SlideShare a Scribd company logo
1 of 16
A Silver Bullet Solution or a Risk
CYBER
INSURANCE
Kollam, Aug 19, 2016
We Are
A Reality Check On The Past Present & Future of National Security & Cybersecurity
.in
Kollam, Aug 19, 2016
Can Cyber Insurance
enforce change in the
cybersecurity DNA of
organizations?
Kollam, Aug 19, 2016
In India – IT Act asks for
“reasonable security”
PSUs, Enterprises seek
- ISO27001,
- PCI-DSS,
- ISO22301,
- Guidelines from RBI, SEBI, IDRBT
Kollam, Aug 19, 2016
The Risks are many too…
Ransomware
Business Email Compromise
Insider Threat
Espionage
APT etc
Kollam, Aug 19, 2016
Some Cyber Insurance “Issues”
SONY – claim by movie producer
after 2 years
TARGET – ongoing litigation
Kollam, Aug 19, 2016
• What will a policy cover
• ISMS, BCP, IAM, Devices, Insider threat, IP, Server,
Endpoints, Mistakes, Accidents, Disasters, Ransomware,
Spam, Malware, Change Management, Database,
Phishing, Whaling, Spear Phishing …
• If the organization has an ISMS is it SECURE
• Does ISMS include ransomware, or, Phishing include
whaling etc
• Who will assess the incident – is assessor qualified
• Organization has to make public announcement and
lodge a formal complaint
Kollam, Aug 19, 2016
Cyber Insurance
Brings Promise of
lowering the risk
Kollam, Aug 19, 2016
How can Insurance
enforce Security ?
Kollam, Aug 19, 2016
- Organization HAS to have effective
controls
- Security has to be “in the spirit and DNA”
- Management has to assume full
responsibility
- Governance and traceability
- Common and automated platforms that
are prescribed by Insurer
Kollam, Aug 19, 2016
- While Insurance will de-risk an
individual or an organization
- INSURANCE IS A RISK TOO
Kollam, Aug 19, 2016
Decide wisely
• You are ISO27001 certified – does this make you a good
candidate for insurance
• Will the assessor be willing to accept your security status /
control design and effectiveness and settle your claim
• Think far and wide when you buy
• Discuss common ground for assessment with your insurer
• Assess your insurers maturity while the insurer assesses
yours
• Optimize your controls system to align with insurance needs
Kollam, Aug 19, 2016
Kollam, Aug 19, 2016
ABriefIntroduction
Dinesh O Bareja
CISA, CISM, ITIL, ISMS, Cert ERM, Cert IPR
• Principal Advisor – Pyramid Cyber Security & Forensic Pvt Ltd
• Co-Founder – Open Security Alliance , IndiaWatch, Indian Honeynet Project,
• Ex Cyber Surveillance Advisor – CDRC (Jharkhand Police – Special Branch)
Enterprise & Government Policy Development;
Cyber Security Strategy, Design, Architecture;
Current State Security Assessment, Audit &
Optimization; Governance, Risk Management;..
etc
ABOUT ME
Kollam, Aug 19, 2016
Who professional infosec expertise and passion to demolish
the hype and enable real-life balance in cybersecurity
policy, strategy, training and operations at the
national, enterprise or individual level – we bring the
A Reality Check On The Past Present & Future of National Security & Cybersecurity
ABOUTUS
What
Where
E dinesh@opensecurityalliance.org
@bizsprite
L: linkedin.com/in/dineshbareja
+91.9769890505
dineshobareja
dineshobareja
infosecgallery.blgspot.com
securambling.blogspot.com
.in
Kollam, Aug 19, 2016

More Related Content

What's hot

Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOlivier Busolini
 
Cyber War, Cyber Peace, Stones and Glass Houses
Cyber War, Cyber Peace, Stones and Glass HousesCyber War, Cyber Peace, Stones and Glass Houses
Cyber War, Cyber Peace, Stones and Glass HousesPaige Rasid
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.Chinatu Uzuegbu
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityRahul Tyagi
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationrrepko
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesStephen Cobb
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceInderjeet Singh
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-statusRama Reddy
 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Amrit Chhetri
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securitysiswarren
 
Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraKapil Mehrotra
 
Cyber swachhta kendra20
Cyber swachhta kendra20Cyber swachhta kendra20
Cyber swachhta kendra20pavanwagh5
 
2015 Cybercrime Trends – Things are Going to Get Interesting
2015 Cybercrime Trends – Things are Going to Get Interesting2015 Cybercrime Trends – Things are Going to Get Interesting
2015 Cybercrime Trends – Things are Going to Get InterestingIBM Security
 
Practical approach to combating cyber crimes
Practical approach to combating cyber crimesPractical approach to combating cyber crimes
Practical approach to combating cyber crimesChinatu Uzuegbu
 

What's hot (20)

Security Awareness
Security AwarenessSecurity Awareness
Security Awareness
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
 
Indonesia National Cyber Security Strategy
Indonesia National Cyber Security StrategyIndonesia National Cyber Security Strategy
Indonesia National Cyber Security Strategy
 
Cyber War, Cyber Peace, Stones and Glass Houses
Cyber War, Cyber Peace, Stones and Glass HousesCyber War, Cyber Peace, Stones and Glass Houses
Cyber War, Cyber Peace, Stones and Glass Houses
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.
 
Information Security For Small Business
Information Security For Small BusinessInformation Security For Small Business
Information Security For Small Business
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadays
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe Security
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperation
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and Resources
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial Intelligence
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of security
 
Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil Mehrotra
 
Cyber swachhta kendra20
Cyber swachhta kendra20Cyber swachhta kendra20
Cyber swachhta kendra20
 
2015 Cybercrime Trends – Things are Going to Get Interesting
2015 Cybercrime Trends – Things are Going to Get Interesting2015 Cybercrime Trends – Things are Going to Get Interesting
2015 Cybercrime Trends – Things are Going to Get Interesting
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
Practical approach to combating cyber crimes
Practical approach to combating cyber crimesPractical approach to combating cyber crimes
Practical approach to combating cyber crimes
 

Viewers also liked

Cyber Insurance Temp
Cyber  Insurance  TempCyber  Insurance  Temp
Cyber Insurance TempRohan Sehgal
 
Technology Risk Management
Technology Risk ManagementTechnology Risk Management
Technology Risk ManagementSocial Tables
 
Community Disaster Incident Response
Community Disaster  Incident ResponseCommunity Disaster  Incident Response
Community Disaster Incident ResponseDinesh O Bareja
 
Cyber risk challenge and the role of insurance
Cyber risk challenge and the role of insuranceCyber risk challenge and the role of insurance
Cyber risk challenge and the role of insuranceMunich Re
 
Business - IT Alignment Increases Value Of IT
Business - IT Alignment Increases Value Of ITBusiness - IT Alignment Increases Value Of IT
Business - IT Alignment Increases Value Of ITDinesh O Bareja
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesPaige Rasid
 
Meta analysis - qualitative research design
Meta analysis - qualitative research designMeta analysis - qualitative research design
Meta analysis - qualitative research designDinesh Selvam
 

Viewers also liked (9)

Cyber Insurance Temp
Cyber  Insurance  TempCyber  Insurance  Temp
Cyber Insurance Temp
 
Technology Risk Management
Technology Risk ManagementTechnology Risk Management
Technology Risk Management
 
Community Disaster Incident Response
Community Disaster  Incident ResponseCommunity Disaster  Incident Response
Community Disaster Incident Response
 
Cyber risk challenge and the role of insurance
Cyber risk challenge and the role of insuranceCyber risk challenge and the role of insurance
Cyber risk challenge and the role of insurance
 
The Basics of Cyber Insurance
The Basics of Cyber InsuranceThe Basics of Cyber Insurance
The Basics of Cyber Insurance
 
Business - IT Alignment Increases Value Of IT
Business - IT Alignment Increases Value Of ITBusiness - IT Alignment Increases Value Of IT
Business - IT Alignment Increases Value Of IT
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
 
Cyber liaility insurance the basics
Cyber liaility insurance   the basicsCyber liaility insurance   the basics
Cyber liaility insurance the basics
 
Meta analysis - qualitative research design
Meta analysis - qualitative research designMeta analysis - qualitative research design
Meta analysis - qualitative research design
 

Similar to Can Cyber Insurance Enforce Change in Enterprise GRC

RISE Hong Kong 2016 - The Digital Insurer Reviews
RISE Hong Kong 2016 - The Digital Insurer ReviewsRISE Hong Kong 2016 - The Digital Insurer Reviews
RISE Hong Kong 2016 - The Digital Insurer ReviewsThe Digital Insurer
 
Business Outsourcing to Asia
Business Outsourcing to AsiaBusiness Outsourcing to Asia
Business Outsourcing to AsiaConferencias FIST
 
Business Outsourcing to Asia
Business Outsourcing to AsiaBusiness Outsourcing to Asia
Business Outsourcing to AsiaConferencias FIST
 
2020 BSidesSF - Bootstrapping Security
2020 BSidesSF - Bootstrapping Security2020 BSidesSF - Bootstrapping Security
2020 BSidesSF - Bootstrapping SecurityJared Casner
 
PCI DSS Myths 2009: Myths and Reality
PCI DSS Myths 2009: Myths and RealityPCI DSS Myths 2009: Myths and Reality
PCI DSS Myths 2009: Myths and RealityAnton Chuvakin
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security SecureAuth
 
"The 10 Most Trusted CCTV Companies to watch in 2018"
"The 10 Most Trusted CCTV Companies to watch in 2018""The 10 Most Trusted CCTV Companies to watch in 2018"
"The 10 Most Trusted CCTV Companies to watch in 2018"Merry D'souza
 
San Antonio Security Community
San Antonio Security CommunitySan Antonio Security Community
San Antonio Security CommunityDenim Group
 
Pci Europe 2009 Underside Of The Compliance Ecosystem
Pci Europe 2009   Underside Of The Compliance EcosystemPci Europe 2009   Underside Of The Compliance Ecosystem
Pci Europe 2009 Underside Of The Compliance Ecosystemkpatrickwheeler
 
What to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlWhat to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlSecureAuth
 
Building World Class Cybersecurity Teams
Building World Class Cybersecurity TeamsBuilding World Class Cybersecurity Teams
Building World Class Cybersecurity TeamsJoyce Brocaglia
 
The Most Trustworthy Enterprise Security Solution Providers of India.pdf
The Most Trustworthy Enterprise Security Solution Providers of India.pdfThe Most Trustworthy Enterprise Security Solution Providers of India.pdf
The Most Trustworthy Enterprise Security Solution Providers of India.pdfCIO Look Magazine
 
HOW TO MEASURE WHAT HACKERS KNOW ABOUT YOU
HOW TO MEASURE WHAT HACKERS KNOW ABOUT YOUHOW TO MEASURE WHAT HACKERS KNOW ABOUT YOU
HOW TO MEASURE WHAT HACKERS KNOW ABOUT YOUNormShield
 
What are the Job Prospects After Doing CISA.pptx
What are the Job Prospects After Doing CISA.pptxWhat are the Job Prospects After Doing CISA.pptx
What are the Job Prospects After Doing CISA.pptxinfosec train
 
Kista watson summit final public version
Kista watson summit final public versionKista watson summit final public version
Kista watson summit final public versionIBM Sverige
 
Smartly Secure, Securely Smart _ Enterprise IT News
Smartly Secure, Securely Smart _ Enterprise IT NewsSmartly Secure, Securely Smart _ Enterprise IT News
Smartly Secure, Securely Smart _ Enterprise IT NewsKrishna Arani
 
Issuers Story - PCI Congress London 23Jan14
Issuers Story - PCI Congress London 23Jan14Issuers Story - PCI Congress London 23Jan14
Issuers Story - PCI Congress London 23Jan14Patrick Wheeler
 
2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class OneFRSecure
 
The Brands of The Year 2023 - Ciolook India.pdf
The Brands of The Year 2023 - Ciolook India.pdfThe Brands of The Year 2023 - Ciolook India.pdf
The Brands of The Year 2023 - Ciolook India.pdfCIO Look Magazine
 
Security For Free
Security For FreeSecurity For Free
Security For Freegwarden
 

Similar to Can Cyber Insurance Enforce Change in Enterprise GRC (20)

RISE Hong Kong 2016 - The Digital Insurer Reviews
RISE Hong Kong 2016 - The Digital Insurer ReviewsRISE Hong Kong 2016 - The Digital Insurer Reviews
RISE Hong Kong 2016 - The Digital Insurer Reviews
 
Business Outsourcing to Asia
Business Outsourcing to AsiaBusiness Outsourcing to Asia
Business Outsourcing to Asia
 
Business Outsourcing to Asia
Business Outsourcing to AsiaBusiness Outsourcing to Asia
Business Outsourcing to Asia
 
2020 BSidesSF - Bootstrapping Security
2020 BSidesSF - Bootstrapping Security2020 BSidesSF - Bootstrapping Security
2020 BSidesSF - Bootstrapping Security
 
PCI DSS Myths 2009: Myths and Reality
PCI DSS Myths 2009: Myths and RealityPCI DSS Myths 2009: Myths and Reality
PCI DSS Myths 2009: Myths and Reality
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security
 
"The 10 Most Trusted CCTV Companies to watch in 2018"
"The 10 Most Trusted CCTV Companies to watch in 2018""The 10 Most Trusted CCTV Companies to watch in 2018"
"The 10 Most Trusted CCTV Companies to watch in 2018"
 
San Antonio Security Community
San Antonio Security CommunitySan Antonio Security Community
San Antonio Security Community
 
Pci Europe 2009 Underside Of The Compliance Ecosystem
Pci Europe 2009   Underside Of The Compliance EcosystemPci Europe 2009   Underside Of The Compliance Ecosystem
Pci Europe 2009 Underside Of The Compliance Ecosystem
 
What to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlWhat to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access Control
 
Building World Class Cybersecurity Teams
Building World Class Cybersecurity TeamsBuilding World Class Cybersecurity Teams
Building World Class Cybersecurity Teams
 
The Most Trustworthy Enterprise Security Solution Providers of India.pdf
The Most Trustworthy Enterprise Security Solution Providers of India.pdfThe Most Trustworthy Enterprise Security Solution Providers of India.pdf
The Most Trustworthy Enterprise Security Solution Providers of India.pdf
 
HOW TO MEASURE WHAT HACKERS KNOW ABOUT YOU
HOW TO MEASURE WHAT HACKERS KNOW ABOUT YOUHOW TO MEASURE WHAT HACKERS KNOW ABOUT YOU
HOW TO MEASURE WHAT HACKERS KNOW ABOUT YOU
 
What are the Job Prospects After Doing CISA.pptx
What are the Job Prospects After Doing CISA.pptxWhat are the Job Prospects After Doing CISA.pptx
What are the Job Prospects After Doing CISA.pptx
 
Kista watson summit final public version
Kista watson summit final public versionKista watson summit final public version
Kista watson summit final public version
 
Smartly Secure, Securely Smart _ Enterprise IT News
Smartly Secure, Securely Smart _ Enterprise IT NewsSmartly Secure, Securely Smart _ Enterprise IT News
Smartly Secure, Securely Smart _ Enterprise IT News
 
Issuers Story - PCI Congress London 23Jan14
Issuers Story - PCI Congress London 23Jan14Issuers Story - PCI Congress London 23Jan14
Issuers Story - PCI Congress London 23Jan14
 
2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One
 
The Brands of The Year 2023 - Ciolook India.pdf
The Brands of The Year 2023 - Ciolook India.pdfThe Brands of The Year 2023 - Ciolook India.pdf
The Brands of The Year 2023 - Ciolook India.pdf
 
Security For Free
Security For FreeSecurity For Free
Security For Free
 

More from Dinesh O Bareja

WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers Dinesh O Bareja
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
Finance and Accounting professionals to bridge the gap with IT
Finance and Accounting professionals to bridge the gap with ITFinance and Accounting professionals to bridge the gap with IT
Finance and Accounting professionals to bridge the gap with ITDinesh O Bareja
 
Mind Your Manners On Linked In
Mind Your Manners On Linked InMind Your Manners On Linked In
Mind Your Manners On Linked InDinesh O Bareja
 
ISE - InfoSec Essentials .. an introduction
ISE - InfoSec Essentials .. an introductionISE - InfoSec Essentials .. an introduction
ISE - InfoSec Essentials .. an introductionDinesh O Bareja
 
Common Sense 101 - so much to learn about CS
Common Sense 101 - so much to learn about CSCommon Sense 101 - so much to learn about CS
Common Sense 101 - so much to learn about CSDinesh O Bareja
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India ReadyDinesh O Bareja
 
Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Dinesh O Bareja
 
Indian Thoughts in Information Security
Indian Thoughts in Information SecurityIndian Thoughts in Information Security
Indian Thoughts in Information SecurityDinesh O Bareja
 
India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013Dinesh O Bareja
 
OSA - Internet Security in India
OSA - Internet Security in IndiaOSA - Internet Security in India
OSA - Internet Security in IndiaDinesh O Bareja
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its PreventionDinesh O Bareja
 
20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security AwarenessDinesh O Bareja
 

More from Dinesh O Bareja (15)

WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers
 
Cybersecurity 2.0
Cybersecurity 2.0Cybersecurity 2.0
Cybersecurity 2.0
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
 
Finance and Accounting professionals to bridge the gap with IT
Finance and Accounting professionals to bridge the gap with ITFinance and Accounting professionals to bridge the gap with IT
Finance and Accounting professionals to bridge the gap with IT
 
Mind Your Manners On Linked In
Mind Your Manners On Linked InMind Your Manners On Linked In
Mind Your Manners On Linked In
 
ISE - InfoSec Essentials .. an introduction
ISE - InfoSec Essentials .. an introductionISE - InfoSec Essentials .. an introduction
ISE - InfoSec Essentials .. an introduction
 
Common Sense 101 - so much to learn about CS
Common Sense 101 - so much to learn about CSCommon Sense 101 - so much to learn about CS
Common Sense 101 - so much to learn about CS
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India Ready
 
Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0
 
Indian Thoughts in Information Security
Indian Thoughts in Information SecurityIndian Thoughts in Information Security
Indian Thoughts in Information Security
 
India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013
 
OSA - Internet Security in India
OSA - Internet Security in IndiaOSA - Internet Security in India
OSA - Internet Security in India
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its Prevention
 
Compliance Awareness
Compliance AwarenessCompliance Awareness
Compliance Awareness
 
20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness
 

Recently uploaded

How to Maintain Healthy Life style.pptx
How to Maintain  Healthy Life style.pptxHow to Maintain  Healthy Life style.pptx
How to Maintain Healthy Life style.pptxrdishurana
 
Hyundai capital 2024 1q Earnings release
Hyundai capital 2024 1q Earnings releaseHyundai capital 2024 1q Earnings release
Hyundai capital 2024 1q Earnings releaseirhcs
 
HAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future ProspectsHAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future ProspectsRajesh Gupta
 
1Q24_EN hyundai capital 1q performance
1Q24_EN   hyundai capital 1q performance1Q24_EN   hyundai capital 1q performance
1Q24_EN hyundai capital 1q performanceirhcs
 
tekAura | Desktop Procedure Template (2016)
tekAura | Desktop Procedure Template (2016)tekAura | Desktop Procedure Template (2016)
tekAura | Desktop Procedure Template (2016)Norah Medlin
 
Falcon Invoice Discounting Setup for Small Businesses
Falcon Invoice Discounting Setup for Small BusinessesFalcon Invoice Discounting Setup for Small Businesses
Falcon Invoice Discounting Setup for Small BusinessesFalcon investment
 
stock price prediction using machine learning
stock price prediction using machine learningstock price prediction using machine learning
stock price prediction using machine learninggauravwankar27
 
Copyright: What Creators and Users of Art Need to Know
Copyright: What Creators and Users of Art Need to KnowCopyright: What Creators and Users of Art Need to Know
Copyright: What Creators and Users of Art Need to KnowMiriam Robeson
 
Sedex Members Ethical Trade Audit (SMETA) Measurement Criteria
Sedex Members Ethical Trade Audit (SMETA) Measurement CriteriaSedex Members Ethical Trade Audit (SMETA) Measurement Criteria
Sedex Members Ethical Trade Audit (SMETA) Measurement Criteriamilos639
 
8 Questions B2B Commercial Teams Can Ask To Help Product Discovery
8 Questions B2B Commercial Teams Can Ask To Help Product Discovery8 Questions B2B Commercial Teams Can Ask To Help Product Discovery
8 Questions B2B Commercial Teams Can Ask To Help Product DiscoveryDesmond Leo
 
Toyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & TransformationsToyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & TransformationsStefan Wolpers
 
TriStar Gold Corporate Presentation May 2024
TriStar Gold Corporate Presentation May 2024TriStar Gold Corporate Presentation May 2024
TriStar Gold Corporate Presentation May 2024Adnet Communications
 
Your Work Matters to God RestorationChurch.pptx
Your Work Matters to God RestorationChurch.pptxYour Work Matters to God RestorationChurch.pptx
Your Work Matters to God RestorationChurch.pptxOs Hillman
 
Expert Cross-Border Financial Planning Advisors
Expert Cross-Border Financial Planning AdvisorsExpert Cross-Border Financial Planning Advisors
Expert Cross-Border Financial Planning Advisorscardinalpointwealth11
 
NFS- Operations Presentation - Recurrent
NFS- Operations Presentation - RecurrentNFS- Operations Presentation - Recurrent
NFS- Operations Presentation - Recurrenttoniquemcintosh1
 
hyundai capital 2023 consolidated financial statements
hyundai capital 2023 consolidated financial statementshyundai capital 2023 consolidated financial statements
hyundai capital 2023 consolidated financial statementsirhcs
 
Stages of Startup Funding - An Explainer
Stages of Startup Funding - An ExplainerStages of Startup Funding - An Explainer
Stages of Startup Funding - An ExplainerAlejandro Cremades
 
Powerpoint showing results from tik tok metrics
Powerpoint showing results from tik tok metricsPowerpoint showing results from tik tok metrics
Powerpoint showing results from tik tok metricsCaitlinCummins3
 
Global Internal Audit Standards 2024.pdf
Global Internal Audit Standards 2024.pdfGlobal Internal Audit Standards 2024.pdf
Global Internal Audit Standards 2024.pdfAmer Morgan
 
Series A Fundraising Guide (Investing Individuals Improving Our World) by Accion
Series A Fundraising Guide (Investing Individuals Improving Our World) by AccionSeries A Fundraising Guide (Investing Individuals Improving Our World) by Accion
Series A Fundraising Guide (Investing Individuals Improving Our World) by AccionAlejandro Cremades
 

Recently uploaded (20)

How to Maintain Healthy Life style.pptx
How to Maintain  Healthy Life style.pptxHow to Maintain  Healthy Life style.pptx
How to Maintain Healthy Life style.pptx
 
Hyundai capital 2024 1q Earnings release
Hyundai capital 2024 1q Earnings releaseHyundai capital 2024 1q Earnings release
Hyundai capital 2024 1q Earnings release
 
HAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future ProspectsHAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future Prospects
 
1Q24_EN hyundai capital 1q performance
1Q24_EN   hyundai capital 1q performance1Q24_EN   hyundai capital 1q performance
1Q24_EN hyundai capital 1q performance
 
tekAura | Desktop Procedure Template (2016)
tekAura | Desktop Procedure Template (2016)tekAura | Desktop Procedure Template (2016)
tekAura | Desktop Procedure Template (2016)
 
Falcon Invoice Discounting Setup for Small Businesses
Falcon Invoice Discounting Setup for Small BusinessesFalcon Invoice Discounting Setup for Small Businesses
Falcon Invoice Discounting Setup for Small Businesses
 
stock price prediction using machine learning
stock price prediction using machine learningstock price prediction using machine learning
stock price prediction using machine learning
 
Copyright: What Creators and Users of Art Need to Know
Copyright: What Creators and Users of Art Need to KnowCopyright: What Creators and Users of Art Need to Know
Copyright: What Creators and Users of Art Need to Know
 
Sedex Members Ethical Trade Audit (SMETA) Measurement Criteria
Sedex Members Ethical Trade Audit (SMETA) Measurement CriteriaSedex Members Ethical Trade Audit (SMETA) Measurement Criteria
Sedex Members Ethical Trade Audit (SMETA) Measurement Criteria
 
8 Questions B2B Commercial Teams Can Ask To Help Product Discovery
8 Questions B2B Commercial Teams Can Ask To Help Product Discovery8 Questions B2B Commercial Teams Can Ask To Help Product Discovery
8 Questions B2B Commercial Teams Can Ask To Help Product Discovery
 
Toyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & TransformationsToyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & Transformations
 
TriStar Gold Corporate Presentation May 2024
TriStar Gold Corporate Presentation May 2024TriStar Gold Corporate Presentation May 2024
TriStar Gold Corporate Presentation May 2024
 
Your Work Matters to God RestorationChurch.pptx
Your Work Matters to God RestorationChurch.pptxYour Work Matters to God RestorationChurch.pptx
Your Work Matters to God RestorationChurch.pptx
 
Expert Cross-Border Financial Planning Advisors
Expert Cross-Border Financial Planning AdvisorsExpert Cross-Border Financial Planning Advisors
Expert Cross-Border Financial Planning Advisors
 
NFS- Operations Presentation - Recurrent
NFS- Operations Presentation - RecurrentNFS- Operations Presentation - Recurrent
NFS- Operations Presentation - Recurrent
 
hyundai capital 2023 consolidated financial statements
hyundai capital 2023 consolidated financial statementshyundai capital 2023 consolidated financial statements
hyundai capital 2023 consolidated financial statements
 
Stages of Startup Funding - An Explainer
Stages of Startup Funding - An ExplainerStages of Startup Funding - An Explainer
Stages of Startup Funding - An Explainer
 
Powerpoint showing results from tik tok metrics
Powerpoint showing results from tik tok metricsPowerpoint showing results from tik tok metrics
Powerpoint showing results from tik tok metrics
 
Global Internal Audit Standards 2024.pdf
Global Internal Audit Standards 2024.pdfGlobal Internal Audit Standards 2024.pdf
Global Internal Audit Standards 2024.pdf
 
Series A Fundraising Guide (Investing Individuals Improving Our World) by Accion
Series A Fundraising Guide (Investing Individuals Improving Our World) by AccionSeries A Fundraising Guide (Investing Individuals Improving Our World) by Accion
Series A Fundraising Guide (Investing Individuals Improving Our World) by Accion
 

Can Cyber Insurance Enforce Change in Enterprise GRC

  • 1. A Silver Bullet Solution or a Risk CYBER INSURANCE
  • 2. Kollam, Aug 19, 2016 We Are A Reality Check On The Past Present & Future of National Security & Cybersecurity .in
  • 3. Kollam, Aug 19, 2016 Can Cyber Insurance enforce change in the cybersecurity DNA of organizations?
  • 4. Kollam, Aug 19, 2016 In India – IT Act asks for “reasonable security” PSUs, Enterprises seek - ISO27001, - PCI-DSS, - ISO22301, - Guidelines from RBI, SEBI, IDRBT
  • 5. Kollam, Aug 19, 2016 The Risks are many too… Ransomware Business Email Compromise Insider Threat Espionage APT etc
  • 6. Kollam, Aug 19, 2016 Some Cyber Insurance “Issues” SONY – claim by movie producer after 2 years TARGET – ongoing litigation
  • 7. Kollam, Aug 19, 2016 • What will a policy cover • ISMS, BCP, IAM, Devices, Insider threat, IP, Server, Endpoints, Mistakes, Accidents, Disasters, Ransomware, Spam, Malware, Change Management, Database, Phishing, Whaling, Spear Phishing … • If the organization has an ISMS is it SECURE • Does ISMS include ransomware, or, Phishing include whaling etc • Who will assess the incident – is assessor qualified • Organization has to make public announcement and lodge a formal complaint
  • 8. Kollam, Aug 19, 2016 Cyber Insurance Brings Promise of lowering the risk
  • 9. Kollam, Aug 19, 2016 How can Insurance enforce Security ?
  • 10. Kollam, Aug 19, 2016 - Organization HAS to have effective controls - Security has to be “in the spirit and DNA” - Management has to assume full responsibility - Governance and traceability - Common and automated platforms that are prescribed by Insurer
  • 11. Kollam, Aug 19, 2016 - While Insurance will de-risk an individual or an organization - INSURANCE IS A RISK TOO
  • 12. Kollam, Aug 19, 2016 Decide wisely • You are ISO27001 certified – does this make you a good candidate for insurance • Will the assessor be willing to accept your security status / control design and effectiveness and settle your claim • Think far and wide when you buy • Discuss common ground for assessment with your insurer • Assess your insurers maturity while the insurer assesses yours • Optimize your controls system to align with insurance needs
  • 14. Kollam, Aug 19, 2016 ABriefIntroduction Dinesh O Bareja CISA, CISM, ITIL, ISMS, Cert ERM, Cert IPR • Principal Advisor – Pyramid Cyber Security & Forensic Pvt Ltd • Co-Founder – Open Security Alliance , IndiaWatch, Indian Honeynet Project, • Ex Cyber Surveillance Advisor – CDRC (Jharkhand Police – Special Branch) Enterprise & Government Policy Development; Cyber Security Strategy, Design, Architecture; Current State Security Assessment, Audit & Optimization; Governance, Risk Management;.. etc ABOUT ME
  • 15. Kollam, Aug 19, 2016 Who professional infosec expertise and passion to demolish the hype and enable real-life balance in cybersecurity policy, strategy, training and operations at the national, enterprise or individual level – we bring the A Reality Check On The Past Present & Future of National Security & Cybersecurity ABOUTUS What Where E dinesh@opensecurityalliance.org @bizsprite L: linkedin.com/in/dineshbareja +91.9769890505 dineshobareja dineshobareja infosecgallery.blgspot.com securambling.blogspot.com .in