Upload
continuity-and-resilience
View
104
Download
4
Embed Size (px)
Citation preview
11/01/17 The Business Continuity Institute 1
Continuity and Resilience (CORE)
ISO 22301 BCM Consulting Firm
Presentations by speakers at the 5th India Business & IT Resilience Summit
June 1, 2017 at Meluha – The an Ecotel Hotel Mumbai, India
Our Contact Details:
UAE INDIA
Continuity and Resilience P. O. Box 127557
Abu Dhabi, United Arab Emirates Mobile:+971 50 8460530
Tel: +971 2 8152831 Fax: +971 2 8152888
Email: [email protected]
Continuity and Resilience Level 15,Eros Corporate Tower
Nehru Place ,New Delhi-110019 Tel: +91 11 41055534/ +91 11 41613033
Fax: ++91 11 41055535 Email: [email protected]
11/01/17 The Business Continuity Institute 3
organizations
About the BCI Cyber Resilience Report 2017
countries
• 221 organizations from India – promoted in partnership with Nasscom • Functional roles include business continuity, risk management and IT disaster recovery • Top sectors represented include IT and communications (35%), finance and insurance
(29%) and professional services (14%) • 85% come from large enterprises
745 69
11/01/17 The Business Continuity Institute 4
• Almost three-quarters of Indian organizations (72%) report at least 1 cyber incident in the last 12 months
• Top drivers of disruption include phishing and social engineering (57%), malware (35%) and spear phishing (23%)
• Indian organizations outperform the global average in terms of deploying business continuity arrangements for cyber resilience issues (91% compared to 87%) and top management commitment to cyber resilience (75% compared to 60%)
The headlines
BCI Cyber Resilience Report 2017
11/01/17 The Business Continuity Institute 5
Frequency of cyber disruptions
28
46
9
1 1 3
12
0
1-5
6-10
11-20
21-50
51+
Don’t know
• Almost three-quarters of Indian organizations (72%) report at least 1 cyber incident in the last 12 months
11/01/17 The Business Continuity Institute 6
Drivers of cyber disruptions
15
15
16
16
23
35
46
Insider threat
Out of date software
Denial of service
Ransomware
Spear phishing
Malware
Phishing and social engineering
0 5 10 15 20 25 30 35 40 45 50
• Top drivers of disruption include phishing and social engineering (57%), malware (35%) and spear phishing (23%)
11/01/17 The Business Continuity Institute 7
Cumulative cost of cyber disruptions
80
13
1
2
1 1 0
2
0
Up to €50k
€50-250k
€250-500k
€500k-1m
€1-10m
€10-50m
€50-250m
€250-500m
More than €500m
• 80% of Indian organizations report losses of up to €50,000 due to cyber disruptions in the last 12 months
• 4% of Indian organizations lost at least €1 million during the same time period
11/01/17 The Business Continuity Institute 8
Top management commitment to cyber resilience
75
22
1 0
2
High
Medium
Low
None
Don't know
• Indian organizations outperform the global average in terms of high top management commitment to cyber resilience issues (75% compared to 60%)
11/01/17 The Business Continuity Institute 9
Deploying business continuity arrangements for cyber disruptions
91
4 5
YES
NO
Don't know
• Indian organizations also outperform the global average in terms of deploying business continuity arrangements for cyber disruptions (91% compared to 87%)
11/01/17 The Business Continuity Institute 10
Response time to cyber disruptions
31
31
13
11
14
Less than 1 hour
1-2 hours
2-3 hours
3-4 hours
More than 4 hours
• Almost a third of Indian organizations (31%) respond to cyber disruptions within an hour of its discovery
11/01/17 The Business Continuity Institute 11
Cyber resilience issues What are practitioners saying?
Business continuity strategies must take all potential cyber security events into account, especially with the emergence of large scale cyber-attacks.
Business continuity programmes are beginning to be looked at and invested into as possible strategic assets for cyber resilience.
Business continuity plans get activated when cyber security is a threat, so it is no more a domain only for InfoSec people. The business continuity guys have to widen their scope and knowledge base to cope.
11/01/17 The Business Continuity Institute 12
• Business continuity professionals should collaborate and engage with their cyber/information security colleagues.
• Reputation management remains a key driver in pushing the cyber resilience agenda.
• The cyber resilience of suppliers is expected to increasingly influence organizations’ cyber resilience in turn.
• Legislative and regulatory changes are expected to drive cyber resilience and heavily influence efforts in the area.
Key takeaways
BCI Cyber Resilience Report 2017