SlideShare ist ein Scribd-Unternehmen logo

Responding to Cybersecurity Threats: What SMEs and Professional Accountants Need to Know

International Federation of Accountants
International Federation of Accountants

An IFAC webinar presented on July 14, 2021.

Technologie
1 von 29
IFAC Webinar July 14th, 2021 7:00 to 9:00 am EDT Responding to Cybersecurity Threats: What SMEs and Professional Accountants Need to Know
Page 2 • Understanding key global trends/risks in cybersecurity before the pandemic • See how these trends/risks have been influenced by the pandemic • Understand why this is relevant for you especially if you’re not a large operation • Become further aware of the unique challenges often faced by SMPs/SMEs trying to address the trends/risks • Practical insights for SMPs/SMEs to respond to trends/risks and become more proactive Session Objectives
Page 3 • Julia Seppä, Manager, Risk Advisory Cyber Practice, Deloitte Finland; Council member, ICAEW; part-time chief of staff, Deloitte Global Identity Leader • Paul Taylor, FREng; Director, Morgan Stanley International; Chairman, Beyond Blue Limited; Associate Partner, KPMG in the UK • Steve Ursillo, Partner, Risk and Advisory Services at Cherry Bekaert; AICPA Assurance Services Executive Committee (ASEC) Member and Chair of the Data Privacy ASEC Working Group Panelists
Page 4 • Global humanitarian crisis • Multiple dimensions of loss – some beyond measure • Seismic change – every facet of how we think & operate • Isolation, fear, hopelessness, physical and mental exhaustion – so many individual experiences • While some countries continue to experience despair, some now see optimism and hope • While being vigilant regarding cybersecurity risk, must continue to remain compassionate and empathetic Context for the Discussion
Page 5 Julia Seppä, Manager, Risk Advisory Cyber Practice, Deloitte Finland; Council member, ICAEW; part-time chief of staff, Deloitte Global Identity Leader. • Data on global state of cybersecurity in small and medium-sized businesses and global cyber security predictions and trends before the pandemic. Pre-Pandemic Trends
Page 6 2019 Global State of Cybersecurity in SMEs – Summary 61% 54% 67% 58% 66% 63% 0% 10% 20% 30% 40% 50% 60% 70% 80% Cyberattack Data breach Our company experienced a cyberattack and data breach in the past 12 months – Yes responses FY2017 FY2018 FY2019 $1.2M Damage & theft of IT assets & infrastructure $1.9M Disruption to normal operations Source: 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses, Ponemon Institute, October 2019
Page 7 • Phishing and web-based attacks are the top two cyberattacks • The time to respond to a cyberattack has not improved or increased • Cyber threats against SMEs are becoming more targeted • Mobile devices and laptops are considered, by far, the most vulnerable endpoint to networks and enterprise systems 2019 Global State of Cybersecurity in SMEs – Key Findings 60% 59% 59% 62% 60% 59% 69% 61% 60% 54% 56% 58% 60% 62% 64% 66% 68% 70% Cyberattacks are becoming more targeted Cyberattacks experienced are becoming more severe in terms of negative consequences (such as financial impact) Cyberattacks are becoming more sophisticated Perceptions about cyberattacks against their companies – Strongly agree and Agree responses combined FY2019 FY2018 FY2017 Source: 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses, Ponemon Institute, October 2019
Page 8 • SMEs continue to struggle with insufficient personnel and money • More SMEs are engaging managed security services providers to support the IT security function • The majority of SMEs consider third-party risk a serious threat to sensitive and confidential information 2019 Global State of Cybersecurity in SMEs – Governance and Third-party 36% 12% 36% 12% 37% 13% 0% 5% 10% 15% 20% 25% 30% 35% 40% Percentage of IT personnel that support IT security operations Percentage of IT budget dedicated to IT security activities The percentage of IT budget and personnel support IT security operations FY2017 FY2018 FY2019 Source: 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses, Ponemon Institute, October 2019
Page 9 Pre-Pandemic Cyber Security Predictions and Trends 1. Geopolitics as a driver of cyber activity 2. Fear of the cloud 3. Cybersecurity skills gap widening 4. Ransomware shifting toward targeted threats 5. Abuse of personal information: from deepfakes to DNA leaks Sources: 2020 Predictions by Security Industry Companies – Trend Micro, FireEye, WatchGuard Technologies, Forcepoint, McAfee, Splunk, Kaspersky Labs, Sophos, Checkpoint, RSA Security, Beyond Trust, Experian, Gartner, Forrester, Forbes, Imperva, Bitdefender, Thycotic, Bitglass, CyberArk, Mobile Iron and others.
Page 10 Paul Taylor, FREng; Director, Morgan Stanley International; Chairman, Beyond Blue Limited; Partner, KPMG in the UK • COVID-19 and its legacy – cyber challenges and responses. Impact of the Pandemic
11 COVID-19 and its legacy Paul Taylor FREng
12 COVID-19 Cyber Threat Masquerade as health organisation (e.g. WHO or CDC) Trojanised Coronavirus maps and resources Fake sites selling Coronavirus key supplies Masquerade as government providing tax and benefits advice Setup fake Coronavirus information sites and apps Fake charitable collections for health workers Ransomware CEO/BEC Fraud Crypto currency frauds O365 credential theft Hospitals, pharma and vaccine labs targeted Remote working dramatically increases attack surface
13 Securing the new reality… COVID-19 has become a core theme for scams We have a security debt to deal with Our working model has changed… perhaps forever A dash to cloud services and collaboration tools Supply chains remain fragile in the months ahead Cost pressures will build even on cyber security Resilience has been tested in ways we didn’t expect Lessons learnt along the way… the hard way But an unexpected community has been built
14 Managing cyber risk
15 Fit for purpose IAM model which keeps pace with changing needs Supply chain risk and due diligence as complexity and inter-dependency increases Security is an after thought, services go live without being “secure by design” Lack of business ownership of issue and real understanding of risk appetite Predominantly flat networks and minimal segregation … and a stovepiped approach which treats cyber as special Perennial challenges of managing cyber risk
16 © 2020 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Investing in clearer view of the asset estate – moving to zero trust Embedding security into agile development lifecycles - Secure DevOps Taking a more holistic approach to countering the threat – links to fraud and customer security Investing in automated control assessment and monitoring – move to continuous compliance Incorporating key third party suppliers in scenario testing and building community Establishing Operation Resilience programmes What are the best doing?
17 Cybersecurity considerations for the future
18 8 key cyber considerations for a new reality Addressing the security deficit Over the next few months, businesses adjusting to the new reality have to start re-examining their technology environment and re-establishing control. Digital trust and consumer authentication New expectations around functionality and convenience is expected, with trust as a key component of loyalty. Whoever reigns supreme in terms of the digital customer experience is likely to enjoy the greatest market share. The evolving security team Continuing need to elevate the importance of cyber security at the board-level. The biggest challenge is for security professionals to translate their knowledge into an actionable appreciation for what it actually means to the business. Cyber considerations Aligning business with security Automate a big portion of cyber functionality by putting digitized cyber risk management processes in place to ladder up to the top-line operational and business strategies. The next wave of regulation Cyber-based regulation is moving toward a more holistic approach, focusing on business priorities and responsibilities, and board-driven corporate governance functions. The focus now is on management within the first line of defense. Automating the security function The shift to the automation of security functions has accelerated. There is a greater need for better organized and more efficiently accessible data that can be extracted and analyzed for various value-added purposes. Challenging assumptions around resilience Reimagine an approach to understanding, planning and executing resilience efforts, encompassing security teams, the business, and the broader operating ecosystem. Cloud transformation The CISO and security team must develop processes and tooling that are vital and align with, the business drivers and technology needed to support desired business outcomes from the outset.
19 Board challenges
20 Board challenges around cyber Governance and 3LoD Operational Resilience Crisis Management Experience Independent Advice Challenge & Oversight Cyber as a Business Risk Leadership Third Parties & Intra-Group Management Information 1 2 6 3 7 4 8 5 9 1 0
21 Questions for the Board Board level awareness of emerging cyber threats, direct involvement in determining the response and the ability to challenge information security teams is critical. — What are our key information assets? — Do we fully understand our vulnerabilities? — Have we got the right controls in place across the business? — Have we matched our controls to the business risk appetite? — Do any of our supply chain partners put us at risk? — Is the security culture right? — Are we able to anticipate and respond to the threat and deal with a major incident? — Who is leading on cyber security issues? — What are we really trying to protect and why? — Who are you defending against and what’s their business model? — Have you embedded security into your business and at what cost? — How do you know your approach is effective and good enough? — If it goes wrong can we deal with the consequences? — Will we be more or less secure in the future? Senior Management Board
22 Thank you for your time…
Page 23 Steve Ursillo, Partner, Risk and Advisory Services at Cherry Bekaert; AICPA Assurance Services Executive Committee (ASEC) Member and Chair of the Data Privacy ASEC Working Group. • Cybersecurity risk management has so many dynamic considerations, SMP/SME’s are always under the pressure of inherently evolving to provide the best value of service delivery. Further discussion on how to focus and manage a sustainable personal development program to continue to add value as a cyber SMP/SME. Relevance and Challenges for SMPs/SMEs
Page 24 1. Using passwords to protect your data (eg., how to cope with password overload, on default passwords) and MFA (multi-factor authentication). 2. Our working model has changed – perhaps forever. 3. Managing supply chain risk through third party risk management assurance initiatives. 4. Training and awareness actions (what needs to be included in cyber security training plan for your staff) 5. We have a security Debt to deal with. 6. The importance of an assumed breach culture. Practical Insights to Respond to Threats
Page 25 – Lisa Padmore (Moderator) – Julia Seppa – Paul Taylor – Steve Ursillo Moderated Audience Q&A
Page 26 • By the end of the week, IFAC will make available: – A recording of the event (IFAC’s website and IFAC’s YouTube channel) – Slide decks used by our speakers (IFAC’s website) – “Resources” slide at the end of this slide pack (IFAC’s website) • We will also post a summary of key takeaways on IFAC’s Knowledge Gateway. Resources for Attendees
Page 27 • IFAC – Guide to Practice Management for Small- and Medium-Sized Practices – Module 5 (from page 288) • IFAC Technology Matrix • IFAC Knowledge Gateway • IFAC – Cybersecurity Is Critical for all Organizations – Large and Small • Beyond Blue – What We Think • ICAEW – Practical Help for SMEs on Cybersecurity • Ponemon Institute – 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses • ICAEW – Cybersecurity Isn’t Just an IT Issue • Deloitte Finland – Is All Trust Gone? Resources for Attendees Continued on next page
Page 28 • UK National Cyber Security Centre – Small Business Guide: Cyber Security • UK National Cyber Security Centre – Password Administration for System Owners • David Sanger – The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age • Mary Aiken – The Cyber Effect: A Pioneering Cyberpsychologist Explains How Human Behavior Changes Online • Podcasts – Security Weekly – Down the Security Rabbithole – Security Now – Cyber Security Café • Webinars held by the Information Security Forum (ISF) • Thought leaders – Dan Lohrmann – Matt Devost Resources for Attendees (Con’t)
Page 29 www.ifac.org @InternationalFederationOfAccountants @IFAC @IFAC Copyright © 2020 by the International Federation of Accountants (IFAC). All rights reserved.

Empfohlen

Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty VisualizationDoug Cogswell
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnKloudLearn
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security RiskMurray Security Services
 

Empfohlen

Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty VisualizationDoug Cogswell
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnKloudLearn
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security RiskMurray Security Services
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
Why Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityWhy Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityHackerOne
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraKnowledge Group
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye, Inc.
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistMatthew Rosenquist
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Supply Chain Coalition
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityPECB
 
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?PECB
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Cyber security
Cyber securityCyber security
Cyber securityVaibhav Jain
 
IT & Network Security Awareness
IT & Network Security AwarenessIT & Network Security Awareness
IT & Network Security AwarenessThe Network Support Company
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016DWP Information Architects Inc.
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCBIZ, Inc.
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
16231
1623116231
16231James Grant
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
Why Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityWhy Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityHackerOne
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraKnowledge Group
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye, Inc.
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistMatthew Rosenquist
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityPECB
 
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?PECB
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCBIZ, Inc.
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 

Was ist angesagt? (20)

Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
Why Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityWhy Executives Underinvest In Cybersecurity
Why Executives Underinvest In Cybersecurity
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security Governance
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
 
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Cyber security
Cyber securityCyber security
Cyber security
 
IT & Network Security Awareness
IT & Network Security AwarenessIT & Network Security Awareness
IT & Network Security Awareness
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measures
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - Guidelines
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
 

Ähnlich wie Responding to Cybersecurity Threats: What SMEs and Professional Accountants Need to Know

SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessibleCharmaine Servado
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomIBM Security
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfMetaorange
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxMetaorange
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityRahul Tyagi
 
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen Hamilton
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Matthew Rosenquist
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital FutureCognizant
 
Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises? Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises? Pierre Audoin Consultants
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for InsuranceAccenture Insurance
 

Ähnlich wie Responding to Cybersecurity Threats: What SMEs and Professional Accountants Need to Know (20)

SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
16231
1623116231
16231
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdf
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptx
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe Security
 
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of Directors
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital Future
 
Cyber-attacks
Cyber-attacksCyber-attacks
Cyber-attacks
 
dcb1203CyberNDI
dcb1203CyberNDIdcb1203CyberNDI
dcb1203CyberNDI
 
Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises? Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises?
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance
 

Mehr von International Federation of Accountants

Otros pronunciamientos: Información financiera según la base contable de efec...
Otros pronunciamientos: Información financiera según la base contable de efec...Otros pronunciamientos: Información financiera según la base contable de efec...
Otros pronunciamientos: Información financiera según la base contable de efec...International Federation of Accountants
 
Presentación de los Estados Financieros Estados de situación financiera, rend...
Presentación de los Estados Financieros Estados de situación financiera, rend...Presentación de los Estados Financieros Estados de situación financiera, rend...
Presentación de los Estados Financieros Estados de situación financiera, rend...International Federation of Accountants
 

Mehr von International Federation of Accountants (20)

Closing Remarks International Women's Day 2024
Closing Remarks International Women's Day 2024Closing Remarks International Women's Day 2024
Closing Remarks International Women's Day 2024
 
IFAC Principios revisados de Gobierno Corporativo del G20 y de la OCDE
IFAC Principios revisados de Gobierno Corporativo del G20 y de la OCDEIFAC Principios revisados de Gobierno Corporativo del G20 y de la OCDE
IFAC Principios revisados de Gobierno Corporativo del G20 y de la OCDE
 
IFAC Presentación IGEP sobre OCDE-G20, Febrero 2024
IFAC Presentación IGEP sobre OCDE-G20, Febrero 2024IFAC Presentación IGEP sobre OCDE-G20, Febrero 2024
IFAC Presentación IGEP sobre OCDE-G20, Febrero 2024
 
Preparing for High Quality Sustainability assurance Engagements
Preparing for High Quality Sustainability assurance EngagementsPreparing for High Quality Sustainability assurance Engagements
Preparing for High Quality Sustainability assurance Engagements
 
Otros pronunciamientos: Información financiera según la base contable de efec...
Otros pronunciamientos: Información financiera según la base contable de efec...Otros pronunciamientos: Información financiera según la base contable de efec...
Otros pronunciamientos: Información financiera según la base contable de efec...
 
Otros pronunciamientos: Guías de Prácticas Recomendadas
Otros pronunciamientos: Guías de Prácticas RecomendadasOtros pronunciamientos: Guías de Prácticas Recomendadas
Otros pronunciamientos: Guías de Prácticas Recomendadas
 
Otros pronunciamientos: Marco conceptual
Otros pronunciamientos: Marco conceptualOtros pronunciamientos: Marco conceptual
Otros pronunciamientos: Marco conceptual
 
Adopción por primera vez de las NICSP de base de devengo
Adopción por primera vez de las NICSP de base de devengoAdopción por primera vez de las NICSP de base de devengo
Adopción por primera vez de las NICSP de base de devengo
 
Moneda Extranjera
Moneda ExtranjeraMoneda Extranjera
Moneda Extranjera
 
Presentación de la información presupuestaria
Presentación de la información presupuestariaPresentación de la información presupuestaria
Presentación de la información presupuestaria
 
Revelaciones de partes relacionadas
Revelaciones de partes relacionadasRevelaciones de partes relacionadas
Revelaciones de partes relacionadas
 
Estado de Flujos de Efectivo
Estado de Flujos de EfectivoEstado de Flujos de Efectivo
Estado de Flujos de Efectivo
 
Presentación de los Estados Financieros Estados de situación financiera, rend...
Presentación de los Estados Financieros Estados de situación financiera, rend...Presentación de los Estados Financieros Estados de situación financiera, rend...
Presentación de los Estados Financieros Estados de situación financiera, rend...
 
Combinaciones del sector público
Combinaciones del sector públicoCombinaciones del sector público
Combinaciones del sector público
 
Consolidación
ConsolidaciónConsolidación
Consolidación
 
Instrumentos financieros – Revelaciones
Instrumentos financieros – RevelacionesInstrumentos financieros – Revelaciones
Instrumentos financieros – Revelaciones
 
Instrumentos financieros – Cobertura y derivados
Instrumentos financieros – Cobertura y derivadosInstrumentos financieros – Cobertura y derivados
Instrumentos financieros – Cobertura y derivados
 
Instrumentos financieros – Conceptos básicos
Instrumentos financieros – Conceptos básicos Instrumentos financieros – Conceptos básicos
Instrumentos financieros – Conceptos básicos
 
Instrumentos financieros – Revelaciones
Instrumentos financieros – Revelaciones Instrumentos financieros – Revelaciones
Instrumentos financieros – Revelaciones
 
Instrumentos financieros – Coberturas y derivados
Instrumentos financieros – Coberturas y derivadosInstrumentos financieros – Coberturas y derivados
Instrumentos financieros – Coberturas y derivados
 

Kürzlich hochgeladen

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 

Kürzlich hochgeladen (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 

Responding to Cybersecurity Threats: What SMEs and Professional Accountants Need to Know

  • 1. IFAC Webinar July 14th, 2021 7:00 to 9:00 am EDT Responding to Cybersecurity Threats: What SMEs and Professional Accountants Need to Know
  • 2. Page 2 • Understanding key global trends/risks in cybersecurity before the pandemic • See how these trends/risks have been influenced by the pandemic • Understand why this is relevant for you especially if you’re not a large operation • Become further aware of the unique challenges often faced by SMPs/SMEs trying to address the trends/risks • Practical insights for SMPs/SMEs to respond to trends/risks and become more proactive Session Objectives
  • 3. Page 3 • Julia Seppä, Manager, Risk Advisory Cyber Practice, Deloitte Finland; Council member, ICAEW; part-time chief of staff, Deloitte Global Identity Leader • Paul Taylor, FREng; Director, Morgan Stanley International; Chairman, Beyond Blue Limited; Associate Partner, KPMG in the UK • Steve Ursillo, Partner, Risk and Advisory Services at Cherry Bekaert; AICPA Assurance Services Executive Committee (ASEC) Member and Chair of the Data Privacy ASEC Working Group Panelists
  • 4. Page 4 • Global humanitarian crisis • Multiple dimensions of loss – some beyond measure • Seismic change – every facet of how we think & operate • Isolation, fear, hopelessness, physical and mental exhaustion – so many individual experiences • While some countries continue to experience despair, some now see optimism and hope • While being vigilant regarding cybersecurity risk, must continue to remain compassionate and empathetic Context for the Discussion
  • 5. Page 5 Julia Seppä, Manager, Risk Advisory Cyber Practice, Deloitte Finland; Council member, ICAEW; part-time chief of staff, Deloitte Global Identity Leader. • Data on global state of cybersecurity in small and medium-sized businesses and global cyber security predictions and trends before the pandemic. Pre-Pandemic Trends
  • 6. Page 6 2019 Global State of Cybersecurity in SMEs – Summary 61% 54% 67% 58% 66% 63% 0% 10% 20% 30% 40% 50% 60% 70% 80% Cyberattack Data breach Our company experienced a cyberattack and data breach in the past 12 months – Yes responses FY2017 FY2018 FY2019 $1.2M Damage & theft of IT assets & infrastructure $1.9M Disruption to normal operations Source: 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses, Ponemon Institute, October 2019
  • 7. Page 7 • Phishing and web-based attacks are the top two cyberattacks • The time to respond to a cyberattack has not improved or increased • Cyber threats against SMEs are becoming more targeted • Mobile devices and laptops are considered, by far, the most vulnerable endpoint to networks and enterprise systems 2019 Global State of Cybersecurity in SMEs – Key Findings 60% 59% 59% 62% 60% 59% 69% 61% 60% 54% 56% 58% 60% 62% 64% 66% 68% 70% Cyberattacks are becoming more targeted Cyberattacks experienced are becoming more severe in terms of negative consequences (such as financial impact) Cyberattacks are becoming more sophisticated Perceptions about cyberattacks against their companies – Strongly agree and Agree responses combined FY2019 FY2018 FY2017 Source: 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses, Ponemon Institute, October 2019
  • 8. Page 8 • SMEs continue to struggle with insufficient personnel and money • More SMEs are engaging managed security services providers to support the IT security function • The majority of SMEs consider third-party risk a serious threat to sensitive and confidential information 2019 Global State of Cybersecurity in SMEs – Governance and Third-party 36% 12% 36% 12% 37% 13% 0% 5% 10% 15% 20% 25% 30% 35% 40% Percentage of IT personnel that support IT security operations Percentage of IT budget dedicated to IT security activities The percentage of IT budget and personnel support IT security operations FY2017 FY2018 FY2019 Source: 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses, Ponemon Institute, October 2019
  • 9. Page 9 Pre-Pandemic Cyber Security Predictions and Trends 1. Geopolitics as a driver of cyber activity 2. Fear of the cloud 3. Cybersecurity skills gap widening 4. Ransomware shifting toward targeted threats 5. Abuse of personal information: from deepfakes to DNA leaks Sources: 2020 Predictions by Security Industry Companies – Trend Micro, FireEye, WatchGuard Technologies, Forcepoint, McAfee, Splunk, Kaspersky Labs, Sophos, Checkpoint, RSA Security, Beyond Trust, Experian, Gartner, Forrester, Forbes, Imperva, Bitdefender, Thycotic, Bitglass, CyberArk, Mobile Iron and others.
  • 10. Page 10 Paul Taylor, FREng; Director, Morgan Stanley International; Chairman, Beyond Blue Limited; Partner, KPMG in the UK • COVID-19 and its legacy – cyber challenges and responses. Impact of the Pandemic
  • 11. 11 COVID-19 and its legacy Paul Taylor FREng
  • 12. 12 COVID-19 Cyber Threat Masquerade as health organisation (e.g. WHO or CDC) Trojanised Coronavirus maps and resources Fake sites selling Coronavirus key supplies Masquerade as government providing tax and benefits advice Setup fake Coronavirus information sites and apps Fake charitable collections for health workers Ransomware CEO/BEC Fraud Crypto currency frauds O365 credential theft Hospitals, pharma and vaccine labs targeted Remote working dramatically increases attack surface
  • 13. 13 Securing the new reality… COVID-19 has become a core theme for scams We have a security debt to deal with Our working model has changed… perhaps forever A dash to cloud services and collaboration tools Supply chains remain fragile in the months ahead Cost pressures will build even on cyber security Resilience has been tested in ways we didn’t expect Lessons learnt along the way… the hard way But an unexpected community has been built
  • 15. 15 Fit for purpose IAM model which keeps pace with changing needs Supply chain risk and due diligence as complexity and inter-dependency increases Security is an after thought, services go live without being “secure by design” Lack of business ownership of issue and real understanding of risk appetite Predominantly flat networks and minimal segregation … and a stovepiped approach which treats cyber as special Perennial challenges of managing cyber risk
  • 16. 16 © 2020 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Investing in clearer view of the asset estate – moving to zero trust Embedding security into agile development lifecycles - Secure DevOps Taking a more holistic approach to countering the threat – links to fraud and customer security Investing in automated control assessment and monitoring – move to continuous compliance Incorporating key third party suppliers in scenario testing and building community Establishing Operation Resilience programmes What are the best doing?
  • 18. 18 8 key cyber considerations for a new reality Addressing the security deficit Over the next few months, businesses adjusting to the new reality have to start re-examining their technology environment and re-establishing control. Digital trust and consumer authentication New expectations around functionality and convenience is expected, with trust as a key component of loyalty. Whoever reigns supreme in terms of the digital customer experience is likely to enjoy the greatest market share. The evolving security team Continuing need to elevate the importance of cyber security at the board-level. The biggest challenge is for security professionals to translate their knowledge into an actionable appreciation for what it actually means to the business. Cyber considerations Aligning business with security Automate a big portion of cyber functionality by putting digitized cyber risk management processes in place to ladder up to the top-line operational and business strategies. The next wave of regulation Cyber-based regulation is moving toward a more holistic approach, focusing on business priorities and responsibilities, and board-driven corporate governance functions. The focus now is on management within the first line of defense. Automating the security function The shift to the automation of security functions has accelerated. There is a greater need for better organized and more efficiently accessible data that can be extracted and analyzed for various value-added purposes. Challenging assumptions around resilience Reimagine an approach to understanding, planning and executing resilience efforts, encompassing security teams, the business, and the broader operating ecosystem. Cloud transformation The CISO and security team must develop processes and tooling that are vital and align with, the business drivers and technology needed to support desired business outcomes from the outset.
  • 20. 20 Board challenges around cyber Governance and 3LoD Operational Resilience Crisis Management Experience Independent Advice Challenge & Oversight Cyber as a Business Risk Leadership Third Parties & Intra-Group Management Information 1 2 6 3 7 4 8 5 9 1 0
  • 21. 21 Questions for the Board Board level awareness of emerging cyber threats, direct involvement in determining the response and the ability to challenge information security teams is critical. — What are our key information assets? — Do we fully understand our vulnerabilities? — Have we got the right controls in place across the business? — Have we matched our controls to the business risk appetite? — Do any of our supply chain partners put us at risk? — Is the security culture right? — Are we able to anticipate and respond to the threat and deal with a major incident? — Who is leading on cyber security issues? — What are we really trying to protect and why? — Who are you defending against and what’s their business model? — Have you embedded security into your business and at what cost? — How do you know your approach is effective and good enough? — If it goes wrong can we deal with the consequences? — Will we be more or less secure in the future? Senior Management Board
  • 22. 22 Thank you for your time…
  • 23. Page 23 Steve Ursillo, Partner, Risk and Advisory Services at Cherry Bekaert; AICPA Assurance Services Executive Committee (ASEC) Member and Chair of the Data Privacy ASEC Working Group. • Cybersecurity risk management has so many dynamic considerations, SMP/SME’s are always under the pressure of inherently evolving to provide the best value of service delivery. Further discussion on how to focus and manage a sustainable personal development program to continue to add value as a cyber SMP/SME. Relevance and Challenges for SMPs/SMEs
  • 24. Page 24 1. Using passwords to protect your data (eg., how to cope with password overload, on default passwords) and MFA (multi-factor authentication). 2. Our working model has changed – perhaps forever. 3. Managing supply chain risk through third party risk management assurance initiatives. 4. Training and awareness actions (what needs to be included in cyber security training plan for your staff) 5. We have a security Debt to deal with. 6. The importance of an assumed breach culture. Practical Insights to Respond to Threats
  • 25. Page 25 – Lisa Padmore (Moderator) – Julia Seppa – Paul Taylor – Steve Ursillo Moderated Audience Q&A
  • 26. Page 26 • By the end of the week, IFAC will make available: – A recording of the event (IFAC’s website and IFAC’s YouTube channel) – Slide decks used by our speakers (IFAC’s website) – “Resources” slide at the end of this slide pack (IFAC’s website) • We will also post a summary of key takeaways on IFAC’s Knowledge Gateway. Resources for Attendees
  • 27. Page 27 • IFAC – Guide to Practice Management for Small- and Medium-Sized Practices – Module 5 (from page 288) • IFAC Technology Matrix • IFAC Knowledge Gateway • IFAC – Cybersecurity Is Critical for all Organizations – Large and Small • Beyond Blue – What We Think • ICAEW – Practical Help for SMEs on Cybersecurity • Ponemon Institute – 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses • ICAEW – Cybersecurity Isn’t Just an IT Issue • Deloitte Finland – Is All Trust Gone? Resources for Attendees Continued on next page
  • 28. Page 28 • UK National Cyber Security Centre – Small Business Guide: Cyber Security • UK National Cyber Security Centre – Password Administration for System Owners • David Sanger – The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age • Mary Aiken – The Cyber Effect: A Pioneering Cyberpsychologist Explains How Human Behavior Changes Online • Podcasts – Security Weekly – Down the Security Rabbithole – Security Now – Cyber Security Café • Webinars held by the Information Security Forum (ISF) • Thought leaders – Dan Lohrmann – Matt Devost Resources for Attendees (Con’t)
  • 29. Page 29 www.ifac.org @InternationalFederationOfAccountants @IFAC @IFAC Copyright © 2020 by the International Federation of Accountants (IFAC). All rights reserved.