SlideShare a Scribd company logo

Build Business Case for Hotel Digital Security

XEventsHospitality
XEventsHospitality

By Dhananjay Rokde, CISO, Cox & Kings Group Dhananjay has an enhanced ability at managing global information security programs for large enterprises, with experience of Governance Risk & Compliance (GRC) unification & implementation programmes. He has received the ‘Top 100 CISO Award’, ‘Future CIO Award’ and the ‘CIO Masters Award for excellence in Information Security’. He is presently in-charge of the overall information & infrastructure security operations, risk management and compliance of the entire group. He also has an advanced diploma in IT Cyber Laws & Data Privacy from the Asian School of Cyber Laws.

Technology
1 of 15
Download to read offline
In association with Presented by Supported by BUILD A BUSINESS CASE – GET THE MANAGEMENT'S ATTENTION Dhananjay Rokde, CISO, Cox & Kings Group SEPT 19, 2014 Hotel Digital Security Seminar
Presented by In association with Supported by Dhananjay Rokde Dhananjay has an enhanced ability at managing global information security programs for large enterprises, with experience of Governance Risk & Compliance (GRC) unification & implementation programmes. He has received the ‘Top 100 CISO Award’, ‘Future CIO Award’ and the ‘CIO Masters Award for excellence in Information Security’. He is presently in-charge of the overall information & infrastructure security operations, risk management and compliance of the entire group. He also has an advanced diploma in IT Cyber Laws & Data Privacy from the Asian School of Cyber Laws. By X Events Hospitality (www.x-events.in) 2 Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Presented by In association with Supported by Agenda By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 3 ¨ Establishing ‘measurable’ expectations ¨ Always promise value – not ROI ¨ Strategize in advance – don’t wait ¨ Train, educate and continuous awareness ¨ Implement established standards ¨ Reporting ¨ Further reading
Establishing ‘measurable’ expectations Presented by In association with Supported by By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 4 ¨ Establish a clear ‘written’ agreement on the organizations ‘acceptable risk criteria’ (ARC) ¤ Regularly audit, assess, modify and sign-off on this criteria ¨ Define constraints within the ARC for ¤ Confidentiality ¤ Integrity ¤ Availability ¨ Mark boundaries for the asset classification ¤ Data classification ¤ People, Process & Technology ¨ Clearly imply that there will NO ‘negotiations’ on statutory compliance & local laws ¨ Have clearly defined exceptions and exclusions.
Presented by In association with Supported by Always promise value – not ROI By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 5 ¨ It is NOT possible to justify all security investments! ¤ They are not your average CapEx or OpEx items ¤ ROI is derived over (very) long periods of time ¤ Standard depreciation, asset valuation does not apply to these investments ¨ REMEMBER – Its always about what we have to ‘loose’, than gain.
Presented by In association with Supported by Strategize in advance – don’t wait By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 6 ¨ Have a long term information security vision and mission ¨ It is good to define at least a 5 year roadmap with distinct milestones ¤ There should be a ‘measurable’ increase in the security posture after every milestone ¤ This should typically be done along with the understanding and agreement of the CxO layer ¤ The business strategy and security strategy should go hand-in-hand ¨ Leave room for contingencies. There will be some. ¨ Have a focussed continuous improvement plan ¨ REMEMBER – your security strategy is NOT a project plan
Presented by In association with Supported by Implement established standards By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 7 ¨ Agree with the management on implementing global best practices ¤ ISMS – ISO 27001 ¤ Application Security – OWASP & SAMM ¤ Risk Management– ISO 31000 ¤ BCP – ISO 25999
Presented by In association with Supported by Reporting By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 8 ¨ Basic ¤ Risk reviews ¤ Impact Assessments ¤ Corrective action plans ¨ Advanced ¤ Global risk heat maps ¤ Balanced score cards
Presented by In association with Supported by Further reading By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 9 ¨ The 5 R’s of building an Information Security business case ¤ http://www.csoonline.com/article/2124269/metrics-budgets/the-five- rs--building-a-business-case-for-information-security.html ¨ The business model for information security ¤ http://www.isaca.org/Knowledge-Center/Research/Documents/ Introduction-to-the-Business-Model-for-Information- Security_res_Eng_0109.pdf ¨ OWASP ¤ www.owasp.org ¨ SAMM ¤ www.samm.org
Presented by In association with Supported by By X Events Hospitality 10 Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in)
Presented by In association with Supported by About us HATT is India's young and premium community for CXOs from the Hospitality, Healthcare, Aviation, Travel and Tourism industries. o With over 1,000 members across India, we are now poised to expand globally with a presence in South East Asia and the Middle East by 2016. www.hattforum.com Hotel Digital Security Seminar & Webinar, Sept 19, 2014 11 X Events manages & supports events exclusively for the hospitality & travel industries. o Our USP is that we are hoteliers by training. We focus on the two most important aspects of an event; content quality and impact. o We do it because we believe in it. www.x-events.in By X Events Hospitality (www.x-events.in) FB/hattforum
Presented by In association with Supported by Our host – Brian Pereira Brian is a veteran technology journalist with two decades of experience. He has served as editor for two magazines: CHIP and InformationWeek India. He is a respected speaker & host at conferences worldwide. In his current role at Hannover Milano Fairs India, Brian serves as project head for CeBIT Global Conferences, the world's largest ICT fair that will debut in India this November, in Bangalore. By X Events Hospitality (www.x-events.in) 12 Hotel Digital Security Seminar & Webinar, Sept 19, 2014
Presented by In association with Supported by Hotel Digital Security Seminar & Webinar, Sept 19, 2014 13 Five expert speakers 1. Latest threats in digital security (Worms, attacks, viruses, flaws) - Santosh Satam, CEO, SecurBay Services. 2. The immediate action needed to tighten up (Priority list, cost, internal policies) - Ambarish Deshpande, MD - India & SAARC, Blue Coat 3. Information loss prevention (Principles & practices) - Geet Lulla, VP - India & ME, Seclore 4. How to build a business case & get the management's attention - Dhananjay Rokde, CISO, Cox & Kings Group. 5. Global cyber security outlook - A. K. Viswanathan, Senior Director - Enterprise Risk Services, Deloitte India. By X Events Hospitality (www.x-events.in) The seminar schedule
Presented by In association with Supported by Our sponsors & supporters By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 14 Thank You
In association with Presented by Supported by HOTEL DIGITAL SECURITY SEMINAR SEPT 19, 2014 www.x-events.in

Recommended

Business case for enterprise continuity planning
Business case for enterprise continuity planningBusiness case for enterprise continuity planning
Business case for enterprise continuity planningWilliam Godwin
 
10 Commandments for Achieving Operational Excellence
10 Commandments for Achieving Operational Excellence10 Commandments for Achieving Operational Excellence
10 Commandments for Achieving Operational ExcellenceMitch Ackles
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Implementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiImplementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiDaneWarren
 
Simplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSimplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSecurestorm
 
Digital Ethical Risk Assessment
Digital Ethical Risk AssessmentDigital Ethical Risk Assessment
Digital Ethical Risk AssessmentMarc St-Pierre
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014Aladdin Dandis
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Aladdin Dandis
 

Recommended

Business case for enterprise continuity planning
Business case for enterprise continuity planningBusiness case for enterprise continuity planning
Business case for enterprise continuity planningWilliam Godwin
 
10 Commandments for Achieving Operational Excellence
10 Commandments for Achieving Operational Excellence10 Commandments for Achieving Operational Excellence
10 Commandments for Achieving Operational ExcellenceMitch Ackles
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Implementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiImplementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiDaneWarren
 
Simplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSimplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSecurestorm
 
Digital Ethical Risk Assessment
Digital Ethical Risk AssessmentDigital Ethical Risk Assessment
Digital Ethical Risk AssessmentMarc St-Pierre
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014Aladdin Dandis
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Aladdin Dandis
 
Security review using SABSA
Security review using SABSASecurity review using SABSA
Security review using SABSAMaganathin Veeraragaloo
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Information Systems Security & Strategy
Information Systems Security & StrategyInformation Systems Security & Strategy
Information Systems Security & StrategyTony Hauxwell
 
Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0Aladdin Dandis
 
Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Tammy Clark
 
The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...PECB
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
Domain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementDomain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementMaganathin Veeraragaloo
 
Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Aladdin Dandis
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-BrochurePrahlad Reddy
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-BrochureTyler Carlson
 
Catalyst research institute
Catalyst research instituteCatalyst research institute
Catalyst research instituteCatalyst Research Institute
 
Presenting Metrics to the Executive Team
Presenting Metrics to the Executive TeamPresenting Metrics to the Executive Team
Presenting Metrics to the Executive TeamJohn D. Johnson
 
Information classification
Information classificationInformation classification
Information classificationJyothsna Sridhar
 
Ch2 cism 2014
Ch2 cism 2014Ch2 cism 2014
Ch2 cism 2014Aladdin Dandis
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
ESA for Business
ESA for BusinessESA for Business
ESA for BusinessMaganathin Veeraragaloo
 
ASSURITY (2)
ASSURITY (2)ASSURITY (2)
ASSURITY (2)kerry housley
 
A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy Allen Baranov
 
Business case for Information Security program
Business case for Information Security programBusiness case for Information Security program
Business case for Information Security programWilliam Godwin
 
Force.Com Business Case Building The Case For Force.Com Presentation
Force.Com Business Case Building The Case For Force.Com PresentationForce.Com Business Case Building The Case For Force.Com Presentation
Force.Com Business Case Building The Case For Force.Com PresentationAndre Thouin
 

More Related Content

What's hot

Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Information Systems Security & Strategy
Information Systems Security & StrategyInformation Systems Security & Strategy
Information Systems Security & StrategyTony Hauxwell
 
Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0Aladdin Dandis
 
Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Tammy Clark
 
The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...PECB
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Aladdin Dandis
 
Presenting Metrics to the Executive Team
Presenting Metrics to the Executive TeamPresenting Metrics to the Executive Team
Presenting Metrics to the Executive TeamJohn D. Johnson
 
Information classification
Information classificationInformation classification
Information classificationJyothsna Sridhar
 
A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy Allen Baranov
 

What's hot (20)

Security review using SABSA
Security review using SABSASecurity review using SABSA
Security review using SABSA
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
 
Information Systems Security & Strategy
Information Systems Security & StrategyInformation Systems Security & Strategy
Information Systems Security & Strategy
 
Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0
 
Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09
 
The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
 
Domain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementDomain 1 - Security and Risk Management
Domain 1 - Security and Risk Management
 
Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Catalyst research institute
Catalyst research instituteCatalyst research institute
Catalyst research institute
 
Presenting Metrics to the Executive Team
Presenting Metrics to the Executive TeamPresenting Metrics to the Executive Team
Presenting Metrics to the Executive Team
 
Information classification
Information classificationInformation classification
Information classification
 
Ch2 cism 2014
Ch2 cism 2014Ch2 cism 2014
Ch2 cism 2014
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
 
ESA for Business
ESA for BusinessESA for Business
ESA for Business
 
ASSURITY (2)
ASSURITY (2)ASSURITY (2)
ASSURITY (2)
 
A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy
 

Viewers also liked

Business case for Information Security program
Business case for Information Security programBusiness case for Information Security program
Business case for Information Security programWilliam Godwin
 
Force.Com Business Case Building The Case For Force.Com Presentation
Force.Com Business Case Building The Case For Force.Com PresentationForce.Com Business Case Building The Case For Force.Com Presentation
Force.Com Business Case Building The Case For Force.Com PresentationAndre Thouin
 
Data Protection: We\'re In This Together
Data Protection: We\'re In This TogetherData Protection: We\'re In This Together
Data Protection: We\'re In This Togethermyeaton
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Michael Kaishar, MSIA | CISSP
 
Building the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyBuilding the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyAIIM International
 
Information Security Benchmarking 2016
Information Security Benchmarking 2016Information Security Benchmarking 2016
Information Security Benchmarking 2016Capgemini
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorCONFENIS 2012
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Six safe fonts to use in your presentations
Six safe fonts to use in your presentationsSix safe fonts to use in your presentations
Six safe fonts to use in your presentationsPresentitude
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security StrategyAndrew Byers
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 

Viewers also liked (11)

Business case for Information Security program
Business case for Information Security programBusiness case for Information Security program
Business case for Information Security program
 
Force.Com Business Case Building The Case For Force.Com Presentation
Force.Com Business Case Building The Case For Force.Com PresentationForce.Com Business Case Building The Case For Force.Com Presentation
Force.Com Business Case Building The Case For Force.Com Presentation
 
Data Protection: We\'re In This Together
Data Protection: We\'re In This TogetherData Protection: We\'re In This Together
Data Protection: We\'re In This Together
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...
 
Building the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyBuilding the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your Company
 
Information Security Benchmarking 2016
Information Security Benchmarking 2016Information Security Benchmarking 2016
Information Security Benchmarking 2016
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking Sector
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
 
Six safe fonts to use in your presentations
Six safe fonts to use in your presentationsSix safe fonts to use in your presentations
Six safe fonts to use in your presentations
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security Strategy
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 

Similar to Build Business Case for Hotel Digital Security

Tighten Up Data Security - Blue Coat (Hotel_Data_Security_Seminar_Sept19'14)
Tighten Up Data Security - Blue Coat (Hotel_Data_Security_Seminar_Sept19'14)Tighten Up Data Security - Blue Coat (Hotel_Data_Security_Seminar_Sept19'14)
Tighten Up Data Security - Blue Coat (Hotel_Data_Security_Seminar_Sept19'14)XEventsHospitality
 
Information Loss Prevention - Seclore (Hotel_Digital_Security_Semianr_Sept19'14)
Information Loss Prevention - Seclore (Hotel_Digital_Security_Semianr_Sept19'14)Information Loss Prevention - Seclore (Hotel_Digital_Security_Semianr_Sept19'14)
Information Loss Prevention - Seclore (Hotel_Digital_Security_Semianr_Sept19'14)XEventsHospitality
 
Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar...
Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar...Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar...
Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar...XEventsHospitality
 
The latest threats on digital security -
The latest threats on digital security - The latest threats on digital security -
The latest threats on digital security - Santosh Satam
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS
 
MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018Match-Maker Ventures
 
Csmp overview may 14
Csmp overview may 14Csmp overview may 14
Csmp overview may 14Jock ANDRE
 
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti
 
Assocham conf grc sept 13
Assocham conf grc sept 13Assocham conf grc sept 13
Assocham conf grc sept 13subramanian K
 
Banking and finance at Innovate 2013
Banking and finance at Innovate 2013Banking and finance at Innovate 2013
Banking and finance at Innovate 2013IBM Rational software
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Deliver the ‘Right’ Customer Experience without Compromising Data Security
Deliver the ‘Right’ Customer Experience without Compromising Data SecurityDeliver the ‘Right’ Customer Experience without Compromising Data Security
Deliver the ‘Right’ Customer Experience without Compromising Data SecuritySPLICE Software
 
Securely Enabling the Digital Age
Securely Enabling the Digital AgeSecurely Enabling the Digital Age
Securely Enabling the Digital AgeCA Technologies
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...XEventsHospitality
 
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceApproaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceLeonardo
 
Event report 2014 published
Event report 2014 publishedEvent report 2014 published
Event report 2014 publishedDSCI_Connect
 
India security conclave brochure 2016
India security conclave brochure 2016India security conclave brochure 2016
India security conclave brochure 2016Cruxcreative
 
Security: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudSecurity: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudCapgemini
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Cisco Canada
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber securitynsheel
 

Similar to Build Business Case for Hotel Digital Security (20)

Tighten Up Data Security - Blue Coat (Hotel_Data_Security_Seminar_Sept19'14)
Tighten Up Data Security - Blue Coat (Hotel_Data_Security_Seminar_Sept19'14)Tighten Up Data Security - Blue Coat (Hotel_Data_Security_Seminar_Sept19'14)
Tighten Up Data Security - Blue Coat (Hotel_Data_Security_Seminar_Sept19'14)
 
Information Loss Prevention - Seclore (Hotel_Digital_Security_Semianr_Sept19'14)
Information Loss Prevention - Seclore (Hotel_Digital_Security_Semianr_Sept19'14)Information Loss Prevention - Seclore (Hotel_Digital_Security_Semianr_Sept19'14)
Information Loss Prevention - Seclore (Hotel_Digital_Security_Semianr_Sept19'14)
 
Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar...
Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar...Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar...
Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar...
 
The latest threats on digital security -
The latest threats on digital security - The latest threats on digital security -
The latest threats on digital security -
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
 
MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018
 
Csmp overview may 14
Csmp overview may 14Csmp overview may 14
Csmp overview may 14
 
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
 
Assocham conf grc sept 13
Assocham conf grc sept 13Assocham conf grc sept 13
Assocham conf grc sept 13
 
Banking and finance at Innovate 2013
Banking and finance at Innovate 2013Banking and finance at Innovate 2013
Banking and finance at Innovate 2013
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Deliver the ‘Right’ Customer Experience without Compromising Data Security
Deliver the ‘Right’ Customer Experience without Compromising Data SecurityDeliver the ‘Right’ Customer Experience without Compromising Data Security
Deliver the ‘Right’ Customer Experience without Compromising Data Security
 
Securely Enabling the Digital Age
Securely Enabling the Digital AgeSecurely Enabling the Digital Age
Securely Enabling the Digital Age
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
 
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceApproaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain Assurance
 
Event report 2014 published
Event report 2014 publishedEvent report 2014 published
Event report 2014 published
 
India security conclave brochure 2016
India security conclave brochure 2016India security conclave brochure 2016
India security conclave brochure 2016
 
Security: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudSecurity: Enabling the Journey to the Cloud
Security: Enabling the Journey to the Cloud
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber security
 

Recently uploaded

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 

Recently uploaded (20)

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 

Build Business Case for Hotel Digital Security

  • 1. In association with Presented by Supported by BUILD A BUSINESS CASE – GET THE MANAGEMENT'S ATTENTION Dhananjay Rokde, CISO, Cox & Kings Group SEPT 19, 2014 Hotel Digital Security Seminar
  • 2. Presented by In association with Supported by Dhananjay Rokde Dhananjay has an enhanced ability at managing global information security programs for large enterprises, with experience of Governance Risk & Compliance (GRC) unification & implementation programmes. He has received the ‘Top 100 CISO Award’, ‘Future CIO Award’ and the ‘CIO Masters Award for excellence in Information Security’. He is presently in-charge of the overall information & infrastructure security operations, risk management and compliance of the entire group. He also has an advanced diploma in IT Cyber Laws & Data Privacy from the Asian School of Cyber Laws. By X Events Hospitality (www.x-events.in) 2 Hotel Digital Security Seminar & Webinar, Sept 19, 2014
  • 3. Presented by In association with Supported by Agenda By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 3 ¨ Establishing ‘measurable’ expectations ¨ Always promise value – not ROI ¨ Strategize in advance – don’t wait ¨ Train, educate and continuous awareness ¨ Implement established standards ¨ Reporting ¨ Further reading
  • 4. Establishing ‘measurable’ expectations Presented by In association with Supported by By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 4 ¨ Establish a clear ‘written’ agreement on the organizations ‘acceptable risk criteria’ (ARC) ¤ Regularly audit, assess, modify and sign-off on this criteria ¨ Define constraints within the ARC for ¤ Confidentiality ¤ Integrity ¤ Availability ¨ Mark boundaries for the asset classification ¤ Data classification ¤ People, Process & Technology ¨ Clearly imply that there will NO ‘negotiations’ on statutory compliance & local laws ¨ Have clearly defined exceptions and exclusions.
  • 5. Presented by In association with Supported by Always promise value – not ROI By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 5 ¨ It is NOT possible to justify all security investments! ¤ They are not your average CapEx or OpEx items ¤ ROI is derived over (very) long periods of time ¤ Standard depreciation, asset valuation does not apply to these investments ¨ REMEMBER – Its always about what we have to ‘loose’, than gain.
  • 6. Presented by In association with Supported by Strategize in advance – don’t wait By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 6 ¨ Have a long term information security vision and mission ¨ It is good to define at least a 5 year roadmap with distinct milestones ¤ There should be a ‘measurable’ increase in the security posture after every milestone ¤ This should typically be done along with the understanding and agreement of the CxO layer ¤ The business strategy and security strategy should go hand-in-hand ¨ Leave room for contingencies. There will be some. ¨ Have a focussed continuous improvement plan ¨ REMEMBER – your security strategy is NOT a project plan
  • 7. Presented by In association with Supported by Implement established standards By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 7 ¨ Agree with the management on implementing global best practices ¤ ISMS – ISO 27001 ¤ Application Security – OWASP & SAMM ¤ Risk Management– ISO 31000 ¤ BCP – ISO 25999
  • 8. Presented by In association with Supported by Reporting By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 8 ¨ Basic ¤ Risk reviews ¤ Impact Assessments ¤ Corrective action plans ¨ Advanced ¤ Global risk heat maps ¤ Balanced score cards
  • 9. Presented by In association with Supported by Further reading By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 9 ¨ The 5 R’s of building an Information Security business case ¤ http://www.csoonline.com/article/2124269/metrics-budgets/the-five- rs--building-a-business-case-for-information-security.html ¨ The business model for information security ¤ http://www.isaca.org/Knowledge-Center/Research/Documents/ Introduction-to-the-Business-Model-for-Information- Security_res_Eng_0109.pdf ¨ OWASP ¤ www.owasp.org ¨ SAMM ¤ www.samm.org
  • 10. Presented by In association with Supported by By X Events Hospitality 10 Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in)
  • 11. Presented by In association with Supported by About us HATT is India's young and premium community for CXOs from the Hospitality, Healthcare, Aviation, Travel and Tourism industries. o With over 1,000 members across India, we are now poised to expand globally with a presence in South East Asia and the Middle East by 2016. www.hattforum.com Hotel Digital Security Seminar & Webinar, Sept 19, 2014 11 X Events manages & supports events exclusively for the hospitality & travel industries. o Our USP is that we are hoteliers by training. We focus on the two most important aspects of an event; content quality and impact. o We do it because we believe in it. www.x-events.in By X Events Hospitality (www.x-events.in) FB/hattforum
  • 12. Presented by In association with Supported by Our host – Brian Pereira Brian is a veteran technology journalist with two decades of experience. He has served as editor for two magazines: CHIP and InformationWeek India. He is a respected speaker & host at conferences worldwide. In his current role at Hannover Milano Fairs India, Brian serves as project head for CeBIT Global Conferences, the world's largest ICT fair that will debut in India this November, in Bangalore. By X Events Hospitality (www.x-events.in) 12 Hotel Digital Security Seminar & Webinar, Sept 19, 2014
  • 13. Presented by In association with Supported by Hotel Digital Security Seminar & Webinar, Sept 19, 2014 13 Five expert speakers 1. Latest threats in digital security (Worms, attacks, viruses, flaws) - Santosh Satam, CEO, SecurBay Services. 2. The immediate action needed to tighten up (Priority list, cost, internal policies) - Ambarish Deshpande, MD - India & SAARC, Blue Coat 3. Information loss prevention (Principles & practices) - Geet Lulla, VP - India & ME, Seclore 4. How to build a business case & get the management's attention - Dhananjay Rokde, CISO, Cox & Kings Group. 5. Global cyber security outlook - A. K. Viswanathan, Senior Director - Enterprise Risk Services, Deloitte India. By X Events Hospitality (www.x-events.in) The seminar schedule
  • 14. Presented by In association with Supported by Our sponsors & supporters By X Events Hospitality Hotel Digital Security Seminar & Webinar, Sept 19, 2014 (www.x-events.in) 14 Thank You
  • 15. In association with Presented by Supported by HOTEL DIGITAL SECURITY SEMINAR SEPT 19, 2014 www.x-events.in