With the board room increasingly being held accountable for data breaches, it's crucial that they know and understand the cyber risks facing their organization.Connect board room to server room
3. “We believed we were
doing things ahead of the
industry. We thought we
were well-positioned.”
- Frank Blake, Chairman of Home Depot
3
4. Cybersecurity Is No Longer Just
a Technical Problem
4
Top 5 Security Risks
1.Data security (company
information)
2.Brand/reputational damage
3.Regulatory and compliance
violations (tie)
4.Data leakage (tie)
5.Viruses and malware
- Protiviti, “From Cybersecurity to Collaboration: Assessing the Top Priorities for Internal Audit Functions”,
2015
5. The Cost Cannot Be Ignored
Increase from previous year of
organizations reporting financial hits
of $20 million or more
5
$2.7
Million
Annual average financial loss
attributed to cybersecurity incidents
- up 34% from previous year
92%
- The Global State of Information Security® Survey 2015, PWC
7. Security Spending on the Rise,
Yet Companies Getting Hit Hard
7
• The traditional approach
to managing cyber risks
is not working
• Too much focus on one-
off, responsive tactics
• The dots aren’t being
connected between cyber
risks and business
impact
8. Security Spending on the Rise,
Yet Companies Getting Hit Hard
• Security is too complex
• Too much data is trapped
• Hard to relate cyber risks to
the business
• Too much focus on tools
and not enough on process
• Lack of communication and
agility and ability to quickly
make effective decisions
8
10. Cybersecurity Needs to Be
Baked Into Your Business
• What does security look
like for you?
• What does it mean for your
customers, partners,
suppliers?
• How quickly and effectively
can you respond to a
security incident?
• What’s the effect of not
being secure enough?
10
11. Sound Cybersecurity is a
Competitive Advantage
11
69%of US executives are
worried that cyber threats
will impact growth.
— PwC, 17th Annual Global CEO Survey
12. Bridge the Gap Between Security
Operations and the Business
12
13. Using Cyber Risk Intelligence to
Drive Better Security Decisions
13
15. You Gotta Get the Board on
Board with Cyber
• Cybersecurity
improvement includes
the involvement of
Board Directors
• Only 30% of Boards
are highly engaged
with information
security risks and
include cybersecurity
in their audit and risk
acceptance process.
15
Source: From Cybersecurity to Collaboration: Assessing
the Top Priorities for Internal Audit Functions
16. Where Do We Go From Here?
1. Unlock trapped cyber data and
look at cyber risks through a
business intelligence/KPI lens.
2. Build the right strategy and
foundation for a long-lasting
cyber-resilient approach.
3. Facilitate communication and
collaboration across IT teams,
business analysts, legal and
executives.
16
17. Q&A and Additional
SurfWatch Labs Resources
17
How to Understand Cyber Risks
and Ensure Governance:
info.surfwatchlabs.com/cyber-risk-governance
SurfWatch C-Suite Datasheet:
info.surfwatchlabs.com/SurfWatch-C-Suite-Datasheet
SurfWatch C-Suite Product Overview Video:
www.youtube.com/watch?v=9J0Ae6VTmHU
SurfWatch C-Suite Product Review:
www.scmagazine.com/surfwatch-c-suite/review/4324/
Schedule a Personal SurfWatch C-Suite Demo:
info.surfwatchlabs.com/request-demo
Accountability has Shifted to the C-Suite
“… boards that choose to ignore, or minimize, the importance of cybersecurity oversight responsibility, do so at their own peril.”
- Luis A. Aguilar, SEC Commissioner