SlideShare ist ein Scribd-Unternehmen logo

CRI Extract from "Cyber Lessons from the Front lines"

OCTF Industry Engagement
OCTF Industry Engagement

September 25th 2014 - IDC Event Croke Park Dublin - Paul C Dwyer CEO Cyber Risk International delivering an extract from the "Cyber lessons from the front lines" seminar.

Technologie
1 von 25
Cyber Executive Briefing Presenter: Paul C Dwyer CEO – Cyber Risk International Date: September 25th 2014 IDC Security Event - Ireland
Paul C Dwyer Paul C Dwyer is an internationally recognised information security expert with over two decades experience and serves as President of ICTTF International Cyber Threat Task Force and Co Chairman of the UK NCA National Crime Agency Industry Group. A certified industry professional by the International Information Systems Security Certification Consortium (ISC2) and the Information System Audit & Control Association (ISACA) and selected for the IT Governance Expert Panel. Paul is a world leading Cyber Security GRC authority. He has been an advisor to Fortune 500 companies including law enforcement agencies, military (NATO) and recently advised DEFCOM UK at Westminster Parliament. He has worked and trained with organisations such as the US Secret Service, Scotland Yard, FBI, National Counter Terrorism Security Office (MI5), is approved by the National Crime Faculty and is a member of the High Tech Crime Network (HTCN). Paul C Dwyer CEO Cyber Risk International
THE CYBER WORLD AND THE PHYSICAL ARE INTEGRATED
Cyber fronts in the Ukraine! Is it War?
What Are Cyber Threats? Blurred Lines Cybercrime Cyber Warfare Cyber Espionage Cyber X Threats VS. Risks Adversary
What do they Want? 9
Who’s a Target? • Chinese 12th Five-Year Plan, Seven Priority Industries – New energy – Life sciences – Next generation IT – Energy conservation and environment protection – High-end equipment manufacturing – New materials – New-energy vehicle (NEVs) • Other targets – Legal disputes – M&A and negotiations – Government policy and defense – Defamation or human rights advocacy
Cyber Risks for You • Tangible Costs – Loss of funds – Damage to Systems – Regulatory Fines – Legal Damages – Financial Compensation • Intangible Costs – Loss of competitive advantage (Stolen IP) – Loss of customer and/or partner trust – Loss of integrity (compromised digital assets) – Damage to reputation and brand Quantitative vs. Qualitative
It’s a IT Cyber Security Problem, Right?
13 Legally It’s a Challenge for the Board! NO
Regulatory and Legal EU Data Privacy Directive EU Network Information Security Directive European Convention on Cybercrime 400+ Others – 10,000+ Controls – 175 Legal Jurisdictions Your Organisation
Responsibility – Convention Cybercrime All organisations need to be aware of the Convention’s provisions in article 12, paragraph 2: ‘ensure that a legal person can be held liable where the lack of supervision or control by a natural person…has made possible the commission of a criminal offence established in accordance with this Convention’. In other words, directors can be responsible for offences committed by their organisation simply because they failed to adequately exercise their duty of care.
Cyber is a Strategic Issue Strategic Level Operational Level Technical Level 16 Macro Security Micro Security How do cyber attacks affect, policies, industry, business decisions? What kind of policies, procedures and business models do we need? How can we solve our security problems with technology?
Board Room Discussion •Loss of market share and reputation •Legal Exposure CEO •Audit Failure •Fines and Criminal Charges •Financial Loss CFO/COO •Loss of data confidentiality, CIO integrity and/or availability CHRO •Violation of employee privacy •Loss of customer trust •Loss of brand reputation CMO Increasingly companies are appointing CRO’s and CISO’s with a direct line to the audit committee.
Corporate Governance Project Governance Risk Management Cyber Governance Risk Management Cyber Governance Cyber Risk Legal & Compliance Operational Technical
BUSINESS ICT REQUIREMENTS Business Legal Regulatory REQUIREMENT DRIVERS The Board DIRECT EVALUATE MONITOR CYBER RISK STRATEGY REACTIVE PROACTIVE
Resilience 21 Recognise: Interdependence Leadership Role Responsibility Integrating Cyber Risk Management
Further Cyber Tips • Awareness at C-Suite Level • Recognition you will be attacked • Understand what are the biggest threats • Understand which assets are at greatest risk • Well balanced cyber defence – no such things as 100% secure • Agree risk appetite – exposure - metrics • Good Intel • Mix processes prevention, detection and response
23
Adopt CISO Framework
Thank You – Stay Connected www.paulcdwyer.com youtube.com/paulcdwyer mail@paulcdwyer.com +353-(0)85 888 1364 @paulcdwyer WE IDENTIFY, MITIGATE AND MANAGE CYBER RISKS Cyber Risk International Clonmel House – Forster Way – Swords – Co Dublin – Ireland +353-(0)1- 897 0234 xxxxxx mail@cyberriskinternational.com www.cyberriskinternational.com

Empfohlen

Retail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewRetail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 Overview
OCTF Industry Engagement
 
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Quarles & Brady
 
Mbs r35 b
Mbs r35 bMbs r35 b
Mbs r35 b
SelectedPresentations
 
Managing and insuring cyber risk - coverage of insurance policies
Managing and insuring cyber risk - coverage of insurance policiesManaging and insuring cyber risk - coverage of insurance policies
Managing and insuring cyber risk - coverage of insurance policies
IISPEastMids
 
Baretzky & Associates Presentation.
Baretzky & Associates Presentation.Baretzky & Associates Presentation.
Baretzky & Associates Presentation.
Ricardo Bn. Baretzky
 
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyKristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Government Technology and Services Coalition
 
Do I really need cyber liability insurance?
Do I really need cyber liability insurance?Do I really need cyber liability insurance?
Do I really need cyber liability insurance?
Crafted
 
The Basics of Cyber Insurance
The Basics of Cyber InsuranceThe Basics of Cyber Insurance
The Basics of Cyber Insurance
HB Litigation Conferences
 

Empfohlen

Retail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewRetail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 Overview
OCTF Industry Engagement
 
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Quarles & Brady
 
Mbs r35 b
Mbs r35 bMbs r35 b
Mbs r35 b
SelectedPresentations
 
Managing and insuring cyber risk - coverage of insurance policies
Managing and insuring cyber risk - coverage of insurance policiesManaging and insuring cyber risk - coverage of insurance policies
Managing and insuring cyber risk - coverage of insurance policies
IISPEastMids
 
Baretzky & Associates Presentation.
Baretzky & Associates Presentation.Baretzky & Associates Presentation.
Baretzky & Associates Presentation.
Ricardo Bn. Baretzky
 
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyKristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Government Technology and Services Coalition
 
Do I really need cyber liability insurance?
Do I really need cyber liability insurance?Do I really need cyber liability insurance?
Do I really need cyber liability insurance?
Crafted
 
The Basics of Cyber Insurance
The Basics of Cyber InsuranceThe Basics of Cyber Insurance
The Basics of Cyber Insurance
HB Litigation Conferences
 
Cyber Liability Insurance And Protecting SMEs
Cyber Liability Insurance And Protecting SMEsCyber Liability Insurance And Protecting SMEs
Cyber Liability Insurance And Protecting SMEs
E Radar
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
Government Technology and Services Coalition
 
Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor Privacy
Raymond Cunningham
 
Is it a Risk to Be Compliant?
Is it a Risk to Be Compliant?Is it a Risk to Be Compliant?
Is it a Risk to Be Compliant?
PECB
 
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
Government Technology and Services Coalition
 
10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance 10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance
Hubbard Insurance Group
 
CBIZ Cyber Liability Flyer
CBIZ Cyber Liability FlyerCBIZ Cyber Liability Flyer
CBIZ Cyber Liability Flyer
CBIZ, Inc.
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber security
nsheel
 
Key Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsKey Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government Contractors
Government Technology and Services Coalition
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Government Technology and Services Coalition
 
Cybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
Cybersecurity Brief: Understanding Risk, Legal Framework, & InsuranceCybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
Cybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
SecureDocs
 
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
ICCA (International Congress and Convention Association)
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
Ethos Media S.A.
 
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
John Hamilton, DAHC,EHC,CFDAI, CPP, PSPO
 
New York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsNew York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity Regulations
Shawn Tuma
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
William Gamble
 
CTPAT and Cybersecurity.
CTPAT and Cybersecurity. CTPAT and Cybersecurity.
CTPAT and Cybersecurity.
Dan Petrosini
 
The developing world of cyber litigation and compliance
The developing world of cyber litigation and complianceThe developing world of cyber litigation and compliance
The developing world of cyber litigation and compliance
PECB
 
Cyber risk
Cyber riskCyber risk
Cyber risk
Tarek Younan
 
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
Gary Allen
 
CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
OCTF Industry Engagement
 
Cyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselCyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counsel
OCTF Industry Engagement
 

Weitere ähnliche Inhalte

Was ist angesagt?

Key Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsKey Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government Contractors
Government Technology and Services Coalition
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Government Technology and Services Coalition
 
New York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsNew York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity Regulations
Shawn Tuma
 
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
Gary Allen
 

Was ist angesagt? (20)

Cyber Liability Insurance And Protecting SMEs
Cyber Liability Insurance And Protecting SMEsCyber Liability Insurance And Protecting SMEs
Cyber Liability Insurance And Protecting SMEs
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor Privacy
 
Is it a Risk to Be Compliant?
Is it a Risk to Be Compliant?Is it a Risk to Be Compliant?
Is it a Risk to Be Compliant?
 
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
 
10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance 10 Reasons to buy Cyber Liability Insurance
10 Reasons to buy Cyber Liability Insurance
 
CBIZ Cyber Liability Flyer
CBIZ Cyber Liability FlyerCBIZ Cyber Liability Flyer
CBIZ Cyber Liability Flyer
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber security
 
Key Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsKey Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government Contractors
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
 
Cybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
Cybersecurity Brief: Understanding Risk, Legal Framework, & InsuranceCybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
Cybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
 
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
 
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
 
New York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsNew York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity Regulations
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
 
CTPAT and Cybersecurity.
CTPAT and Cybersecurity. CTPAT and Cybersecurity.
CTPAT and Cybersecurity.
 
The developing world of cyber litigation and compliance
The developing world of cyber litigation and complianceThe developing world of cyber litigation and compliance
The developing world of cyber litigation and compliance
 
Cyber risk
Cyber riskCyber risk
Cyber risk
 
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...
 

Ähnlich wie CRI Extract from "Cyber Lessons from the Front lines"

Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
IBM Security
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
FERMA
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014
 
Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...
XeniT Solutions nv
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Prevention
centralohioissa
 

Ähnlich wie CRI Extract from "Cyber Lessons from the Front lines" (20)

CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
 
Cyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselCyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counsel
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
 
CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
Showreel ICSA Technology Conference
Showreel ICSA Technology ConferenceShowreel ICSA Technology Conference
Showreel ICSA Technology Conference
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
 
Sem 001 sem-001
Sem 001 sem-001Sem 001 sem-001
Sem 001 sem-001
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best PracticesSEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices
 
Dr K Subramanian
Dr K SubramanianDr K Subramanian
Dr K Subramanian
 
A Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachA Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data Breach
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
 
Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Prevention
 

Mehr von OCTF Industry Engagement

Mehr von OCTF Industry Engagement (6)

Cyber999 Brochure
Cyber999 BrochureCyber999 Brochure
Cyber999 Brochure
 
Judgement Day - Slovakia
Judgement Day - SlovakiaJudgement Day - Slovakia
Judgement Day - Slovakia
 
Cyberpol ISIS Threats Presentation - Redacted
Cyberpol ISIS Threats Presentation - RedactedCyberpol ISIS Threats Presentation - Redacted
Cyberpol ISIS Threats Presentation - Redacted
 
Cyber-Risk-Management-Assessment (1)
Cyber-Risk-Management-Assessment (1)Cyber-Risk-Management-Assessment (1)
Cyber-Risk-Management-Assessment (1)
 
CRI-Corporate-Profile (1)
CRI-Corporate-Profile (1)CRI-Corporate-Profile (1)
CRI-Corporate-Profile (1)
 
KidSafe - Parental Training Presentation
KidSafe - Parental Training PresentationKidSafe - Parental Training Presentation
KidSafe - Parental Training Presentation
 

Kürzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Kürzlich hochgeladen (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

CRI Extract from "Cyber Lessons from the Front lines"

  • 1. Cyber Executive Briefing Presenter: Paul C Dwyer CEO – Cyber Risk International Date: September 25th 2014 IDC Security Event - Ireland
  • 2. Paul C Dwyer Paul C Dwyer is an internationally recognised information security expert with over two decades experience and serves as President of ICTTF International Cyber Threat Task Force and Co Chairman of the UK NCA National Crime Agency Industry Group. A certified industry professional by the International Information Systems Security Certification Consortium (ISC2) and the Information System Audit & Control Association (ISACA) and selected for the IT Governance Expert Panel. Paul is a world leading Cyber Security GRC authority. He has been an advisor to Fortune 500 companies including law enforcement agencies, military (NATO) and recently advised DEFCOM UK at Westminster Parliament. He has worked and trained with organisations such as the US Secret Service, Scotland Yard, FBI, National Counter Terrorism Security Office (MI5), is approved by the National Crime Faculty and is a member of the High Tech Crime Network (HTCN). Paul C Dwyer CEO Cyber Risk International
  • 3. THE CYBER WORLD AND THE PHYSICAL ARE INTEGRATED
  • 4.
  • 5. Cyber fronts in the Ukraine! Is it War?
  • 6.
  • 7. What Are Cyber Threats? Blurred Lines Cybercrime Cyber Warfare Cyber Espionage Cyber X Threats VS. Risks Adversary
  • 8.
  • 9. What do they Want? 9
  • 10. Who’s a Target? • Chinese 12th Five-Year Plan, Seven Priority Industries – New energy – Life sciences – Next generation IT – Energy conservation and environment protection – High-end equipment manufacturing – New materials – New-energy vehicle (NEVs) • Other targets – Legal disputes – M&A and negotiations – Government policy and defense – Defamation or human rights advocacy
  • 11. Cyber Risks for You • Tangible Costs – Loss of funds – Damage to Systems – Regulatory Fines – Legal Damages – Financial Compensation • Intangible Costs – Loss of competitive advantage (Stolen IP) – Loss of customer and/or partner trust – Loss of integrity (compromised digital assets) – Damage to reputation and brand Quantitative vs. Qualitative
  • 12. It’s a IT Cyber Security Problem, Right?
  • 13. 13 Legally It’s a Challenge for the Board! NO
  • 14. Regulatory and Legal EU Data Privacy Directive EU Network Information Security Directive European Convention on Cybercrime 400+ Others – 10,000+ Controls – 175 Legal Jurisdictions Your Organisation
  • 15. Responsibility – Convention Cybercrime All organisations need to be aware of the Convention’s provisions in article 12, paragraph 2: ‘ensure that a legal person can be held liable where the lack of supervision or control by a natural person…has made possible the commission of a criminal offence established in accordance with this Convention’. In other words, directors can be responsible for offences committed by their organisation simply because they failed to adequately exercise their duty of care.
  • 16. Cyber is a Strategic Issue Strategic Level Operational Level Technical Level 16 Macro Security Micro Security How do cyber attacks affect, policies, industry, business decisions? What kind of policies, procedures and business models do we need? How can we solve our security problems with technology?
  • 17. Board Room Discussion •Loss of market share and reputation •Legal Exposure CEO •Audit Failure •Fines and Criminal Charges •Financial Loss CFO/COO •Loss of data confidentiality, CIO integrity and/or availability CHRO •Violation of employee privacy •Loss of customer trust •Loss of brand reputation CMO Increasingly companies are appointing CRO’s and CISO’s with a direct line to the audit committee.
  • 18. Corporate Governance Project Governance Risk Management Cyber Governance Risk Management Cyber Governance Cyber Risk Legal & Compliance Operational Technical
  • 19. BUSINESS ICT REQUIREMENTS Business Legal Regulatory REQUIREMENT DRIVERS The Board DIRECT EVALUATE MONITOR CYBER RISK STRATEGY REACTIVE PROACTIVE
  • 20.
  • 21. Resilience 21 Recognise: Interdependence Leadership Role Responsibility Integrating Cyber Risk Management
  • 22. Further Cyber Tips • Awareness at C-Suite Level • Recognition you will be attacked • Understand what are the biggest threats • Understand which assets are at greatest risk • Well balanced cyber defence – no such things as 100% secure • Agree risk appetite – exposure - metrics • Good Intel • Mix processes prevention, detection and response
  • 23. 23
  • 25. Thank You – Stay Connected www.paulcdwyer.com youtube.com/paulcdwyer mail@paulcdwyer.com +353-(0)85 888 1364 @paulcdwyer WE IDENTIFY, MITIGATE AND MANAGE CYBER RISKS Cyber Risk International Clonmel House – Forster Way – Swords – Co Dublin – Ireland +353-(0)1- 897 0234 xxxxxx mail@cyberriskinternational.com www.cyberriskinternational.com