A better vision for information security
|
|
- Amie Hoover
- 5 years ago
- Views:
Transcription
1 A better vision for information security Kenneth Chodnicki COO Deep Run Security 8 Market Place, Suite 410 Baltimore, MD kchodnicki@deeprunsecurity.com MCMC: Cambridge, MD June 23,
2 Deep Run Security, located in Baltimore, MD, is the industry s thought leader in helping firms become secure by providing understanding and insight into all aspects of their cyber security profile: Process/People/Technology. MCMC: Cambridge, MD June 23,
3 CYBER SECURITY WHAT TO DO? The Status Quo! Trying to out run the Bear! 3
4 EXECUTIVE ROLE IN CYBER RISK BUSINESS STRATEGY = STRATEGIC RISK PLAN + BUSINESS PLAN Cyber Risk Planning has become an island: outside Business & Strategic Risk Planning 4
5 EXECUTIVES MANAGE RISK BUT CEO s viewed operational and compliance risk as the biggest concern to their company However, 2/3 CEO s did not equate Operational Risk with Cyber Risk Only 1/3 viewed Cyber Risk as a base threat KPMG 2016 Survey: Cybersecurity A failure of Imagination by CEO s 5
6 WHO WOULD HACK CONCRETE? Construction Breaches? You Bet: Whiting Turner 2016 Vendor breached for employees W-2 s Children & beneficiaries info taken Turner Construction 2016 Phished for employee data on all employees Central Concrete Supply, Calf. - Phished 6
7 SURELY YOU DO NOT MEAN ME? Hey, We have a plan, I have hired an I/T guy Only 14% of CISO s report to business line executive (CEO, CFO, COO) Only 40% of CEO s said the CIO is part of the inner strategy circle KPMG 2016 Survey: Cybersecurity A failure of Imagination by CEO s 7
8 WHY THIS DICHOTOMY? 1. Technical Speak vs Business Speak In most cases, cyber risk is given to a SME not a business leader Language tends to lean towards technical speak Whenever I speak with my CIO, they start to blast me with technical explanations and I struggle to translate it. CFO, Large Research Hospital 8
9 WHY THIS DICHOTOMY? 2. Data is not Normalized 9
10 WHY THIS DICHOTOMY? 3. Cyber Risk Strong Customer Experience & Revenue $1 spent on Strategic Risk you know how to measure the ROI $1 spent on Cyber Risk you are not sure how to measure your ROI Because in most cases the way we look at cyber risk is the best thing that ever happens to us is nothing happens. 10
11 EXECUTIVES- WHERE ARE YOU EXPOSED? CREATING A COMPLETE PICTURE Your BIGGEST threat by far is Operational & Process Risk Traditional security focuses cyber assessments on Technical Risk 10% of cyber breaches Operational & Compliance Risk (Human & Process Errors) Technology 90% of all breaches occur due to Human or Business Process Error* - Small Sub s - 3 rd Party Supplier - Prime with weak I/T system - CEO/COO/VP of Sales - Billing - Cust. Service Teams * 2015 Verizon DBIR 11
12 3 STEPS TO THE RIGHT APPROACH 1. Move Cyber Risk to the mainland STRATEGIC RISK (SR) = BUSINESS RISK (BR) + CYBER RISK (CR) 12
13 3 STEPS TO THE RIGHT APPROACH 2. Develop a Road Map a. Understand Business Goals and Objectives Analysis of Strengths and Weaknesses Remember: Audit Security b. Expand the Spectrum Vendors Third Party Evolving Markets c. Adapt your Business Leadership tools Track Measure Report 13
14 3 STEPS TO THE RIGHT APPROACH 3. Lead from the top a. Take ownership - Cyber Savvy Executive team (notice we did not say technically savvy) b. Integrate into corporate culture c. Do It Now! 14
15 TIPS TO PROTECT FROM PHISHING 1: Look at your for anomalies. Visually scan the , put it into context. Would this person/company approach you in the way the reads? Is the grammar and word usage in context? Look at the from address, do both sides of make sense? If it seems at all wrong, even without a direct reason, close out of the and report it to IT. 2 : Hover, don t click. As you hover over a link, the link address will appear at the bottom of your browser. Ask yourself if the address (between and the next / match the context of the and action? If the is from UPS/FedEx, and you hover over the track this shipment does it show Or 15
16 TIPS TO PROTECT FROM PHISHING 3: Never click on an attachment with a file type of:.zip,.com,.exe,.pif, and any type you are not familiar with. Attachments are bad.you need to assure yourself everything is, without a single doubt, correct before clicking on an attachment. To open a file with these types, you need 100% verification from the sender that they sent you an and attachment. As in, while on the phone with the sender, OK, send me the now, Got it, thanks kind of verification. 4 : Doing nothing is a good answer. Ask yourself if taking a chance is worth the very existence of your company. Report your suspicion to your IT staff. Tell them you will not touch the until they approve. Don t forward the to the sender asking if it is a valid your coworker is as apt to make the same mistake as you. Either send them a fresh , or give them a call. 16
17 A better vision for information security Deeprunsecurity.com 17
How To Build or Buy An Integrated Security Stack
SESSION ID: PDIL-W03 How To Build or Buy An Integrated Security Stack Jay Leek CISO Blackstone Haddon Bennett CISO Change Healthcare Defining the problem 1. Technology decisions not reducing threat 2.
More informationLeadership. 25 years leading in cyber. 165,000 trained since ,000+ students annually
1 Leadership SANS is the most trusted, and the largest source for information security training and security certification in the world. No one is more trusted in cyber 25 years leading in cyber 165,000
More informationCYBER RISK MANAGEMENT
CYBER RISK MANAGEMENT AND BEST PRACTICES Heather Fields, JD, CHC, CCEP (414) 298-8166 hfields@reinhartlaw.com 1000 North Water Street, Suite 1700, Milwaukee, WI 53202 www.reinhartlaw.com 0 Agenda Role
More informationA Data-Centric Approach to Endpoint Security
A Data-Centric Approach to Endpoint Security September 28, 2017 Eric Ogren Senior Analyst, Security 451 Research Bill Bradley Director of Product Marketing Digital Guardian About Eric Ogren Eric Ogren
More informationSecurity. Protect your business from security threats with Pearl Technology. The Connection That Matters Most
Security Protect your business from security threats with Pearl Technology The Connection That Matters Most Committed to Your Future When it comes to your business, security can mean many things. But to
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationCISO as Change Agent: Getting to Yes
SESSION ID: CXO-W02F CISO as Change Agent: Getting to Yes Frank Kim Chief Information Security Officer SANS Institute @fykim Outline Catch the Culture Shape the Strategy Build the Business Case 2 #1 Catch
More informationMust Have Items for Your Cybersecurity or IT Budget in 2018
Must Have Items for Your Cybersecurity or IT Budget in 2018 CBAO Regional Meeting Dan Desko (Senior Manager, IT Risk Advisory) Matt Dunn (Senior Security Analyst, IT Risk Advisory) Who is Schneider Downs?
More informationRIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015
www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad
More informationCLICK TO EDIT MASTER TITLE STYLE Fraud Overview and Mitigation Strategies
Fraud Overview and Mitigation Strategies SUNTRUST TEAM: DOUG HICKMAN SENIOR VICE PRESIDENT FOUNDATIONS AND ENDOWMENTS SPECIALTY PRACTICE JAMES BERNAL ASSISTANT VICE PRESIDENT FOUNDATIONS AND ENDOWMENTS
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More informationOperationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results
Operationalizing Cybersecurity in Healthcare - - 2017 IT Security & Risk Management Study Quantitative and Qualitative Research Program Results David S. Finn, CISA, CISM, CRISC Health IT Officer, Symantec
More informationEvaluating Cybersecurity Coverage A Maturity Model. Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium
Discussion on: Evaluating Cybersecurity Coverage A Maturity Model Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium By: Eric C. Lovell PricewaterhouseCoopers LLP ( PwC ) March 24,
More informationBuilding a Business Case for Cyber Threat Intelligence. 5Reasons Your. Organization Needs a Risk-Based 5Approach to Cybersecurity
Building a Business Case for Cyber Threat Intelligence 5Reasons Your Organization Needs a Risk-Based 5Approach to Cybersecurity 5 Reasons for a Risk-Based Approach to Cybersecurity The Bad Guys are Winning
More informationACTIONABLE SECURITY AWARENESS: CONVERT THE WEAKEST LINK INTO THE SAFETY FORCE
ACTIONABLE SECURITY AWARENESS: CONVERT THE WEAKEST LINK INTO THE SAFETY FORCE Cybersecurity Awareness by gamification: Kaspersky CyberSafety Training 2017 Kaspersky Lab. All rights reserved. 1 HUMAN MISTAKES
More informationTrain employees to avoid inadvertent cyber security breaches
Train employees to avoid inadvertent cyber security breaches TRAIN EMPLOYEES TO AVOID INADVERTENT CYBER SECURITY BREACHES PAGE 2 How much do you know about cyber security? Small business owners often lack
More informationThink Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe
Think Oslo 2018 Where Technology Meets Humanity Oslo Felicity March Cyber Resilience - Europe Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity
More informationIncident Response. Tony Drewitt Head of Consultancy IT Governance Ltd
Incident Response Tony Drewitt Head of Consultancy IT Governance Ltd www.itgovernance.co.uk IT Governance Ltd: GRC One-Stop-Shop Thought Leaders Specialist publisher Implementation toolkits ATO Consultants
More informationPreparing your C-Suite for a Cyber Crisis
Preparing your C-Suite for a Cyber Crisis Andrew Sheves Regester Larkin Orlando, September 12, 2016 3 Introduction Aim and objectives 4 Aim:» To help your business reduce its exposure to strategic cyber
More informationDefensible and Beyond
TELUS Defensible and Beyond Mike Vamvakaris Director and Head of Cyber Security Consulting November 2017 Digital transformation brings many benefits Communication and Collaboration Autonomous and Artificial
More informationThanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at
Thanks! Thanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at jim@stickleyonsecurity.com Don t forget to checkout Stickley on Security and learn about our
More informationBUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST FRAUD
BUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST EMAIL FRAUD Navindra Ramnauth CISSP Principal Sales Engineer 1 2017 Proofpoint, Inc. Proofpoint at a Glance LEADING CUSTOMERS DEEP SECURITY DNA UNIQUE VISIBILITY
More informationJAPAN CYBER-SAVVINESS REPORT 2016 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN JAPAN
JAPAN CYBER-SAVVINESS REPORT 2016 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN JAPAN 1. Why did ESET undertake this survey? 2. Survey methodology 3. Key highlights 4. User confidence in protecting
More informationFinding Cyber Gems And steering clear of potential cybersecurity or privacy landmines. Chris Veltsos, aka Dr.InfoSec
Finding Cyber Gems And steering clear of potential cybersecurity or privacy landmines Chris Veltsos, aka Dr.InfoSec Agenda Overview of key cybersecurity growth areas: cybersecurity technology, enabling
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationIDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO
IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO (US) @BEN_SMITH IDENTITY = THE MOST CONSEQUENTIAL ATTACK VECTOR Confirmed data breaches involving weak, default
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationTake Risks in Life, Not with Your Security
Take Risks in Life, Not with Your Security Redefining Cybersecurity Why We re Here agio.com Agenda The Problem(s): Threat Landscape Current Threat Landscape People are the Problem Protect Yourself Solutions
More informationA New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO
A New Cyber Defense Management Regulation Ophir Zilbiger, CRISC, CISSP SECOZ CEO Personal Background IT and Internet professional (since 1992) PwC (1999-2003) Global SME for Network Director Information
More informationCybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security
Cybersecurity What Companies are Doing & How to Evaluate Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security Learning Objectives At the end of this presentation, you will be able to: Explain the
More informationBusiness resilience in the face of cyber risk. By Roger Ostvold and Brian Walker
Business resilience in the face of cyber risk By Roger Ostvold and Brian Walker When it comes to experiencing failure of at least part of an enterprise s digital environment, it is a matter of when rather
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationState of Cloud Survey GERMANY FINDINGS
2011 State of Cloud Survey GERMANY FINDINGS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Cloud security is top goal and top concern.................................. 8 Finding 2: IT staff
More informationRestech. User Security AVOIDING LOSS GAINING CONFIDENCE IN THE FACE OF TODAY S THREATS
Restech User Security AVOIDING LOSS GAINING CONFIDENCE IN THE FACE OF TODAY S THREATS Your presenter: Vince Gremillion, CISSP 30+ years technical and customer service experience Founder/Co-Owner RESTECH
More informationBuilding a Threat Intelligence Program
WHITE PAPER Building a Threat Intelligence Program Research findings on best practices and impact www. Building a Threat Intelligence Program 2 Methodology FIELD DATES: March 30th - April 4th 2018 351
More informationCOMPANY BROCHURE. About Us. Kinnectiv, LLC. Consulting. Security. Innovation. +1(888)
About Us Serving customers nationwide and abroad, we are an experienced IT Services provider helping a variety of clients maximize the value of their IT initiatives, streamline project management, and
More informationStrategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare
Strategy is Key: How to Successfully Defend and Protect Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare 1 Speaker Introduction Karl West Chief Information Security Officer Intermountain
More informationTHE CYBERSECURITY LITERACY CONFIDENCE GAP
CONFIDENCE: SECURED WHITE PAPER THE CYBERSECURITY LITERACY CONFIDENCE GAP ADVANCED THREAT PROTECTION, SECURITY AND COMPLIANCE Despite the fact that most organizations are more aware of cybersecurity risks
More informationCybersecurity Perspectives 2018 THE DATA BREACH EFFECT
Cybersecurity Perspectives 2018 THE DATA BREACH EFFECT Table of Contents Introduction 3 Key Findings 4 Big Breaches Force Change 5 Breaches, Hackers and Data Privacy Are Top Concern 6 Cloud Investments
More informationScans everything Finds everything Blocks... Everything.
Invest in the company with Trident CMP, a service that... Scans everything Finds everything Blocks... Everything. Deployment case studies of Trident CMP, the breakthrough cyber security service. For information
More informationBREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE
BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE 31st Annual SoCal ISSA Security Symposium Wendy T. Wu Vice President Agenda + CISO: Then and Now + Who are the Stakeholders and What Do They Care About?
More informationBored with Your Board s Involvement with Privacy/Security Program?
Bored with Your Board s Involvement with Privacy/Security Program? Marti Arvin, Cynergistek Joseph A. Dickinson, Tucker Ellis March 28, 2017 1 Initial Exercise: CISO Board Update Board of Directors/Trustees
More informationCybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016
Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco
More information2017 Trends in Security Metrics and Security Assurance Measurement Report A Survey of IT Security Professionals
2017 Trends in Security Metrics and Security Assurance Measurement Report A Survey of IT Security Professionals Sponsored by Contents Introduction....3 Key Takeaways from the 2017 Report:....3 Security
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationPCI DSS Addressing Cyber-Security Threats. ETCAA June Gabriel Leperlier
Welcome! PCI DSS Addressing Cyber-Security Threats ETCAA June 2017 - Gabriel Leperlier Short Bio Current Position Head of Continental Europe Advisory Services at Verizon. Managing 30+ GRC/PCI/Pentest Consultants
More informationPULSE TAKING THE PHYSICIAN S
TAKING THE PHYSICIAN S PULSE TACKLING CYBER THREATS IN HEALTHCARE Accenture and the American Medical Association (AMA) surveyed U.S. physicians regarding their experiences and attitudes toward cybersecurity.
More informationSession ID: CISO-W22 Session Classification: General Interest
Session ID: CISO-W22 Session Classification: General Interest Pain Points What are your two biggest information security-related pain points?* Mobile Device Security Security Awareness Training User Behavior
More informationLeading our discussion today
Defending the Digital Retailer for NRFTech 2014 July 22, 2014 Leading our discussion today Security Leadership and Points of Contact Security and Infrastructure Services Leadership Kevin Richards NA Security
More informationEmployee Privacy in the Electronic Workplace
Employee Privacy in the Electronic Workplace Jane Shea and Michael Severini Today s Speakers Jane Hils Shea, Esq. Member & Chair of Data Privacy and Information Security Practice Group Frost Brown Todd
More informationEmerging Technologies The risks they pose to your organisations
Emerging Technologies The risks they pose to your organisations 10 June 2016 Digital trends are fundamentally changing the way that customers behave and companies operate Mobile Connecting people and things
More informationGDPR: The Day After. Pierre-Luc REFALO
GDPR: The Day After Pierre-Luc REFALO The speaker: Pierre-Luc REFALO Global Head of Strategic Cybersecurity Consulting 25+ years in Information & Cyber Security consultancy CISO for SFR & Vivendi Universal
More information41% Opens. 73% Clicks. 35% Submits Sent
Phishing Awareness Attackers engage with you through your email inbox, and unless you pay close attention, you can become a victim to their masquerade. What tactic are these attackers using? It is called
More informationSecurity Profiles of the CISO. Vanessa Pegueros DocuSign Enterprise Security & Risk
Security Profiles of the CISO Vanessa Pegueros DocuSign Enterprise Security & Risk 1 CISO Step Child C-level Ok put ego aside for a moment. Is it really an effective title? What other C-level has such
More informationCybersecurity, the Challenges Healthcare Faces AUGUST 17, 2018 BUILDING LEADERS TRANSFORMING HOSPITALS IMPROVING CARE HTS3 2018
Cybersecurity, the Challenges Healthcare Faces AUGUST 17, 2018 BUILDING LEADERS TRANSFORMING HOSPITALS IMPROVING CARE 45 YEARS OF DELIVERING RESULTS 2 2 2 HealthTechS3 is a 45 year old, award-winning healthcare
More informationData security: How a proactive C-suite can reduce cyber-risk for the enterprise
A report from The Economist Intelligence Unit Data security: How a proactive C-suite can reduce cyber-risk for the enterprise The number one technology issue in the C-suite today is cyber-security. 1 And
More informationHow to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model
How to Optimize Cyber Defenses through Risk-Based Governance Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model The Goal: Risk-Based Operationalization Incident Management IT/IS
More informationCISO Success Strategies: On Becoming a Security Business Leader
SESSION ID: CXO W03 CISO Success Strategies: On Becoming a Security Business Leader Frank Kim CISO SANS Institute @fykim Outline Build Your Business Case Rocket Your Relationships Master Your Message 2
More informationThree Key Challenges Facing ISPs and Their Enterprise Clients
Three Key Challenges Facing ISPs and Their Enterprise Clients GRC, enterprise services, and ever-evolving hybrid infrastructures are all dynamic and significant challenges to the ISP s enterprise clients.
More informationALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation
ALTITUDE DOESN T MAKE YOU SAFE Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation CYBER SECURITY IS THE GREATEST THREAT TO EVERY COMPANY IN THE WORLD. IBM CEO GINNI ROMETTY SD
More informationWeaving Security into Every Application
Weaving Security into Every Application Paul Fox AVP Technology AT&T 2018 TM Forum 1 Cyber Security Accelerating Threat Telecom Breaches 300,000 Number of complaints filed with the FBI Internet Crime Complaint
More informationCYBER SECURITY FOR BUSINESS COUNTING THE COSTS, FINDING THE VALUE
CYBER SECURITY FOR BUSINESS COUNTING THE COSTS, FINDING THE VALUE Business has always looked to squeeze the maximum possible benefit out of IT resources at the lowest possible cost but measuring return
More informationHow to Build a Culture of Security
How to Build a Culture of Security March 2016 Table of Contents You are the target... 3 Social Engineering & Phishing and Spear-Phishing... 4 Browsing the Internet & Social Networking... 5 Bringing Your
More informationCYBERARK GDPR ADVISORY. SECURE CREDENTIALS. SECURE ACCESS. A PRIVILEGED ACCOUNT SECURITY APPROACH TO GDPR READINESS
CYBERARK GDPR ADVISORY. SECURE CREDENTIALS. SECURE ACCESS. A PRIVILEGED ACCOUNT SECURITY APPROACH TO GDPR READINESS 2017 CYBERARK GDPR ADVISORIES: PRACTICAL STEPS TO GDPR READINESS There is no personal
More informationLarry Clinton President & CEO Internet Security Alliance
Larry Clinton President & CEO Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001 Sr. Management & Cyber Security Good News!!! Pricewaterhouse Coopers survey of 9,000 executives
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationPAIN AND PROGRESS THE RSA CYBERSECURITY AND BUSINESS RISK STUDY
WHITEPAPER PAIN AND PROGRESS THE RSA CYBERSECURITY AND BUSINESS RISK STUDY CONTENTS Executive Summary........................................ 3 The Cybersecurity and Business Risk Survey..........................
More informationPreparing for cyber-attacks: the intersection of cybersecurity and physical security
Preparing for cyber-attacks: the intersection of cybersecurity and physical security Published on 12 Dec 2018 Terry Gold of D6 Research has been giving cyber in physical security presentations at a variety
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationEngaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,
Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager, Deloitte & Touche LLP 1 Speaker Introduction Sanjeev
More information2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification
2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification Presenters Jared Hamilton CISSP CCSK, CCSFP, MCSE:S Healthcare Cybersecurity Leader, Crowe Horwath Erika Del Giudice CISA, CRISC,
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More informationSecuring the User: Winning Hearts & Minds to Drive Secure Behavior
Securing the User: Winning Hearts & Minds to Drive Secure Behavior Thomas Skill, CIO University of Dayto Spencer Mott, CIO-CISO Amg Dawn Sherizad, product manager of security, Macy Eleanor Dallaway, Editor
More informationHealthcare HIPAA and Cybersecurity Update
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Healthcare HIPAA and Cybersecurity Update Agenda > Introductions > Cybersecurity
More informationINTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.
2019 SIEM REPORT INTRODUCTION Security Information and Event Management (SIEM) is a powerful technology that allows security operations teams to collect, correlate and analyze log data from a variety of
More informationData Breach Preparedness & Response
Data Breach Preparedness & Response April 16, 2015 Daniel Nelson, C EH, CIPP/US Lucas Amodio, C EH 2015 Armstrong Teasdale 6 Stages of a Data Breach Response Preparation Identification Containment Eradication
More informationData Breach Preparedness & Response. April 16, 2015 Daniel Nelson, C EH, CIPP/US Lucas Amodio, C EH
Data Breach Preparedness & Response April 16, 2015 Daniel Nelson, C EH, CIPP/US Lucas Amodio, C EH 2015 Armstrong Teasdale 6 Stages of a Data Breach Response Preparation Identification Containment Eradication
More informationGaps in Resources, Risk and Visibility Weaken Cybersecurity Posture
February 2019 Challenging State of Vulnerability Management Today: Gaps in Resources, Risk and Visibility Weaken Cybersecurity Posture In the last two years, businesses and governments have seen data breaches
More informationMOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner
MOBILE SECURITY 2017 SPOTLIGHT REPORT Group Partner Information Security PRESENTED BY OVERVIEW Security and privacy risks are on the rise with the proliferation of mobile devices and their increasing use
More informationSECURITY AUTOMATION BEST PRACTICES. A Guide on Making Your Security Team Successful with Automation SECURITY AUTOMATION BEST PRACTICES - 1
SECURITY AUTOMATION BEST PRACTICES A Guide on Making Your Security Team Successful with Automation SECURITY AUTOMATION BEST PRACTICES - 1 Introduction The best security postures are those that are built
More information2016 KPMG AS, a Norwegian limited liability company and a member firm of the KPMG network of independent member firms affiliated with KPMG
1 1 Cyber Security A game changer? Cyber Risk in Internet of everything age April 7th, 2016 3 3 What is disruptive technology? 4 What if our «things» turn against us? Sources: sfglobe.com, wired.com, forbes.com
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationThe State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016 Identifying Cybersecurity Gaps to Rethink State of the Art Executive Summary Executive Summary While the advent of digital technology has fueled new business
More informationA Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface
A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface ORGANIZATION SNAPSHOT The level of visibility Tenable.io provides is phenomenal, something we just
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationPublic Power Forward Challenges & Opportunities
Public Power Forward Challenges & Opportunities SUE KELLY President & CEO American Public Power Association 2015 ElectriCities of NC Annual Conference August 7, 2015 APPA Members 1400+ public power utilities
More information5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief
5 Trends That Will Impact Your IT Planning in 2012 Layered Security Executive Brief a QuinStreet Excutive Brief. 2011 Layered Security Many of the IT trends that your organization will tackle in 2012 aren
More informationInternet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi
Internet of Things The Digital Oilfield: Security in SCADA and Process Control Mahyar Khosravi makhosra@cisco.com Critical infrastructures worldwide not ready to battle cyber attacks, claims new study.
More informationA General Review of Key Security Strategies
A General Review of Key Security Strategies Disclaimers All content and comments are my own and may not reflect the views of the: United States Government United States Department of Justice (DOJ) Federal
More informationSecurity Awareness Training Courses
Security Awareness Training Courses Trusted Advisor for All Your Information Security Needs ZERODAYLAB Security Awareness Training Courses 75% of large organisations were subject to a staff-related security
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationA CFO s Guide to Cyber Security in the Coming Year
CYBER SECURITY A CFO s Guide to Cyber Security in the Coming Year LEVERAGE TECHNOLOGY AND YOUR FINANCIAL INSTITUTION TO BUILD BETTER DEFENSES www.cfo.com www.huntington.com A CFO s Guide to Cyber Security
More informationSecurity Awareness & Best Practices Best Practices for Maintaining Data Security in Your Business Environment
Security Awareness & Best Practices Best Practices for Maintaining Data Security in Your Business Environment Ray Colado, Information Security Analyst Raise awareness around information security to help
More informationCybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m.
Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m. It is crucial that small financial firms take proper cybersecurity measures to protect their customers and their firm. During
More informationDeMystifying Data Breaches and Information Security Compliance
May 22-25, 2016 Los Angeles Convention Center Los Angeles, California DeMystifying Data Breaches and Information Security Compliance Presented by James Harrison OM32 5/25/2016 3:00 PM - 4:15 PM The handouts
More informationCYBER CAMPUS KPMG BUSINESS SCHOOL THE CYBER SCHOOL FOR THE REAL WORLD. The Business School for the Real World
CYBER CAMPUS THE CYBER SCHOOL FOR THE REAL WORLD. KPMG BUSINESS SCHOOL The Business School for the Real World In the real world, cyber security applies to all: large firms and small companies, tech experts,
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More information10 Hidden IT Risks That Might Threaten Your Business
(Plus 1 Fast Way to Find Them) Your business depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine
More informationMoving Workloads to the Public Cloud? Don t Forget About Security.
Whitepaper Moving Workloads to the Public Cloud? Don t Forget About Security. Key considerations for developing a cloud-ready cybersecurity strategy Introduction For many organizations today, it s not
More informationBridging the Insurance/InfoSec Gap: The SANS 2016 Cyber Insurance Survey
Bridging the Insurance/InfoSec Gap: The SANS 2016 Cyber Insurance Survey Barbara Filkins, CISSP, GSEC, GLSC Senior SANS Analyst 2016 The SANS InsBtute www.sans.org Why We Are Here.. Problem: 1. Cyber insurance
More information