Cyber Security: Threat and Prevention

Similar documents
Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Cyber Security and Cyber Fraud

European Union Agency for Network and Information Security

Package of initiatives on Cybersecurity

Critical Information Infrastructure Protection Law

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Cybersecurity Session IIA Conference 2018

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Understanding the Changing Cybersecurity Problem

Directive on security of network and information systems (NIS): State of Play

CYBER SOLUTIONS & THREAT INTELLIGENCE

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Governance Ideas Exchange

CYBER SECURITY AIR TRANSPORT IT SUMMIT

STANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

G7 Bar Associations and Councils

Information Security Controls Policy

ENISA EU Threat Landscape

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Cybersecurity in Higher Ed

Program 1. THE USE OF CYBER ACTIVE DEFENSE BY THE PRIVATE SECTOR

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

DHS Cybersecurity: Services for State and Local Officials. February 2017

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

The Australian Government s Approach to Critical Infrastructure Resilience

CONTEMPORARY CYBER ATTACK TRENDS AND CHALLENGES DR SHASHWAT RAIZADA

FDA & Medical Device Cybersecurity

Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Security Takes Center Stage

Commonwealth Cyber Declaration

THE CYBERSECURITY LITERACY CONFIDENCE GAP

13967/16 MK/mj 1 DG D 2B

INFORMATION SECURITY NO MORE THE CINDERELLA?

Cybersecurity and Hospitals: A Board Perspective

EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS

CYBER RESILIENCE & INCIDENT RESPONSE

Robert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group

Emerging Technologies The risks they pose to your organisations

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

What It Takes to be a CISO in 2017

Cyber Risks in the Boardroom Conference

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Cyber Security in Smart Commercial Buildings 2017 to 2021

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Cyber Threat Landscape April 2013

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

Unit 3 Cyber security

Department of Homeland Security Updates

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Express Monitoring 2019

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

THE CYBER SECURITY ENVIRONMENT IN LITHUANIA

External Supplier Control Obligations. Cyber Security

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Cybersecurity and Data Protection Developments

Leading Authority Doug Kaminski On 3 Key Ways To Protect Your IP. #FearlessLaw on High Performance Counsel

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

Bradford J. Willke. 19 September 2007

The First Annual Privacy & Data Protection SOUTH AFRICA 2016

Cyber Security Incident Response Fighting Fire with Fire

Cybersecurity Strategy of the Republic of Cyprus

Digital Health Cyber Security Centre

Run the business. Not the risks.

Combating Today s Cyber Threats Inside Look at McAfee s Security

The UK s National Cyber Security Strategy

A Cross-Sector Perspective on Product Cyber Security

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Transformation in Technology Barbara Duck Chief Information Officer. Investor Day 2018

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

Industrial control systems

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

How Your Organization Can Drive Success in the Age of Digital Disruption

Real estate predictions 2017 What changes lie ahead?

The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.

Section One of the Order: The Cybersecurity of Federal Networks.

TECHLAW AUSTRALIA. Update on cyber security and data protection. Thursday, 22 June Thursday, 22 June

HPH SCC CYBERSECURITY WORKING GROUP

2017 Annual Meeting of Members and Board of Directors Meeting

Building a Threat Intelligence Program

HOW SAFE IS YOUR DATA? Micho Schumann, KPMG, Cayman Islands

Transcription:

Expand Your Horizons Webinar Series Cyber Security: Threat and Prevention February 24, 2015 1:00 1:45pm The Webinar will begin shortly. You can ask a question in the box on the right hand side. We will answer them during our Q&A at the end of the webinar.

Panel Ewan Willars - Director of Policy, ACCA Canada Director General of Cyber Defence, Communications Security Establishment of Canada

Cyber Threats and the Government of Canada 3

CSE Mandate: National Defence Act PART B PART A Provide foreign intelligence in accordance with government priorities Provide advice, guidance and services to help ensure the protection of information and information systems of importance to the GC PART C Provide technical assistance to law enforcement and national security 4

What is the GC Protecting? GC Cyber Activity in 2014 by Sector Security, Intelligence & Defence Social & Cultural Development Transportation Banking & Finance Border Services & Immigration What are Threat Actors after? Trade Secrets New Technologies Negotiating Strategies Government Administration Canadian Personal Information Natural resources information Natural Resources, Energy & Environment Health Industry & Business Development Access to everything Legal International Affairs, Trade & Development 5

What are the Threats? State-sponsored threat actors Foreign intelligence services tasked to collect intelligence and/or disrupt Canadian services. Cybercriminals Criminals that use malware and other programs to either steal information or coerce others to pay them for illegitimate reasons (ransomware). Hacktivists Political and/or social activists that use computers or computer networks to channel their message or prove a point. Script kiddies Individuals or groups that target GC and other organizations for the fun of it, or compete to see who can cause the most damage. 6

What are the risks Reputational/Trust Business Continuity Financial Impact Information Loss/Damage 7

Preventing a Compromise - Patching No quick fix for cyber security. There are a number of mitigation measures you can undertake to significantly hinder threat actors. Patching: Operating system; Applications; Till you can patch no more! Current malicious activity that could be prevented with patching: 2010 & 2012 Common Vulnerabilities and Exposures (CVEs) Every compromise in 2013! Patching Challenges: Timeliness/Costs Various versions : operating systems & Internet browsers. 8

Anticipating a Compromise Cyber security does not stop with patching. Proactively prepare. Cyber threat actors will gain access. Harden your networks: design your network and system efficiently; know where certain applications are in use; apply network segmentation in security zones to protect sensitive information; consolidate Internet access points; and, other best practices. 9

A Team Sport Working together is key! IT vendors Canadian private sector Public Safety Shared Services Canada Canadian industry IT security teams across the Government of Canada 10

Where from Here? Understand your network and information is constantly targeted; Be aware of cyber threat actors and their methods; Top 10 Mitigation Measures IN CONCLUSION: Cyber threat activity is here to stay; Compromises and vulnerabilities will increasingly be publicized Don t make the headlines for the wrong reasons; and, Anticipating compromises is just as important as preventing them. 11

Cybersecurity: The challenge for finance Ewan Willars Tuesday 24 February

Cybersecurity: a frontline issue for finance All organizations need to: 1. understand the nature and likelihood of cyber-threats 2. identify, assess and mitigate existing and emerging risks 3. implement and maintain strong controls and policies to govern data privacy and security 4. educate users on emerging risks, such as those associated with mobile technology 5. plan for increasing complexity, and 6. make technological risk an executive-level concern. ACCA

Mean score Global drivers of change for the profession: short term (2013) 5.6 5.4 5.2 5 4.8 4.6 4.4 Fuel and Energy Prices Cybersecurity Challenges Corporate Governance Regulation 4.2 Public sector Corporates (large) Corporates (small/medium) ACCA

Percentage of accountants concerned with risks associated with cybercrime ACCA

The changing role of finance: increasing cyber-risks? Traditional control & stewardship responsibilities Supporting strategic direction and creating value Data management, security and assurance Emergence of big data and the data-driven organization Extracting insights and value from data ACCA

The future: data-driven finance function A data-driven finance department has the following objectives: provide data leadership across the organization improve decision making across finance and other functional areas manage the ever-increasing regulatory reporting requirements enhance control and risk management capabilities improving cost efficiency and lowering the cost-to-serve. ACCA

The current state of play Data challenges Reporting funnels Customer data Internal data Supply chain data Poor data integration ACCA

The data-driven organization New risks or greater resilience? Unified Data Ecosystem ERP General ledger Create a unified approach to data across the organization Develop data strategy and architecture in tandem Create a consistent view of data across departments Improve transparency between reported financial results, big data analytics and supporting transaction detail ACCA

What does this mean for public sector organisations? Organised attacks vs low level threats? Get the fundamentals right! Big data is increasing risks and presenting new challenges but the opportunities for public organisations are enormous Centralised solutions should offer efficiency and greater protection but the impact of risks become more severe Not just an IT and technology issue. It is a board-level issue and finance should be at the forefront Understand the implications of social tech, mobile and cloud Awareness of the issues needs to be turned into action and leadership ACCA

Future challenges The internet of things and the growing volume and complexity of data Regulation and public concerns blurring between public and private data More sophisticated attacks are innevitable Need for international collaboration ACCA

Find out more? ACCA

DIGITAL DARWINISM: Thriving in the face of technology change

100 DRIVERS OF CHANGE for the global accountancy profession

BIG DATA: Its power and perils

Enhancing competitive advantage through analytical insights Are you unlocking the value of your data?

Questions and Answers Be sure to tune in to our next webinar! A Conversation with the New Auditor General of Nova Scotia Presenter: Michael Pickup Auditor General of Nova Scotia Thursday, March 12 from 12:00 1:00pm EDT Register at www.fmi.ca/events/webinars 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback