Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Webinar 3: Cybersecurity / Coronavirus Homeworking Challenge
Programme  Introduction by Toon Vanagt  Fintech industry: A reliable partner for the financial sector by Professor Georg...
Your Speakers Georges Ataya Academic Director at Solvay Brussels School Managing partner Ataya & partner Co-Founder of the...
Cybersecurity context Fintech concerns for Cybersecurity European regulations and guidelines Certification for SME Cyberse...
Urgent Cyber Security Issues 1. Financial Crimes 2.The Rise of Multi-Cloud Computing 3. Third-Party and Supply Chain Attac...
Sources of external threat Intelligence Agencies Criminal Groups Terrorist Groups Activist Groups Armed Forces 7
The fact that there’re many cases in which large traditional banks have failed to protect the data of their customers do n...
EU RegulationseIDAS
setting the security and notification requirements for digital service providers and build national capabilities help to m...
Cyber Security Coalition & CCB Elements of the scheme Page 13 Cybersecurity Fundamentals for SME Plan your cyber security ...
Cyber Security Coalition & CCB Elements of the scheme Page 14 Cybersecurity Fundamentals for SME https://cyberguide.ccb.be...
Awareness Campaigns 15
Cybersecurity Awareness Corporate and general Management Application Development Business managers and Users IT Profession...
Rising risks in the digital economy
Building higher defensive walls and installing defense-in-depth solutions © Copyright ICTC.EU 2017© 2017 ICT Control NV SA...
Source ISACA.ORG 19 What level of protection do we need?
IDENTIFY DETECT PROTECT RESPOND Cybersecurity processes 20 RECOVER © 2015 ICTC.EU
IDENTIFY DETECT PROTECT RECOVER RESPOND Functions Develop and implement Cybersecurity processes 21
DETECT DE.AE-5: Incident alert thresholds are established DE.AE-1 DE.AE-2 DE.AE-3 DE.AE-4 • COBIT 5 APO12.06 • ISA 62443-2...
24 A MANAGER FOR CYBER SECURITY PROTECTION and INCIDENT MANAGEMENT Information Security Governance Information Security In...
SHORTAGES OF DIGITAL PROFESSIONALS 10 avril 2020 ©2020 Ataya & Partners. All Rights Reserved 25 TECH TRENDS WITH STAFFING ...
26 ASSESSMENT OF SKILLS IN DIGITAL GOVERNANCE, TECHNOLOGY, AND TRUST Academy.atayapartners.com/fintech-sessions
DREAM. LEARN. LEAD. • THANKS Full online Education Starting in April 2020 S2 (CISSP preparation) G2 (COBIT 2019) B2 (Data ...
28Academy.atayapartners.com/fintech-sessions Graduation photo Trusted Fintech Program 2018-2019
//academy.atayapartners.com Academy.atayapartners.com/fintech-sessions
Georges Ataya Professor, founder and Academic Director of Digital and information security management at SBS-EM Co-Fouder ...
• NEXT FRIDAY AT 14PM: Webinar: Financial crisis survival / Coronavirus Homeworking Challenge • NEXT THURSDAY APRIL 23rd: ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge - 03-04-20
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge - 03-04-20
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge - 03-04-20
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge - 03-04-20
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge - 03-04-20
Upcoming SlideShare
Loading in …5
×

Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge - 03-04-20

22 views

Published on

Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge - 03-04-20

Published in: Economy & Finance
no profile picture user

  • Be the first to comment

  • Be the first to like this

Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge - 03-04-20

  1. 1. Webinar 3: Cybersecurity / Coronavirus Homeworking Challenge
  2. 2. Programme  Introduction by Toon Vanagt  Fintech industry: A reliable partner for the financial sector by Professor Georges Ataya o Case studies o What methods should be put in place? o The skills that are lacking o Certifications
  3. 3. Your Speakers Georges Ataya Academic Director at Solvay Brussels School Managing partner Ataya & partner Co-Founder of the Belgian Cybersecurity Coalition Co-founder DPO Circle Member of the Advisory Boards at Agoria, BECI, CIONET, ISACA Past International Vice President at ISACA and co- founder of the body of knowledge of CISM and CGEIT Toon Vanagt Host, Board of FinTech Belgium CEO of data.be
  4. 4. Cybersecurity context Fintech concerns for Cybersecurity European regulations and guidelines Certification for SME Cybersecurity skills assessment Competences and knowledge Professional certification Cybersecurity for FINTECH Prof. Georges Ataya
  5. 5. Urgent Cyber Security Issues 1. Financial Crimes 2.The Rise of Multi-Cloud Computing 3. Third-Party and Supply Chain Attacks 4. Shortage of Cybersecurity Professionals 5. More Sophisticated Phishing Exploits 6. Cyber Attacks on the Grid 7. Personal Attacks 8. State-Sponsored Attacks 9. IoT and Autonomous Systems 10. Smart Health Devices and EMR “Cyber crime is big business, with the most elite hackers earning a cool half a million dollars a year just to test system security; the bad guys are raking in billions”. Source: www.csoonline.com The 14 biggest data breaches of the 21st century Adobe Date: October 2013 Impact: 153 million user records Adult Friend Finder Date: October 2016 Impact: 412.2 million accounts Canva Date: May 2019 Impact: 137 million user accounts eBay Date: May 2014 Impact: 145 million users Equifax Date: July 29, 2017 Impact: 147.9 million consumers LinkedIn Date: 2012 (and 2016) Impact: 165 million user accounts Marriott International Date: 2014-18 Impact: 500 million customers Yahoo Date: 2013-14 Impact: 3 billion user accounts
  6. 6. Sources of external threat Intelligence Agencies Criminal Groups Terrorist Groups Activist Groups Armed Forces 7
  7. 7. The fact that there’re many cases in which large traditional banks have failed to protect the data of their customers do not imply that Fintech is better than other financial institutions Source: FSBT.TECH (Open API Platform) A report by PWC indicates that it is easy for the new banks to focus on securing the activities of their clients on their systems than for large conventional banks.
  8. 8. EU RegulationseIDAS
  9. 9. setting the security and notification requirements for digital service providers and build national capabilities help to manage digital identities by providing online trust and allows citizens and business to use national eID and trust services across borders gives control to individuals over their personal data and to simplify the regulatory environment for international business eIDAS framework for European Cybersecurity Certificates for products, processes and services that will be valid throughout the EU
  10. 10. Cyber Security Coalition & CCB Elements of the scheme Page 13 Cybersecurity Fundamentals for SME Plan your cyber security • Understand the enterprise context • Management commitment • Training, communication and awareness • Custom made or internally developed software and hardware • Incident management basics Manage risks for your most important assets • Inventory of IT devices • Risk management (Predefined) • Information classification and handling (minimum mores) • Backups and Restore Cybersecurity Technical measures • Firewalls • Secured configuration • User access controls • Malware • Patch management • Email Security https://cyberguide.ccb.belgium.be/en
  11. 11. Cyber Security Coalition & CCB Elements of the scheme Page 14 Cybersecurity Fundamentals for SME https://cyberguide.ccb.belgium.be/en Project 1 Project 2 Project 3 Project 4 Project 5 Self-assessment questionnaire & tool Promotion & Communication Advice Development Labelling Currently on hold Registry of specialists & solution providers
  12. 12. Awareness Campaigns 15
  13. 13. Cybersecurity Awareness Corporate and general Management Application Development Business managers and Users IT Professionals Information Security Professionals Awareness Classes Incident Management Guide 16
  14. 14. Rising risks in the digital economy
  15. 15. Building higher defensive walls and installing defense-in-depth solutions © Copyright ICTC.EU 2017© 2017 ICT Control NV SA - No reproduction or reuse 18
  16. 16. Source ISACA.ORG 19 What level of protection do we need?
  17. 17. IDENTIFY DETECT PROTECT RESPOND Cybersecurity processes 20 RECOVER © 2015 ICTC.EU
  18. 18. IDENTIFY DETECT PROTECT RECOVER RESPOND Functions Develop and implement Cybersecurity processes 21
  19. 19. DETECT DE.AE-5: Incident alert thresholds are established DE.AE-1 DE.AE-2 DE.AE-3 DE.AE-4 • COBIT 5 APO12.06 • ISA 62443-2-1:2009 4.2.3.10 • NIST SP 800-53 Rev. 4 IR-4, IR-5, IR-8 Anomalies and Events (DE.AE): Anomalous activity is detected in a timely manner and the potential impact of events is understood. © 2015 ICTC.EU 22© 2017 ICT Control NV SA - No reproduction or reuse The need for good business practices
  20. 20. 24 A MANAGER FOR CYBER SECURITY PROTECTION and INCIDENT MANAGEMENT Information Security Governance Information Security Incident Management Information Security Program Development & Management Information Risk Management & Compliance
  21. 21. SHORTAGES OF DIGITAL PROFESSIONALS 10 avril 2020 ©2020 Ataya & Partners. All Rights Reserved 25 TECH TRENDS WITH STAFFING NEEDS Machine learning; Big data Blockchain Digital transformation Cyber security; IoT security; Cloud; Privacy by design 3D printing Agile and a DevOps; Technical debt and legacy debt Various sources INFORMATION SECURITY PROFESSIONS 1. App security engineer 2. Cyber security consultant 3. Data protection officer 4. Chief security officer 5. Security analyst 6. Security engineer 7. Security architect 8. Security and penetration testing expert Source: esecurityplanet.com CYBERSECURITY PROFESSIONS 1. Ethical hacker 2. Information Security Analyst 3. Penetration Tester/Vulnerability Analyst 4. Digital Forensic Analyst 5. Security Software Developer 6. Chief Information Security Officer (CISO) 7. Network Engineer/Security Architect 8. Incident Handler source: eccouncil.org
  22. 22. 26 ASSESSMENT OF SKILLS IN DIGITAL GOVERNANCE, TECHNOLOGY, AND TRUST Academy.atayapartners.com/fintech-sessions
  23. 23. DREAM. LEARN. LEAD. • THANKS Full online Education Starting in April 2020 S2 (CISSP preparation) G2 (COBIT 2019) B2 (Data Management) M2 (Application development) April and May 2020
  24. 24. 28Academy.atayapartners.com/fintech-sessions Graduation photo Trusted Fintech Program 2018-2019
  25. 25. //academy.atayapartners.com Academy.atayapartners.com/fintech-sessions
  26. 26. Georges Ataya Professor, founder and Academic Director of Digital and information security management at SBS-EM Co-Fouder of the Belgian Cybersecurity Coalition Co-founder DPO Circle Member of the Advisory Board: Agoria, BECI, CIONET, ISACA, belgian Cybersecurity Coalition Managing Director ICT Control advisory firm Founded IT Management Academy Past International Vice President at ISACA Past Partner Ernst & Young Past Deputy International CIO ITT World Directories Previously Project Manager and Senior IT Auditor Linkedin: ataya Academy.atayapartners.com/fintech-sessions
  27. 27. • NEXT FRIDAY AT 14PM: Webinar: Financial crisis survival / Coronavirus Homeworking Challenge • NEXT THURSDAY APRIL 23rd: Digital Classroom: How to become and stay licensed in Belgium?, April 23rd from 2pm to 6pm, in collaboration with Febelfin Academy

×