Supporting the NHS to Improve Cyber Security. Presented by Chris Flynn Security Operations Lead NHS Digital s Data Security Centre
|
|
- Erin Miles
- 6 years ago
- Views:
Transcription
1 Supporting the NHS to Improve Cyber Security Presented by Chris Flynn Security Operations Lead NHS Digital s Data Security Centre
2 JA 2
3 Start with why And why it matters? 3
4 Balancing data security & patient care Trust Safe care Timely care 5
5 Balancing data security & patient care Confidentiality Integrity Availability Trust Safe care Timely care 6
6 The threat is real and in the public domain 10 th October 2016, An inews article regarding data security in health and care alleged: That a minimum of nearly 30 NHS trusts in England have been the victim of ransomware attacks in the last year 31 st October 2016, BBC News reported North Lincs & Goole: Virus infected systems and services Operations. Outpatients & diagnostics cancelled for three days. 13 th January 2017, St Bart's suffers a malware attack: Enacts contingency plans to ensure continuity Disruption to I.T. systems 7
7 The Threat is Real (& Health is no different) Hospital X: Infiltration onto local network; infiltrating 60+ internal servers (some clinical), used as a mail relay and over 2m SPAM s sent from hospital servers. Bedroom Hacker exploiting a Technology XP and Windows Server 2003 vulnerability. Govt Body Y: Insider, an employee was socially engineered by a journalist to release pseudonymised information on hospital statistics that due to their format could have been re-id d. Insider Threat, Social Engineering of Our People Hospital Z: Malware attack, affecting 100 XP machines and multiple servers. Due to issues caused by data integrity fears, path results disrupted and discharge affected (bed blocking). Criminality, failure in Process of the organisation to keep up their patching regime 8
8 Potentially malicious activity The NHS is no different to any other sector: Security threats commensurate to those found in wider industry are blocked at the gateway of the National NHS Network (N3) every month That equates to malicious traffic equating to 0.3% of all data sent across the NHS Network Over 250k downloaded files were quarantined suspected as being malicious 10% of these were blocked c.60% of incoming mails to NHS Mail2 were blocked as Spam This is just what we can see! 9
9 How can NHS Digital help? 10
10 NHS Digital Data Security Centre NHS Digital s Data Security Centre is at the forefront of information and data security. It enables the secure and safe use of information within health and care building public trust through the services, guidance and advice it offers. It is the centre for threat intelligence while also coordinating a sectorwide incident management capability. Capabilities: Cyber Security Programme delivering services to health and care Specialist Security Service Internal specialists and resourcing Security Cell internal security monitoring and incident management, external threat and incident management through CareCERT 11
11 NHS Digital s Role in Data Security NHS Digital s Data Security Centre, the services it implements to health and care, and the support and guidance it offers to the system should be: non-regulatory; NHS Digital is not a regulator but an enabler to the 2million+ employees in the system to provide better data security a Leader in data security; the place the wider health and care system comes for advice guidance and support the gateway to the National Cyber Security Centre; distilling best practice and working with NCSC on improving UK response to cyber threat the trusted centre for threat intelligence for the system and sector wide incident management 12
12 What we do 13
13 CareCERT core services 14
14 Data Security Standards All staff ensure that personal confidential data is handled, stored and transmitted securely, whether in electronic or paper form. Personal confidential data is only shared for lawful and appropriate purposes All staff understand their responsibilities under the National Data Guardian s Data Security Standards including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised Information Governance Toolkit. Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required. All access to personal confidential data on IT systems can be attributed to individuals. Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses, or which force staff to use workarounds which compromise data security. A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management. Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection. No unsupported operating systems, software or internet browsers are used within the IT estate. A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually. 15
15 Defence in Depth Proactive Refreshed Assurance regime E-learning Changing Culture Contractual Levers & Incentives On site assessments Threat Intelligence Capital Investment Removing Vulnerabilities Network Monitoring Blocking & detecting Threats Reactive Remote Support Reducing Impact Knowledge repository Continually Learning & Improving 16
16 CareCERT, React, Assure Enquiries:
Data Security Standards
Data Security Standards Overall guide The bigger picture of where the standards fit in 2018 Copyright 2017 Health and Social Care Information Centre. The Health and Social Care Information Centre is a
More informationCyber fraud and its impact on the NHS: How organisations can manage the risk
Cyber fraud and its impact on the NHS: How organisations can manage the risk Chair: Ann Utley, Preparation Programme Manager, NHS Providers Arno Franken, Cyber Specialist, RSM Sheila Pancholi, Partner,
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationData Security Standard 9 IT protection The bigger picture and how the standard fits in
Data Security Standard 9 IT protection The bigger picture and how the standard fits in 2018 Copyright 2017 Health and Social Care Information Centre. The Health and Social Care Information Centre is a
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationCYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response
CYBER INCIDENT REPORTING GUIDANCE Industry Reporting Arrangements for Incident Response DfT Cyber Security Team CYBER@DFT.GSI.GOV.UK Introduction The Department for Transport (DfT) has produced this cyber
More informationBirmingham Community Healthcare NHS Foundation Trust. 2017/17 Data Security and Protection Requirements March 2018
1.0 Executive Summary Birmingham Community Healthcare NHS Foundation Trust 2017/17 Data Security and Protection Requirements March 2018 The Trust has received a request from NHS Improvement (NHSI) to self-assess
More informationBUSINESS LECTURE TWO. Dr Henry Pearson. Cyber Security and Privacy - Threats and Opportunities.
BUSINESS LECTURE TWO Dr Henry Pearson Cyber Security and Privacy - Threats and Opportunities. Introduction Henry started his talk by confessing that he was definitely not a marketer, as he had been occupied
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationInformation Security Controls Policy
Information Security Controls Policy Version 1 Version: 1 Dated: 21 May 2018 Document Owner: Head of IT Security and Compliance Document History and Reviews Version Date Revision Author Summary of Changes
More informationInformation Security Incident
Good Practice Guide Author: A Heathcote Date: 22/05/2017 Version: 1.0 Copyright 2017 Health and Social Care Information Centre. The Health and Social Care Information Centre is a non-departmental body
More informationDETAILED POLICY STATEMENT
Applies To: HSC Responsible Office: HSC Information Security Office Revised: New 12/2010 Title: HSC-200 Security and Management of HSC IT Resources Policy POLICY STATEMENT The University of New Mexico
More informationCOUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017
COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE Presented by Paul R. Hales, J.D. May 8, 2017 1 HIPAA Rules Combat Cyber Crime HIPAA Rules A Blueprint to Combat Cyber Crime 2 HIPAA Rules Combat Cyber Crime
More informationA practical guide to IT security
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
More informationDigital Health Cyber Security Centre
Digital Health Cyber Security Centre Current challenges Ransomware According to the ACSC Threat Report 2017, cybercrime is a prevalent threat for Australia. Distributed Denial of Service (DDoS) Targeting
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationIncident Response. Tony Drewitt Head of Consultancy IT Governance Ltd
Incident Response Tony Drewitt Head of Consultancy IT Governance Ltd www.itgovernance.co.uk IT Governance Ltd: GRC One-Stop-Shop Thought Leaders Specialist publisher Implementation toolkits ATO Consultants
More informationCyber Security and Data Protection: Huge Penalties, Nowhere to Hide
Q3 2016 Security Matters Forum Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide Alan Calder Founder & Executive Chair IT Governance Ltd July 2016 www.itgovernance.co.uk Introduction
More informationElectronic Communication of Personal Health Information
Electronic Communication of Personal Health Information A presentation to the Porcupine Health Unit (Timmins, Ontario) May 11 th, 2017 Nicole Minutti, Health Policy Analyst Agenda 1. Protecting Privacy
More informationINFORMATION SECURITY AND RISK POLICY
INFORMATION SECURITY AND RISK POLICY 1 of 12 POLICY REFERENCE INFORMATION SHEET Document Title Document Reference Number Information Security and Risk Policy P/096/CO/03/11 Version Number V02.00 Status:
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationThe UK s National Cyber Security Strategy
The UK s National Cyber Security Strategy 2016 2021 Vision for 2021: The UK is secure and resilient to cyber threats, prosperous and confident in the digital world 1 National Cyber Security Strategy 2016
More informationProtect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com
Protect Your Endpoint, Keep Your Business Safe. White Paper Exosphere, Inc. getexosphere.com White Paper Today s Threat Landscape Cyber attacks today are increasingly sophisticated and widespread, rendering
More informationR E P O R T. Cybersecurity in healthcare: The diagnosis. 1 Report Security in Healthcare: The diagnosis
R E P O R T Cybersecurity in healthcare: The diagnosis 1 Report Security in Healthcare: The diagnosis Foreword from Infoblox s Rob Bolton, Director of Western Europe The healthcare industry is facing major
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationNHS Scotland Cyber Attack: NSS Evidence to Scottish Parliament Health & Sport Committee (Jun 17)
B/17/74 NSS Formal Board Meeting Thursday, 29 June 2017 NHS Scotland Cyber Attack: NSS Evidence to Scottish Parliament Health & Sport Committee (Jun 17) Purpose The Board is asked to review and consider
More informationProtect Your End-of-Life Windows Server 2003 Operating System
Protect Your End-of-Life Windows Server 2003 Operating System Your guide to mitigating risks in your Windows Server 2003 Systems after the end of support End of Support is Not the End of Business When
More informationSecurity: 3 key areas to lock down now. Ebook
1 Security: 3 key areas to lock down now Ebook 2 The situation today The current landscape is hyperconnected and always on, with more and more devices continually being added to the global network. As
More informationProtect Your End-of-Life Windows Server 2003 Operating System
Protect Your End-of-Life Windows Server 2003 Operating System Your guide to mitigating risks in your Windows Server 2003 Systems after the end of support End of Support is Not the End of Business When
More informationWHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS
July 2018 WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS JUST WHAT THE DOCTOR ORDERED... PROTECT PATIENT DATA, CLINICAL RESEARCH AND CRITICAL INFRASTRUCTURE HEALTHCARE S KEY TO DEFEATING IOT CYBERATTACKS
More informationPosition Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED
Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation
More informationCyber risk Getting the boardroom focus right
Cyber risk Getting the boardroom focus right Cyber attacks have become substantially more malicious and larger scale over last few years, causing much greater harm to organisations and elevating cyber
More informationCyber Crime Update. Mark Brett Programme Director February 2016
Cyber Crime Update Mark Brett Programme Director February 2016 What is Cyber Crime? What are the current threats? What is the capability of local and regional Cyber Crime Investigations? What support is
More informationStatutory Notifications
Registration under the Health and Social Care Act 2008 Statutory Notifications Guidance for registered providers and managers of NHS GP and other primary medical services May 2013 Statutory notifications
More informationQualification Specification. Level 2 Award in Cyber Security Awareness For Business
Qualification Specification Level 2 Award in Cyber Security Awareness For Business ProQual 2016 Contents Page Introduction 3 Qualification profile 3 Centre requirements 4 Support for candidates 4 Assessment
More informationINFORMATION TECHNOLOGY SECURITY POLICY
INFORMATION TECHNOLOGY SECURITY POLICY Author Responsible Director Approved By Data Approved September 15 Date for Review November 17 Version 2.3 Replaces version 2.2 Mike Dench, IT Security Manager Robin
More informationInfrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA
Security and resilience for ehealth Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA European Union Agency For Network And Information Security Securing Europe
More informationCybersecurity Risk Oversight: the NIST Framework and EU approaches
Cybersecurity Risk Oversight: the NIST Framework and EU approaches Antonis Patrikios, Director Privacy & Information Law Group ACC webcast, 10 July 2014 Overview Why cybersecurity matters US NIST Framework
More informationCyber Security. Building and assuring defence in depth
Cyber Security Building and assuring defence in depth The Cyber Challenge Understanding the challenge We live in an inter-connected world that brings a wealth of information to our finger tips at the speed
More informationBusiness Continuity Policy
Business Continuity Policy Version Number: 3.6 Page 1 of 14 Business Continuity Policy First published: 07-01-2014 Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/2014
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationCyber Security: Threat and Prevention
Expand Your Horizons Webinar Series Cyber Security: Threat and Prevention February 24, 2015 1:00 1:45pm The Webinar will begin shortly. You can ask a question in the box on the right hand side. We will
More informationCybersecurity and Nonprofit
Cybersecurity and Nonprofit 2 2 Agenda Cybersecurity and Non Profits Scenario #1 Scenario #2 What Makes a Difference Cyber Insurance and How it Helps Question and Answer 3 3 Cybersecurity and Nonprofit
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationCYBER SECURITY AND MITIGATING RISKS
CYBER SECURITY AND MITIGATING RISKS 01 WHO Tom Stewart Associate Director Technology Consulting Chicago Technical Security Leader Protiviti Slides PRESENTATION AGENDA 3 START HACKING DEFINITION BRIEF HISTORY
More informationA new approach to Cyber Security
A new approach to Cyber Security Feel Free kpmg.ch We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward.
More informationFlorida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government
Florida Government Finance Officers Association Staying Secure when Transforming to a Digital Government Agenda Plante Moran Introductions Technology Pressures and Challenges Facing Government Technology
More informationExecutive Insights. Protecting data, securing systems
Executive Insights Protecting data, securing systems February 2018 Protecting data, securing systems Product and information security is a combination of education, policies and procedures, physical security
More informationCESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK
CESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK Building resilience: 10 Steps to Cyber Security 1. Information Risk Management Regime 2. Secure
More informationSecuring Digital Health and Care Communities
Securing Digital Health and Care Communities Addressing 10 common security challenges A more connected world offers many advantages in terms of information sharing and communication. But by its very nature,
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More informationHosting Your Data. Website Hosting, Security, Data Protection & Information Governance (IG)
Hosting Your Data Website Hosting, Security, Data Protection & Information Governance (IG) LHM is a web solutions provider that creates technology, products and software that is meaningful and measurable.
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationCSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague
Brmlab, hackerspace Prague Lightning talks, November 2016 in general in general WTF is an? in general WTF is an? Computer Security in general WTF is an? Computer Security Incident Response in general WTF
More informationCybersecurity and Communications Based Train Control
Cybersecurity and Communications Based Train Control RAHEEL QURESHI CYBERSECURITY AUTHORITY URBAN RAIL SIGNALLING (URS) 2016 Thales Canada, Transportation Solutions. All rights reserved. Passing on or
More informationService Provider View of Cyber Security. July 2017
Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationNIS, GDPR and Cyber Security: Convergence of Cyber Security and Compliance Risk
NIS, GDPR and Cyber Security: Convergence of Cyber Security and Compliance Risk IT Matters Forum July 2017 Alan Calder Founder & Executive Chairman IT Governance Ltd Introduction Alan Calder Founder IT
More information2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager
2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager NIST Cybersecurity Framework (CSF) Executive Order 13636 Improving Critical Infrastructure Cybersecurity tasked the National
More informationDIGITAL TRUST Making digital work by making digital secure
Making digital work by making digital secure MARKET DRIVERS AND CHALLENGES THE ROLE OF IT SECURITY IN THE DIGITAL AGE 2 In today s digital age we see the impact of poor security controls everywhere. Bots
More informationSecuring Digital Government. Addressing five common security challenges for local government
Securing Digital Government Addressing five common security challenges for local government Introduction and purpose A more connected world offers many advantages in terms of information sharing and communication.
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationRANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise
RANSOMWARE PROTECTION A Best Practices Approach to Securing Your Enterprise TABLE OF CONTENTS Introduction...3 What is Ransomware?...4 Employee Education...5 Vulnerability Patch Management...6 System Backups...7
More informationInformation Governance Incidents Cyber Security Incidents and Near Misses Reporting Procedure
Information Governance Incidents Cyber Security Incidents and Near Misses Reporting Procedure Procedure Number: IG05 Version: 2.3 Approved by: Information Governance Working Group Date approved January
More informationNEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?
NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? What the new data regulations mean for your business, and how Brennan IT and Microsoft 365 can help. THE REGULATIONS: WHAT YOU NEED TO KNOW Australia:
More informationAchieving regulatory compliance
Achieving regulatory compliance Introduction As greater emphasis is placed on complying with industry and government regulations, securing data as it passes through personal computer systems is crucial
More informationBIG DATA INDUSTRY PAPER
BIG DATA INDUSTRY PAPER Encryption Key Management INFORMATION-RICH BIG DATA IS UNDER INCREASING THREAT OF THEFT AND BUSINESS DISRUPTION. AS THE NETWORKS AND TECHNOLOGIES THAT ENABLE BIG DATA COLLECTION,
More informationINFORMATION SECURITY-SECURITY INCIDENT RESPONSE
Information Technology Services Administrative Regulation ITS-AR-1506 INFORMATION SECURITY-SECURITY INCIDENT RESPONSE 1.0 Purpose and Scope The purpose of the Security Response Administrative Regulation
More informationRegulating Cyber: the UK s plans for the NIS Directive
Regulating Cyber: the UK s plans for the NIS Directive September 2017 If you are a digital service provider or operate an essential service then new security and breach notification obligations may soon
More informationGuide to Cyber Security Compliance with GDPR
Guide to Cyber Security Compliance with GDPR Security V1.3 General Data Protection Regulation GDPR Overview What is GDPR? An EU regulation coming into force in May 2018 Which means it applies to all EU
More informationRansomware piercing the anti-virus bubble
CONNECT Ransomware piercing the anti-virus bubble Better prevention is needed to protect organizations from the growing threat landscape 2 The WannaCry ransomware attack that had such a widespread and
More informationUnit 3 Cyber security
2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 3 - revised September 2016 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning
More informationEFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave
EFFECTIVELY TARGETING ADVANCED THREATS Terry Sangha Sales Engineer at Trustwave THE CHALLENGE PROTECTING YOUR ENVIRONMENT IS NOT GETTING EASIER ENDPOINT POINT OF SALE MOBILE VULNERABILITY MANAGEMENT CYBER
More informationT-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE
www.thalesgroup.com/uk SECURE COMMUNICATIONS AND INFORMATION SYSTEMS T-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE An enterprise-level bespoke security service for the detection and response to cyber
More informationTECHLAW AUSTRALIA. Update on cyber security and data protection. Thursday, 22 June Thursday, 22 June
TECHLAW AUSTRALIA Update on cyber security and data protection Thursday, 22 June 2017 www.dlapiper.com Thursday, 22 June 2017 0 Overview Current threat environment why now? What is required/expected? Scenarios:
More informationInternet Security Threat Report Volume XIII. Patrick Martin Senior Product Manager Symantec Security Response October, 2008
Internet Security Threat Report Volume XIII Patrick Martin Senior Product Manager Symantec Security Response October, 2008 Agenda 1 ISTR XIII Important Facts 2 ISTR XIII Key Messages 3 ISTR XIII Key Facts
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project / Work Data Sharing Audits Status Final Acting Director Chris Roebuck Version 1.0 Owner Rob Shaw Version issue date 19-Jan-2015 HSCIC Audit of
More informationRansomware, Viruses, and Hackers in Health Care: Five Steps to Avoid Being the Next Victim. Michael Overly and Chanley Howell.
Ransomware, Viruses, and Hackers in Health Care: Five Steps to Avoid Being the Next Victim Michael Overly and Chanley Howell February 29, 2016 Attorney Advertising Prior results do not guarantee a similar
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationFDA & Medical Device Cybersecurity
FDA & Medical Device Cybersecurity Closing Keynote, February 19, 2017 Suzanne B. Schwartz, M.D., MBA Associate Director for Science & Strategic Partnerships Center for Devices and Radiological Health US
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationThe ehealth Annual Report aims to highlight the activities within the teams that make up the ehealth Department.
Board paper 18/41 THE STATE HOSPITALS BOARD FOR SCOTLAND Date of Meeting: 28 June 2018 Agenda Reference: Item No: 21 Sponsoring Director: Author(s): Title of Report: Purpose of Report: Finance and Performance
More informationTHE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE
THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE International Maritime Organization Regulations IMO has given shipowners and managers until 2021 to incorporate cyber risk management into
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationGMSS Information Governance & Cyber Security Incident Reporting Procedure. February 2017
GMSS Information Governance & Cyber Security Incident Reporting Procedure February 2017 Review Date; April 2018 1 Version Control: VERSION DATE DETAIL D1.0 20/04/2015 First Draft (SC) D 2.0 28/04/2015
More informationCyberEdge. End-to-End Cyber Risk Management Solutions
CyberEdge End-to-End Cyber Risk Management Solutions In a rapidly changing landscape, CyberEdge provides clients with an end-to-end risk management solution to stay ahead of the curve of cyber risk. CyberEdge
More informationHacking and Cyber Espionage
Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge
More informationHEALTH CARE AND CYBER SECURITY:
HEALTH CARE AND CYBER SECURITY: Increasing Threats Require Increased Capabilities kpmg.com 1 HEALTH CARE AND CYBER SECURITY EXECUTIVE SUMMARY Four-fifths of executives at healthcare providers and payers
More informationPULSE TAKING THE PHYSICIAN S
TAKING THE PHYSICIAN S PULSE TACKLING CYBER THREATS IN HEALTHCARE Accenture and the American Medical Association (AMA) surveyed U.S. physicians regarding their experiences and attitudes toward cybersecurity.
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationCorporate Information Security Policy
Overview Sets out the high-level controls that the BBC will put in place to protect BBC staff, audiences and information. Audience Anyone who has access to BBC Information Systems however they are employed
More informationSecuring the Internet of Things (IoT) at the U.S. Department of Veterans Affairs
Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs Dominic Cussatt Acting Deputy Assistant Secretary / Chief Information Security Officer (CISO) February 20, 2017 The Cyber
More informationAUTHORITY FOR ELECTRICITY REGULATION
SULTANATE OF OMAN AUTHORITY FOR ELECTRICITY REGULATION SCADA AND DCS CYBER SECURITY STANDARD FIRST EDITION AUGUST 2015 i Contents 1. Introduction... 1 2. Definitions... 1 3. Baseline Mandatory Requirements...
More informationNine Steps to Smart Security for Small Businesses
Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...
More informationBusiness White Paper. Healthcare IT In The Cloud: Predicting Threats, Protecting Patient Data
Business White Paper Healthcare IT In The Cloud: Predicting Threats, Protecting Patient Data Page 2 of 7 Healthcare IT In The Cloud: Predicting Threats, Protecting Patient Data Table of Contents Page 2
More informationGuide to patching. Published 14 May 2017
Published 14 May 2017 Copyright 2017 Health and Social Care Information Centre. The Health and Social Care Information Centre is a non-departmental body created by statute, also known as NHS Digital. How
More information