17 12/01/2018 Guidelines on the security measures for operational and security risks of payment services under Directive
More informationGUIDELINES ON MARITIME CYBER RISK MANAGEMENT
E 4 ALBERT EMBANKMENT LONDON SE1 7SR Telephone: +44 (0)20 7735 7611 Fax: +44 (0)20 7587 3210 GUIDELINES ON MARITIME CYBER RISK MANAGEMENT MSC-FAL.1/Circ.3 5 July 2017 1 The Facilitation Committee, at its
More informationHeadline Verdana Bold
Headline Verdana Bold Federal Banking Agencies Issue Proposal on Cyber Risk Management Standards Standards would require largest institutions to enhance operational resilience October 2016 Executive summary
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationBusiness Continuity: How to Keep City Departments in Business after a Disaster
Business Continuity: How to Keep City Departments in Business after a Disaster Shannon Spence, PE Red Oak Consulting, an ARCADIS group Agenda Security, Resilience and All Hazards The Hazards Cycle and
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 9 Chapter X Security Performance Metrics Background For the past two years, the State of Reliability report has included a chapter for security performance
More informationUNITAS Crisis communication exercise report
UNITAS Crisis communication exercise report December 2018 Contents Executive summary 2 1 Introduction 3 2 Exercise objectives 4 3 Organisation 5 4 Exercise findings 6 4.1 Participants 6 4.2 Overseers 7
More informationRegional Resilience: Prerequisite for Defense Industry Base Resilience
Regional Resilience: Prerequisite for Defense Industry Base Resilience Paula Scalingi, Director Pacific Northwest Center for Regional Disaster Resilience Vice Chair, The Infrastructure Security Partnership
More informationCyber risk management into the ISM Code
Building trust. Shaping Safety No. Subject: Cyber risk management into the ISM Code To: insb auditors/managing companies IMO Resolution incorporates maritime cyber risk management into the ISM Code making
More informationAre Traditional Disaster Recovery Plans Still Relevant? Bobby Williams, MBCP, MBCI Director, IT Resiliency Planning Fidelity Investments
Are Traditional Disaster Recovery Plans Still Relevant? Bobby Williams, MBCP, MBCI Director, IT Resiliency Planning Fidelity Investments Who am I? Bobby Williams is the Director of IT Resiliency Planning
More informationSTRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government
ATIONAL STRATEGY National Strategy for Critical Infrastructure Government Her Majesty the Queen in Right of Canada, 2009 Cat. No.: PS4-65/2009E-PDF ISBN: 978-1-100-11248-0 Printed in Canada Table of contents
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More information2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager
2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager NIST Cybersecurity Framework (CSF) Executive Order 13636 Improving Critical Infrastructure Cybersecurity tasked the National
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationThe Digitalisation of Finance
Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht Annual Conference on the Digitalisation of Finance organised by CEPS BRUSSELS, BELGIUM JUNE 2018 www.enisa.europa.eu European Union Agency
More informationQuadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters
Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters QHSR Background Implementing Recommendations of the 9/11 Commission Act of 2007 directed DHS to Conduct a Quadrennial Homeland
More informationFSOR. Cyber security in the financial sector VISION 2020 FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE
FSOR FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE DECEMBER 2016 Cyber security in the financial sector VISION 2020 The Danish financial sector should be best in class in Europe when it comes to countering
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More informationRESOLUTION 130 (REV. BUSAN, 2014)
RESOLUTION 130 (REV. BUSAN, 2014) Strengthening the role of ITU in building confidence and security in the use of information and communication technologies The Plenipotentiary Conference of the International
More informationWriting a business continuity plan according to ISO Presenter: Dejan Kosutic
Writing a business continuity plan according to ISO 22301 Presenter: Dejan Kosutic GoToWebinar Control Panel Open and close your Panel View, Select, and Test your audio Submit text questions they will
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationIndustrial Control System Cyber Security
Industrial Control System Cyber Security Disaster Recovery Information Exchange Bruce Tyson June 28, 2017 Lunch and Learn Introduction Bruce Tyson is a certified engineering technologist (CET Telecommunications
More informationIntroduction to Business continuity Planning
Week - 06 Introduction to Business continuity Planning 1 Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources
More informationBUSINESS CONTINUITY MANAGEMENT (BCM) INITIATIVES OF THE BANGKO SENTRAL NG PILIPINAS
BUSINESS CONTINUITY MANAGEMENT (BCM) INITIATIVES OF THE BANGKO SENTRAL NG PILIPINAS Dickenson Y. Africa, CPA, CISA, MBA, CBCLA Head of Business Continuity Office Bangko Sentral ng Pilipinas 16 March 2017
More informationStanding Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018
Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018 Contents Background 3 Exercise objectives 4 Day 1 Cyber-range exercise 5 Day 2 Cyberattack scenario 6-7
More informationMs. Izumi Nakamitsu High Representative for Disarmament Affairs United Nations
Opening Remarks by Ms. Izumi Nakamitsu, High Representative for Disarmament Affairs, at the High-Level Event on Cyber Security, hosted by the Prime Minister of Bangladesh Ms. Izumi Nakamitsu High Representative
More informationTable of Contents. Sample
TABLE OF CONTENTS... 1 CHAPTER 1 INTRODUCTION... 4 1.1 GOALS AND OBJECTIVES... 5 1.2 REQUIRED REVIEW... 5 1.3 APPLICABILITY... 5 1.4 ROLES AND RESPONSIBILITIES SENIOR MANAGEMENT AND BOARD OF DIRECTORS...
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationItu regional workshop
Itu regional workshop "Key Aspects of Cybersecurity in the Context of Internet of Things (IoT) Natalia SPINU 18 September, 2017 Tashkent, Uzbekistan AGENDA 1. INTRODUCTI ON 2. Moldovan public policy on
More informationSymantec Business Continuity Solutions for Operational Risk Management
Symantec Business Continuity Solutions for Operational Risk Management Manage key elements of operational risk across your enterprise to keep critical processes running and your business moving forward.
More informationSheltered Harbor protects public confidence in the financial system if a catastrophic event like a cyber attack causes your critical systems,
Sheltered Harbor protects public confidence in the financial system if a catastrophic event like a cyber attack causes your critical systems, including your backups, to fail. Who We Are Sheltered Harbor
More informationECB-PUBLIC CYBER RESILIENCE OVERSIGHT EXPECTATIONS (CROE) FOR FINANCIAL MARKET INFRASTRUCTURES. Page 1 of 66
CYBER RESILIENCE OVERSIGHT EXPECTATIONS (CROE) FOR FINANCIAL MARKET INFRASTRUCTURES Page 1 of 66 Table of contents 1. INTRODUCTION 4 1.1. Background 4 1.2. Purpose 5 1.3. Addressees 6 1.4. Requirements
More informationEmerging Issues: Cybersecurity. Directors College 2015
Emerging Issues: Cybersecurity Directors College 2015 Agenda/Objectives Define Cybersecurity Cyber Fraud Trends/Incidents FFIEC Cybersecurity awareness initiatives Community Bank expectations FFIEC Cybersecurity
More informationIncident Response. Tony Drewitt Head of Consultancy IT Governance Ltd
Incident Response Tony Drewitt Head of Consultancy IT Governance Ltd www.itgovernance.co.uk IT Governance Ltd: GRC One-Stop-Shop Thought Leaders Specialist publisher Implementation toolkits ATO Consultants
More informationNATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES
NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES DOCUMENT DETAIL Security Classification Unclassified Authority National Information Technology Authority - Uganda
More informationGovernment-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection
Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection L. Laile Di Silvestro Senior Strategist Worldwide Public Sector Microsoft Government Industry Collaboration
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationQuickBooks Online Security White Paper July 2017
QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a
More informationFlorida Board of Governors General Office Legislative Budget Request
Florida Board of Governors General Office 2018-2019 Legislative Budget Request Funding of $9.16 million is needed to support the 65 authorized positions and associated operating expense for the Board Office.
More informationCybersecurity, Trade, and Economic Development
Cybersecurity, Trade, and Economic Development G7 ICT Priorities: Technology, Innovation, and the Global Economy UNCTAD E-Commerce Week Danielle Kriz Senior Director, Global Policy Palo Alto Networks April
More informationA Strategy for a secure Information Society Dialogue, Partnership and empowerment
A Strategy for a secure Information Society Dialogue, Partnership and empowerment Gerard.Galler@ec.europa.eu European Commission DG Information Society & Media Unit INFSO/A3: Internet; Network & Information
More informationBusiness Continuity and Disaster Recovery
Business Continuity and Disaster Recovery Index Section Title 1. Executive Summary 2. Policy Statement 3. Strategy 4. Governance 5. Key Documentation 6. Testing 1 Executive Summary Business Continuity
More informationSEACEN Cyber Security Summit 2014 Demystifying Cyber Risks: Evolving Regulatory Expectations
SIARAN AKHBAR Ref. No.: 08/14/08 For immediate release SEACEN Cyber Security Summit 2014 Demystifying Cyber Risks: Evolving Regulatory Expectations Keynote Address by Dato Muhammad bin Ibrahim Deputy Governor,
More informationThe Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
More informationCOMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document
EUROPEAN COMMISSION Strasbourg, 7.2.2013 SWD(2013) 31 final COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT Accompanying the document Proposal for a Directive of the European
More informationE-guide CISSP Prep: 4 Steps to Achieve Your Certification
CISSP Prep: 4 Steps to Achieve Your Certification Practice for the exam and keep your skills sharp : Thank you for downloading our CISSP certification guide. Aside from this handy PDF, you can also access
More informationGuide to cyber security/cip specifications and requirements for suppliers. September 2016
Guide to cyber security/cip specifications and requirements for suppliers September 2016 Introduction and context The AltaLink cyber security/cip specification and requirements for suppliers (the standard)
More informationINFORMATION SECURITY-SECURITY INCIDENT RESPONSE
Information Technology Services Administrative Regulation ITS-AR-1506 INFORMATION SECURITY-SECURITY INCIDENT RESPONSE 1.0 Purpose and Scope The purpose of the Security Response Administrative Regulation
More informationFeatured Articles II Security Research and Development Research and Development of Advanced Security Technology
364 Hitachi Review Vol. 65 (2016), No. 8 Featured Articles II Security Research and Development Research and Development of Advanced Security Technology Tadashi Kaji, Ph.D. OVERVIEW: The damage done by
More informationThe European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3
The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3 Andrea.Servida@ec.europa.eu What is at stake with CIIs The World Economic Forum
More informationNATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -
NATIONAL CYBER SECURITY STRATEGY - Version 2.0 - CONTENTS SUMMARY... 3 1 INTRODUCTION... 4 2 GENERAL PRINCIPLES AND OBJECTIVES... 5 3 ACTION FRAMEWORK STRATEGIC OBJECTIVES... 6 3.1 Determining the stakeholders
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationBrussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER
COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38
More informationCritical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.
Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach. By Christopher Ganizani Banda ICT Development Manager Malawi Communications Regulatory Authority 24-26th July,2016 Khartoum,
More informationSupply Chain Integrity and Security Assurance for ICT. Mats Nilsson
Supply Chain Integrity and Security Assurance for ICT Mats Nilsson The starting point 2 B Internet users 85% Population coverage 5+ B Mobile subscriptions 10 years of Daily upload E-Books surpassing Print
More informationBring Your Own Device (BYOD)
Bring Your Own Device (BYOD) An information security and ediscovery analysis A Whitepaper Call: +44 345 222 1711 / +353 1 210 1711 Email: cyber@bsigroup.com Visit: bsigroup.com Executive summary Organizations
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationSecuring Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)
Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationDIGITAL TRANSFORMATION OF THE RETAIL PAYMENTS ECOSYSTEM
DIGITAL TRANSFORMATION OF THE RETAIL PAYMENTS ECOSYSTEM CYBER SECURITY THE BALANCE BETWEEN COOPERATION AND REGULATION KEYNOTE SPEECH BY FABIO PANETTA, DEPUTY GOVERNOR OF BANCA D ITALIA At the joint ECB
More informationHENRY EE, FBCI, CBCP
10 Things You Should Know When Reimagine Your ERM With BCM Program 27 July 2016 Presented by : Henry Ee, FBCI, CBCP, ISO22301 LA, Fellow of Business Continuity Institute (FBCI) Certified Business Continuity
More informationSecurity for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape
White Paper Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape Financial services organizations have a unique relationship with technology: electronic data and transactions
More informationTexas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13
Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas
More informationCOUNTERING IMPROVISED EXPLOSIVE DEVICES
COUNTERING IMPROVISED EXPLOSIVE DEVICES FEBRUARY 26, 2013 COUNTERING IMPROVISED EXPLOSIVE DEVICES Strengthening U.S. Policy Improvised explosive devices (IEDs) remain one of the most accessible weapons
More informationOperational Risk Management: Major Processes and Assignments
Operational Risk Management: Major Processes and Assignments Gabriel Andrade Deputy-Head of the Risk Management Department 19 September 2017 Cambridge Agenda 1. ORM Framework Operational Risk Operational
More informationICB Industry Consultation Body
ICB Industry Consultation Body POSITION PAPER Regulatory Response to ATM Cyber-Security Increasing reliance on inter-connected ATM systems, services and technologies increases the risk of cyber-attacks.
More informationIT Risk: Cybersecurity
IT Risk: Cybersecurity Agenda Purpose of Presentation Define cybersecurity Describe the challenges unique to cyber risk Discuss how financial institutions have responded to cyber risk Describe supervisory
More informationCOMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises
EUROPEAN COMMISSION Brussels, 13.9.2017 C(2017) 6100 final COMMISSION RECOMMENDATION of 13.9.2017 on Coordinated Response to Large Scale Cybersecurity Incidents and Crises EN EN COMMISSION RECOMMENDATION
More informationInitiative. Copyright Techdemocracy, 2017
A Initiative 1 A Initiative 2 November 2 nd, 2017 Ken Pfeil / Gautam Dev 3 What is the purpose of the ACRG? The alliance purpose is to establish a standard framework for risk measurement, reporting and
More informationभ रत य ररज़र व ब क. Setting up and Operationalising Cyber Security Operation Centre (C-SOC)
Annex-2 Setting up and Operationalising Cyber Security Operation Centre (C-SOC) Introduction 1 - Banking Industry in India has evolved technologically over the years and currently delivering innovative
More informationST. VINCENT AND THE GRENADINES
ST. VINCENT AND THE GRENADINES MARITIME ADMINISTRATION CIRCULAR N ISM 014 MARITIME CYBER RISK MANAGEMENT MSC.1/CIRC.1526, MSC-FAL.1/CIRC.3, RESOLUTION MSC.428 (98) TO: APPLICABLE TO: SHIPOWNERS, SHIPS
More informationRUAG Cyber Security Understand Cyber. Protect Values.
RUAG Cyber Security Understand Cyber. Protect Values. Your Cyber Security maturity depends on your awareness and the appropriate behaviour of every single user. RUAG Cyber Security empowers and efficiently
More informationOutreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness
2011/EPWG/WKSP/020 Session 4 Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness Submitted by: Australia Workshop on Private Sector Emergency Preparedness Sendai,
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Regional Resiliency Assessment Program 2015 State Energy Risk Assessment Workshop April
More informationGlobal Alliance Against Child Sexual Abuse Online 2014 Reporting Form
Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form MONTENEGRO Policy Target No. 1 Enhancing efforts to identify victims and ensuring that they receive the necessary assistance, support
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationHomeland Security and Geographic Information Systems
Page 1 of 5 Homeland Security and Geographic Information Systems How GIS and mapping technology can save lives and protect property in post-september 11th America Introduction Timely, accurate information,
More information