SlideShare a Scribd company logo

Information Security and your Business

CyberCon Security Solutions, LLC
CyberCon Security Solutions, LLC

Why businesses of all sizes need to be concerned about Information Security.

Technology
1 of 23
Information Security and Your Business Karl Hart CyberCon Security Solutions, LLC
Today’s Security Realities Perception of Security Showing the business value of Security The 3 R’s Seeing Security Differently Retooling to leverage the Value Agenda
Threats are on the rise Time to respond has decreased Regulatory pressures are increasing Business partner integration requirements have eroded the network perimeter Spending more on security doesn’t equate to better protection Today’s security realities…
When we think of Information Security … Focused on keeping the lights on or hackers out Cost center focused Poorly defined metrics Lost in translation Out of alignment with business drivers Unable to show business Value
Not seen as a ‘value add’ or a way to grow the business Technology focused Focused on threat Avoidance vs. Risk Management Perceived as inflexible Making decisions on behalf of the business customer Loss of credibility and trust over time What’s the impact?
Instead of Threats – focus on the 3 R’s Revenue Are there ways to reduce or avoid costs? What are your key information assets? Reputation What is the your brand worth? Regulations What are you required to do? Showing the value of Security
Seeing Security Differently Revenue Opportunities Efficiency Gains and Reduced Costs How much business value do you gain with a spam filter? What security services can be easily outsourced? What processes are duplicated because security is in silos? Can security enhancements improve the Supply Chain? Market Differentiator Can your security services attract new customers? Might your security services create a barrier to competitors?
Loss of Information/Data theft Launching of attacks from occupied system Business Reputation Fines and penalties What is at Stake?
Reputation Opportunities What is your brand equity? What do you spend on demand creation (marketing) to grow your market? What would be the impact to your stock price if your customer database were hacked? Seeing Security Differently
Examples of reputation damage
Asset Protection Protect the information that matters the most to your business Apply the same principles as insuring your physical assets Could you lower your insurance premiums by implementing stronger security? Seeing Security Differently “Intangible assets such as intellectual property represent approximately 60% to 80% of a company’s assets.” – Accenture Survey 2004
Regulation Requirements SOX, GLBA, HIPAA, PCI…. What regulations are relevant to your industry? What are your local and overseas requirements? Are your service providers also in compliance? Do you know what’s coming? Seeing Security Differently
Regulation Requirements cont. Do you check to see if you’re following your Privacy policies? Is your company acting ‘unreasonably’ even though it’s not violating a regulation? Due Care “Damn Idiot List” Are there competitive advantages to anticipating the next set of regulations? Seeing Security Differently
Vulnerabilities, exploits, and bugs Viruses and Malicious Code Trojan Horses Worms Unprotected devices USB drives Laptops Papers How does a data breach happen?
Problems for Small Business Security Administrators. Less Money for Equipment and Software Less Money for Network Staff Less Money for Training Less Planning
2009 Incidents by types
2009 Incidents by Vector Total Records Affected: 217,780,870 Current as of 12/14/09
Lack of knowledge Busy in day to day business Out of Date Systems Systems not updated with latest patches Lack of Perimeter Security Need more than just desktop security Open Wireless Convenient Why are small businesses at risk
Invest in a technology audit Hire the best IT support Upgrade systems and software Learn more about the laws and regulations that affect you business What can your business do?
Stop seeing Security as only technology Require your security teams to talk “Business” Ask your business customer what’s the right level of risk and critical IP Focus on process improvements Communicate the value security brings to the business – the 3 R’s Improved productivity Faster to market New revenue streams Stronger brand Changing the Paradigm
SaaS or Security as a Service Rather than having to become an expert yourself, you can now hire one. We do not replace you current IT support but enhance it. Allowing you to get back to business, that is what you do best. How we can help
Questions / Comments?
Karl Hart Web: www.cyberconsecurity.com email: karl.hart@cyberconsecurity.com Phone: 513-202-3020 IT Security Solutions for You and Your Business! Contact Information

Recommended

1.0 introduction v2
1.0 introduction v21.0 introduction v2
1.0 introduction v2Paradigm Management Group
 
Build the right secure corporate networks
Build the right secure corporate networksBuild the right secure corporate networks
Build the right secure corporate networksconnectiscyber
 
Build the Right Secure Your Network Devices
Build the Right Secure Your Network DevicesBuild the Right Secure Your Network Devices
Build the Right Secure Your Network Devicesconnectiscyber
 
20th March Session Five by Ramesh Shanmughanathan
20th March Session Five by Ramesh Shanmughanathan20th March Session Five by Ramesh Shanmughanathan
20th March Session Five by Ramesh ShanmughanathanSharath Kumar
 
Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Michael Ofarrell
 
Guide to Security Questionnaire Response
Guide to Security Questionnaire ResponseGuide to Security Questionnaire Response
Guide to Security Questionnaire ResponseXoro.ai
 
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...Positive Hack Days
 
Security and Risk Mitigation
Security and Risk MitigationSecurity and Risk Mitigation
Security and Risk Mitigationhaydenchamber
 

Recommended

1.0 introduction v2
1.0 introduction v21.0 introduction v2
1.0 introduction v2Paradigm Management Group
 
Build the right secure corporate networks
Build the right secure corporate networksBuild the right secure corporate networks
Build the right secure corporate networksconnectiscyber
 
Build the Right Secure Your Network Devices
Build the Right Secure Your Network DevicesBuild the Right Secure Your Network Devices
Build the Right Secure Your Network Devicesconnectiscyber
 
20th March Session Five by Ramesh Shanmughanathan
20th March Session Five by Ramesh Shanmughanathan20th March Session Five by Ramesh Shanmughanathan
20th March Session Five by Ramesh ShanmughanathanSharath Kumar
 
Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Michael Ofarrell
 
Guide to Security Questionnaire Response
Guide to Security Questionnaire ResponseGuide to Security Questionnaire Response
Guide to Security Questionnaire ResponseXoro.ai
 
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...Positive Hack Days
 
Security and Risk Mitigation
Security and Risk MitigationSecurity and Risk Mitigation
Security and Risk Mitigationhaydenchamber
 
C:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionC:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionYustinus Simon
 
Advantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environmentAdvantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environmentIBM Analytics
 
SolarWinds Presents Compliance with Log and Event Manager
SolarWinds Presents Compliance with Log and Event ManagerSolarWinds Presents Compliance with Log and Event Manager
SolarWinds Presents Compliance with Log and Event ManagerSolarWinds
 
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.Unified11
 
Why does-your-company-need-a-third-party-risk-management-program
Why does-your-company-need-a-third-party-risk-management-programWhy does-your-company-need-a-third-party-risk-management-program
Why does-your-company-need-a-third-party-risk-management-programCharles Steve
 
Protecting the "Crown Jewels" by Henrik Bodskov, IBM
Protecting the "Crown Jewels" by Henrik Bodskov, IBMProtecting the "Crown Jewels" by Henrik Bodskov, IBM
Protecting the "Crown Jewels" by Henrik Bodskov, IBMInfinIT - Innovationsnetværket for it
 
Justifying Security Investment
Justifying Security InvestmentJustifying Security Investment
Justifying Security InvestmentJojo Colina
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sunvijaychn
 
HEMISPHERE SMB Case Study
HEMISPHERE SMB Case StudyHEMISPHERE SMB Case Study
HEMISPHERE SMB Case StudyCarter Schoenberg
 
Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?IBM Security
 
bsi-cyber-resilience-presentation
bsi-cyber-resilience-presentationbsi-cyber-resilience-presentation
bsi-cyber-resilience-presentationAjai Srivastava
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedIBM Security
 
5 Steps to Securing Your Company's Crown Jewels
5 Steps to Securing Your Company's Crown Jewels5 Steps to Securing Your Company's Crown Jewels
5 Steps to Securing Your Company's Crown JewelsIBM Security
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...Rea & Associates
 
IT Security for your Business
IT Security for your BusinessIT Security for your Business
IT Security for your BusinessNeil Kemp
 
Cyber Risk in the Energy Industry
Cyber Risk in the Energy IndustryCyber Risk in the Energy Industry
Cyber Risk in the Energy IndustryTim Christ Executive Leadership
 
Major Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeMajor Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeSysfore Technologies
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Maestro
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safewoodsy01
 
DSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleDSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleAndris Soroka
 

More Related Content

What's hot

C:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionC:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionYustinus Simon
 
Advantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environmentAdvantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environmentIBM Analytics
 
SolarWinds Presents Compliance with Log and Event Manager
SolarWinds Presents Compliance with Log and Event ManagerSolarWinds Presents Compliance with Log and Event Manager
SolarWinds Presents Compliance with Log and Event ManagerSolarWinds
 
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.Unified11
 
Why does-your-company-need-a-third-party-risk-management-program
Why does-your-company-need-a-third-party-risk-management-programWhy does-your-company-need-a-third-party-risk-management-program
Why does-your-company-need-a-third-party-risk-management-programCharles Steve
 
Justifying Security Investment
Justifying Security InvestmentJustifying Security Investment
Justifying Security InvestmentJojo Colina
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sunvijaychn
 
Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?IBM Security
 
bsi-cyber-resilience-presentation
bsi-cyber-resilience-presentationbsi-cyber-resilience-presentation
bsi-cyber-resilience-presentationAjai Srivastava
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedIBM Security
 
5 Steps to Securing Your Company's Crown Jewels
5 Steps to Securing Your Company's Crown Jewels5 Steps to Securing Your Company's Crown Jewels
5 Steps to Securing Your Company's Crown JewelsIBM Security
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...Rea & Associates
 
IT Security for your Business
IT Security for your BusinessIT Security for your Business
IT Security for your BusinessNeil Kemp
 
Major Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeMajor Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeSysfore Technologies
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Maestro
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 

What's hot (20)

C:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionC:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_lossprevention
 
Advantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environmentAdvantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environment
 
SolarWinds Presents Compliance with Log and Event Manager
SolarWinds Presents Compliance with Log and Event ManagerSolarWinds Presents Compliance with Log and Event Manager
SolarWinds Presents Compliance with Log and Event Manager
 
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
 
Why does-your-company-need-a-third-party-risk-management-program
Why does-your-company-need-a-third-party-risk-management-programWhy does-your-company-need-a-third-party-risk-management-program
Why does-your-company-need-a-third-party-risk-management-program
 
Protecting the "Crown Jewels" by Henrik Bodskov, IBM
Protecting the "Crown Jewels" by Henrik Bodskov, IBMProtecting the "Crown Jewels" by Henrik Bodskov, IBM
Protecting the "Crown Jewels" by Henrik Bodskov, IBM
 
Justifying Security Investment
Justifying Security InvestmentJustifying Security Investment
Justifying Security Investment
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sun
 
HEMISPHERE SMB Case Study
HEMISPHERE SMB Case StudyHEMISPHERE SMB Case Study
HEMISPHERE SMB Case Study
 
Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?
 
bsi-cyber-resilience-presentation
bsi-cyber-resilience-presentationbsi-cyber-resilience-presentation
bsi-cyber-resilience-presentation
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the Unexpected
 
5 Steps to Securing Your Company's Crown Jewels
5 Steps to Securing Your Company's Crown Jewels5 Steps to Securing Your Company's Crown Jewels
5 Steps to Securing Your Company's Crown Jewels
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
 
IT Security for your Business
IT Security for your BusinessIT Security for your Business
IT Security for your Business
 
Cyber Risk in the Energy Industry
Cyber Risk in the Energy IndustryCyber Risk in the Energy Industry
Cyber Risk in the Energy Industry
 
Major Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeMajor Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | Sysfore
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance Booster
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the Beefeaters
 

Viewers also liked

Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safewoodsy01
 
DSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleDSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleAndris Soroka
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Cyber Security for Business Traveller
Cyber Security for Business TravellerCyber Security for Business Traveller
Cyber Security for Business TravellerRajneesh G
 
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...Sucuri
 
Information Security Business Middle East 2011
Information Security Business Middle East 2011Information Security Business Middle East 2011
Information Security Business Middle East 2011Arjun V
 
Security First: What it is and What it Means for Your Business
Security First: What it is and What it Means for Your BusinessSecurity First: What it is and What it Means for Your Business
Security First: What it is and What it Means for Your BusinessGeorgian
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
ISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementRamiro Cid
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practicesamiable_indian
 

Viewers also liked (11)

Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
 
DSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleDSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business People
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Know
 
Cyber Security for Business Traveller
Cyber Security for Business TravellerCyber Security for Business Traveller
Cyber Security for Business Traveller
 
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
 
Information Security Business Middle East 2011
Information Security Business Middle East 2011Information Security Business Middle East 2011
Information Security Business Middle East 2011
 
Security First: What it is and What it Means for Your Business
Security First: What it is and What it Means for Your BusinessSecurity First: What it is and What it Means for Your Business
Security First: What it is and What it Means for Your Business
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
ISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementISO 22301 Business Continuity Management
ISO 22301 Business Continuity Management
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 

Similar to Information Security and your Business

BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessJoel Cardella
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessAyham Kochaji
 
Cyber liability and cyber security
Cyber liability and cyber securityCyber liability and cyber security
Cyber liability and cyber securityHelen Carpenter
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guideMark Bennett
 
Network security
Network securityNetwork security
Network securityROBERT S
 
HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016SteveAtHPE
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
Claranetpresentation
ClaranetpresentationClaranetpresentation
Claranetpresentationdes.ward
 
Choosing the Right Cybersecurity Services: A Guide for Businesses
Choosing the Right Cybersecurity Services: A Guide for BusinessesChoosing the Right Cybersecurity Services: A Guide for Businesses
Choosing the Right Cybersecurity Services: A Guide for Businessesbasilmph
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataSteven Schwartz
 
NQA - Information security best practice guide
NQA - Information security best practice guideNQA - Information security best practice guide
NQA - Information security best practice guideNA Putra
 
ICT eGuide: Switching foundation technology for better cyber security
ICT eGuide: Switching foundation technology for better cyber securityICT eGuide: Switching foundation technology for better cyber security
ICT eGuide: Switching foundation technology for better cyber securityNiamh Hughes
 
Importance of Cyber Security for Company.pdf
Importance of Cyber Security for Company.pdfImportance of Cyber Security for Company.pdf
Importance of Cyber Security for Company.pdforage technologies
 
Cybersecurity pres 05-19-final
Cybersecurity pres 05-19-finalCybersecurity pres 05-19-final
Cybersecurity pres 05-19-finalVivek Ahuja
 
2009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-20092009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-2009asundaram1
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael Priyanka Aash
 
Identity Management: Risk Across The Enterprise
Identity Management: Risk Across The EnterpriseIdentity Management: Risk Across The Enterprise
Identity Management: Risk Across The EnterprisePerficient, Inc.
 

Similar to Information Security and your Business (20)

BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
 
Security and SMBs
Security and SMBsSecurity and SMBs
Security and SMBs
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-Effectiveness
 
Cyber liability and cyber security
Cyber liability and cyber securityCyber liability and cyber security
Cyber liability and cyber security
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guide
 
Network security
Network securityNetwork security
Network security
 
HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
 
Claranetpresentation
ClaranetpresentationClaranetpresentation
Claranetpresentation
 
Choosing the Right Cybersecurity Services: A Guide for Businesses
Choosing the Right Cybersecurity Services: A Guide for BusinessesChoosing the Right Cybersecurity Services: A Guide for Businesses
Choosing the Right Cybersecurity Services: A Guide for Businesses
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal Data
 
NQA - Information security best practice guide
NQA - Information security best practice guideNQA - Information security best practice guide
NQA - Information security best practice guide
 
ICT eGuide: Switching foundation technology for better cyber security
ICT eGuide: Switching foundation technology for better cyber securityICT eGuide: Switching foundation technology for better cyber security
ICT eGuide: Switching foundation technology for better cyber security
 
Importance of Cyber Security for Company.pdf
Importance of Cyber Security for Company.pdfImportance of Cyber Security for Company.pdf
Importance of Cyber Security for Company.pdf
 
Cybersecurity pres 05-19-final
Cybersecurity pres 05-19-finalCybersecurity pres 05-19-final
Cybersecurity pres 05-19-final
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
2009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-20092009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-2009
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael
 
Identity Management: Risk Across The Enterprise
Identity Management: Risk Across The EnterpriseIdentity Management: Risk Across The Enterprise
Identity Management: Risk Across The Enterprise
 
Cyber Security and Data Protection
Cyber Security and Data ProtectionCyber Security and Data Protection
Cyber Security and Data Protection
 

Recently uploaded

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Recently uploaded (20)

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

Information Security and your Business

  • 1. Information Security and Your Business Karl Hart CyberCon Security Solutions, LLC
  • 2. Today’s Security Realities Perception of Security Showing the business value of Security The 3 R’s Seeing Security Differently Retooling to leverage the Value Agenda
  • 3. Threats are on the rise Time to respond has decreased Regulatory pressures are increasing Business partner integration requirements have eroded the network perimeter Spending more on security doesn’t equate to better protection Today’s security realities…
  • 4. When we think of Information Security … Focused on keeping the lights on or hackers out Cost center focused Poorly defined metrics Lost in translation Out of alignment with business drivers Unable to show business Value
  • 5. Not seen as a ‘value add’ or a way to grow the business Technology focused Focused on threat Avoidance vs. Risk Management Perceived as inflexible Making decisions on behalf of the business customer Loss of credibility and trust over time What’s the impact?
  • 6. Instead of Threats – focus on the 3 R’s Revenue Are there ways to reduce or avoid costs? What are your key information assets? Reputation What is the your brand worth? Regulations What are you required to do? Showing the value of Security
  • 7. Seeing Security Differently Revenue Opportunities Efficiency Gains and Reduced Costs How much business value do you gain with a spam filter? What security services can be easily outsourced? What processes are duplicated because security is in silos? Can security enhancements improve the Supply Chain? Market Differentiator Can your security services attract new customers? Might your security services create a barrier to competitors?
  • 8. Loss of Information/Data theft Launching of attacks from occupied system Business Reputation Fines and penalties What is at Stake?
  • 9. Reputation Opportunities What is your brand equity? What do you spend on demand creation (marketing) to grow your market? What would be the impact to your stock price if your customer database were hacked? Seeing Security Differently
  • 11. Asset Protection Protect the information that matters the most to your business Apply the same principles as insuring your physical assets Could you lower your insurance premiums by implementing stronger security? Seeing Security Differently “Intangible assets such as intellectual property represent approximately 60% to 80% of a company’s assets.” – Accenture Survey 2004
  • 12. Regulation Requirements SOX, GLBA, HIPAA, PCI…. What regulations are relevant to your industry? What are your local and overseas requirements? Are your service providers also in compliance? Do you know what’s coming? Seeing Security Differently
  • 13. Regulation Requirements cont. Do you check to see if you’re following your Privacy policies? Is your company acting ‘unreasonably’ even though it’s not violating a regulation? Due Care “Damn Idiot List” Are there competitive advantages to anticipating the next set of regulations? Seeing Security Differently
  • 14. Vulnerabilities, exploits, and bugs Viruses and Malicious Code Trojan Horses Worms Unprotected devices USB drives Laptops Papers How does a data breach happen?
  • 15. Problems for Small Business Security Administrators. Less Money for Equipment and Software Less Money for Network Staff Less Money for Training Less Planning
  • 17. 2009 Incidents by Vector Total Records Affected: 217,780,870 Current as of 12/14/09
  • 18. Lack of knowledge Busy in day to day business Out of Date Systems Systems not updated with latest patches Lack of Perimeter Security Need more than just desktop security Open Wireless Convenient Why are small businesses at risk
  • 19. Invest in a technology audit Hire the best IT support Upgrade systems and software Learn more about the laws and regulations that affect you business What can your business do?
  • 20. Stop seeing Security as only technology Require your security teams to talk “Business” Ask your business customer what’s the right level of risk and critical IP Focus on process improvements Communicate the value security brings to the business – the 3 R’s Improved productivity Faster to market New revenue streams Stronger brand Changing the Paradigm
  • 21. SaaS or Security as a Service Rather than having to become an expert yourself, you can now hire one. We do not replace you current IT support but enhance it. Allowing you to get back to business, that is what you do best. How we can help
  • 23. Karl Hart Web: www.cyberconsecurity.com email: karl.hart@cyberconsecurity.com Phone: 513-202-3020 IT Security Solutions for You and Your Business! Contact Information

Editor's Notes

  1. Welcome to today’s presentation on Information Security and Your Business, my name is Karl Hart a consultant with CyberCon Security Solutions. In this presentation we will cover how information security can impact your business and what can happen if you do not take it seriously.
  2. We will be covering the following topics: Today’s Security Realities Perception of Security Showing the business value of Security The 3 R’s Seeing Security Differently Retooling to leverage the Value
  3. Today’s security realities:Threats are on the riseBotnets are becoming more robust Hackers are not just defacing websites, it is about making money Vulnerabilities are coming out everyday for all types of applications Most homes and businesses have some type of high speed connectionTime to respond has decreased Average time that an un-patched system is detected until it gets compromised is 3.5 to 5 minutes 0-day threats, vulnerability goes public before a patch can be issued.Regulatory pressures HIPAA, PCI, GLBABusiness partner integration if the systems you connect to or connect to you are not secure then the risk increasesSpending more on security doesn’t equate to better protection You need an expert to keep you secure, a lot can happen in a short amount of time. You need to know how to quickly and properly protect your data