SlideShare a Scribd company logo

Track-2307_KUKREJA.potx

Download as PPTX, PDF
Puneet Kukreja
Puneet Kukreja
1 of 31
SESSION ID: #RSAC Puneet Kukreja Thinking Digital Enablement, Think Protection, Think Process Re-engineering 2307 Partner, Cyber Risk Advisory Deloitte Australia @iPuneetKukreja
#RSAC 2 What is Digital?
#RSAC What is Digital – your key questions 3 Question 1 • How is digital (disruption) and/or change affecting our organisation? Question 2 • How well are we responding to minimise the threats and maximise the opportunities presented by this change?
#RSAC But what is Digital? 4 Technology Innovation Advanced Computing Cloud Computing Data Analytics Speed of Connectivity Mobile Computing Increased Automation Big Data
#RSAC Why I ask what is “Digital” 5 …because over the past 40 years, many new technologies have been introduced which have caused disruption and met a definition of digital.
#RSAC Computers in the 1970’s 6 in the 1970’s Image Source: http://thecomputersgalaxy.blogspot.com.au/ Image Source: https://zeth.net/images/blog/Digital.PDP-11.1970.102646128.jpghttps://s-media-cache-ak0.pinimg.com/736x/50/f5/39/50f539ba7df30f986562d81d1a0e38fb.jpg
#RSAC Mobile phones and televisions 7 Analog to digital Image Source: http://thecomputersgalaxy.blogspot.com.au/ Image Source: http://demo.idg.com.au/pcw/inlineimages/digital_tv_switchover_2013.jpg
#RSAC Why I ask what is ‘digital’ 8 neither technology today requires the ‘digital’ prefix.
#RSAC So what is Digital? 9 Author Ronald Tocci in his book Digital Systems: Principles and Applications defined it as below. “digital system is a data technology that uses discrete (discontinuous) values”
#RSAC What is all the fuss about? 10 It is about creating a distinctive customer experience staying ahead of the competition by increasing efficiency finding new routes to market. discrete datasets bringing discrete datasets together to create actionable insights maximising investment in systems and processes above all protect the organisation, keep it secure
#RSAC Digital enablement 11 creating a distinctive customer experience staying ahead of the competition by increasing efficiency finding new routes to market discrete datasets bringing discrete datasets together to create actionable insights maximising investment in systems and processes protect the organisation, keep it secure Technology Innovation Advanced Computing Cloud Computing Data Analytics Speed of Connectivity Mobile Computing Increased Automation Big Data
#RSAC – your key questions 12 Question 1 • How is digital (disruption) and/or change affecting our organisation? Question 2 • How well are we responding to minimise the threats and maximise the opportunities presented by this change? Big Data Projects Cloud Projects Social Media Enabling Mobile Channel CustEx CX UserExp UX
#RSAC So what do we do about it?
#RSAC Focus on your crown jewels 14 Services Data Assets Others Others Others Others Cloud Supply Chain Third Parties Cyber Supported by Multiple Enablers Governance and Metrics as the Foundation
#RSAC Digital transformation approach
#RSAC Digital transformation approach 16 Tactical Agility Strategic Enablement
#RSAC Tactical Agility 17 What was achieved Rapid deployment of mobile customer engagement applications Creation of Omni channels for enhanced selling Analytics based customer segmentation Moved towards data-driven decision making Business lead deployment of cloud capability Where pain was felt Rise of shadow IT weakened their backend technology processes Lack of security controls for customer data Sub optimisation of security architecture Limited understanding of deployed cloud capability and then…
#RSAC 18 HACKED …stuff was lost…
#RSAC Strategic Enablement 19 What was achieved Cloud first strategy was adopted Streamlined processes enabled service standardisation Supplier assurance was revamped with significant focus on data security and cloud controls Operational maturity was the cornerstone of Digital using ITIL as a foundation capability Operational transparency assisted with the enablement of shared digital services Cross-channel integration was achieved as business and IT were integrated with IT as a service broker Data security was introduced as a non- negotiable Digital and cyber were elevated to the board for discussion as an enabling capability
#RSAC Strategic Enablement 20 Where the pain was felt Business understanding that without cyber maturity Digital enablement was at risk Business case and funding for process maturity based on previous experiences Realisation that Digital is a business transformation initiative Understanding of the limitations of what data analytics can actually deliver for the business Justification for increase in spend supporting cyber security capability Shift within the IT function from an architect and operate mindset to a service broker and integrator Support functions awareness and uplift to think about customer data security and privacy and after all that…
#RSAC 21 ATTACKED ...DDoS controls…X 3 …no stuff was lost… Incident Response Processes Third Party Agreements Secure Cloud Hosting Data Governance Controls
#RSAC Bringing it together – how do I apply this?
#RSAC – your key questions revisited 23 Question 1 • How is digital (disruption) and/or change affecting our organisation? Question 2 • How well are we responding to minimise the threats and maximise the opportunities presented by this change? NO SILVER BULLET
#RSAC What can I apply tomorrow 24 Integrate cyber & digital Spend on process maturity Strengthen governance and reporting
#RSAC Integrate Cyber & Digital 25 Identify areas where digital projects are taking place across the organisation and ensure there is an understanding of cyber security obligations Assist business in understanding why spend on cyber security is required to increase as they embrace digital where data is key Undertake business awareness campaigns to ensure the threat landscape and data security risks of digital enablement are understood by the business Initiate discussions with the organisations executive leadership and board to ensure digital enablement is not happening in isolation.
#RSAC Spend on Process Maturity 26 Understand that “Cloud” is intrinsically tied to Digital Have an appreciation of support processes that will enable the use and consumption of cloud Identify core processes required to support cloud enablement and agile development Set up a data security function that focuses on managing risk to data assets
#RSAC Spend on Process Maturity 27 Ensure process maturity effort is not in isolation and supports standardisation  across architecture  operations  projects When talking process maturity most organisations default to using ITIL in some shape or form. at a minimum focus on the following 10 processes for digital and cloud enablement.
#RSAC Process Maturity 28 ITIL based processes for digital enablement
#RSAC Governance and Reporting 29 Security governance is key given the change in threat profile of an organisation Implement vigilance and resilience controls given the increase in and organisations attack surface following Digital enablement Ensure there is business awareness of the changes in risk posture across the Digital transformation landscape Risks related to cyber attacks, confidentiality and regulatory breaches, brand exposure and data security should be reported at the board level Use data enabled insights based reporting of your organisations security posture.
#RSAC Thank You 30 Re-engineering
SESSION ID: #RSAC Puneet Kukreja Thinking Digital Enablement, Think Protection, Think Process Re-engineering 2307 Partner, Cyber Risk Advisory Deloitte Australia @iPuneetKukreja

Recommended

MT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityMT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityDell EMC World
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechMT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechDell EMC World
 
MT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseMT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseDell EMC World
 
Webinar: Adaptive Security
Webinar: Adaptive SecurityWebinar: Adaptive Security
Webinar: Adaptive SecurityBlueliv
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...STASH | Datacentric Security
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilienceChristophe Foulon, CISSP
 
Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?Henry Draughon
 

Recommended

MT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityMT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityDell EMC World
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechMT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechDell EMC World
 
MT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseMT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseDell EMC World
 
Webinar: Adaptive Security
Webinar: Adaptive SecurityWebinar: Adaptive Security
Webinar: Adaptive SecurityBlueliv
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...STASH | Datacentric Security
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilienceChristophe Foulon, CISSP
 
Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?Henry Draughon
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...centralohioissa
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things NetIQ
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?Kurt Hagerman
 
Advanced threat protection and big data
Advanced threat protection and big dataAdvanced threat protection and big data
Advanced threat protection and big dataPeter Wood
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowMapR Technologies
 
Sleeping well with cloud services
Sleeping well with cloud servicesSleeping well with cloud services
Sleeping well with cloud servicesComarch_Services
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...centralohioissa
 
Millions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQMillions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQNetIQ
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergySec
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesDell EMC World
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Iftikhar Ali Iqbal
 
Ieee itmsb20
Ieee itmsb20Ieee itmsb20
Ieee itmsb20Juan Carlos Olivares Rojas
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanScrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanNetIQ
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked inJohn Masiliunas
 
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...Webinar: The role of Threat Intelligence Feeds in the battle against evolving...
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...Blueliv
 
CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonPatricia M Watson
 
Scalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar Decisions
 
Oi,tá,tá,tá
Oi,tá,tá,táOi,tá,tá,tá
Oi,tá,tá,táNuria2004
 
Rachel Meyer Pubcon Presentation
Rachel Meyer Pubcon PresentationRachel Meyer Pubcon Presentation
Rachel Meyer Pubcon PresentationRachel Meyer
 

More Related Content

What's hot

Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...centralohioissa
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things NetIQ
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?Kurt Hagerman
 
Advanced threat protection and big data
Advanced threat protection and big dataAdvanced threat protection and big data
Advanced threat protection and big dataPeter Wood
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowMapR Technologies
 
Sleeping well with cloud services
Sleeping well with cloud servicesSleeping well with cloud services
Sleeping well with cloud servicesComarch_Services
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...centralohioissa
 
Millions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQMillions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQNetIQ
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergySec
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesDell EMC World
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Iftikhar Ali Iqbal
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanScrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanNetIQ
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked inJohn Masiliunas
 
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...Webinar: The role of Threat Intelligence Feeds in the battle against evolving...
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...Blueliv
 
CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonPatricia M Watson
 
Scalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar Decisions
 

What's hot (20)

Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
 
Advanced threat protection and big data
Advanced threat protection and big dataAdvanced threat protection and big data
Advanced threat protection and big data
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
 
Sleeping well with cloud services
Sleeping well with cloud servicesSleeping well with cloud services
Sleeping well with cloud services
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...William Diederich - Security Certifications: Are They Worth the Investment? A...
William Diederich - Security Certifications: Are They Worth the Investment? A...
 
Millions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQMillions of People Depend on Datang Xianyi Technology and NetIQ
Millions of People Depend on Datang Xianyi Technology and NetIQ
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber Resiliency
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT Initiatives
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)
 
Ieee itmsb20
Ieee itmsb20Ieee itmsb20
Ieee itmsb20
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloud
 
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanScrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky Clean
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked in
 
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...Webinar: The role of Threat Intelligence Feeds in the battle against evolving...
Webinar: The role of Threat Intelligence Feeds in the battle against evolving...
 
CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 Watson
 
Scalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar cloud study2016_slideshare
Scalar cloud study2016_slideshare
 

Viewers also liked

Oi,tá,tá,tá
Oi,tá,tá,táOi,tá,tá,tá
Oi,tá,tá,táNuria2004
 
Rachel Meyer Pubcon Presentation
Rachel Meyer Pubcon PresentationRachel Meyer Pubcon Presentation
Rachel Meyer Pubcon PresentationRachel Meyer
 
K4 t1-st1-p6 rpp sd kelas 4 smt 1 sub tema 2d
K4 t1-st1-p6 rpp sd kelas 4 smt 1 sub tema 2dK4 t1-st1-p6 rpp sd kelas 4 smt 1 sub tema 2d
K4 t1-st1-p6 rpp sd kelas 4 smt 1 sub tema 2deli priyatna laidan
 
Analisis sinyal kecil
Analisis sinyal kecilAnalisis sinyal kecil
Analisis sinyal kecilMalik Abdul
 
Anàlisi dels espais de la cultura Hippie
Anàlisi dels espais de la cultura HippieAnàlisi dels espais de la cultura Hippie
Anàlisi dels espais de la cultura HippieIanGallo
 
one sheeter proof copy
one sheeter proof copyone sheeter proof copy
one sheeter proof copyLane McConnell
 
Kevin Hockert 3.15.2015 MFTA paper
Kevin Hockert 3.15.2015 MFTA paperKevin Hockert 3.15.2015 MFTA paper
Kevin Hockert 3.15.2015 MFTA paperKevin Hockert
 
Penguat transistor
Penguat transistorPenguat transistor
Penguat transistorMalik Abdul
 
Cover page for site visit report
Cover page for site visit reportCover page for site visit report
Cover page for site visit reportEst
 

Viewers also liked (13)

Oi,tá,tá,tá
Oi,tá,tá,táOi,tá,tá,tá
Oi,tá,tá,tá
 
Rachel Meyer Pubcon Presentation
Rachel Meyer Pubcon PresentationRachel Meyer Pubcon Presentation
Rachel Meyer Pubcon Presentation
 
K4 t1-st1-p6 rpp sd kelas 4 smt 1 sub tema 2d
K4 t1-st1-p6 rpp sd kelas 4 smt 1 sub tema 2dK4 t1-st1-p6 rpp sd kelas 4 smt 1 sub tema 2d
K4 t1-st1-p6 rpp sd kelas 4 smt 1 sub tema 2d
 
Analisis sinyal kecil
Analisis sinyal kecilAnalisis sinyal kecil
Analisis sinyal kecil
 
Anàlisi dels espais de la cultura Hippie
Anàlisi dels espais de la cultura HippieAnàlisi dels espais de la cultura Hippie
Anàlisi dels espais de la cultura Hippie
 
Skelton.MISL2015
Skelton.MISL2015Skelton.MISL2015
Skelton.MISL2015
 
one sheeter proof copy
one sheeter proof copyone sheeter proof copy
one sheeter proof copy
 
Kevin Hockert 3.15.2015 MFTA paper
Kevin Hockert 3.15.2015 MFTA paperKevin Hockert 3.15.2015 MFTA paper
Kevin Hockert 3.15.2015 MFTA paper
 
MDA csp
MDA cspMDA csp
MDA csp
 
Laporan sukan rakyat
Laporan sukan rakyatLaporan sukan rakyat
Laporan sukan rakyat
 
Penguat transistor
Penguat transistorPenguat transistor
Penguat transistor
 
debasish
debasishdebasish
debasish
 
Cover page for site visit report
Cover page for site visit reportCover page for site visit report
Cover page for site visit report
 

Similar to Track-2307_KUKREJA.potx

How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldHao Tran
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldInside Analysis
 
Digital Architecture – The Missing Link in Digital Transformation Success
Digital Architecture – The Missing Link in Digital Transformation SuccessDigital Architecture – The Missing Link in Digital Transformation Success
Digital Architecture – The Missing Link in Digital Transformation SuccessNUS-ISS
 
DCD INTERNET 2015 BROCHURE
DCD INTERNET 2015 BROCHUREDCD INTERNET 2015 BROCHURE
DCD INTERNET 2015 BROCHUREDCDNA
 
Digital Transformation 101 — How Will It Affect Your Business?
Digital Transformation 101 — How Will It Affect Your Business?Digital Transformation 101 — How Will It Affect Your Business?
Digital Transformation 101 — How Will It Affect Your Business?PECB
 
Insurtech, Cloud and Cybersecurity - Chartered Insurance Institute
Insurtech, Cloud and Cybersecurity - Chartered Insurance InstituteInsurtech, Cloud and Cybersecurity - Chartered Insurance Institute
Insurtech, Cloud and Cybersecurity - Chartered Insurance InstituteHenrique Centieiro
 
OT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience: Designing for Security SuccessOT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience: Designing for Security Successaccenture
 
Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking Sutedjo Tjahjadi
 
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Tudor Damian
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Doeren Mayhew
 
Detecon Cyber Security Radar
Detecon Cyber Security RadarDetecon Cyber Security Radar
Detecon Cyber Security RadarDaniel Steinfeld
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackLaurenWendler
 
Isaca career paths - the highest paying certifications in the industry
Isaca career paths - the highest paying certifications in the industryIsaca career paths - the highest paying certifications in the industry
Isaca career paths - the highest paying certifications in the industryInfosec
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 

Similar to Track-2307_KUKREJA.potx (20)

How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile World
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile World
 
Digital Architecture – The Missing Link in Digital Transformation Success
Digital Architecture – The Missing Link in Digital Transformation SuccessDigital Architecture – The Missing Link in Digital Transformation Success
Digital Architecture – The Missing Link in Digital Transformation Success
 
DCD INTERNET 2015 BROCHURE
DCD INTERNET 2015 BROCHUREDCD INTERNET 2015 BROCHURE
DCD INTERNET 2015 BROCHURE
 
Digital Transformation 101 — How Will It Affect Your Business?
Digital Transformation 101 — How Will It Affect Your Business?Digital Transformation 101 — How Will It Affect Your Business?
Digital Transformation 101 — How Will It Affect Your Business?
 
The 10 most trusted cyber threat solution providers
The 10 most trusted cyber threat solution providersThe 10 most trusted cyber threat solution providers
The 10 most trusted cyber threat solution providers
 
Insurtech, Cloud and Cybersecurity - Chartered Insurance Institute
Insurtech, Cloud and Cybersecurity - Chartered Insurance InstituteInsurtech, Cloud and Cybersecurity - Chartered Insurance Institute
Insurtech, Cloud and Cybersecurity - Chartered Insurance Institute
 
Insights success the 10 most trusted cyber security companies in 2nd nov 2017
Insights success the 10 most trusted cyber security companies in 2nd nov 2017Insights success the 10 most trusted cyber security companies in 2nd nov 2017
Insights success the 10 most trusted cyber security companies in 2nd nov 2017
 
The 10 best performing managed security service providers 2018
The 10 best performing managed security service providers 2018The 10 best performing managed security service providers 2018
The 10 best performing managed security service providers 2018
 
OT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience: Designing for Security SuccessOT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience: Designing for Security Success
 
IT Fundamentals
IT FundamentalsIT Fundamentals
IT Fundamentals
 
Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking
 
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
 
Detecon Cyber Security Radar
Detecon Cyber Security RadarDetecon Cyber Security Radar
Detecon Cyber Security Radar
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover Track
 
Isaca career paths - the highest paying certifications in the industry
Isaca career paths - the highest paying certifications in the industryIsaca career paths - the highest paying certifications in the industry
Isaca career paths - the highest paying certifications in the industry
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 

Track-2307_KUKREJA.potx

  • 1. SESSION ID: #RSAC Puneet Kukreja Thinking Digital Enablement, Think Protection, Think Process Re-engineering 2307 Partner, Cyber Risk Advisory Deloitte Australia @iPuneetKukreja
  • 3. #RSAC What is Digital – your key questions 3 Question 1 • How is digital (disruption) and/or change affecting our organisation? Question 2 • How well are we responding to minimise the threats and maximise the opportunities presented by this change?
  • 4. #RSAC But what is Digital? 4 Technology Innovation Advanced Computing Cloud Computing Data Analytics Speed of Connectivity Mobile Computing Increased Automation Big Data
  • 5. #RSAC Why I ask what is “Digital” 5 …because over the past 40 years, many new technologies have been introduced which have caused disruption and met a definition of digital.
  • 6. #RSAC Computers in the 1970’s 6 in the 1970’s Image Source: http://thecomputersgalaxy.blogspot.com.au/ Image Source: https://zeth.net/images/blog/Digital.PDP-11.1970.102646128.jpghttps://s-media-cache-ak0.pinimg.com/736x/50/f5/39/50f539ba7df30f986562d81d1a0e38fb.jpg
  • 7. #RSAC Mobile phones and televisions 7 Analog to digital Image Source: http://thecomputersgalaxy.blogspot.com.au/ Image Source: http://demo.idg.com.au/pcw/inlineimages/digital_tv_switchover_2013.jpg
  • 8. #RSAC Why I ask what is ‘digital’ 8 neither technology today requires the ‘digital’ prefix.
  • 9. #RSAC So what is Digital? 9 Author Ronald Tocci in his book Digital Systems: Principles and Applications defined it as below. “digital system is a data technology that uses discrete (discontinuous) values”
  • 10. #RSAC What is all the fuss about? 10 It is about creating a distinctive customer experience staying ahead of the competition by increasing efficiency finding new routes to market. discrete datasets bringing discrete datasets together to create actionable insights maximising investment in systems and processes above all protect the organisation, keep it secure
  • 11. #RSAC Digital enablement 11 creating a distinctive customer experience staying ahead of the competition by increasing efficiency finding new routes to market discrete datasets bringing discrete datasets together to create actionable insights maximising investment in systems and processes protect the organisation, keep it secure Technology Innovation Advanced Computing Cloud Computing Data Analytics Speed of Connectivity Mobile Computing Increased Automation Big Data
  • 12. #RSAC – your key questions 12 Question 1 • How is digital (disruption) and/or change affecting our organisation? Question 2 • How well are we responding to minimise the threats and maximise the opportunities presented by this change? Big Data Projects Cloud Projects Social Media Enabling Mobile Channel CustEx CX UserExp UX
  • 13. #RSAC So what do we do about it?
  • 14. #RSAC Focus on your crown jewels 14 Services Data Assets Others Others Others Others Cloud Supply Chain Third Parties Cyber Supported by Multiple Enablers Governance and Metrics as the Foundation
  • 17. #RSAC Tactical Agility 17 What was achieved Rapid deployment of mobile customer engagement applications Creation of Omni channels for enhanced selling Analytics based customer segmentation Moved towards data-driven decision making Business lead deployment of cloud capability Where pain was felt Rise of shadow IT weakened their backend technology processes Lack of security controls for customer data Sub optimisation of security architecture Limited understanding of deployed cloud capability and then…
  • 19. #RSAC Strategic Enablement 19 What was achieved Cloud first strategy was adopted Streamlined processes enabled service standardisation Supplier assurance was revamped with significant focus on data security and cloud controls Operational maturity was the cornerstone of Digital using ITIL as a foundation capability Operational transparency assisted with the enablement of shared digital services Cross-channel integration was achieved as business and IT were integrated with IT as a service broker Data security was introduced as a non- negotiable Digital and cyber were elevated to the board for discussion as an enabling capability
  • 20. #RSAC Strategic Enablement 20 Where the pain was felt Business understanding that without cyber maturity Digital enablement was at risk Business case and funding for process maturity based on previous experiences Realisation that Digital is a business transformation initiative Understanding of the limitations of what data analytics can actually deliver for the business Justification for increase in spend supporting cyber security capability Shift within the IT function from an architect and operate mindset to a service broker and integrator Support functions awareness and uplift to think about customer data security and privacy and after all that…
  • 21. #RSAC 21 ATTACKED ...DDoS controls…X 3 …no stuff was lost… Incident Response Processes Third Party Agreements Secure Cloud Hosting Data Governance Controls
  • 22. #RSAC Bringing it together – how do I apply this?
  • 23. #RSAC – your key questions revisited 23 Question 1 • How is digital (disruption) and/or change affecting our organisation? Question 2 • How well are we responding to minimise the threats and maximise the opportunities presented by this change? NO SILVER BULLET
  • 24. #RSAC What can I apply tomorrow 24 Integrate cyber & digital Spend on process maturity Strengthen governance and reporting
  • 25. #RSAC Integrate Cyber & Digital 25 Identify areas where digital projects are taking place across the organisation and ensure there is an understanding of cyber security obligations Assist business in understanding why spend on cyber security is required to increase as they embrace digital where data is key Undertake business awareness campaigns to ensure the threat landscape and data security risks of digital enablement are understood by the business Initiate discussions with the organisations executive leadership and board to ensure digital enablement is not happening in isolation.
  • 26. #RSAC Spend on Process Maturity 26 Understand that “Cloud” is intrinsically tied to Digital Have an appreciation of support processes that will enable the use and consumption of cloud Identify core processes required to support cloud enablement and agile development Set up a data security function that focuses on managing risk to data assets
  • 27. #RSAC Spend on Process Maturity 27 Ensure process maturity effort is not in isolation and supports standardisation  across architecture  operations  projects When talking process maturity most organisations default to using ITIL in some shape or form. at a minimum focus on the following 10 processes for digital and cloud enablement.
  • 28. #RSAC Process Maturity 28 ITIL based processes for digital enablement
  • 29. #RSAC Governance and Reporting 29 Security governance is key given the change in threat profile of an organisation Implement vigilance and resilience controls given the increase in and organisations attack surface following Digital enablement Ensure there is business awareness of the changes in risk posture across the Digital transformation landscape Risks related to cyber attacks, confidentiality and regulatory breaches, brand exposure and data security should be reported at the board level Use data enabled insights based reporting of your organisations security posture.
  • 31. SESSION ID: #RSAC Puneet Kukreja Thinking Digital Enablement, Think Protection, Think Process Re-engineering 2307 Partner, Cyber Risk Advisory Deloitte Australia @iPuneetKukreja