Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Making best-in-class security ubiquitous - Why security is no longer just an IT issue.

312 views

Published on

The evolving nature of cyber threats makes security a strategic imperative, and a collective responsibility. Today’s business leaders have a duty to set the tone from the top, taking steps to ensure security extends beyond technology to become part of organisational culture. This talk explores why security is no longer a technology issue with technical solutions, but a board-level priority that needs to be factored into the highest levels of corporate strategy.

Published in: Technology
  • WOW! Wish we had had this info 3 years ago! In just the last few hours our sibling boys have lowered the intensity and length of barking episodes by at least 50%!!! I can't wait to see the results a month from now!! ●●● http://t.cn/Aie4mTQb
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Easy and hassle free way to make money online! I have just registered with this site and straight away I was making money! It doesn't get any better than this. Thank you for taking out all the hassle and making money answering surveys as easy as possible even for non-techie guys like me!  https://tinyurl.com/vd3y33w
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Making best-in-class security ubiquitous - Why security is no longer just an IT issue.

  1. 1. DigitalDialogue Making best-in-class security ubiquitous Why security is not an IT Issue @Graemewpark Global Head of Security Operations at a major Ecommerce Retailer
  2. 2. BioSecurity IoT Massive Growth Coming Enterprises embracing Big Data and Cloud Computing rapidly Smart Industries: Industrial 4.0 Transformation Impending AI, ML and Robotics for customer interactions Top Industry 4.0 Trends impacting Cyber Security
  3. 3. Graeme Cantu-Park Author | Speaker | Advisor| @Graemewpark · Global Head of Security Operations · Trusted security advisor FS & Public Sector · Former UK Special Forces and Cyber Operations · Head of IT Security for FinTech Startup · 10+ years of industry experience & ClubCISO Member
  4. 4. The Rise of Cyber As A Business Risk
  5. 5. The likelihood of cyber attacks has been growing and is now a top concern for senior executives Source: World Economic Forum 2009–2019, Global Risks Report
  6. 6. Data breaches caused by weak security and cover-ups have costed companies over $1.45 billion and counting
  7. 7. Source: The Ponemon Institute Research, 2019 The average cost of a data breach Global Averages Average total cost of a data breach Average size of a data breach Cost per lost record Time to identify and contain a breach Highest country average cost of $8.19 million United States Highest industry average cost of $6.45 million Healthcare 3.92M 25,575 records 279 days United Kingdom Averages Average total cost of a data breach Average size of a data breach Cost per lost record Time to identify and contain a breach Country rank for total cost 6 Highest industry average for cost per record Services 3.88M 23,636 records 243 days$150 $155
  8. 8. Breach costs can be felt for years to come Source: The Ponemon Institute Research, 2019
  9. 9. 85%of consumers will not do business with a company if they have concerns about their security practices Source: PwC US Protect.me survey 2017 The Business Value of Trust 60%are willing to pay a premium for better secured personal data
  10. 10. The Cyber “PR” problem
  11. 11. Source: (ISC)², Inc Report to the CEO Report to the CIO 43% 35% 14% 7% Report to others including the COO and CFO Report to the Board of Directors 86% Have CISO 14% No CISO CISO Reporting Structure Successful organizations overwhelmingly report that they employ a CISO, and in many cases that person reports directly to either the ceo or the Board of Directors Source: ISC - https://blog.isc2.org/isc2_blog/2018/10/why-the-ciso-matters.html
  12. 12. BUSINESS ENABLEMENT SELLING INFOSEC (Internal) PROJECT DELIVERY LIFECYCLE SECURITY ARCHITECTURE SECURITY OPERATIONS IDENTITY MANAGEMENT RISK MANAGEMENT LEGAL & HUMAN RESOURCES COMPLIANCE AND AUDITS GOVERNANCE BUDGET CISO JOB Source: http://rafeeqrehman.com/
  13. 13. Make it the new normal deeply ingrained in the thinking
  14. 14. Leadership “4.0” needs a bold mindset shift as security is now an organizational challenge! PEOPLE REPUTATION FINANCIAL GROWTH
  15. 15. 1 Develop a security culture driving change from the top
  16. 16. 2 Adopt cyber security as a board level responsibility
  17. 17. 3 Codify the language in non technical terms
  18. 18. 4 Engage with key stakeholders beforehand and encourage discussion
  19. 19. 5 Focus on your business-critical activities, the risks to them and to systems supporting those activities
  20. 20. “Approaching cyber security as a business risk cannot be done alone, it is a collaborative effort that requires input of the entire organisation” GRAEME CANTU-PARK
  21. 21. Graeme Cantu-Park Global Head of Security Operations at a major Ecommerce Retailer Thank you

×