Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

David Clarke, CITSO at Vciso - Security, Standards and Swiss Cheese

413 views

Published on

David Clarke, CITSO at Vciso, presented at CIO Event Europe in September 2014

  • Be the first to comment

  • Be the first to like this

David Clarke, CITSO at Vciso - Security, Standards and Swiss Cheese

  1. 1. Security,Standards and Swiss Cheese David Clarke Vciso
  2. 2. What do You think is the biggest Component of every Data Breach ?
  3. 3. The Biggest Threat We are facing Can we use this to our Advantage?
  4. 4. " Most of the major breach reports are documenting the human component ,compounds most breaches .!" "over 95 percent of all incidents investigated recognize “human error” as a contributing factor" IBM Cyber Security Index Report . "Inadvertent human error
  5. 5. "Inadvertent human error Inadvertent human error Hacker 95% Human Error 19:1 Leverage to Hackers
  6. 6. Can we Learn from Other Industries ? Are Hackers the only ones Who makes money out of human error ?
  7. 7. Flight Booking Systems.....
  8. 8. Error 1
  9. 9. £123 is wanted as opposed to £87.00
  10. 10. Error 2 I could now have added £160 I could now have added £160 I could now have a total of £247
  11. 11. Error 3 I could now have a total of £258 Trust
  12. 12. Error 4 I could now have a total of £268
  13. 13. Error 5 I could now have a total of £284
  14. 14. Error 6 I could now have a total of £308 Trust
  15. 15. ^ 6 Errors From £87.92 £308 350% Increase out of Inadvertent Human Error
  16. 16. Compounding Errors
  17. 17. Cheese! Consumer sites are they behaving :Compliance Peer review is it easy to use: Operations Objective to Technology Match: Credit card/Escalation process
  18. 18. Compliance Total Cost of Ownership Threat to Technology Match Incident Response Strategy Security
  19. 19. The Standard Change Process Service Introduction Problem management Escalation Processe
  20. 20. Probably? Independent Events 0.8x 0.8x0.8x0.8=0.41
  21. 21. Each Event is 0.25 80% achievable =0.2 The Maths Dependent Events 0.2+0.2+.2+.2=0.8 Previously 0.32 A Dramatic improvement by using a Leveraged Strategy
  22. 22. • If you would like my worksheet matching the strategy to cyber essentials and sans top 20 please email me at cio@vciso.co • Linkedin with me at uk.linkedin/1davidclarke • Twitter @1davidclarke

×