SlideShare a Scribd company logo

23217074-ramses-Why CISOs Fail

Download as PPTX, PDF
Ramses Sidabutar
Ramses Sidabutar

Why CISOs Fail The Missing Link in Security Management and How to Fix It Barak Engel, 2018

Internet
1 of 6
Why CISOs Fail The Missing Link in Security Management and How to Fix It Barak Engel, 2018 Ramses R. S. Sidabutar (23217074)
CISO 4/19/2018 2 understanding vulnerability Potential Impact of Threat Intelligence on the Attack Life Cycle Source: ISACA, Responding to Targeted Cyberattacks, 2013
We’re looking for a CISO • Business partner to all departments • Help the organization understand and manage underlying risks in business operations • Brand management, Service agreements • Help uncover ways to promote the brand further by enhancing consumer trust • Engaging externally with the customer base • The media on emerging issues like personal information privacy and protability 4/19/2018 3 PROTECT THE COMPANY
The Dismal Discipline • Management by compliance / security policy compliance • Internal (understanding of people behavioral patterns) and behavioral threats 4/19/2018 4
The CISO, Reimagined • Security is about managing risk • There is simply no way anyone can manage risk when they do no have a finely tuned understanding of the sources of risk in their proper business context 4/19/2018 5
Terima Kasih 4/19/2018 6

Recommended

Top 5 Insider Threat Predictions
Top 5 Insider Threat PredictionsTop 5 Insider Threat Predictions
Top 5 Insider Threat PredictionsMegan Thudium
 
4 Different Types of Insider Attacks
4 Different Types of Insider Attacks4 Different Types of Insider Attacks
4 Different Types of Insider AttacksMegan Thudium
 
How to prevent being hacked in 2018
How to prevent being hacked in 2018How to prevent being hacked in 2018
How to prevent being hacked in 2018ringcaptchausa
 
ICSA CPD - Cyber breaches
ICSA CPD - Cyber breachesICSA CPD - Cyber breaches
ICSA CPD - Cyber breachesInstitute of Chartered Secretaries and Administrators
 
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides DATUM LLC
 
GDPR Affects Email Worldwide
GDPR Affects Email WorldwideGDPR Affects Email Worldwide
GDPR Affects Email WorldwideSparkPost
 
Data Analytics 301: Converting Analysis into Business Strategy
Data Analytics 301: Converting Analysis into Business StrategyData Analytics 301: Converting Analysis into Business Strategy
Data Analytics 301: Converting Analysis into Business StrategyNICSA
 
IREC165473PR RP 2017 Security Outlook
IREC165473PR RP 2017 Security OutlookIREC165473PR RP 2017 Security Outlook
IREC165473PR RP 2017 Security OutlookChris Cornillie
 

Recommended

Top 5 Insider Threat Predictions
Top 5 Insider Threat PredictionsTop 5 Insider Threat Predictions
Top 5 Insider Threat PredictionsMegan Thudium
 
4 Different Types of Insider Attacks
4 Different Types of Insider Attacks4 Different Types of Insider Attacks
4 Different Types of Insider AttacksMegan Thudium
 
How to prevent being hacked in 2018
How to prevent being hacked in 2018How to prevent being hacked in 2018
How to prevent being hacked in 2018ringcaptchausa
 
ICSA CPD - Cyber breaches
ICSA CPD - Cyber breachesICSA CPD - Cyber breaches
ICSA CPD - Cyber breachesInstitute of Chartered Secretaries and Administrators
 
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides DATUM LLC
 
GDPR Affects Email Worldwide
GDPR Affects Email WorldwideGDPR Affects Email Worldwide
GDPR Affects Email WorldwideSparkPost
 
Data Analytics 301: Converting Analysis into Business Strategy
Data Analytics 301: Converting Analysis into Business StrategyData Analytics 301: Converting Analysis into Business Strategy
Data Analytics 301: Converting Analysis into Business StrategyNICSA
 
IREC165473PR RP 2017 Security Outlook
IREC165473PR RP 2017 Security OutlookIREC165473PR RP 2017 Security Outlook
IREC165473PR RP 2017 Security OutlookChris Cornillie
 
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Enterprise Management Associates
 
Let's TOC: Navigate the Cybersecurity Conversation with Dominique Singer
Let's TOC: Navigate the Cybersecurity Conversation with Dominique SingerLet's TOC: Navigate the Cybersecurity Conversation with Dominique Singer
Let's TOC: Navigate the Cybersecurity Conversation with Dominique SingerSaraPia5
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceChristian F. Nissen
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challengeFERMA
 
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Accenture Technology
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingTIKAJ
 
Forrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the StandardForrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the StandardSecurityScorecard
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
Cyber security: five leadership issues worthy of Board and executive attention
Cyber security: five leadership issues worthy of Board and executive attentionCyber security: five leadership issues worthy of Board and executive attention
Cyber security: five leadership issues worthy of Board and executive attentionRamón Gómez de Olea y Bustinza
 
Cybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftCybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftIntellias
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxNakhoudah
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Enterprise Management Associates
 
Board secretaries and general counsels
Board secretaries and general counsels Board secretaries and general counsels
Board secretaries and general counsels Maganathin Veeraragaloo
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Matthew Rosenquist
 
Securing Consumer Trust
Securing Consumer TrustSecuring Consumer Trust
Securing Consumer Trustaccenture
 
[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision Support[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision SupportAriantoMuditomo
 
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptxjamiejohngianna
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 

More Related Content

Similar to 23217074-ramses-Why CISOs Fail

Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Enterprise Management Associates
 
Let's TOC: Navigate the Cybersecurity Conversation with Dominique Singer
Let's TOC: Navigate the Cybersecurity Conversation with Dominique SingerLet's TOC: Navigate the Cybersecurity Conversation with Dominique Singer
Let's TOC: Navigate the Cybersecurity Conversation with Dominique SingerSaraPia5
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceChristian F. Nissen
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challengeFERMA
 
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Accenture Technology
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingTIKAJ
 
Forrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the StandardForrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the StandardSecurityScorecard
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
Cyber security: five leadership issues worthy of Board and executive attention
Cyber security: five leadership issues worthy of Board and executive attentionCyber security: five leadership issues worthy of Board and executive attention
Cyber security: five leadership issues worthy of Board and executive attentionRamón Gómez de Olea y Bustinza
 
Cybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftCybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftIntellias
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxNakhoudah
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Enterprise Management Associates
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Matthew Rosenquist
 
Securing Consumer Trust
Securing Consumer TrustSecuring Consumer Trust
Securing Consumer Trustaccenture
 
[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision Support[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision SupportAriantoMuditomo
 
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptxjamiejohngianna
 

Similar to 23217074-ramses-Why CISOs Fail (20)

Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
 
Let's TOC: Navigate the Cybersecurity Conversation with Dominique Singer
Let's TOC: Navigate the Cybersecurity Conversation with Dominique SingerLet's TOC: Navigate the Cybersecurity Conversation with Dominique Singer
Let's TOC: Navigate the Cybersecurity Conversation with Dominique Singer
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber Resilience
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIRO
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Forrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the StandardForrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the Standard
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attention
 
Cyber security: five leadership issues worthy of Board and executive attention
Cyber security: five leadership issues worthy of Board and executive attentionCyber security: five leadership issues worthy of Board and executive attention
Cyber security: five leadership issues worthy of Board and executive attention
 
Cybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftCybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptx
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
 
Board secretaries and general counsels
Board secretaries and general counsels Board secretaries and general counsels
Board secretaries and general counsels
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022
 
Securing Consumer Trust
Securing Consumer TrustSecuring Consumer Trust
Securing Consumer Trust
 
[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision Support[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision Support
 
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
 

Recently uploaded

Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理F
 
Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Dewi Agency
 
Research Assignment - NIST SP800 [172 A] - Presentation.pptx
Research Assignment - NIST SP800 [172 A] - Presentation.pptxResearch Assignment - NIST SP800 [172 A] - Presentation.pptx
Research Assignment - NIST SP800 [172 A] - Presentation.pptxi191686
 
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样AS
 
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理apekaom
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...APNIC
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC
 
一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理F
 
一比一原版贝德福特大学毕业证学位证书
一比一原版贝德福特大学毕业证学位证书一比一原版贝德福特大学毕业证学位证书
一比一原版贝德福特大学毕业证学位证书F
 
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书AS
 
一比一原版帝国理工学院毕业证如何办理
一比一原版帝国理工学院毕业证如何办理一比一原版帝国理工学院毕业证如何办理
一比一原版帝国理工学院毕业证如何办理F
 
一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理SS
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理AS
 
Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirtsrahman018755
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样ayvbos
 
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowHUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowIdeoholics
 

Recently uploaded (20)

Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303
 
Research Assignment - NIST SP800 [172 A] - Presentation.pptx
Research Assignment - NIST SP800 [172 A] - Presentation.pptxResearch Assignment - NIST SP800 [172 A] - Presentation.pptx
Research Assignment - NIST SP800 [172 A] - Presentation.pptx
 
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
 
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理
 
一比一原版贝德福特大学毕业证学位证书
一比一原版贝德福特大学毕业证学位证书一比一原版贝德福特大学毕业证学位证书
一比一原版贝德福特大学毕业证学位证书
 
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
 
一比一原版帝国理工学院毕业证如何办理
一比一原版帝国理工学院毕业证如何办理一比一原版帝国理工学院毕业证如何办理
一比一原版帝国理工学院毕业证如何办理
 
一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理
 
Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
 
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowHUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
 

23217074-ramses-Why CISOs Fail

  • 1. Why CISOs Fail The Missing Link in Security Management and How to Fix It Barak Engel, 2018 Ramses R. S. Sidabutar (23217074)
  • 2. CISO 4/19/2018 2 understanding vulnerability Potential Impact of Threat Intelligence on the Attack Life Cycle Source: ISACA, Responding to Targeted Cyberattacks, 2013
  • 3. We’re looking for a CISO • Business partner to all departments • Help the organization understand and manage underlying risks in business operations • Brand management, Service agreements • Help uncover ways to promote the brand further by enhancing consumer trust • Engaging externally with the customer base • The media on emerging issues like personal information privacy and protability 4/19/2018 3 PROTECT THE COMPANY
  • 4. The Dismal Discipline • Management by compliance / security policy compliance • Internal (understanding of people behavioral patterns) and behavioral threats 4/19/2018 4
  • 5. The CISO, Reimagined • Security is about managing risk • There is simply no way anyone can manage risk when they do no have a finely tuned understanding of the sources of risk in their proper business context 4/19/2018 5

Editor's Notes

  1. Ini sepertinya buku tentang CISO tetapi sebenarnya tentang siapa pun yang ingin paham tentang keamanan informasi
  2. ada untuk melindungi dan mengelola aset dan informasi... untuk memastikan sistem dan informasi tersedia ... untuk memastikan kontrol yang tepat ada sehingga hanya mereka yang benar-benar membutuhkan akses ke informasi yang dapat... informasi tetap di tempat yang seharusnya Kalau sudah semua tahapan di atas dilalui, artinya dia sudah pengguna yang sah dengan diam-diam (firewal, ids, anti malware lewat semua) Hijau tua, kuning, cream, merah Fakta yang ada…
  3. Yang banyak dibutuhkan sekarang ini... Security seperti di linkedin Strategisnya CISO... Memahami dan mengelola resiko... Meningkatkan kepercayaan konsumen... Melindungi perusahaan... TIDAK selalu membeli peralatan IT untuk melindungi perusahaan, keamanan informasi adalah bagian dari IT
  4. Harus memahami proses bisnis Compliance: SOX, GLBA, HIPAA, ISO, CSA, (Undang-Undang) -> ada fungsi audit Menariknya Management/Security Policy ini bisa merupakan celah/kelemahan karena hasil akhirnya bisa diprediksi Security leader without a thorough understanding of people behavioral patterns is one that is walking around deaf and blind... Ingat amateurs attack machines; professionals target people... Understanding of human psychology is absolutely crucial