This topic will cover the most significant points of Cybersecurity trends and future perspective. We as retail or business should be more informed about this Global Issue. Linkage of Cybersecurity and Business Continuity will be discussed as well. Additionally, the topic incorporates how the Cybersecurity is perceived in the mind of people.
The main parts of the presentation are:
• Cyber resilience trends
• The Link between cyber risk and business continuity
• What ARE and what SHOULD companies doing about the threat
• Lessons learned / case studies from recent attacks
Presenter:
Mr. Bevan Lane is a PECB partner and trainer. He has more than 16 years of experience as a consultant in information security, firstly with PwC and then as an independent consultant. Mr. Lane has also an extensive experience in information security risk assessment training and has implemented solutions for major organization across the globe.
Link of the recorded session published on YouTube: https://youtu.be/WQ-HYqCrRDQ
2. Bevan Lane
Director at InfoSec Consulting
Mr. Bevan Lane has more than 16 years of experience as a consultant in information security, firstly with
PwC and then as an independent consultant. Mr. Lane has also an extensive experience in information
security risk assessment and training and has implemented solutions for major organization across the
globe.
Contact Information
+27829283620
bevanlane@icloud.com www.infosecconsulting.co.za
za.linkedin.com/in/bevan-lane-2266782
4. 1. Local and global cyber trends
2. Lessons learnt / case studies from recent attacks
3. The Link between cyber risk and business continuity
4. What ARE and what SHOULD companies doing about the
threat
Agenda
9. • It’s no longer sufficient to suppose that you can defend against any
potential attack; you must accept that an attack will inevitably
succeed.
• An organisation’s resilience to these attacks – identifying and
responding to security breaches – will become a critical survival trait
in the future.
Change Your mindset
13. • Manipulation and disruption of control systems
to such a degree that a blast furnace could not be
properly shut down, resulting in “massive”—
though unspecified—damage
Type of Attack: Cyberwar
13
German Steel Mill
Date Undisclosed
Steel Production
What Happened
BP, State Oil Fund of the
Republic of Azerbaijan
2008
Oil and Gas
What Happened
• The Azerbaijan to Turkey Pipeline was attacked
by a Suspected Cyberwar attack aiming to
damage pipeline.
Attack: ICS System Attack, Cyberwar
14. 2. Real Life Events
3. The Link Between Cyber Resilience and Business Continuity
Business Continuity Management - ISO22301
Cyber resilience is a key principle underpinning ISO 27001, and the wider issue of ICT’s role in
business continuity is covered by ISO 27031
Many Drivers are changing the game:
• Integration of IT into businesses
• Mobility
• Cloud Services
• Internet of Things (IOT)
• Legislation/Regulations
15. 4. What ARE Companies doing and what SHOULD they be
doing?
16. What are they doing?
Silo Approach Incident Response not
formalised
Information Assets not
identified
Cyber Risk not/partially
integrated into BCM
17. What SHOULD they be doing?
• Cyber resilience = cyber security + business resilience
• Cyber resilience is a broader approach, which encompasses cyber
security and business resilience, and aims not only to defend against
potential attacks but also to ensure your survival following a
successful attack.
• An effective approach to cyber resilience is twofold:
• Ensure your cyber security is as effective as possible without compromising
the usability of your systems.
• Ensure you have robust business continuity plans in place that cover your
information assets so that you can resume normal operations as soon as
possible if an attack is successful.