SlideShare a Scribd company logo

The July 2017 Cybersecurity Risk Landscape

Craig McGill
Craig McGill

John Hinchcliffe, one of the talented cybersecurity experts at PwC in Scotland, recently spoke at an ISACA event, talking about the current security risk landscape, highlighting some of the forgotten security risks, and challenging attendees to think about the true value of their data.

Business
1 of 8
Download to read offline
Cyber Security Digital world risk that cannot be ignored www.pwc.co.uk/cyber July 2017 © 2017 PricewaterhouseCoopers LLP
Cyber security context Digital Revolution Growing Cyber Risk More Regulation Cloud “IoTs” Big DataSocial Media Evolving Threats More Connections Talent Shortage Arms Race
Cyber security context Increasing balance between internal and external challenges, threats and demands Security Operations (inc. Intel Fusion) Legacy Technology Flat Global Networks Crown Jewels Discovery Operating Model (Structure & Efficiency) Global Regulatory Landscape Evolution of Threats Digital Innovation Impact of Data Breaches Complex Value Chains (More Interconnections) Internal and external stakeholder challenges are relentless, pushing more demands on investment and resources
Threat actor motivation Threats are rapidly increasing and evolving Employee falls victim to a phishing attack compromising ~ 80,270 patient records (December 2016) ££££££££££Mitigation Cost: Threatactorsophistication Accidental Malware non-targeted Cyber Terrorist Organised Cyber Criminal State - Sponsored Attacks Competitor Disgruntled ex-Employee 3rd Party Provider Hacker Hobbyist Hacktivist Insider 110 million credit card details stolen (November 2013) Nation States Cyber Regimes (e.g. Equation Group) DDoS attack on price sensitive information feeds (August 2011) Lulzsec & Anonymous targeted hacktivists (2012-2013) Malware wipes 10,000 desktop hard drives (August 2012) £2.3m FSA fine for data loss (August 2010) Edward Snowden discloses NSA and GCHQ spying programmes (June 2013) Employee copies 35,000 client details to personal computer (August 2012) $101m stolen through fraudulent payment instructions sent via SWIFT (February 2016) Bangladesh Central Bank Widespread DDoS attack on upstream DNS provider (October 2016) 20m credit card stolen by employee (January 2014) Disgruntled Customer DDoS attack on competitor payments system (July 2010) Malware found on payment processing servers at ~1,200 on-site restaurants and bars, stealing cardholder names and card information (August – December 2016) 500m account details stolen from company database (September 2016) Scammed into wiring + $100m to scammer's bank accounts deceptively posing as Asian-based manufacturer (2013 – 2015)
The trend in financial fraud perpetrated by cyber criminals Cyber criminals are leveraging their more sophisticated knowledge of financial markets to seek greater rewards  Banks’ Finance Systems Retail Online Banking Customer Banks’ Funds Transfer Systems Commercial Online Banking Customers Changing Targets 18 months ago3 years ago5 + years ago Today Next? Exchanges or Clearing Houses $$$$$ $$$$ $$$ $$ $ Carbanak ATM Malware Dridex Banking Malware SWIFT Alliance Access Interface Manipulation of order books and/or create market imbalances by interrupting data feeds? Next? Exposure AttackComplexity Size represents total breach exposure ValueChain Odinaff Trojan Malware
Practical exercise
This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers LLP, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2017 PricewaterhouseCoopers LLP. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers LLP (a limited liability partnership in the United Kingdom) which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.

Recommended

ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureCraig McGill
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsWynyard Group
 
Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityIna Luft
 
ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
Social Engineering the CEO
Social Engineering the CEOSocial Engineering the CEO
Social Engineering the CEOKevin Duffey
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
CEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackCEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackKevin Duffey
 

Recommended

ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureCraig McGill
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsWynyard Group
 
Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityIna Luft
 
ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
Social Engineering the CEO
Social Engineering the CEOSocial Engineering the CEO
Social Engineering the CEOKevin Duffey
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
CEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackCEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackKevin Duffey
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeKevin Duffey
 
Cyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldCyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldKevin Duffey
 
Strategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleStrategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleKevin Duffey
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyAgus Wicaksono
 
When thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacksWhen thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacksSangram Gayal
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
 
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceCollege Development Network
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilienceAndrew Bycroft
 
Online Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client AccountsOnline Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client Accountscorelink11
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016ColloqueRISQ
 
Simple Safe Steps to Cyber Security
Simple Safe Steps to Cyber SecuritySimple Safe Steps to Cyber Security
Simple Safe Steps to Cyber SecurityHudson Valley Public Relations
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideInspiring Women
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
 
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Proofpoint
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for NonprofitsCommunity IT Innovators
 
Internet threats- How to protect the Africa consumer
Internet threats- How to protect the Africa consumer Internet threats- How to protect the Africa consumer
Internet threats- How to protect the Africa consumer Self
 
Cyber Risk – The New Norm
Cyber Risk – The New NormCyber Risk – The New Norm
Cyber Risk – The New NormNICSA
 
Cyber attacks in 2021
Cyber attacks in 2021Cyber attacks in 2021
Cyber attacks in 2021redteamacademypromo
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSRandall Chase
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesPaige Rasid
 
Security Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you knowSecurity Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you knowqmatheson
 

More Related Content

What's hot

Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeKevin Duffey
 
Cyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldCyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldKevin Duffey
 
Strategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleStrategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleKevin Duffey
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyAgus Wicaksono
 
When thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacksWhen thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacksSangram Gayal
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
 
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceCollege Development Network
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilienceAndrew Bycroft
 
Online Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client AccountsOnline Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client Accountscorelink11
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016ColloqueRISQ
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideInspiring Women
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
 
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Proofpoint
 
Internet threats- How to protect the Africa consumer
Internet threats- How to protect the Africa consumer Internet threats- How to protect the Africa consumer
Internet threats- How to protect the Africa consumer Self
 
Cyber Risk – The New Norm
Cyber Risk – The New NormCyber Risk – The New Norm
Cyber Risk – The New NormNICSA
 

What's hot (19)

Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crime
 
Cyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldCyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's world
 
Strategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleStrategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a Role
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
When thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacksWhen thieves strike: Executive briefing on SWIFT attacks
When thieves strike: Executive briefing on SWIFT attacks
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber Security
 
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
 
Online Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client AccountsOnline Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client Accounts
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016
 
Simple Safe Steps to Cyber Security
Simple Safe Steps to Cyber SecuritySimple Safe Steps to Cyber Security
Simple Safe Steps to Cyber Security
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice Guide
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
 
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for Nonprofits
 
Internet threats- How to protect the Africa consumer
Internet threats- How to protect the Africa consumer Internet threats- How to protect the Africa consumer
Internet threats- How to protect the Africa consumer
 
Cyber Risk – The New Norm
Cyber Risk – The New NormCyber Risk – The New Norm
Cyber Risk – The New Norm
 
Cyber attacks in 2021
Cyber attacks in 2021Cyber attacks in 2021
Cyber attacks in 2021
 

Similar to The July 2017 Cybersecurity Risk Landscape

Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSRandall Chase
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesPaige Rasid
 
Security Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you knowSecurity Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you knowqmatheson
 
7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptx7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptxIT Company Dubai
 
Corporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityCorporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityJoan Weber
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Jay Kesan
 
Third party risk management with cyber threat intelligence
Third party risk management with cyber threat intelligenceThird party risk management with cyber threat intelligence
Third party risk management with cyber threat intelligenceCharles Steve
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...TraintechTde
 
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughScared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughXeneta
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020CBIZ, Inc.
 
BIZGrowth Strategies - Cybersecurity Special Edition
BIZGrowth Strategies - Cybersecurity Special EditionBIZGrowth Strategies - Cybersecurity Special Edition
BIZGrowth Strategies - Cybersecurity Special EditionCBIZ, Inc.
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
 
2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summarypatmisasi
 
CTEK Cyber Briefing - April 2022.pptx
CTEK Cyber Briefing - April 2022.pptxCTEK Cyber Briefing - April 2022.pptx
CTEK Cyber Briefing - April 2022.pptxSophia Price
 
CynergisTek Cyber Briefing April 2022
CynergisTek Cyber Briefing April 2022CynergisTek Cyber Briefing April 2022
CynergisTek Cyber Briefing April 2022SophiaPalmira1
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Rahul Neel Mani
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselCasey Ellis
 

Similar to The July 2017 Cybersecurity Risk Landscape (20)

Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
 
Security Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you knowSecurity Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you know
 
7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptx7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptx
 
Corporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityCorporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber Security
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
 
Third party risk management with cyber threat intelligence
Third party risk management with cyber threat intelligenceThird party risk management with cyber threat intelligence
Third party risk management with cyber threat intelligence
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
 
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughScared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020
 
BIZGrowth Strategies - Cybersecurity Special Edition
BIZGrowth Strategies - Cybersecurity Special EditionBIZGrowth Strategies - Cybersecurity Special Edition
BIZGrowth Strategies - Cybersecurity Special Edition
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security Study
 
2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary
 
CTEK Cyber Briefing - April 2022.pptx
CTEK Cyber Briefing - April 2022.pptxCTEK Cyber Briefing - April 2022.pptx
CTEK Cyber Briefing - April 2022.pptx
 
CynergisTek Cyber Briefing April 2022
CynergisTek Cyber Briefing April 2022CynergisTek Cyber Briefing April 2022
CynergisTek Cyber Briefing April 2022
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 

More from Craig McGill

Craig McGill personal branding talk at Scotappcon
Craig McGill personal branding talk at ScotappconCraig McGill personal branding talk at Scotappcon
Craig McGill personal branding talk at ScotappconCraig McGill
 
Social Media, Newswriting and making stories work online
Social Media, Newswriting and making stories work onlineSocial Media, Newswriting and making stories work online
Social Media, Newswriting and making stories work onlineCraig McGill
 
Whisky, social media and digital engagement for ROI
Whisky, social media and digital engagement for ROIWhisky, social media and digital engagement for ROI
Whisky, social media and digital engagement for ROICraig McGill
 
Whisky & Social Media
Whisky & Social MediaWhisky & Social Media
Whisky & Social MediaCraig McGill
 
Crossplatform content and journalism week 4
Crossplatform content and journalism week 4Crossplatform content and journalism week 4
Crossplatform content and journalism week 4Craig McGill
 
Napier CrossPlatform Content week two - Journalist as a brand
Napier CrossPlatform Content week two - Journalist as a brandNapier CrossPlatform Content week two - Journalist as a brand
Napier CrossPlatform Content week two - Journalist as a brandCraig McGill
 
Crossplatform content/journalism week 1 - Why use social media for journalism
Crossplatform content/journalism week 1 - Why use social media for journalismCrossplatform content/journalism week 1 - Why use social media for journalism
Crossplatform content/journalism week 1 - Why use social media for journalismCraig McGill
 
Youthlink Scotland and Social Media
Youthlink Scotland and Social MediaYouthlink Scotland and Social Media
Youthlink Scotland and Social MediaCraig McGill
 
Crossplatform Content week 2
Crossplatform Content week 2Crossplatform Content week 2
Crossplatform Content week 2Craig McGill
 
Rangers FC Social Media pitch
Rangers FC Social Media pitchRangers FC Social Media pitch
Rangers FC Social Media pitchCraig McGill
 
Lustre purelight acne findings pdf
Lustre purelight acne findings pdfLustre purelight acne findings pdf
Lustre purelight acne findings pdfCraig McGill
 
Scotland & the Social Media Problem with Business
Scotland & the Social Media Problem with BusinessScotland & the Social Media Problem with Business
Scotland & the Social Media Problem with BusinessCraig McGill
 

More from Craig McGill (12)

Craig McGill personal branding talk at Scotappcon
Craig McGill personal branding talk at ScotappconCraig McGill personal branding talk at Scotappcon
Craig McGill personal branding talk at Scotappcon
 
Social Media, Newswriting and making stories work online
Social Media, Newswriting and making stories work onlineSocial Media, Newswriting and making stories work online
Social Media, Newswriting and making stories work online
 
Whisky, social media and digital engagement for ROI
Whisky, social media and digital engagement for ROIWhisky, social media and digital engagement for ROI
Whisky, social media and digital engagement for ROI
 
Whisky & Social Media
Whisky & Social MediaWhisky & Social Media
Whisky & Social Media
 
Crossplatform content and journalism week 4
Crossplatform content and journalism week 4Crossplatform content and journalism week 4
Crossplatform content and journalism week 4
 
Napier CrossPlatform Content week two - Journalist as a brand
Napier CrossPlatform Content week two - Journalist as a brandNapier CrossPlatform Content week two - Journalist as a brand
Napier CrossPlatform Content week two - Journalist as a brand
 
Crossplatform content/journalism week 1 - Why use social media for journalism
Crossplatform content/journalism week 1 - Why use social media for journalismCrossplatform content/journalism week 1 - Why use social media for journalism
Crossplatform content/journalism week 1 - Why use social media for journalism
 
Youthlink Scotland and Social Media
Youthlink Scotland and Social MediaYouthlink Scotland and Social Media
Youthlink Scotland and Social Media
 
Crossplatform Content week 2
Crossplatform Content week 2Crossplatform Content week 2
Crossplatform Content week 2
 
Rangers FC Social Media pitch
Rangers FC Social Media pitchRangers FC Social Media pitch
Rangers FC Social Media pitch
 
Lustre purelight acne findings pdf
Lustre purelight acne findings pdfLustre purelight acne findings pdf
Lustre purelight acne findings pdf
 
Scotland & the Social Media Problem with Business
Scotland & the Social Media Problem with BusinessScotland & the Social Media Problem with Business
Scotland & the Social Media Problem with Business
 

Recently uploaded

Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesKeppelCorporation
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024Matteo Carbone
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadAyesha Khan
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckHajeJanKamps
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxMarkAnthonyAurellano
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...ssuserf63bd7
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportMintel Group
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 

Recently uploaded (20)

Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation Slides
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample Report
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 

The July 2017 Cybersecurity Risk Landscape

  • 1. Cyber Security Digital world risk that cannot be ignored www.pwc.co.uk/cyber July 2017 © 2017 PricewaterhouseCoopers LLP
  • 2. Cyber security context Digital Revolution Growing Cyber Risk More Regulation Cloud “IoTs” Big DataSocial Media Evolving Threats More Connections Talent Shortage Arms Race
  • 3. Cyber security context Increasing balance between internal and external challenges, threats and demands Security Operations (inc. Intel Fusion) Legacy Technology Flat Global Networks Crown Jewels Discovery Operating Model (Structure & Efficiency) Global Regulatory Landscape Evolution of Threats Digital Innovation Impact of Data Breaches Complex Value Chains (More Interconnections) Internal and external stakeholder challenges are relentless, pushing more demands on investment and resources
  • 4. Threat actor motivation Threats are rapidly increasing and evolving Employee falls victim to a phishing attack compromising ~ 80,270 patient records (December 2016) ££££££££££Mitigation Cost: Threatactorsophistication Accidental Malware non-targeted Cyber Terrorist Organised Cyber Criminal State - Sponsored Attacks Competitor Disgruntled ex-Employee 3rd Party Provider Hacker Hobbyist Hacktivist Insider 110 million credit card details stolen (November 2013) Nation States Cyber Regimes (e.g. Equation Group) DDoS attack on price sensitive information feeds (August 2011) Lulzsec & Anonymous targeted hacktivists (2012-2013) Malware wipes 10,000 desktop hard drives (August 2012) £2.3m FSA fine for data loss (August 2010) Edward Snowden discloses NSA and GCHQ spying programmes (June 2013) Employee copies 35,000 client details to personal computer (August 2012) $101m stolen through fraudulent payment instructions sent via SWIFT (February 2016) Bangladesh Central Bank Widespread DDoS attack on upstream DNS provider (October 2016) 20m credit card stolen by employee (January 2014) Disgruntled Customer DDoS attack on competitor payments system (July 2010) Malware found on payment processing servers at ~1,200 on-site restaurants and bars, stealing cardholder names and card information (August – December 2016) 500m account details stolen from company database (September 2016) Scammed into wiring + $100m to scammer's bank accounts deceptively posing as Asian-based manufacturer (2013 – 2015)
  • 5. The trend in financial fraud perpetrated by cyber criminals Cyber criminals are leveraging their more sophisticated knowledge of financial markets to seek greater rewards  Banks’ Finance Systems Retail Online Banking Customer Banks’ Funds Transfer Systems Commercial Online Banking Customers Changing Targets 18 months ago3 years ago5 + years ago Today Next? Exchanges or Clearing Houses $$$$$ $$$$ $$$ $$ $ Carbanak ATM Malware Dridex Banking Malware SWIFT Alliance Access Interface Manipulation of order books and/or create market imbalances by interrupting data feeds? Next? Exposure AttackComplexity Size represents total breach exposure ValueChain Odinaff Trojan Malware
  • 6.
  • 8. This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers LLP, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2017 PricewaterhouseCoopers LLP. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers LLP (a limited liability partnership in the United Kingdom) which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.