12
CYBER SECURITY BREAKFAST #001 Board and Cyber Security LEON FOUCHE 22 March 2016 Page 1 Board and Cyber Security

Board and Cyber Security

Embed Size (px)

Citation preview

Page 1: Board and Cyber Security

Board and Cyber Security

CYBER SECURITY BREAKFAST #001Board and Cyber SecurityLEON FOUCHE22 March 2016

Page 1

Page 2: Board and Cyber Security

CYBER SECURITY Some statistics….

Page 2Board and Cyber Security

Page 3: Board and Cyber Security

CYBER SECURITY

Page 3

WEF - 2016

Board and Cyber Security Source: The Global Risk Report 2016 – World Economic Forum

Page 4: Board and Cyber Security

CYBER SECURITY

CEOs’ fastest-growing concern61% of CEO’s around the globe are concerned about cyber threats

Protecting Intellectual Property and Customer data70% of organisations expressed concern about their inability to protect intellectual property or confidential customer data

Cyber attacks are on the riseThe estimated annual cost of cyber-attacks to the global economy is more than $400 billion

Australia is not immune to cyber attacksIn 2013 cyber attacks affected 5 million Australians at an estimated cost of $1.06 billion

Page 4

Global and Australian statistics

61%

70%

$400bn

$1bn

Board and Cyber Security

Source: Various Internet sources

Page 5: Board and Cyber Security

CYBER SECURITY

Page 5

Data breaches: 2012-2015

Board and Cyber Security

Source: California Data Breach Report – February 2016

Page 6: Board and Cyber Security

CYBER SECURITY

Page 6Board and Cyber Security

Page 7: Board and Cyber Security

CYBER SECURITY

Page 7Board and Cyber Security

Critical assets and risk assessments • Less than a third (32%) of organisations

have identified their critical digital assets (‘crown jewels’)

• Approximately one fifth (19%) are still working on identifying critical assets

• 15% have done no work at identifying critical assets

• Just over a third (34%) of organisations have completed risk assessments of critical assets

• Only 35% of organisations have completed cyber security risk requirement for 3rd parties

• 5% changed 3rd party vendors as a result of cyber security risks

Page 8: Board and Cyber Security

CYBER SECURITY

Page 8Board and Cyber Security

Lacking cyber incident response plans• Majority of organisations (59%)

use internal resources to mitigate cyber risks

• Only 45% have cyber security incident response plans in place

• 34% have no cyber security incident response plans in place

Page 9: Board and Cyber Security

CYBER SECURITY What is expected from the Board

Page 9Board and Cyber Security

Page 10: Board and Cyber Security

CYBER SECURITY

Page 10Board and Cyber Security

Cyber security expectations• What should the Board be responsible for?• What should management be responsible for?• What should practitioners be responsible for?

Page 11: Board and Cyber Security

CYBER SECURITY

Page 11Board and Cyber Security

Questions the Board should be asking themselves • Do we know what our cyber risk profile is – who,

what, why, impact?• Do we know what our critical digital assets (‘crown

jewels’) are?• Have we done proper risk assessments on these? Is

this within our risk appetite?• What are we doing about managing our security

gaps – mitigation (investment) and transfer (cyber insurance)?

• Are we able to respond to a cyber security incident? When was the last time we have tested this?

Page 12: Board and Cyber Security

CYBER SECURITY

Page 12Board and Cyber Security

Cyber resilience checklist


Cyber Security Metrics - ehcca.com · Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security. ... (2013 Defense Science Board Report)

Cyber Security Metrics - ehcca.com · Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security. ... (2013 Defense Science Board Report)

Documents
T ROLE OF CYBER SECURITY IN DIGITAL TRANSFORMATION · Imraan Bashir, Senior Director, Cyber Security Treasury Board of Canada Secretariat COUNTERMEASURE 2018. DIGITAL TRANSFORMATION

T ROLE OF CYBER SECURITY IN DIGITAL TRANSFORMATION · Imraan Bashir, Senior Director, Cyber Security Treasury Board of Canada Secretariat COUNTERMEASURE 2018. DIGITAL TRANSFORMATION

Documents
7 board cyber security questions

7 board cyber security questions

Business
Cyber security: the board report · Cyber security: the board report 7 Why every business is a target Many businesses still believe they are below the criminals’ radar. In truth,

Cyber security: the board report · Cyber security: the board report 7 Why every business is a target Many businesses still believe they are below the criminals’ radar. In truth,

Documents
Cyber Security Risk Rating The Egan-Jones Cyber Security

Cyber Security Risk Rating The Egan-Jones Cyber Security

Documents
MAGAZINE - Cyber Security Raad€¦ · progression of cyber security ° Cyber security: limitation and opportunity Cyber security belongs in the boardroom ° °Greater internet security

MAGAZINE - Cyber Security Raad€¦ · progression of cyber security ° Cyber security: limitation and opportunity Cyber security belongs in the boardroom ° °Greater internet security

Documents
Cyber Security Analyst Course Outline Cyber Security

Cyber Security Analyst Course Outline Cyber Security

Documents
Cyber Security The Cyber Security - GOV.UK

Cyber Security The Cyber Security - GOV.UK

Documents
Cyber Security - Joshua McCloud - Cisco Cyber Security Solutions Architect

Cyber Security - Joshua McCloud - Cisco Cyber Security Solutions Architect

Technology
BSc (Hons) Cyber Security BSc (Hons) Cyber Security (with

BSc (Hons) Cyber Security BSc (Hons) Cyber Security (with

Documents
Cyber Security Management - Kenya ICT Board

Cyber Security Management - Kenya ICT Board

Documents
ABB Cyber Security Services - library.e.abb.com · ABB’s approach to cyber security Cyber security roadmap –reaching maturity with ABB Cyber Security Services May 8, 2017 Slide

ABB Cyber Security Services - library.e.abb.com · ABB’s approach to cyber security Cyber security roadmap –reaching maturity with ABB Cyber Security Services May 8, 2017 Slide

Documents
Cyber Security for Board of Directors and Senior Management Peter O’Dell Author: Cyber 24-7: Risks, Leadership, Sharing

Cyber Security for Board of Directors and Senior Management Peter O’Dell Author: Cyber 24-7: Risks, Leadership, Sharing

Documents
CYBER SECURITY DIVISION - dhs.gov · CYBER SECURITY DIVISION: SECURING YOUR CYBER FUTURE • • • CYBER SECURITY DIVISION OVERVIEW The nation’s economic strength and security

CYBER SECURITY DIVISION - dhs.gov · CYBER SECURITY DIVISION: SECURING YOUR CYBER FUTURE • • • CYBER SECURITY DIVISION OVERVIEW The nation’s economic strength and security

Documents
Cyber crime and cyber security

Cyber crime and cyber security

Technology
10 tips for cyber security - Munich ReCyber risks 10 tips for cyber security Title 10 tips for cyber security Subject hsb-cyber-ten-security-tips Keywords,cyber,HSB_Cyber_Safety_Tips_10082020

10 tips for cyber security - Munich ReCyber risks 10 tips for cyber security Title 10 tips for cyber security Subject hsb-cyber-ten-security-tips Keywords,cyber,HSB_Cyber_Safety_Tips_10082020

Documents
FOCUS GROUPS - Cyber Security Coalition | Cyber Security ... · A central pillar of the European Union cyber security strategy, the Cyber Security Act aims to strengthen the cyber

FOCUS GROUPS - Cyber Security Coalition | Cyber Security ... · A central pillar of the European Union cyber security strategy, the Cyber Security Act aims to strengthen the cyber

Documents
National Cyber Security STEM Education Advisory Board Report

National Cyber Security STEM Education Advisory Board Report

Documents
Role of The Board In IT Governance & Cyber Security-Steve Howse

Role of The Board In IT Governance & Cyber Security-Steve Howse

Business
National Cyber Security Alliance National Cyber Security Awareness … · 2020-02-13 · National Cyber Security Alliance National Cyber Security Awareness Month 2017 Results Summary

National Cyber Security Alliance National Cyber Security Awareness … · 2020-02-13 · National Cyber Security Alliance National Cyber Security Awareness Month 2017 Results Summary

Documents
Cyber security: the board report - Grant Thornton Australia · 2019-08-13 · Cyber security: the board report 7 Why every business is a target Many businesses still believe they

Cyber security: the board report - Grant Thornton Australia · 2019-08-13 · Cyber security: the board report 7 Why every business is a target Many businesses still believe they

Documents
DRAFT Cyber Security Supply Chain Risks...Cyber Security Supply Chain Risk Study: The Board requested that NERC, in collaboration with others, study the nature and complexity of cyber

DRAFT Cyber Security Supply Chain Risks...Cyber Security Supply Chain Risk Study: The Board requested that NERC, in collaboration with others, study the nature and complexity of cyber

Documents
Cyber Security, Cyber Intelligence & Cyber Investigation

Cyber Security, Cyber Intelligence & Cyber Investigation

Technology
RUAG Cyber Security Security Consulting · into the customer’s protection and determine their Cyber Security Maturity. Reinforce your security posture Cyber Security Compliance

RUAG Cyber Security Security Consulting · into the customer’s protection and determine their Cyber Security Maturity. Reinforce your security posture Cyber Security Compliance

Documents
DHS National Cyber Security Division Cyber Security Procurem

DHS National Cyber Security Division Cyber Security Procurem

Documents
International Security Advisory Board July 2, 2014 · International Security Advisory Board July 2, 2014 Report on A Framework for International Cyber Stability

International Security Advisory Board July 2, 2014 · International Security Advisory Board July 2, 2014 Report on A Framework for International Cyber Stability

Documents
Introduction to Cyber Security by Cyber Security Infotech(CSI)

Introduction to Cyber Security by Cyber Security Infotech(CSI)

Documents
Improving Cyber-Security Improving Cyber-Security through

Improving Cyber-Security Improving Cyber-Security through

Documents
Cyber security: A failure of imagination by CEOs · Cyber security: A failure of imagination by CEOs 3. C-suite and board members traditionally have viewed cyber security as a tactical

Cyber security: A failure of imagination by CEOs · Cyber security: A failure of imagination by CEOs 3. C-suite and board members traditionally have viewed cyber security as a tactical

Documents
Cyber Security is the Board’s Business - Imperva€¦ · 4 Cyber Security is the Board’s Business Board members have a fiduciary responsibility to establish and govern business

Cyber Security is the Board’s Business - Imperva€¦ · 4 Cyber Security is the Board’s Business Board members have a fiduciary responsibility to establish and govern business

Documents