Cybersecurity Survey Results
|
|
- Candace Houston
- 5 years ago
- Views:
Transcription
1 Cybersecurity Survey Results 4 November 2015 DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy or position of HIMSS.
2 Learning Objectives Identify the tools in use to secure the healthcare environment. Learn how organizations assess, prevent and detect cybersecurity events. Learn which threat motivators respondents were most concerned about. Determine which items are the biggest barriers to mitigate cyber security incidents.
3 History of HIMSS Security Research First survey conducted in 2008 in USA Three-quarters of respondents conducted risk analysis Spent less than three percent of IT budget on security User-based and role-based controls to secure patient information Conducted for the sixth time in 2014 in USA Greatest security threat motivator encountered in healthcare is healthcare workers snooping into records 92 percent conducted in risk analysis Half reported spending three percent or less of their overall IT budget on securing patient data
4 SUMMARY RESULTS CYBERSECURITY SURVEY 2015
5 Motives for Improving Information Security Posture Top motivators for improving information security environments included results of risk assessment and virus/malware and vulnerability analysis results
6 Information Security as Business Priority of respondents indicated information security had increased as a business priority
7 Enhanced Information Security Capabilities 73% Improved Continuity of IT 67% 63% 33% Network Security Data Loss Prevention Disaster Recovery 27% Improving the Protection of Endpoints
8 Access control lists Antivirus / malware Audit logs of every access to health patient records and Public Key Authentication / Web of Trust (e.g., PGP) Biometric Technologies (static - for example, fingerprint or Data Encryption (data at rest) Data encryption (data in transit) Data loss prevention application (DLP [data loss prevention]) Digital signature Firewalls Intrusion detection system (IDS [Intrusion Detection System]) Intrusion prevention system Messaging Security Gateway Mobile Device Management (MDM [Mobile Device Mobile application management (MAM [Mobile Application Multi-factor authentication (ie, two-factor authentication) Network monitoring tools (eg data flow analysis tools) Patch management and vulnerability Single Sign On User access controls Web security gateway Do not know Information Security Tools in Place 90,0% 80,0% 70,0% 60,0% 50,0% 40,0% 30,0% 20,0% 10,0% 0,0%
9 Ability to Protect Information Rate the options on a scale 1-7, where one is "not prepared" and seven is "fully prepared" Brute Force Attacks (4.75) Exploit Known Vulnerabilities (4.6) Phishing Attacks (4.5) Negligent Insider Attacks (4.4) Malicious Insider Activity (4.4) Zero Day Attack (4.3) Attacks Denial of Service (DoS) (4.2) Advanced Persistent Threat of Attacks (4.1)
10 Techniques Used to Detect and Investigate Incidents Monitoring activity logs Monitoring user access records Network monotring 61,9% 61,9% 71,4% Working with enforcement officials of local/state law Use of cyber threat intelligence Do not know None of the above 14,3% 4,8% 9,5% 9,5%
11 Preparedness to Detect Security Incidents Rate the options on a scale 1-7, where one is "not prepared" and seven is "fully prepared" Statement Average Brute Force Attack 4.25 Exploitation of Known Software Vulnerabilities 4.25 Malicious insider attacks 4.20 Negligent insider attacks 4.15 Zero Day Attacks 4.05 Phishing Attacks 4.00 Denial of Services (DoS)/Distributed Denial of Services (DDoS) 4.00 Advanced Persistent Threat (APT) Attacks 3.90
12 Consequences of Security Incidents 31% Loss of Data/Information 19% 6% 19% Limited Disruption to Operations Significant Impact on IT Systems Damage to IT Systems 6% Other Impact
13 Exploitation of known software vulnerabilities is a concern Respondents are highly concerned about exploitation of known software vulnerabilities in the future 65 % polled named it as their biggest concern.
14 Significant Threats of the Future Top Ten Exploitation of known software vulnerabilities Malicious internal agent Domain Name System poisoning attack (DNS) Attacks Denial of Service Advanced persistent threat of attacks Phishing attacks Bruce force attacks Lax internal agent Social engineering attacks / elicitation (except phishing attacks) SQL injection attack 40% 40% 40% 45% 45% 50% 50% 55% 55% 65%
15 Drivers of the Most Common Threats Employees stealing patient information Members of workforce spying on information 3rd Consultants/Suppliers spying on information Medical identity theft (external) Employees stealing business information of the Consultant/Supplier who steal organisation's Black market activities Financial identity theft (external) Industrial espionage 25% 25% 35% 50% 50% 45% 45% 40% 55%
16 Staff Allocation to Information Security Function Dedicated to information security only part-time Member of the full-time staff Information security handled by external Chief Information Officer Information Security Director (Chief Information Security) No team members (Internal or external) Others 23,30% 16,70% 10,00% 6,70% 6,70% 3,30% 33,30%
17 Barriers to Information Security Count Percent Lack of adequate cybersecurity staff 60% Lack of financial resources 55% Too many emerging threats 25% Lack of know-how to use and effective implementation 20% Lack technologies and tools for effective use 20% Too many endpoints 20% Too many users too much for provisioning and deprovisioning of accounts in a timely and effective 20%
18 Conclusions Survey respondents organizations are challenged with respect to resources: Staffing Processes Tools Software vulnerabilities and Insider threat are of great concern Level of uncertainty still surrounds ability to protect against current and future attacks (internal and external)
19 Questions Lisa A Gallagher, BSEE, CISM, CPHIMS, FHIMSS VP, Technology Solutions HIMSS North America lgallagher@himss.org
2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)
2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) Sponsored by Keeper Security Independently conducted by Ponemon Institute LLC Publication Date: June 2016 Ponemon Institute Research
More informationTodd Sander Vice President, Research e.republic Inc.
Todd Sander Vice President, Research e.republic Inc. Tsander@erepublic.com Report Background Respondent Type Breakdown Received responses from 74 state elected and appointed officials and 29 staff members
More information2018 HIMSS Cybersecurity Survey
2018 HIMSS Cybersecurity Survey 1 2018 HIMSS Cybersecurity Survey Contents 1. Executive Summary... 5 2. Methodology and Demographics... 5 Respondents positions in organization: generally executive or non-executive
More informationCYBERSECURITY IN THE POST ACUTE ARENA AGENDA
CYBERSECURITY IN THE POST ACUTE ARENA AGENDA 2 Introductions 3 Assessing Your Organization 4 Prioritizing Your Review 5 206 Benchmarks and Breaches 6 Compliance 0 & Cybersecurity 0 7 Common Threats & Vulnerabilities
More informationThe Cost of Denial-of-Services Attacks
The Cost of Denial-of-Services Attacks Sponsored by Akamai Technologies Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report The Cost of Denial-of-Service
More informationOperationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results
Operationalizing Cybersecurity in Healthcare - - 2017 IT Security & Risk Management Study Quantitative and Qualitative Research Program Results David S. Finn, CISA, CISM, CRISC Health IT Officer, Symantec
More informationDefending Our Digital Density.
New Jersey Cybersecurity & Communications Integration Cell Defending Our Digital Density. @NJCybersecurity www.cyber.nj.gov NJCCIC@cyber.nj.gov The New Jersey Cybersecurity & Communications Integration
More informationmhealth SECURITY: STATS AND SOLUTIONS
mhealth SECURITY: STATS AND SOLUTIONS www.eset.com WHAT IS mhealth? mhealth (also written as m-health) is an abbreviation for mobile health, a term used for the practice of medicine and public health supported
More informationThe State of Cybersecurity in Healthcare Organizations in 2016
THE STATE OF CYBERSECURITY IN HEALTHCARE ORGANIZATIONS IN 2016 The State of Cybersecurity in Healthcare Organizations in 2016 Independently conducted by Ponemon Institute LLC Sponsored by ESET Publication
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationMOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner
MOBILE SECURITY 2017 SPOTLIGHT REPORT Group Partner Information Security PRESENTED BY OVERVIEW Security and privacy risks are on the rise with the proliferation of mobile devices and their increasing use
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More information2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along
2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management Today s Speakers Olivia Munro Senior Marketing Specialist Eze Castle Integration Bob Shaw Director, Technical Architecture Eze Castle
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More information2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)
2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) Sponsored by Keeper Security Independently conducted by Ponemon Institute LLC Publication Date: September 2017 Ponemon Institute Research
More informationINTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.
2019 SIEM REPORT INTRODUCTION Security Information and Event Management (SIEM) is a powerful technology that allows security operations teams to collect, correlate and analyze log data from a variety of
More informationStrategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare
Strategy is Key: How to Successfully Defend and Protect Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare 1 Speaker Introduction Karl West Chief Information Security Officer Intermountain
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationInformation Governance, the Next Evolution of Privacy and Security
Information Governance, the Next Evolution of Privacy and Security Katherine Downing, MA, RHIA, CHPS, PMP Sr. Director AHIMA IG Advisors Follow me @HIPAAQueen 2017 2017 Objectives Part Part I IG Topic
More informationU.S. State of Cybercrime
EXCLUSIVE RESEARCH FROM EXECUTIVE SUMMARY 2017 U.S. State of Cybercrime IDG Communications, Inc. 2017 U.S. State of Cybercrime TODAY S CYBERCRIMES ARE BECOMING MORE TARGETED AND BUILT FOR MAXIMUM IMPACT,
More informationTRAINING WEEK COURSE OUTLINE May RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I.
TRAINING WEEK COURSE OUTLINE May 9-13 2016 RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I. Page2 FACILITATOR S BIOGRAPHY John Tannahill, CA, CISM, CGEIT, CRISC is a management consultant specializing
More informationInsider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey
Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey CyberMaryland Conference 2017 Bob Andersen, Sr. Manager Federal Sales Engineering robert.andersen@solarwinds.com
More informationEmerging Issues: Cybersecurity. Directors College 2015
Emerging Issues: Cybersecurity Directors College 2015 Agenda/Objectives Define Cybersecurity Cyber Fraud Trends/Incidents FFIEC Cybersecurity awareness initiatives Community Bank expectations FFIEC Cybersecurity
More informationIllinois Cyber Navigator Program
Illinois Cyber Navigator Program Illinois State Board of Elections PA 100-0587 (10 ILCS 5/1A-55) Sec. 1A-55. Cyber security efforts. The State Board of Elections shall provide by rule, after at least 2
More informationRFC2350 TLP1: WHITE. Έκδοση National CSIRT-CY RFC2350
Έκδοση 1.2-2018.02.14 TLP1: WHITE 1 TLP Sources may use TLP: WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release.
More informationDefense in Depth Security in the Enterprise
Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection
More informationMust Have Items for Your Cybersecurity or IT Budget in 2018
Must Have Items for Your Cybersecurity or IT Budget in 2018 CBAO Regional Meeting Dan Desko (Senior Manager, IT Risk Advisory) Matt Dunn (Senior Security Analyst, IT Risk Advisory) Who is Schneider Downs?
More information2015 HFMA What Healthcare Can Learn from the Banking Industry
2015 HFMA What Healthcare Can Learn from the Banking Industry Agenda Introduction- Background and Experience Healthcare vs. Banking The Results OCR Audit Results Healthcare vs. Banking The Theories Practical
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationCYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW
CYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW May 2018 Ed Plawecki General Counsel & Director of Government Relations UHY LLP Jamie See Manager UHY LLP Iowa Public
More informationChanging face of endpoint security
Changing face of endpoint security S A N T H O S H S R I N I V A S A N C I S S P, C I S M, C R I S C, C E H, C I S A, G S L C, C G E I T D I R E C T O R S H A R E D S E R V I C E S, H C L T E C H N O L
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationCyber fraud and its impact on the NHS: How organisations can manage the risk
Cyber fraud and its impact on the NHS: How organisations can manage the risk Chair: Ann Utley, Preparation Programme Manager, NHS Providers Arno Franken, Cyber Specialist, RSM Sheila Pancholi, Partner,
More informationThe GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
More informationReducing Cybersecurity Costs & Risk through Automation Technologies
Reducing Cybersecurity Costs & Risk through Automation Technologies Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: November 2017 Ponemon Institute Research
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationProtecting your next investment: The importance of cybersecurity due diligence
Protecting your next investment: The importance of cybersecurity due diligence Oct. 11, 2018 Baker Tilly Virchow Krause, LLP. All rights reserved. Baker Tilly refers to Baker Tilly Virchow Krause, LLP,
More informationⅠ Introduction 1. Ⅱ Information Security Infrastructure and Environment 2. Ⅲ Information Security Incident Prevention 8
Ⅰ Introduction 1 Ⅱ Information Security Infrastructure and Environment 2 1. Information Security Policy 2 A. Information (Personal Information) Security Policy 2 B. Information Security Policy 3 C. Personal
More informationSecurity
Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from
More informationUNLOCKED DOORS RESEARCH SHOWS PRINTERS ARE BEING LEFT VULNERABLE TO CYBER ATTACKS
WHITE PAPER UNLOCKED DOORS RESEARCH SHOWS PRINTERS ARE BEING LEFT VULNERABLE TO CYBER ATTACKS While IT teams focus on other endpoints, security for corporate printers lags behind Printers make easy targets:
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationRMS(one) Solutions PROGRESSIVE SECURITY FOR MISSION CRITICAL SOLUTIONS
RMS(one) Solutions PROGRESSIVE SECURITY FOR MISSION CRITICAL SOLUTIONS RMS REPORT PAGE 1 Confidentiality Notice Recipients of this documentation and materials contained herein are subject to the restrictions
More informationSecurity Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management
Seven Habits of Cyber Security for SMEs Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management Security Policy is an important
More informationWhat can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco
What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco Increasing Digital Traffic Creates a Greater Attack Surface Global IP Traffic
More informationSECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE
SESSION ID: SBX4W5 SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE Dara Such VP & Publisher, Security Networking and IoT TechTarget @darasuch What we ll cover today State of SecOps:
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationIT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I
Standards Sections Checklist Section Security Management Process 164.308(a)(1) Information Security Program Risk Analysis (R) Assigned Security Responsibility 164.308(a)(2) Information Security Program
More informationUnit 3 Cyber security
2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 3 - revised September 2016 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More information(U) Cyber Threats to the Homeland
UNCLASSIFIED (U) Cyber Threats to the Homeland October 2016 The overall classification of this briefing is: (U) Warning: This product may contain US person information that has been deemed necessary for
More informationR E P O R T. Cybersecurity in healthcare: The diagnosis. 1 Report Security in Healthcare: The diagnosis
R E P O R T Cybersecurity in healthcare: The diagnosis 1 Report Security in Healthcare: The diagnosis Foreword from Infoblox s Rob Bolton, Director of Western Europe The healthcare industry is facing major
More informationEXAM - CAS-002. CompTIA Advanced Security Practitioner (CASP) Exam. Buy Full Product.
CompTIA EXAM - CAS-002 CompTIA Advanced Security Practitioner (CASP) Exam Buy Full Product http://www.examskey.com/cas-002.html Examskey CompTIA CAS-002 exam demo product is here for you to test the quality
More informationStakeholders Analysis
Stakeholders Analysis Introduction National Stakeholders ISP citizens CNIIP Media National CIRT Academia ONG, Public And Private Institutions sectoral CSIRTs Law enforcement 2 2 CIRT ISP A specialized
More informationChapter 12. Information Security Management
Chapter 12 Information Security Management We Have to Design It for Privacy... and Security. Tension between Maggie and Ajit regarding terminology to use with Dr. Flores. Overly technical communication
More informationBusiness Continuity Management
University of Oslo INF3510 Information Security Autumn 2018 Workshop Questions and s Lecture 8: Risk Management and Business Continuity Management Question 1: Risk factors A possible definition of information
More informationThe Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies
The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies Daniel Yeung Technical Manager, Hong Kong & Taiwan AUG 2017 2017 Citrix Why Worry? Security needs to be top-of-mind
More informationMonthly Cyber Threat Briefing
Monthly Cyber Threat Briefing January 2016 1 Presenters David Link, PM Risk and Vulnerability Assessments, NCATS Ed Cabrera: VP Cybersecurity Strategy, Trend Micro Jason Trost: VP Threat Research, ThreatStream
More informationCHIME and AEHIS Cybersecurity Survey. October 2016
CHIME and AEHIS Cybersecurity Survey October 2016 Fielding and Reponses Responses: 190 Survey fielded: Approximately a month (8/29-9/30) Demographics In what state or U.S. territory do you currently work?
More informationDigital Health Cyber Security Centre
Digital Health Cyber Security Centre Current challenges Ransomware According to the ACSC Threat Report 2017, cybercrime is a prevalent threat for Australia. Distributed Denial of Service (DDoS) Targeting
More informationPass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores
Pass4suresVCE http://www.pass4suresvce.com Pass4sures exam vce dumps for guaranteed success with high scores Exam : CS0-001 Title : CompTIA Cybersecurity Analyst (CySA+) Exam Vendor : CompTIA Version :
More informationACM Retreat - Today s Topics:
ACM Retreat - Today s Topics: Phase II Cyber Risk Management Services - What s next? Policy Development External Vulnerability Assessment Phishing Assessment Security Awareness Notification Third Party
More informationHacking and Cyber Espionage
Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationUnderstanding the Changing Cybersecurity Problem
Understanding the Changing Cybersecurity Problem Keith Price BBus, MSc, CGEIT, CISM, CISSP Founder & Principal Consultant 1 About About me - Specialise in information security strategy, architecture, and
More informationEFFECTIVE DEFENCE In a connected world. Philippe COTELLE, Airbus Defence and Space 2016, Nov 4th
EFFECTIVE DEFENCE In a connected world Philippe COTELLE, Airbus Defence and Space 206, Nov 4th Telecommunications Satellites Cybersecurity Threats Telemetry & Command hijack or jamming Data communication
More informationIBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation
IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape 1 2012 IBM Corporation IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to:
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationMethods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment
S&L Logo Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment Date: October 24, 2017 Authors/Presenters: J. Matt Cole, PE
More informationDon t Be the Next Headline! PHI and Cyber Security in Outsourced Services.
Don t Be the Next Headline! PHI and Cyber Security in Outsourced Services. June 2017 Melanie Duerr Fazzi Associates Partner, Director of Coding Operations Jami Fisher Fazzi Associates Chief Information
More informationHealthcare HIPAA and Cybersecurity Update
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Healthcare HIPAA and Cybersecurity Update Agenda > Introductions > Cybersecurity
More informationPerimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN
T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN Perimeter Defenses Enterprises need to take their security strategy beyond stacking up layers of perimeter defenses to building up predictive
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationCybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security
Cybersecurity What Companies are Doing & How to Evaluate Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security Learning Objectives At the end of this presentation, you will be able to: Explain the
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More informationCyber Resilience. Think18. Felicity March IBM Corporation
Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack
More informationEU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS
EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS MEET THE EXPERTS DAVID O LEARY Director, Forsythe Security Solutions THOMAS ECK Director, Forsythe Security Solutions ALEX HANWAY Product
More informationCoreMax Consulting s Cyber Security Roadmap
CoreMax Consulting s Cyber Security Roadmap What is a Cyber Security Roadmap? The CoreMax consulting cyber security unit has created a simple process to access the unique needs of each client and allows
More informationDoug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017
Cyber Concerns of Local Government and What Does It Mean to Transportation Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017 Transportation and Infrastructure
More informationEducation Network Security
Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or
More informationA Practical Approach to Implement a Risk Based ISMS
A Practical Approach to Implement a Risk Based ISMS Pascal Reiniger Chief Information Security Officer Kanton Basel-Stadt Zürich Security Interest Group Switzerland 07.11.2017 Agenda 1. Introduction 2.
More informationENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE
ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationThe Cyber War on Small Business
The Cyber War on Small Business Dillon Behr Executive Lines Broker Risk Placement Services, Inc. Meet Our Speaker Dillon Behr Executive Lines Broker Risk Placement Services, Inc. Previously worked as Cyber
More informationRansomware A case study of the impact, recovery and remediation events
Ransomware A case study of the impact, recovery and remediation events Palindrome Technologies 100 Village Court Suite 102 Hazlet, NJ 07730 www.palindrometech.com Peter Thermos President & CTO Tel: (732)
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationPT Unified Application Security Enforcement. ptsecurity.com
PT Unified Application Security Enforcement ptsecurity.com Positive Technologies: Ongoing research for the best solutions Penetration Testing ICS/SCADA Security Assessment Over 700 employees globally Over
More informationThe Cyber Resilient Organisation in the United Kingdom: Learning to Thrive against Threats
The Cyber Resilient Organisation in the United Kingdom: Learning to Thrive against Threats Independently conducted by Ponemon Institute LLC Sponsored by Resilient Systems Publication Date: January 2016
More informationBrussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security
Cyber Resiliency Minimizing the impact of breaches on business continuity Jean-Michel Lamby Associate Partner - IBM Security Brussels Think Brussels / Cyber Resiliency / Oct 4, 2018 / 2018 IBM Corporation
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More information2018 Guide to Building Your Security Strategy. January 23, pm 2 pm ET
2018 Guide to Building Your Security Strategy January 23, 2018 1 pm 2 pm ET Agenda Welcome and Introductions Claudia Ellison, Program Director, ehealth Initiative Discussion & Comments Ryan Witt, Managing
More informationCyber Criminal Methods & Prevention Techniques. By
Cyber Criminal Methods & Prevention Techniques By Larry.Boettger@Berbee.com Meeting Agenda Trends Attacker Motives and Methods Areas of Concern Typical Assessment Findings ISO-17799 & NIST Typical Remediation
More informationJourney to HIMSS18: Privacy, Security and Cybersecurity
Journey to HIMSS18: Privacy, Security and Cybersecurity Thompson H. Boyd, III, M.D., FHIMSS, FACHE, FABQAURP, CPHIMS, CHCQM Medical Director of Informatics Hahnemann University Hospital Today s Speaker
More informationSecurity Policies and Procedures Principles and Practices
Security Policies and Procedures Principles and Practices by Sari Stern Greene Chapter 3: Information Security Framework Objectives Plan the protection of the confidentiality, integrity and availability
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationCompTIA Security Research Study Trends and Observations on Organizational Security. Carol Balkcom, Product Manager, Security+
CompTIA Security Research Study 2007 Trends and Observations on Organizational Security Carol Balkcom, Product Manager, Security+ Goals of this session To share some trends and observations related to
More informationThis Online Gaming Company Didn t Want to Roll the Dice on Security That s Why it Worked with BlackBerry
This Online Gaming Company Didn t Want to Roll the Dice on Security That s Why it Worked with BlackBerry At a Glance With offices across the country, this gaming company has been in operation for decades.
More information