The webinar will not only address this but pinpoint where we are right now in providing that trust. The presenter will highlight today’s reality with data from the World Economic Forum and the Edelman trust report, combined with other reputable data sources. Malcolm evaluates the economic principle of efficiency and how our current approach to information security is not only economically inefficient but is negatively impacting the trust we so badly need. Also, he will explain the traditional mindset of trading risk versus shareholder value, and how our corporate controls impact the velocity of business growth. Malcolm will share real-world non-security success stories where control and business growth have been done extremely effectively. Hear about organizations’ societal impacts. Finally, Malcolm will provide insights from these cases and bring perspectives from others to draw lessons that will be highly valuable to CISOs and their teams. Main points covered: • Are we providing trust with Information Security? • The efficient Economic approach in Information Security • Insights from real-world cases of business growth Presenter: Our exclusive presenter, Malcolm Harkins is the Chief Security and Trust Officer at Cylance Inc. In this role, he is responsible for enabling business growth through trusted infrastructure, systems and business processes. He received several awards, including Computerworld’s Top 100 Information Technology Leaders for 2012 and the Security Advisor Excellence in Innovation Award in 2015. Link to the recorded webinar: https://youtu.be/xphK1bBwdm8

2. TRUST
Competence Character
Capability
Results
Intent
Integrity

3. “ A c c e p t i t … t h e y a r e g o i n g t o g e t i n . ”
C I S O P a n e l – I S S A L o s A n g e l e s , M a y 2 0 1 7

5. T O D AY ’ S R E A L I T Y

6. ISSA Thru the Eyes of Cyber Professionals – Part 2
 ½ significantly vulnerable
 ½ somewhat vulnerable
World Economic Forum Risk Report - Feb 2017
 Technology is a source of disruption & polarization
 Top 5 risk trends
 Income/Wealth Disparity
 Climate Change
 Polarization of Societies
 Cyber Dependence
 Aging Population
TO D AY ’ S R E AL I T Y

7. Edelman Trust Report – Feb 2017
 Implosion of Trust – 2/3 distrusters
 We are in treacherous seas without
a firm mooring
Europol - Internet Crime Report – Oct 2016
 Acceleration of previous trends
 APT & cybercrime boundaries blur
 Majority of attacks are neither sophisticated
or advanced
TO D AY ’ S R E AL I T Y – C O N T.

8. 9 B O X O F C O N T R O L S : R I S K M I T I G AT I O N
Where most of the
industry is focusedControlTypes
Respond
Detect
Prevent
Automated Semi-Automated Manual
Control Approaches
Source: Managing Risk and Information Security 2nd Edition Malcolm Harkins

9. TO D AY ’ S R E AL I T Y
Information security is an economic inefficiency.

10. Economic efficiency implies an economic state in which
every resource is optimally allocated to serve each
individual or entity in the best way while minimizing waste
and inefficiency.
The ideal state is related to the welfare of the population as
a whole with peak efficiency also resulting in the highest
level of welfare possible based on the resources available.
W H AT I S E C O N O M I C E F F I C I E N C Y ?

11. Our approach to information
security is the cause of
economic inefficiency.
TO D AY ’ S R E AL I T Y

12. TO D AY ’ S R E AL I T Y
We are not resistant to, nor are we resilient from, cyber risks.

13. T E M P O R AL AD VA N TA G E
To put it simply: threat actors have had
a temporal advantage over us. We have
been playing catch-up for decades.

14. 74.1% correlation between
breach activity and security
industry revenue growth.*
TO D AY ’ S R E AL I T Y
*Piper Jaffray, Breacher Report – 10.16

15.  Cybersecurity stocks boom
after ransomware attack
 The market capitalizations of
the five biggest cybersecurity
related companies in the
industry rose by more than
$5.9 billion*
TO D AY S R E AL I T Y
WA N N A C RY M AY ‘ 1 7
* The Gaurdian and Fortune – May 2017

16. * Harvard Business School – Sept 2016
 America’s economic performance
peaked in the late 1990s
 America’s economic challenges
are structural, not cyclical
 Divisive political rhetoric and an
uninformed national debate have
confused the average American
about what the country needs to
do to restore the economy
 This confusion is a serious obstacle
to America’s ability to make progress
T H E S TAT E O F U S
C O M P E T I T I V E N E S S *

17.  There is almost a complete
disconnect between the national
discourse and the reality of what is
causing our problems and what to do
about them
 This misunderstanding of facts and
reality is dangerous, and the
resulting divisions make an already
challenging agenda for America even
more daunting
T H E S TAT E O F U S
C O M P E T I T I V E N E S S *
* Harvard Business School – Sept 2016

19. H U G E O P P O R T U N I T I E S I N AL L AR E A S O F L I F E

20. AC H I E V I N G E C O N O M I C E F F I C I E N C Y
Where most of the
industry is focusedControlTypes
Respond
Detect
Prevent
Automated Semi-Automated Manual
Control Approaches
Source: Managing Risk and Information Security 2nd Edition Malcolm Harkins

21. BUSINESS VELOCITY
BUSINESS CONTORL
V S

22. T H E 1 9 7 1 F O R D P I N TO

23. FAI L U R E TO I N C L U D E AN $ 11 PAR T

24. 1911 SOUTH POLE EXPEDITION
1st to the Pole, led by Roald Amundsen 2nd to the Pole, led by Robert Scott
“…wait for the spring. To risk men and animals
by continuing stubbornly once we have set off,
is something I couldn't consider. If we are to
win the game, the pieces must be moved
properly; a false move and everything could be
lost.“ - Roald Amundsen, Norwegian Explorer

25. “Victory awaits him who has everything in order.
Defeat is certain for him who has neglected to
take all the necessary precautions in time.”
Roald Amundsen, on the South Pole

26.  Fanatical Discipline
 Productive Paranoia
 Empirical Creativity
 Limitless Ambition
Different Behaviors NOT
Different Circumstances
* Great by Choice
KEY LEARNINGS FROM
AMUNDSEN & 10XERS:

27. What about a
Formula One
racecar?

28. Designed for Speed and Safety.

29. Discipline, control,
communication,
and collaboration
between the driver
and the pit crew.

30. BUSINESS VELOCITY
BUSINESS CONTORL
A N D

31. T H E M O D E R N E N T E R P R I S E :
N E E D TO T U N E TO T H E TAR G E T
COST AND
MAINTENANCE
PRODUCTIVITY
AND USER EXP.
RISK AND
COMPLIANCE
MARKET
OBJECTIVES
CUSTOMER
NEEDS

32. P R E V E N T I O N
& PAN A M A

33. In 1879, the French started building
the Panama Canal.
Torrential rains averaging
200 inches a year washed away
much of the work.
H O W I T B E G AN

34. The Solution? Quinine…
…but the quinine used to treat
malaria left many workers deaf.
A TO X I C C O N T R O L

35. T H E T I M E L I N E
1903
• Panama declares itself
a country. US gains
construction rights.
Feb 1904
• US Congress
officially created the
Panama Canal Zone.
1909
• Work on canal
locks begins.
1913
• US Congress officially
created the Panama
Canal Zone.
Aug 15 1914
• Canal officially
opens in August.

36. Major Ronald Ross discovered that malaria
was transmitted by mosquitoes.
The control of malaria was vital for the
construction of the Panama Canal.
P R O B L E M ? S O L U T I O N .

37. Experts on sanitation.
Col. W.C. Gorgas, along
with others in 1904, formed
the sanitary department for
the canal zone.
A M AN . . .
H I S P L AN …
AN D A C AN A L .

38.  Eradication of yellow fever
 Death rate dropped in workers
from 11.59 per 1000 in
November 1906 to 1.23 per
1000 in December 1909
 Death rate dropped in total
population from 16.21 per 1000
in July 1906 to 2.58 per 1000 in
December 1909
M AL A R I A C O N T R O L
P R O G R AM R E S U LT S

39. The construction of the panama
canal was made possible only
after yellow fever and malaria
were controlled.
E C O N O M I C E F F I C I E N C Y

40. Malaria wasn’t eliminated but
the root causes were identified,
the source of problems were
prevented, and construction
was completed, leading to
dramatic worldwide social
and economic benefit.
L E S S O N S F O R S E C U R I T Y

41. “The greatest danger for most of us is not that
our aim is too high and we miss it, but that it is
too low and we reach it.”
Michelangelo
Italian Renaissance Man

43. “ A c c e p t i t … t h e y a r e g o i n g t o g e t i n . ”
C I S O P a n e l – I S S A L o s A n g e l e s , M a y 2 0 1 7

44. P R I VAC Y S H O U L D
B E I N C L U D E D I N
D E S I G N – N O T AS
AN AF T E R T H O U G H T.

45. “The ultimate measure of a man is not where he
stands in moments of comfort and convenience,
but where he stands at times of challenge and
controversy.”
Martin Luther King, Jr.
Times of Challenge and Controversy

46. E D E L M AN T R U S T R E P O R T 2 0 1 7
Onus is on business to prove that it’s possible to
act in the interest of shareholders and society.

47. “…where our interests are clear and our values
are at stake and we can make a difference, we
must act and we must lead.”
Madeline Albright, “Doability Doctrine”
Statement before SFRC January 8th 1997, Stockholm Sweden

48. C O M P U T I N G
D O N E R I G H T
Risk Reduction.
Economic Expansion.
Societal Benefit.
The list goes on…

49. ISO 27001 Training Courses
 ISO/IEC 27001 Introduction
1 Day Course
 ISO/IEC 27001 Foundation
2 Days Course
 ISO/IEC 27001 Lead Implementer
5 Days Course
 ISO/IEC 27001 Lead Auditor
5 Days Course
Exam and certification fees are included in the training price.
https://www.pecb.com/iso-iec-27032-training-courses| www.pecb.com/events

50. THANK YOU
?
mharkins@cylance.com
www.cylance.com
https://www.linkedin.com/in/malcolmharkins/
(888) 893-4743
Questions?