SlideShare una empresa de Scribd logo

The Board and Cyber Security

Descargar como PPTX, PDF
FireEye, Inc.
FireEye, Inc.

WHAT EVERY BOARD OF DIRECTORS SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK View the webinar: https://www2.fireeye.com/The_Board_and_CyberSecurity_webinar_EMEA.html?utm_source=SS Download the full report: https://www2.fireeye.com/WEB-2015-The-Cyber-Security-Playbook.html?utm_source=SS

Tecnología
1 de 13
1Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIALCopyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL The Board and Cyber Security WHAT EVERY BOARD OF DIRECTORS SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK
2Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Board of Directors’ Perceptions Cyber security risks are now commanding board level attention as businesses are transformed by digital technologies. KPMG’s global CEO outlook survey shows that an increasing number of CEOs are concerned over cyber risk. These findings are backed by the recent Allianz global risk barometer which shows that 28% of respondents rated cyber security in their top business risks. Sources: KPMG, “Cyber Security: A Failure Of Imagination By CEOs” Allianz, “Risk Barometer, Top Business Risks 2016”
3Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape Source: KPMG, “Cyber Security: A Failure Of Imagination By CEOs” The Board of Directors’ Preparedness While most US CEOs appear confident in their preparedness to deal with a cyber incident, many CEOs in Europe and ASPAC are more cautious than their US colleagues.
4Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Board of Directors’ Auditor’s view Audit committees are demanding more information – and spending more time on cyber security Oversight of cyber security has now moved to the board or audit committee Regulatory demands are growing and expectations of transparency increasing Placed cyber security as one of their top 3 risks 16% Say audit committee should spend more time on cyber 40% Say they need to improve the quality of their information 41% Have assigned oversight to the board or audit committee 50% Source: KPMG, “Through A Cyber Security Lens – 2015 Global Audit Committee Survey”
5Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Cost As attacks become increasingly sophisticated, security breaches have a growing financial impact on victims. $7.7 million 2% from 2014 THE AVERAGE ANNUAL COST OF A CYBER CRIME INCIDENT IN 2015 THE ESTIMATED COST OF CYBER CRIME TO THE GLOBAL ECONOMY $400 billion Sources: Ponemon Institute. “2015 Cost of Cyber Crime Study: Global.” McAfee/CSIS, “Net Losses: Estimating The Global Cost Of Cyber Crime”
6Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Time The escalating sophistication of attacks increases not just the cost of cyber crime but also the time to resolve an attack. 27 days THE AVERAGE TIME IT TOOK TO CONTAIN A CYBER ATTACK WAS: 31 days THE AVERAGE TIME IT TOOK TO CONTAIN A CYBER ATTACK WAS: 15% INCREASE 2013 2014
7Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Other Investments Security breaches impose indirect costs via:  Company reputation  Customer loyalty  Customer credit card, financial and personal information  Increased board liability for how they act or fail to act Boards need to increase the standard of care by:  Rethinking their governance structures  Creating privacy and security committees  Improving accountability  Addressing the risks associated with cyber attacks TECHNOLOGIES THAT INCREASE SECURITY, IN ORDER FROM MOST TO LEAST EXPENSIVE: Security incident and event management (SIEM) systems Intrusion prevention systems (IPS) Application security testing Enterprise governance, risk management and compliance (GRC) tools
8Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL FIVE GUIDING PRINCIPLES The National Association of Corporate Directors (NACD) recommends five guiding principles for boards and management to address in a response plan. 11 Cyber security is an enterprise-wide risk-management issue, not just an IT issue. 12Understand the legal implications of cyber risks to the company. 13 Have adequate access to cyber security expertise and discuss risk management regularly in board meetings. 14 15 Ensure that management establishes an enterprise- wide risk management framework with adequate staffing and budget. Identify and develop plans for which risks to avoid, accept, mitigate or transfer through insurance. Source: Cyber-Risk Oversight Executive Summary, Director’s Handbook Series 2014 Edition
9Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Step 1: Preparing for a Breach The NIST Cyber Security Framework A template for directors and executives to embrace  Creation of a privacy and security committee  Making the right investments in security technology Identify Develop the understanding to manage cyber security risk to systems, assets, data and capabilities Protect Develop and implement safeguards to ensure delivery of services Detect Develop and implement systems to identify the occurrence of a cyber security event Respond Carry out actions to take once a cyber security event is underway Recover Carry out activities to restore any capabilities or services impaired due to a cyber security event
10Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Step 2: Dealing with a Breach The board plays a crucial role as overseer of the response and especially the communications strategy. Key responsibilities include:  Information conduit between internal and external groups, including legal, partners and customers  Approval of disclosures based on: - specific country laws - facts that can be validated or confirmed at each stage of the investigation - company profiles (for example, high profile with sizeable social media presence) Despite sustained and responsible security investments, attackers will compromise companies IN 69% of incidents in 2014, the targeted company learned about the breach from a third party, such as law enforcement
11Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Step 3: Regrouping After a Breach The breach has been resolved and the attackers evicted The board now moves to damage control by:  Bolstering defenses, repairing and reinforcing the IT structure  Engaging outside assessment of the company’s security program  Reviewing the incident and response for areas of improvement And communication by:  Initiating repair of the company’s reputation with customers, partners, regulators and media  Reassuring the public and shareholders  Working with counsel and public relations to ensure consistent, accurate and timely public statements IN 2014, THE AVERAGE CUSTOMER CHURN RATE AFTER A BREACH ROSE 15% over 2013* 10% TO EARN BACK CUSTOMER TRUST, RETAILERS OFFER GESTURES OF GOOD WILL discount ON PURCHASE AFTER BREACH * Ponemon Instutute’s U.S. “2014 Cost of Cyber Crime Study”
12Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Conclusion. The Facts.  Cyber security has become a board-level issue.  As companies get more connected to customers and partners, it creates opportunities for attackers.  Cyber security breaches threaten shareholder interests.  There are reasonable steps that can be taken to protect companies and their shareholders.
13Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIALCopyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL TO GAIN FURTHER INSIGHT LISTEN TO THE WEBINAR ‘THE BOARD AND CYBER SECURITY – WHAT’S REQUIRED IN THE PREPARATION FOR AND RESPONSE TO A BREACH?’ OR DOWNLOAD THE CYBERSECURITY PLAYBOOK

Recomendados

Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the BoardroomMarko Suswanto
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellenceErik Taavila
 

Recomendados

Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the BoardroomMarko Suswanto
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellenceErik Taavila
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesSlideTeam
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDPranav Shah
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.360factors
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security ManagementMark Conway
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxAbimbolaFisher1
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
Cism course ppt
Cism course pptCism course ppt
Cism course pptsophiarock123
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfMetaorange
 

Más contenido relacionado

La actualidad más candente

NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesSlideTeam
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDPranav Shah
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.360factors
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security ManagementMark Conway
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxAbimbolaFisher1
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 

La actualidad más candente (20)

NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity framework
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity Audit
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best Practices
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoD
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity Assessment
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 
Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of Directors
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security Management
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptx
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
 
Cism course ppt
Cism course pptCism course ppt
Cism course ppt
 

Similar a The Board and Cyber Security

Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfMetaorange
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxMetaorange
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 
Digital economy and its effect on cyber risk
Digital economy and its effect on cyber riskDigital economy and its effect on cyber risk
Digital economy and its effect on cyber riskaakash malhotra
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeDejan Jeremic
 
Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises? Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises? Pierre Audoin Consultants
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber securityWGroup
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
Cyber security framework
Cyber security frameworkCyber security framework
Cyber security frameworkYann Lecourt
 
From checkboxes to frameworks
From checkboxes to frameworksFrom checkboxes to frameworks
From checkboxes to frameworksVincent Bellamy
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research UpdateGridCyberSec
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
application-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodeapplication-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodesciccone
 
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxEmphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxlior mazor
 

Similar a The Board and Cyber Security (20)

Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdf
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptx
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 
Digital economy and its effect on cyber risk
Digital economy and its effect on cyber riskDigital economy and its effect on cyber risk
Digital economy and its effect on cyber risk
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrime
 
Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises? Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises?
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
Cyber security framework
Cyber security frameworkCyber security framework
Cyber security framework
 
From checkboxes to frameworks
From checkboxes to frameworksFrom checkboxes to frameworks
From checkboxes to frameworks
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update
 
16231
1623116231
16231
 
TrustCheck from Unisys
TrustCheck from UnisysTrustCheck from Unisys
TrustCheck from Unisys
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
application-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodeapplication-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracode
 
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxEmphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
 

Más de FireEye, Inc.

Asia Pacific & The Security Gap: Don't Stand Still
Asia Pacific & The Security Gap: Don't Stand StillAsia Pacific & The Security Gap: Don't Stand Still
Asia Pacific & The Security Gap: Don't Stand StillFireEye, Inc.
 
EMEA & The Security Gap: Don't Stand Still
EMEA & The Security Gap: Don't Stand StillEMEA & The Security Gap: Don't Stand Still
EMEA & The Security Gap: Don't Stand StillFireEye, Inc.
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...FireEye, Inc.
 
M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点FireEye, Inc.
 
[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat PrognosisFireEye, Inc.
 
[Infographic] Email: The First Security Gap Targeted by Attackers
[Infographic] Email: The First Security Gap Targeted by Attackers[Infographic] Email: The First Security Gap Targeted by Attackers
[Infographic] Email: The First Security Gap Targeted by AttackersFireEye, Inc.
 
M-Trends 2015: 최일선에서 본 관점
M-Trends 2015: 최일선에서 본 관점 M-Trends 2015: 최일선에서 본 관점
M-Trends 2015: 최일선에서 본 관점 FireEye, Inc.
 
M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点FireEye, Inc.
 
M-Trends 2015 : Les nouvelles du front
M-Trends 2015 : Les nouvelles du frontM-Trends 2015 : Les nouvelles du front
M-Trends 2015 : Les nouvelles du frontFireEye, Inc.
 
5 Reasons Cyber Attackers Target Small and Medium Businesses
5 Reasons Cyber Attackers Target Small and Medium Businesses 5 Reasons Cyber Attackers Target Small and Medium Businesses
5 Reasons Cyber Attackers Target Small and Medium Businesses FireEye, Inc.
 
Connected Cares: The Open Road For Hackers
Connected Cares: The Open Road For HackersConnected Cares: The Open Road For Hackers
Connected Cares: The Open Road For HackersFireEye, Inc.
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapFireEye, Inc.
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat FireEye, Inc.
 
M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails FireEye, Inc.
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent ThreatFireEye, Inc.
 
SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey FireEye, Inc.
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...FireEye, Inc.
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response SurveyFireEye, Inc.
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of CompromiseFireEye, Inc.
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye, Inc.
 

Más de FireEye, Inc. (20)

Asia Pacific & The Security Gap: Don't Stand Still
Asia Pacific & The Security Gap: Don't Stand StillAsia Pacific & The Security Gap: Don't Stand Still
Asia Pacific & The Security Gap: Don't Stand Still
 
EMEA & The Security Gap: Don't Stand Still
EMEA & The Security Gap: Don't Stand StillEMEA & The Security Gap: Don't Stand Still
EMEA & The Security Gap: Don't Stand Still
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
 
M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点
 
[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis
 
[Infographic] Email: The First Security Gap Targeted by Attackers
[Infographic] Email: The First Security Gap Targeted by Attackers[Infographic] Email: The First Security Gap Targeted by Attackers
[Infographic] Email: The First Security Gap Targeted by Attackers
 
M-Trends 2015: 최일선에서 본 관점
M-Trends 2015: 최일선에서 본 관점 M-Trends 2015: 최일선에서 본 관점
M-Trends 2015: 최일선에서 본 관점
 
M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点
 
M-Trends 2015 : Les nouvelles du front
M-Trends 2015 : Les nouvelles du frontM-Trends 2015 : Les nouvelles du front
M-Trends 2015 : Les nouvelles du front
 
5 Reasons Cyber Attackers Target Small and Medium Businesses
5 Reasons Cyber Attackers Target Small and Medium Businesses 5 Reasons Cyber Attackers Target Small and Medium Businesses
5 Reasons Cyber Attackers Target Small and Medium Businesses
 
Connected Cares: The Open Road For Hackers
Connected Cares: The Open Road For HackersConnected Cares: The Open Road For Hackers
Connected Cares: The Open Road For Hackers
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security Gap
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat
 
M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat
 
SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response Survey
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of Compromise
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
 

Último

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 

Último (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

The Board and Cyber Security

  • 1. 1Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIALCopyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL The Board and Cyber Security WHAT EVERY BOARD OF DIRECTORS SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK
  • 2. 2Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Board of Directors’ Perceptions Cyber security risks are now commanding board level attention as businesses are transformed by digital technologies. KPMG’s global CEO outlook survey shows that an increasing number of CEOs are concerned over cyber risk. These findings are backed by the recent Allianz global risk barometer which shows that 28% of respondents rated cyber security in their top business risks. Sources: KPMG, “Cyber Security: A Failure Of Imagination By CEOs” Allianz, “Risk Barometer, Top Business Risks 2016”
  • 3. 3Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape Source: KPMG, “Cyber Security: A Failure Of Imagination By CEOs” The Board of Directors’ Preparedness While most US CEOs appear confident in their preparedness to deal with a cyber incident, many CEOs in Europe and ASPAC are more cautious than their US colleagues.
  • 4. 4Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Board of Directors’ Auditor’s view Audit committees are demanding more information – and spending more time on cyber security Oversight of cyber security has now moved to the board or audit committee Regulatory demands are growing and expectations of transparency increasing Placed cyber security as one of their top 3 risks 16% Say audit committee should spend more time on cyber 40% Say they need to improve the quality of their information 41% Have assigned oversight to the board or audit committee 50% Source: KPMG, “Through A Cyber Security Lens – 2015 Global Audit Committee Survey”
  • 5. 5Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Cost As attacks become increasingly sophisticated, security breaches have a growing financial impact on victims. $7.7 million 2% from 2014 THE AVERAGE ANNUAL COST OF A CYBER CRIME INCIDENT IN 2015 THE ESTIMATED COST OF CYBER CRIME TO THE GLOBAL ECONOMY $400 billion Sources: Ponemon Institute. “2015 Cost of Cyber Crime Study: Global.” McAfee/CSIS, “Net Losses: Estimating The Global Cost Of Cyber Crime”
  • 6. 6Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Time The escalating sophistication of attacks increases not just the cost of cyber crime but also the time to resolve an attack. 27 days THE AVERAGE TIME IT TOOK TO CONTAIN A CYBER ATTACK WAS: 31 days THE AVERAGE TIME IT TOOK TO CONTAIN A CYBER ATTACK WAS: 15% INCREASE 2013 2014
  • 7. 7Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Changing Roles, Changing Threat Landscape The Other Investments Security breaches impose indirect costs via:  Company reputation  Customer loyalty  Customer credit card, financial and personal information  Increased board liability for how they act or fail to act Boards need to increase the standard of care by:  Rethinking their governance structures  Creating privacy and security committees  Improving accountability  Addressing the risks associated with cyber attacks TECHNOLOGIES THAT INCREASE SECURITY, IN ORDER FROM MOST TO LEAST EXPENSIVE: Security incident and event management (SIEM) systems Intrusion prevention systems (IPS) Application security testing Enterprise governance, risk management and compliance (GRC) tools
  • 8. 8Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL FIVE GUIDING PRINCIPLES The National Association of Corporate Directors (NACD) recommends five guiding principles for boards and management to address in a response plan. 11 Cyber security is an enterprise-wide risk-management issue, not just an IT issue. 12Understand the legal implications of cyber risks to the company. 13 Have adequate access to cyber security expertise and discuss risk management regularly in board meetings. 14 15 Ensure that management establishes an enterprise- wide risk management framework with adequate staffing and budget. Identify and develop plans for which risks to avoid, accept, mitigate or transfer through insurance. Source: Cyber-Risk Oversight Executive Summary, Director’s Handbook Series 2014 Edition
  • 9. 9Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Step 1: Preparing for a Breach The NIST Cyber Security Framework A template for directors and executives to embrace  Creation of a privacy and security committee  Making the right investments in security technology Identify Develop the understanding to manage cyber security risk to systems, assets, data and capabilities Protect Develop and implement safeguards to ensure delivery of services Detect Develop and implement systems to identify the occurrence of a cyber security event Respond Carry out actions to take once a cyber security event is underway Recover Carry out activities to restore any capabilities or services impaired due to a cyber security event
  • 10. 10Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Step 2: Dealing with a Breach The board plays a crucial role as overseer of the response and especially the communications strategy. Key responsibilities include:  Information conduit between internal and external groups, including legal, partners and customers  Approval of disclosures based on: - specific country laws - facts that can be validated or confirmed at each stage of the investigation - company profiles (for example, high profile with sizeable social media presence) Despite sustained and responsible security investments, attackers will compromise companies IN 69% of incidents in 2014, the targeted company learned about the breach from a third party, such as law enforcement
  • 11. 11Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Step 3: Regrouping After a Breach The breach has been resolved and the attackers evicted The board now moves to damage control by:  Bolstering defenses, repairing and reinforcing the IT structure  Engaging outside assessment of the company’s security program  Reviewing the incident and response for areas of improvement And communication by:  Initiating repair of the company’s reputation with customers, partners, regulators and media  Reassuring the public and shareholders  Working with counsel and public relations to ensure consistent, accurate and timely public statements IN 2014, THE AVERAGE CUSTOMER CHURN RATE AFTER A BREACH ROSE 15% over 2013* 10% TO EARN BACK CUSTOMER TRUST, RETAILERS OFFER GESTURES OF GOOD WILL discount ON PURCHASE AFTER BREACH * Ponemon Instutute’s U.S. “2014 Cost of Cyber Crime Study”
  • 12. 12Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Conclusion. The Facts.  Cyber security has become a board-level issue.  As companies get more connected to customers and partners, it creates opportunities for attackers.  Cyber security breaches threaten shareholder interests.  There are reasonable steps that can be taken to protect companies and their shareholders.
  • 13. 13Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIALCopyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL TO GAIN FURTHER INSIGHT LISTEN TO THE WEBINAR ‘THE BOARD AND CYBER SECURITY – WHAT’S REQUIRED IN THE PREPARATION FOR AND RESPONSE TO A BREACH?’ OR DOWNLOAD THE CYBERSECURITY PLAYBOOK

Notas del editor

  1. David to add KPMG slide
  2. David to add KPMG slide
  3. David to add KPMG slide