Cyber security and awareness for non-financial services. 24/25 May 2017
|
|
- Shana Andrews
- 6 years ago
- Views:
Transcription
1 Cyber security and awareness for non-financial services 24/25 May 2017
2 Agenda Robert Kirkby (Jsy) / Linda Johnson (Gsy): Introduction Sion Lloyd-Jones: Cyber Security The need for a cunning plan Teijo Peltoniemi: Have a safe journey to cloud Arthur Mainja (Jsy) / Matej Jurkic (Gsy): KPMG Cyber CAT Robert Kirkby (Jsy) / Linda Johnson (Gsy): Q&A 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 2
3 Cyber Security Direction of travel and the need for a cunning plan Sion Lloyd-Jones (Manchester)
4 Data and Wisdom 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 4 Document Classification: KPMG Confidential
5 The Challenge
6 A time of Uncertainty This is no time for complacency The threat is increasing in scale and complexity. It is also increasing at such pace that we must run simply to stand still (Rt Hon Matthew Hancock MP Minister for the Cabinet Office and Paymaster General, 2016) All business sizes and sectors are risk! 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 6 Document Classification: KPMG Confidential
7 Current Trends 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 7 Document Classification: KPMG Confidential
8 Business Impact Financial loss Share price Reputational damage Loss of investor, organisational and customer confidence CEO exposure Regulatory scrutiny Competitive advantage Missed business opportunities Significant disruption Management focus diverted Expensive transformation programme 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 8 Document Classification: KPMG Confidential
9 How to respond?
10 The Basics UNDERSTAND YOUR ASSETS MANAGE THE RISK UNDERSTAND THE THREAT! 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 10 Document Classification: KPMG Confidential
11 Good Practice PEOPLE Confidentiality THREATS PROCESS Integrity Availability CYBER RISK CROWN JEWELS TECHNOLOGY 1. Acknowledge critical assets VULNERABILITIES 2. Understand the risk exposure 3. Design Controls 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 11 Document Classification: KPMG Confidential
12 Leadership Approach
13 The Benefits Compliance Reduced Risk Increased Security Organisational confidence Discovery and understanding (ID efficiencies) Differentiate to the customer Improve trust Audit posture Commercial advantage versus slow adopters Developed organisational culture (eg H&S) 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 13 Document Classification: KPMG Confidential
14 What is your posture? KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ),a a Swiss entity. All rights reserved. 14 Document Classification: KPMG Confidential
15 Key Questions Ask yourself: Have we assessed the Cyber Security threats to our business? How well are our controls operating to protect assets against those threats? What are our gaps? Where are we most exposed and vulnerable? 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 15 Document Classification: KPMG Confidential
16 Key Questions Ask management: What is our Cyber Security Strategy? Do we understand who is responsible for protecting the business and who around this table is ultimately accountable? Do we have sufficient skills and knowledge regarding Cyber Security to help us make informed decisions? 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 16 Document Classification: KPMG Confidential
17 Client Issues 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 17 Document Classification: KPMG Confidential
18 GDPR / Privacy
19 Key GDPR changes Breach Notification Data Protection Officer Increased Fines Individual s Rights Explicit Consent 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 19 Document Classification: KPMG Confidential
20 Thank You
21 Have a safe journey to cloud Teijo Peltoniemi KPMG Channel Islands Limited
22 Agenda Cloud: background Risks in cloud Leading practices 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 22
23 What is cloud? There is no cloud! It s just someone else s computer 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 23
24 Why cloud? Innovation Lights on 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 24
25 What is cloud? Level of control/responsibility for Company and CSP across different service models On Premise Hosted Service Public IaaS Public PaaS Public SaaS Data Data Data Data Data App App App App App VM VM VM VM VM Server Server Server Server Server Storage Storage Storage Storage Storage Network Network Network Network Network Company has control Company shares control Service provider has control 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 25
26 Example Warehouses Suppliers Private/dedicated Point of sale Enterprise Resource Planning Customer Data IDM Public cloud Web commerce Bricks & mortar Customers 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 26
27 A business challenge All in on cloud How do I integrate cloud platform with other tools and processes? Business CIO My data center is disappearing how to secure what s not in our data center? Where do I start? How do I achieve and demonstrate regulatory compliance on cloud platform? How do I build and operate securely on cloud platform, in a way that enables innovation and lower time to market? How do I audit the security controls on cloud platform? How do I operate and deliver securely on cloud platform and what should be my minimum security baseline for my workload? CISO/ Internal audit & legal GDPR..? 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 27
28 Leading practices to implementing a secure cloud API-based security Incident response Identity and access management Data-centric security Secured perimeter that spans the entire stack Integrated security monitoring and operations 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 28
29 Three takeaways 1 Cloud is used because of cost-efficiency and flexibility 2 It is a myth it s less secure 3 But you cannot outsource the responsibility for security 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 29
30 KPMG Cyber CAT Self-assessment of cyber risk exposure Arthur Mainja and Matej Jurkic KPMG Channel Islands Limited
31 Overview Mobile app for self-assessment of cyber security posture Based on leading industry practices and standards Work in an offline mode Assessment is questionnaire based Focuses on two key dimensions: Cyber risk exposure Cyber security preparedness Quantitative view of current cyber exposure Provides recommendations to strengthen cyber security posture 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 31
32 Assessment - Cyber Exposure Index (CEI) 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 32
33 Assessment - Cyber Preparedness Index (CPI) 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 33
34 Reporting - Executive dashboard 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 34
35 Accessing the app Google Play>Search KPMG Cyber CAT >Install App Store>Search KPMG Cyber CAT >Install 2017 KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. 35
36 Q&A
37 Thank you
38 kpmg.com The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation KPMG Channel Islands Limited, a Jersey company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International.
The GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationSecurity Hygiene. Be in a defensible position. Be cyber resilient. November 8 th, 2017
Security Hygiene Be in a defensible position. Be cyber resilient. November 8 th, 2017 Agenda Getting defensive How will we do it? Basic hygiene stuff Getting started Questions Introductions Over 20 years
More informationHow to avoid storms in the cloud. The Australian experience and global trends
How to avoid storms in the cloud The Australian experience and global trends Discussion Topics 1. Understanding Cloud and Benefits 2. KPMG research The Australian Experience and Global Trends 3. Considerations
More informationData Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016
Data Protection Practical Strategies for Getting it Right Jamie Ross Data Security Day June 8, 2016 Agenda 1) Data protection key drivers and the need for an integrated approach 2) Common challenges data
More informationCYBER CAMPUS KPMG BUSINESS SCHOOL THE CYBER SCHOOL FOR THE REAL WORLD. The Business School for the Real World
CYBER CAMPUS THE CYBER SCHOOL FOR THE REAL WORLD. KPMG BUSINESS SCHOOL The Business School for the Real World In the real world, cyber security applies to all: large firms and small companies, tech experts,
More informationCyber Security. It s not just about technology. May 2017
Cyber Security It s not just about technology May 2017 Introduction The Internet has opened a new frontier in warfare: everything is networked and anything networked can be hacked. - World Economic Forum
More informationClarity on Cyber Security. Media conference 29 May 2018
Clarity on Cyber Security Media conference 29 May 2018 Why this study? 2 Methodology Methodology of the study Online survey consisting of 33 questions 60 participants from C-Level (CISOs, CIOs, CTOs) 26
More informationIT Attestation in the Cloud Era
IT Attestation in the Cloud Era The need for increased assurance over outsourced operations/ controls April 2013 Symeon Kalamatianos M.Sc., CISA, CISM Senior Manager, IT Risk Consulting Contents Introduction
More informationPhysical security advisory services Securing your organisation s future
Physical security advisory services Securing your organisation s future August 2018 KPMG.com/in Physical security threats on the rise In a dynamic geo-political, economic and social environment, businesses
More informationCyber Security is it a boardroom issue?
Brisbane, 23 September 2014 Alistair Blake Director Cyber Security & Risk Services Today s session will cover Cyber Security and the Boardroom Executive sponsorship Organisational culture Operational readiness
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationLeveraging ediscovery Technology for Internal Audit 2016 Houston IIA 7th Annual Conference
Leveraging ediscovery Technology for Internal Audit 2016 Houston IIA 7th Annual Conference April 11, 2016 kpmg.com Agenda 1. Survey said 2. Leveraging ediscovery technology to audit risk a. IP threat assessment
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationRIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015
www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationA new approach to Cyber Security
A new approach to Cyber Security Feel Free kpmg.ch We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward.
More informationHOW SAFE IS YOUR DATA? Micho Schumann, KPMG, Cayman Islands
HOW SAFE IS YOUR DATA? Micho Schumann, KPMG, Cayman Islands HOW SAFE IS YOUR DATA? 16 November 2017 kpmg.ky Agenda Introduction Cyber Security presentation Q&A 3 Why this presentation? 4 The CIA Triad
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationBetter together. KPMG LLP s GRC Advisory Services for IBM OpenPages implementations. kpmg.com
Better together KPMG LLP s GRC Advisory Services for IBM OpenPages implementations kpmg.com KPMG A leader in GRC services KPMG LLP (KPMG) is the U.S. member firm of the KPMG global network of professional
More informationIT Audit Auditing IT General Controls
IT Audit Auditing IT General Controls Agenda Introduction IT Audit IT General Controls Overview Access to Programs and Data Program Change & Development Computer Operations Lessons Learned from Regulatory
More informationAhead of the next curve
Ahead of the next curve Clarity on Cyber Security 30 May 2017 #KPMG_Cyber Study results Work on what s now think about what s next Evolution of cyber risk in Switzerland No time to waste to discuss cyber
More informationEmerging Technologies The risks they pose to your organisations
Emerging Technologies The risks they pose to your organisations 10 June 2016 Digital trends are fundamentally changing the way that customers behave and companies operate Mobile Connecting people and things
More informationCloud Governance. ISACA Information Security & Risk Conference Halifax NS
Cloud Governance ISACA Information Security & Risk Conference Halifax NS November 2017 a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International.
More informationCYBER INSURANCE: MANAGING THE RISK
CYBER INSURANCE: MANAGING THE RISK LEON FOUCHE PARTNER & NATIONAL CYBERSECURITY LEAD BDO AUSTRALIA MEMBER OF THE GLOBAL CYBERSECURITY LEADERSHIP GROUP ii CYBER INSURANCE: MANAGING THE RISK There s no doubt
More informationJanuary 25, Digital Governments. From KPMG s Harvey Nash survey to a future of opportunities
January 25, 2018 Digital Governments From KPMG s Harvey Nash survey to a future of opportunities About the Survey 4,500 Responses 2 Decades $1-3trn IT budget 86 Countries 118 Government agencies 2 Digital
More informationCyber Crime Seminar 8 December 2015
Cyber Crime Seminar Cyber Security & Financial Services in a changing regulatory landscape John Salmon Partner, Pinsent Masons LLP @uktisa Cyber Security and Financial Services: A changing regulatory landscape
More informationTesters vs Writers: Pen tests Quality in Assurance Projects. 10 November Defcamp7
Testers vs Writers: Pen tests Quality in Assurance Projects 10 November 2016 @ Defcamp7 Contents INTRODUCTION CONTEXT WHAT ABOUT AUDITING STANDARDS WHAT ABOUT INDEPENDENCE PEN TEST BETWEEN REGULATORY AND
More informationHIPAA Privacy, Security and Breach Notification
HIPAA Privacy, Security and Breach Notification HCCA East Central Regional Annual Conference October 2013 Disclaimer The information contained in this document is provided by KPMG LLP for general guidance
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationTrough a cyber security lens
Trough a cyber security lens 2015 Global Audit Survey kpmg.ch/cyber What the 2015 survey tells us Short of a crisis, the issues on the audit committee s radar don t change dramatically from year to year
More informationCybersecurity Protecting your crown jewels
Cybersecurity Protecting your crown jewels Our cyber security services We view cybersecurity through a series of interconnected lenses. This rounded approach is designed to provide you with confidence:
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationTIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE
TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE Association of Corporate Counsel NYC Chapter 11/1 NYC BDO USA, LLP, a Delaware limited liability partnership,
More informationAuditing IT General Controls
Auditing IT General Controls Amanthi Pendegraft and Nadine Yassine September 27, 2017 Agenda Introduction and Objectives IT Audit Fundamentals IT General Controls Overview Access to Programs and Data Program
More informationCyber Risk for Maritime
Cyber Risk for Maritime Enabling a step-change in risk management for the maritime industry kpmg.no kongsberg.com/kdi 0 Cyber Risk for Maritime The international shipping industry is responsible for the
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More informationModern Database Architectures Demand Modern Data Security Measures
Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing
More informationSOC for cybersecurity
April 2018 SOC for cybersecurity a backgrounder Acknowledgments Special thanks to Francette Bueno, Senior Manager, Advisory Services, Ernst & Young LLP and Chris K. Halterman, Executive Director, Advisory
More informationData Management and Security in the GDPR Era
Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini
More information2016 KPMG AS, a Norwegian limited liability company and a member firm of the KPMG network of independent member firms affiliated with KPMG
1 1 Cyber Security A game changer? Cyber Risk in Internet of everything age April 7th, 2016 3 3 What is disruptive technology? 4 What if our «things» turn against us? Sources: sfglobe.com, wired.com, forbes.com
More informationCyber Risk Having better conversations on cyber
www.pwc.com/sg/risk-assurance Cyber Risk Having better conversations on cyber Contents Putting Cyber Security into perspective 3 Engaging C-Suite executives on cyber security 8 C-Suite key messages & discussion
More informationStrengthening your fraud and cyber-crime protection controls. March 2017
Strengthening your fraud and cyber-crime protection controls March 2017 Audience question: What is your role within your institution? a) Payment operations / cash management / treasury services b) Compliance
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationRisk Advisory Academy Training Brochure
Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty
More informationManaging SaaS risks for cloud customers
Managing SaaS risks for cloud customers Information Security Summit 2016 September 13, 2016 Ronald Tse Founder & CEO, Ribose For every IaaS/PaaS, there are 100s of SaaS PROBLEM SaaS spending is almost
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationBuilding the trust to succeed in digital business
www.pwc.ch/cybersecurity Building the trust to succeed in digital business Cybersecurity and Making your cyber journey a successful one Harnessing the advantages of digital technologies presents a whole
More informationEY s data privacy service offering
EY s data privacy service offering How to transform your data privacy capabilities for an EU General Data Protection Regulation (GDPR) world Introduction Data privacy encompasses the rights and obligations
More informationAddressing the elephant in the operating room: a look at medical device security programs
Addressing the elephant in the operating room: a look at medical device security programs Ernst & Young LLP Presenters Michael Davis Healthcare Leader Baltimore +1 410 783 3740 michael.davis@ey.com Esther
More informationGoverning cyber security risk: It s time to take it seriously Seven principles for Boards and Investors
www.pwc.co.uk Governing cyber security risk: It s time to take it seriously Seven principles for Boards and Investors Dr. Richard Horne Cyber Security Partner PwC January 2017 Board governance is often
More informationMITIGATE CYBER ATTACK RISK
SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations
More informationCyber Security Law --- How does it affect the business operations in China? Xun Yang Of Counsel, Commercial IP and Technology
Cyber Security Law --- How does it affect the business operations in China? Xun Yang Of Counsel, Commercial IP and Technology 8 December 2016 The Matrix (1999) 1 / L_LIVE_APAC1:5433168v1 World Internet
More informationPublic vs private cloud for regulated entities
Public vs private cloud for regulated entities DC2: Restricted use The cloud is for everyone but not for everything 2 Opportunity enabler DC2: Restricted use Flexibility SAAS Public Accessibility Agility
More informationGDPR - What does this mean for you? Accelerate GDPR compliance with the Microsoft Services. Konstantin Sviridov Andrey Ivanov.
You Trust IT Путь к безопасности бизнеса GDPR - What does this mean for you? Accelerate GDPR compliance with the Microsoft Services Konstantin Sviridov Andrey Ivanov 06 September 2017 This presentation
More informationSurvey - Governance, Risk and Compliance
Survey - Governance, Risk and Compliance 2018 emerging trends around GRC : SAP HANA, Continuous Control Monitoring & Data Analytics kpmg.fr KPMG SURVEY RESULTS PARTICIPANTS of CAC40 companies CFO Audit
More informationCybersecurity: Pre-Breach Preparedness and Post-Breach Duties
Cybersecurity: Pre-Breach Preparedness and Post-Breach Duties Thursday, October 5, 2017 Presented by: Gerrit Nel, Senior Manager, Cyber Security, KPMG Sunny Handa, Partner, Montreal Cathy Beagan Flood,
More informationAIRMIC ENTERPRISE RISK MANAGEMENT FORUM
AIRMIC ENTERPRISE RISK MANAGEMENT FORUM Date 10 November 2016 Name Nick Gibbons Position, PARTNER BLM T: 0207 457 3567 E: Nick.Gibbons@blmlaw.com SUMMARY Cyber crime is now a daily reality Every business
More informationMoving from Prevention to Detection March 2017
www.pwc.com Moving from Prevention to Detection Le Tran Hai Minh Manager Cyber Security 29 Agenda Slide Cyber Security Statistics 3 How to Stay Confidence 8 Contact 19 2 Cyber Security Statistics 3 Cyber
More informationChoosing the Right Security Assessment
A Red Team Whitepaper Choosing the Right Security Navigating the various types of Security s and selecting an IT security service provider can be a daunting task; however, it does not have to be. Understanding
More informationMoving Workloads to the Public Cloud? Don t Forget About Security.
Whitepaper Moving Workloads to the Public Cloud? Don t Forget About Security. Key considerations for developing a cloud-ready cybersecurity strategy Introduction For many organizations today, it s not
More informationConnecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.ca
Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom kpmg.ca Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom 1 Connecting the dots:
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More informationCOMMENTARY. Federal Banking Agencies Propose Enhanced Cyber Risk Management Standards
November 2016 COMMENTARY Federal Banking Agencies Propose Enhanced Cyber Risk Management Standards The Board of Governors of the Federal Reserve System ( Federal Reserve Board ), the Federal Deposit Insurance
More informationBrussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security
Cyber Resiliency Minimizing the impact of breaches on business continuity Jean-Michel Lamby Associate Partner - IBM Security Brussels Think Brussels / Cyber Resiliency / Oct 4, 2018 / 2018 IBM Corporation
More informationHow to Prepare a Response to Cyber Attack for a Multinational Company.
You Have Been Breached! How to Prepare a Response to Cyber Attack for a Multinational Company. Chayan Chakravarti, MBA, CISM, PMP Patrick Enyart, CISA, CISM, CRISC Presenters Chayan Chakravarti Manager,
More informationAn ICS Whitepaper Choosing the Right Security Assessment
Security Assessment Navigating the various types of Security Assessments and selecting an IT security service provider can be a daunting task; however, it does not have to be. Understanding the available
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationDisruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise
Disruptive Technologies Legal and Regulatory Aspects 16 May 2017 Investment Summit - Swiss Gobal Enterprise Legal and Regulatory Framework in Switzerland Legal and regulatory Framework: no laws or provisions
More informationGDPR: The Day After. Pierre-Luc REFALO
GDPR: The Day After Pierre-Luc REFALO The speaker: Pierre-Luc REFALO Global Head of Strategic Cybersecurity Consulting 25+ years in Information & Cyber Security consultancy CISO for SFR & Vivendi Universal
More informationCESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK
CESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK Building resilience: 10 Steps to Cyber Security 1. Information Risk Management Regime 2. Secure
More informationWhat Directors and C-Suite professionals need to know kpmg.ca/insuranceconference2017
Cyber Attacks What Directors and C-Suite professionals need to know kpmg.ca/insuranceconference2017 The threat landscape data breaches 2016 2015 2014 CarPhone Warehouse2.4M Michaels 3M Trip Advisor S 1.4M
More informationBig data privacy in Australia
Five-article series Big data privacy in Australia Three actions you can take towards compliance Article 5 Big data and privacy Three actions you can take towards compliance There are three actions that
More informationManaging Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow
Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant
More informationLTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security
LTI Security Intelligent & integrated Approach to Cyber & Digital Security Overview As businesses are expanding globally into new territories, propelled and steered by digital disruption and technological
More informationCLOUD COMPUTING. The Old Ways Are New Again. Jeff Rowland, Vice President, USAA IT/Security Audit Services. Public Information
CLOUD COMPUTING The Old Ways Are New Again Jeff Rowland, Vice President, USAA IT/Security Audit Services Public Information Who We Are Our Mission The mission of the association is to facilitate the financial
More informationFabrizio Patriarca. Come creare valore dalla GDPR
Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data
More informationWhat is ISO ISMS? Business Beam
1 Business Beam Contents 2 Your Information is your Asset! The need for Information Security? About ISO 27001 ISMS Benefits of ISO 27001 ISMS 3 Your information is your asset! Information is an Asset 4
More informationIT Security: Managing a New Reality
IT Security: Managing a New Reality Kevin Lonergan #IDCDirections IDC You re Only as Strong as Your Weakest Link Locks Only Work if you Know How to Use Them IDC 2 Millions Canadian Security Market Forecast:
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationCyber Threat Landscape April 2013
www.pwc.co.uk Cyber Threat Landscape April 2013 Cyber Threats: Influences of the global business ecosystem Economic Industry/ Competitors Technology-led innovation has enabled business models to evolve
More informationBharath Chari Cyber Risk Sr. Manager, Deloitte & Touche LLP
Prioritizing & enabling internal during ERP/Cloud SaaS and other enterprise system implementations NASC Conference March 21, 2018 Introduction Moderator Presenters Jim Kennedy Senior Deputy Director of
More informationCybersecurity Considerations for GDPR
Cybersecurity Considerations for GDPR What is the GDPR? The General Data Protection Regulation (GDPR) is a brand new legislation containing updated requirements for how personal data of European Union
More informationBREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE
BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE 31st Annual SoCal ISSA Security Symposium Wendy T. Wu Vice President Agenda + CISO: Then and Now + Who are the Stakeholders and What Do They Care About?
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments, diagnosis and audits of your organization, the protection mechanisms
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationINTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.
2019 SIEM REPORT INTRODUCTION Security Information and Event Management (SIEM) is a powerful technology that allows security operations teams to collect, correlate and analyze log data from a variety of
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationGDPR compliance: some basics & practical to do list
GDPR compliance: some basics & practical to do list Philippe LAURENT independent full service business law firm located in Brussels May 2017 Personal data processing = any operation or set of operations
More informationGDPR Update and ENISA guidelines
GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure
More informationMartijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain
Merritt Maxim Principal Analyst Forrester Martijn Loderus Director & Global Practice Partner for Advisory Consulting Janrain Merritt and Martijn will share insights on Digital Transformation & Drivers
More informationCompliance Audit Readiness. Bob Kral Tenable Network Security
Compliance Audit Readiness Bob Kral Tenable Network Security Agenda State of the Market Drifting Out of Compliance Continuous Compliance Top 5 Hardest To Sustain PCI DSS Requirements Procedural support
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationSecuring Your Most Sensitive Data
Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way
More informationData Sheet The PCI DSS
Data Sheet The PCI DSS Protect profits by managing payment card risk IT Governance is uniquely qualified to provide Payment Card Industry (PCI) services. Our leadership in cyber security and technical
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationCyber Diligence. EY Deals Forum Ian McCaw EY Transaction Advisory Services
Cyber Diligence EY Deals Forum 2018 Ian McCaw EY Transaction Advisory Services Finance & Commercial Diligence 2 B COMPANY: Power Life INDUSTRY: ENERGY REVENUE: 192m EBITDA: 875k (35% growth in 5 years)
More informationData Loss Prevention:
Data Loss Prevention: Considerations from an IT Audit Perspective ISACA November Luncheon 11 November 2010 Agenda What is data loss prevention (DLP)? Ernst & Young point of view on DLP Data loss risk assessment
More informationBuilding a Secure and Compliant Cloud Infrastructure. Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc.
Building a Secure and Compliant Cloud Infrastructure Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc. Why Are We Here? Expanded Enterprise Data access anywhere, anytime
More informationTechnology and cyber risk management Protect and enable the business with a holistic risk and governance framework
Technology and cyber risk Protect and enable the business with a holistic risk and governance framework September 2018 kpmg.com Meet the authors Charlie Jacco Principal, KPMG LLP Cyber Security Services
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More information