SlideShare a Scribd company logo

Cybersecurity as MIS

College Development Network
College Development Network

This document discusses how cybersecurity has traditionally been seen as an IT issue rather than a business issue, and how management information systems (MIS) can help bridge the gap between cybersecurity and business operations. The key points made are: 1) Cybersecurity departments collect and analyze large amounts of business data but have struggled to define meaningful metrics and communicate risks to business stakeholders in a way that supports decision-making. 2) MIS understands how to support business decision-making through reporting and can help cybersecurity define key performance indicators that are meaningful to the business rather than just technical metrics. 3) By gaining access to cybersecurity data and integrating cybersecurity elements into existing reporting, MIS can act as a translator between

Education
1 of 23
CYBERSECURITY AS MIS JORDAN M. SCHROEDER COO HEFESTIS LTD.
OVERVIEW •Cyber is not an IT issue but a business issue •Cyber depts consume the most business data •Cyber is trying to be MIS, but poorly •Mismatch between existing MIS and Cyber •How MIS and Cyber can work together
CYBER IS NOT AN IT ISSUE •Business strategy •Business processes •Behaviors •Technology, tools, training
EXAMPLE: FIREWALLS •Connecting to the Internet is a benefit to the business • Information access • Information sharing • Speed • Services
EXAMPLE: FIREWALLS •Just like doors, they allow access both ways •Doors need locks •Process for locking and checking the locks at night is a management issue •Same for the process for installing and reviewing firewalls
“ ” IF EVERYONE DID EVERYTHING THEY WERE SUPPOSED TO DO, NO ONE WOULD NEED OUR PRODUCT. Symantec CTO Technology exists to support good behaviors and processes.
CYBER CONSUMES THE MOST DATA •Cyber departments connect to every business system •Network data •Operational data •Risk-based content data •DLP (Data Loss Prevention) systems
CYBER CONSUMES THE MOST DATA •# of successful audits •# of systems patched •# of policy violations •# of flaws found by audits •# of compromised accounts •% of systems risk- assessed •% of staff taking training •% of bad network traffic •% of code peer-
CYBER ANALYSES THE MOST DATA •Thresholds •KPIs •Anomalies •Direct risks to the organisation
TYPICAL ANALYSES •Operational incidents •Non-compliant behavior •Results of inefficient processes •Internal & External business threats •Internal & External process vulnerabilities
CYBER DATA COLLECTION PROBLEM •Too many systems •Systems not designed to interface with each other •No common data definition •No common foundation to compare data collected •Systems to collect and process varied data is
MIS ASKS CYBER FOR ACCESS TO DATA
CYBER METRICS PROBLEM •Lots of things to measure •Metrics require meaning to the measures •What’s important? What’s not? •What needs to get reported at the top? •How are KPIs defined?
CYBER TRYING TO LEARN MIS •Common conference and article topic •Not a lot of mature advice
CYBER TRYING TO LEARN MIS •Curse of Knowledge •Non-business people trying to figure out what business cares about •Business people hoping someone tells them something they should care about
CYBER TRYING TO LEARN MIS •Protection tools purchased without defining benefit • Biz: “Stop bad things from happening” • Cyber: “We installed this thing to stop bad things” • Biz: “We won’t have any more bad things?” • Cyber: “No, but maybe fewer bad things will happen. Just in case, don’t click on dodgy emails.”
MIS IS ABOUT DECISION-MAKING SUPPORT
MIS, MEET CYBER •ROI and cyber don’t mix •“Cyber isn’t a thing” •Fraud, compliance, uptime, customer data toxic assets, operational impacts
MIS, MEET CYBER •MIS can fill a gap that the business and the cyber department don’t even know they have •MIS knows what the business needs to know •Tie the cyber measures to business and project goals
Web server Web servic e Cybersecuri ty Studen t/Staff service s Strateg y MIS
MIS, MEET CYBER •Guide cyber in creating meaningful metrics •Gain access to cyber data and include cybersecurity elements to the reporting you are already doing
BE THE TRANSLATOR BETWEEN CYBER AND THE BUSINESS BOTH WILL THANK YOU FOR IT
THANK YOU!

Recommended

Protecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software TechnologyProtecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software TechnologyShawn Tuma
 
Internet of things
Internet of thingsInternet of things
Internet of thingssarahalrawi90
 
Field Service Mobile Working 2013
Field Service Mobile Working 2013Field Service Mobile Working 2013
Field Service Mobile Working 2013Ken Eastwood
 
Tableau Data Driven Talk - Indianapolis
Tableau Data Driven Talk - IndianapolisTableau Data Driven Talk - Indianapolis
Tableau Data Driven Talk - IndianapolisDaniel Murray
 
Scottish Summit 2021 The Myth of a successful Teams rollout
Scottish Summit 2021 The Myth of a successful Teams rolloutScottish Summit 2021 The Myth of a successful Teams rollout
Scottish Summit 2021 The Myth of a successful Teams rolloutThomas Gölles
 
Real-World Data Governance: BI Governance and the Governance of BI Data
Real-World Data Governance: BI Governance and the Governance of BI DataReal-World Data Governance: BI Governance and the Governance of BI Data
Real-World Data Governance: BI Governance and the Governance of BI DataDATAVERSITY
 
Cloud Computing for Nonprofits by OrgSpring
Cloud Computing for Nonprofits by OrgSpringCloud Computing for Nonprofits by OrgSpring
Cloud Computing for Nonprofits by OrgSpringCraig Grella
 
Webinar Wednesday: Cloud technology: You're Doing It Wrong
Webinar Wednesday: Cloud technology: You're Doing It WrongWebinar Wednesday: Cloud technology: You're Doing It Wrong
Webinar Wednesday: Cloud technology: You're Doing It WrongAccellis Technology Group
 

Recommended

Protecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software TechnologyProtecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software TechnologyShawn Tuma
 
Internet of things
Internet of thingsInternet of things
Internet of thingssarahalrawi90
 
Field Service Mobile Working 2013
Field Service Mobile Working 2013Field Service Mobile Working 2013
Field Service Mobile Working 2013Ken Eastwood
 
Tableau Data Driven Talk - Indianapolis
Tableau Data Driven Talk - IndianapolisTableau Data Driven Talk - Indianapolis
Tableau Data Driven Talk - IndianapolisDaniel Murray
 
Scottish Summit 2021 The Myth of a successful Teams rollout
Scottish Summit 2021 The Myth of a successful Teams rolloutScottish Summit 2021 The Myth of a successful Teams rollout
Scottish Summit 2021 The Myth of a successful Teams rolloutThomas Gölles
 
Real-World Data Governance: BI Governance and the Governance of BI Data
Real-World Data Governance: BI Governance and the Governance of BI DataReal-World Data Governance: BI Governance and the Governance of BI Data
Real-World Data Governance: BI Governance and the Governance of BI DataDATAVERSITY
 
Cloud Computing for Nonprofits by OrgSpring
Cloud Computing for Nonprofits by OrgSpringCloud Computing for Nonprofits by OrgSpring
Cloud Computing for Nonprofits by OrgSpringCraig Grella
 
Webinar Wednesday: Cloud technology: You're Doing It Wrong
Webinar Wednesday: Cloud technology: You're Doing It WrongWebinar Wednesday: Cloud technology: You're Doing It Wrong
Webinar Wednesday: Cloud technology: You're Doing It WrongAccellis Technology Group
 
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth
 
MISA Cloud workshop_ Security and risk mgmt
MISA Cloud workshop_ Security and risk mgmtMISA Cloud workshop_ Security and risk mgmt
MISA Cloud workshop_ Security and risk mgmtMISA Ontario Cloud SIG
 
Bigdata 2014... the year it rained tacos
Bigdata 2014... the year it rained tacosBigdata 2014... the year it rained tacos
Bigdata 2014... the year it rained tacosUpstarts.tv
 
Big data and you
Big data and youBig data and you
Big data and youUpstarts.tv
 
Real-World Data Governance: Selecting the Right Data Governance Approach
Real-World Data Governance: Selecting the Right Data Governance ApproachReal-World Data Governance: Selecting the Right Data Governance Approach
Real-World Data Governance: Selecting the Right Data Governance ApproachDATAVERSITY
 
MongoDB, ANTS, and the IC
MongoDB, ANTS, and the ICMongoDB, ANTS, and the IC
MongoDB, ANTS, and the ICMongoDB
 
Big data myths busted
Big data myths bustedBig data myths busted
Big data myths bustedGary Allemann
 
Laser App Conference 2017 - Aaron Guidotti, Grendel
Laser App Conference 2017 - Aaron Guidotti, GrendelLaser App Conference 2017 - Aaron Guidotti, Grendel
Laser App Conference 2017 - Aaron Guidotti, GrendelLaser App Software
 
Workshop: Processes and practices for effective information governance
Workshop: Processes and practices for effective information governanceWorkshop: Processes and practices for effective information governance
Workshop: Processes and practices for effective information governanceMicheal Axelsen
 
Cloud storage for business
Cloud storage for businessCloud storage for business
Cloud storage for businessWrite and Web
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small BusinessJulius Clark, CISSP, CISA
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small BusinessJulius Clark, CISSP, CISA
 
IT in the Cloud
IT in the CloudIT in the Cloud
IT in the CloudIvanti
 
Meeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand WorldMeeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand WorldHostway|HOSTING
 
Strengthen Your AML Compliance Program with Data Mining
Strengthen Your AML Compliance Program with Data Mining Strengthen Your AML Compliance Program with Data Mining
Strengthen Your AML Compliance Program with Data Mining Alessa
 
CIO 360 grados: empoderamiento total
CIO 360 grados: empoderamiento totalCIO 360 grados: empoderamiento total
CIO 360 grados: empoderamiento totalCorporacion Colombia Digital
 
GDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it EasyGDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it EasyPaul McQuillan
 
Digital Marketing in the "Secure Age"
Digital Marketing in the "Secure Age"Digital Marketing in the "Secure Age"
Digital Marketing in the "Secure Age"Alert Logic
 
Correlation does not mean causation
Correlation does not mean causationCorrelation does not mean causation
Correlation does not mean causationPeter Varhol
 
ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast Logikcull.com
 
Usama Fayyad talk in South Africa: From BigData to Data Science
Usama Fayyad talk in South Africa: From BigData to Data ScienceUsama Fayyad talk in South Africa: From BigData to Data Science
Usama Fayyad talk in South Africa: From BigData to Data ScienceUsama Fayyad
 
Data quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeData quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeStefan Kühn
 

More Related Content

What's hot

SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth
 
MISA Cloud workshop_ Security and risk mgmt
MISA Cloud workshop_ Security and risk mgmtMISA Cloud workshop_ Security and risk mgmt
MISA Cloud workshop_ Security and risk mgmtMISA Ontario Cloud SIG
 
Bigdata 2014... the year it rained tacos
Bigdata 2014... the year it rained tacosBigdata 2014... the year it rained tacos
Bigdata 2014... the year it rained tacosUpstarts.tv
 
Big data and you
Big data and youBig data and you
Big data and youUpstarts.tv
 
Real-World Data Governance: Selecting the Right Data Governance Approach
Real-World Data Governance: Selecting the Right Data Governance ApproachReal-World Data Governance: Selecting the Right Data Governance Approach
Real-World Data Governance: Selecting the Right Data Governance ApproachDATAVERSITY
 
MongoDB, ANTS, and the IC
MongoDB, ANTS, and the ICMongoDB, ANTS, and the IC
MongoDB, ANTS, and the ICMongoDB
 
Big data myths busted
Big data myths bustedBig data myths busted
Big data myths bustedGary Allemann
 
Laser App Conference 2017 - Aaron Guidotti, Grendel
Laser App Conference 2017 - Aaron Guidotti, GrendelLaser App Conference 2017 - Aaron Guidotti, Grendel
Laser App Conference 2017 - Aaron Guidotti, GrendelLaser App Software
 
Workshop: Processes and practices for effective information governance
Workshop: Processes and practices for effective information governanceWorkshop: Processes and practices for effective information governance
Workshop: Processes and practices for effective information governanceMicheal Axelsen
 
Cloud storage for business
Cloud storage for businessCloud storage for business
Cloud storage for businessWrite and Web
 

What's hot (10)

SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
 
MISA Cloud workshop_ Security and risk mgmt
MISA Cloud workshop_ Security and risk mgmtMISA Cloud workshop_ Security and risk mgmt
MISA Cloud workshop_ Security and risk mgmt
 
Bigdata 2014... the year it rained tacos
Bigdata 2014... the year it rained tacosBigdata 2014... the year it rained tacos
Bigdata 2014... the year it rained tacos
 
Big data and you
Big data and youBig data and you
Big data and you
 
Real-World Data Governance: Selecting the Right Data Governance Approach
Real-World Data Governance: Selecting the Right Data Governance ApproachReal-World Data Governance: Selecting the Right Data Governance Approach
Real-World Data Governance: Selecting the Right Data Governance Approach
 
MongoDB, ANTS, and the IC
MongoDB, ANTS, and the ICMongoDB, ANTS, and the IC
MongoDB, ANTS, and the IC
 
Big data myths busted
Big data myths bustedBig data myths busted
Big data myths busted
 
Laser App Conference 2017 - Aaron Guidotti, Grendel
Laser App Conference 2017 - Aaron Guidotti, GrendelLaser App Conference 2017 - Aaron Guidotti, Grendel
Laser App Conference 2017 - Aaron Guidotti, Grendel
 
Workshop: Processes and practices for effective information governance
Workshop: Processes and practices for effective information governanceWorkshop: Processes and practices for effective information governance
Workshop: Processes and practices for effective information governance
 
Cloud storage for business
Cloud storage for businessCloud storage for business
Cloud storage for business
 

Similar to Cybersecurity as MIS

IT in the Cloud
IT in the CloudIT in the Cloud
IT in the CloudIvanti
 
Meeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand WorldMeeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand WorldHostway|HOSTING
 
Strengthen Your AML Compliance Program with Data Mining
Strengthen Your AML Compliance Program with Data Mining Strengthen Your AML Compliance Program with Data Mining
Strengthen Your AML Compliance Program with Data Mining Alessa
 
GDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it EasyGDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it EasyPaul McQuillan
 
Digital Marketing in the "Secure Age"
Digital Marketing in the "Secure Age"Digital Marketing in the "Secure Age"
Digital Marketing in the "Secure Age"Alert Logic
 
Correlation does not mean causation
Correlation does not mean causationCorrelation does not mean causation
Correlation does not mean causationPeter Varhol
 
ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast Logikcull.com
 
Usama Fayyad talk in South Africa: From BigData to Data Science
Usama Fayyad talk in South Africa: From BigData to Data ScienceUsama Fayyad talk in South Africa: From BigData to Data Science
Usama Fayyad talk in South Africa: From BigData to Data ScienceUsama Fayyad
 
Data quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeData quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeStefan Kühn
 
Event Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control SystemsEvent Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control SystemsInfonaligy
 
Community IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best PracticesCommunity IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best PracticesCommunity IT Innovators
 
What hope for privacy in an IoT world?
What hope for privacy in an IoT world? What hope for privacy in an IoT world?
What hope for privacy in an IoT world? kotahinet
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
Starting your digital transformation strategy
Starting your digital transformation strategyStarting your digital transformation strategy
Starting your digital transformation strategyJames Milne
 
Isc(2) eastbay-lenin aboagye
Isc(2) eastbay-lenin aboagyeIsc(2) eastbay-lenin aboagye
Isc(2) eastbay-lenin aboagyeLenin Aboagye
 
How to Communicate the Actual Readiness of your IT Security Program for PCI 3...
How to Communicate the Actual Readiness of your IT Security Program for PCI 3...How to Communicate the Actual Readiness of your IT Security Program for PCI 3...
How to Communicate the Actual Readiness of your IT Security Program for PCI 3...RedZone Technologies
 

Similar to Cybersecurity as MIS (20)

Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
IT in the Cloud
IT in the CloudIT in the Cloud
IT in the Cloud
 
Meeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand WorldMeeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand World
 
Strengthen Your AML Compliance Program with Data Mining
Strengthen Your AML Compliance Program with Data Mining Strengthen Your AML Compliance Program with Data Mining
Strengthen Your AML Compliance Program with Data Mining
 
CIO 360 grados: empoderamiento total
CIO 360 grados: empoderamiento totalCIO 360 grados: empoderamiento total
CIO 360 grados: empoderamiento total
 
GDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it EasyGDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it Easy
 
Digital Marketing in the "Secure Age"
Digital Marketing in the "Secure Age"Digital Marketing in the "Secure Age"
Digital Marketing in the "Secure Age"
 
Correlation does not mean causation
Correlation does not mean causationCorrelation does not mean causation
Correlation does not mean causation
 
ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast
 
Usama Fayyad talk in South Africa: From BigData to Data Science
Usama Fayyad talk in South Africa: From BigData to Data ScienceUsama Fayyad talk in South Africa: From BigData to Data Science
Usama Fayyad talk in South Africa: From BigData to Data Science
 
Data quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeData quality - The True Big Data Challenge
Data quality - The True Big Data Challenge
 
Event Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control SystemsEvent Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control Systems
 
Community IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best PracticesCommunity IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best Practices
 
What hope for privacy in an IoT world?
What hope for privacy in an IoT world? What hope for privacy in an IoT world?
What hope for privacy in an IoT world?
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security Threats
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
 
Starting your digital transformation strategy
Starting your digital transformation strategyStarting your digital transformation strategy
Starting your digital transformation strategy
 
Isc(2) eastbay-lenin aboagye
Isc(2) eastbay-lenin aboagyeIsc(2) eastbay-lenin aboagye
Isc(2) eastbay-lenin aboagye
 
How to Communicate the Actual Readiness of your IT Security Program for PCI 3...
How to Communicate the Actual Readiness of your IT Security Program for PCI 3...How to Communicate the Actual Readiness of your IT Security Program for PCI 3...
How to Communicate the Actual Readiness of your IT Security Program for PCI 3...
 

More from College Development Network

Virtual Bridge Sessions: Making Delivery Online Work for Everyone
Virtual Bridge Sessions: Making Delivery Online Work for EveryoneVirtual Bridge Sessions: Making Delivery Online Work for Everyone
Virtual Bridge Sessions: Making Delivery Online Work for EveryoneCollege Development Network
 
Scottish Moodle User Group (SMUG): Blackboard Ally & Moodle
Scottish Moodle User Group (SMUG): Blackboard Ally & MoodleScottish Moodle User Group (SMUG): Blackboard Ally & Moodle
Scottish Moodle User Group (SMUG): Blackboard Ally & MoodleCollege Development Network
 
Scottish Moodle User Group (SMUG): Blackboard Ally & Moodle
Scottish Moodle User Group (SMUG): Blackboard Ally & MoodleScottish Moodle User Group (SMUG): Blackboard Ally & Moodle
Scottish Moodle User Group (SMUG): Blackboard Ally & MoodleCollege Development Network
 
Virtual Bridge Sessions: Approaches to Learning and Teaching during Remote De...
Virtual Bridge Sessions: Approaches to Learning and Teaching during Remote De...Virtual Bridge Sessions: Approaches to Learning and Teaching during Remote De...
Virtual Bridge Sessions: Approaches to Learning and Teaching during Remote De...College Development Network
 
Virtual Bridge Sessions: Hybrid Delivery - Best of Both Worlds
Virtual Bridge Sessions: Hybrid Delivery - Best of Both WorldsVirtual Bridge Sessions: Hybrid Delivery - Best of Both Worlds
Virtual Bridge Sessions: Hybrid Delivery - Best of Both WorldsCollege Development Network
 
Virtual Bridge Sessions: Social Media, Esports and Copyright - Friends or Foes?
Virtual Bridge Sessions: Social Media, Esports and Copyright - Friends or Foes?Virtual Bridge Sessions: Social Media, Esports and Copyright - Friends or Foes?
Virtual Bridge Sessions: Social Media, Esports and Copyright - Friends or Foes?College Development Network
 
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceCollege Development Network
 
Virtual Bridge Sessions: Managing and Supporting Staff Who Are Delivering Rem...
Virtual Bridge Sessions: Managing and Supporting Staff Who Are Delivering Rem...Virtual Bridge Sessions: Managing and Supporting Staff Who Are Delivering Rem...
Virtual Bridge Sessions: Managing and Supporting Staff Who Are Delivering Rem...College Development Network
 
Virtual Bridge Sessions: Key Messages from Research on Blended or Digital Lea...
Virtual Bridge Sessions: Key Messages from Research on Blended or Digital Lea...Virtual Bridge Sessions: Key Messages from Research on Blended or Digital Lea...
Virtual Bridge Sessions: Key Messages from Research on Blended or Digital Lea...College Development Network
 
Virtual Bridge Sessions: Messages from international experiences
Virtual Bridge Sessions: Messages from international experiencesVirtual Bridge Sessions: Messages from international experiences
Virtual Bridge Sessions: Messages from international experiencesCollege Development Network
 
Public Sector Accessibility Guidelines: What you need to know (and do!)
Public Sector Accessibility Guidelines: What you need to know (and do!)Public Sector Accessibility Guidelines: What you need to know (and do!)
Public Sector Accessibility Guidelines: What you need to know (and do!)College Development Network
 
Enhancing Performance through Data-led Decision Making
Enhancing Performance through Data-led Decision MakingEnhancing Performance through Data-led Decision Making
Enhancing Performance through Data-led Decision MakingCollege Development Network
 

More from College Development Network (20)

Virtual Bridge Sessions: Making Delivery Online Work for Everyone
Virtual Bridge Sessions: Making Delivery Online Work for EveryoneVirtual Bridge Sessions: Making Delivery Online Work for Everyone
Virtual Bridge Sessions: Making Delivery Online Work for Everyone
 
Scottish Moodle User Group (SMUG): Blackboard Ally & Moodle
Scottish Moodle User Group (SMUG): Blackboard Ally & MoodleScottish Moodle User Group (SMUG): Blackboard Ally & Moodle
Scottish Moodle User Group (SMUG): Blackboard Ally & Moodle
 
Scottish Moodle User Group (SMUG): Blackboard Ally & Moodle
Scottish Moodle User Group (SMUG): Blackboard Ally & MoodleScottish Moodle User Group (SMUG): Blackboard Ally & Moodle
Scottish Moodle User Group (SMUG): Blackboard Ally & Moodle
 
Virtual Bridge Sessions: Approaches to Learning and Teaching during Remote De...
Virtual Bridge Sessions: Approaches to Learning and Teaching during Remote De...Virtual Bridge Sessions: Approaches to Learning and Teaching during Remote De...
Virtual Bridge Sessions: Approaches to Learning and Teaching during Remote De...
 
MIS Network Event: Sector Update
MIS Network Event: Sector UpdateMIS Network Event: Sector Update
MIS Network Event: Sector Update
 
MIS Network Event: SFC Update
MIS Network Event: SFC UpdateMIS Network Event: SFC Update
MIS Network Event: SFC Update
 
Digital ID cards at New College Lanarkshire
Digital ID cards at New College LanarkshireDigital ID cards at New College Lanarkshire
Digital ID cards at New College Lanarkshire
 
Virtual Bridge Sessions: Hybrid Delivery - Best of Both Worlds
Virtual Bridge Sessions: Hybrid Delivery - Best of Both WorldsVirtual Bridge Sessions: Hybrid Delivery - Best of Both Worlds
Virtual Bridge Sessions: Hybrid Delivery - Best of Both Worlds
 
Virtual Bridge Sessions: Social Media, Esports and Copyright - Friends or Foes?
Virtual Bridge Sessions: Social Media, Esports and Copyright - Friends or Foes?Virtual Bridge Sessions: Social Media, Esports and Copyright - Friends or Foes?
Virtual Bridge Sessions: Social Media, Esports and Copyright - Friends or Foes?
 
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
 
Virtual Bridge Sessions: Managing and Supporting Staff Who Are Delivering Rem...
Virtual Bridge Sessions: Managing and Supporting Staff Who Are Delivering Rem...Virtual Bridge Sessions: Managing and Supporting Staff Who Are Delivering Rem...
Virtual Bridge Sessions: Managing and Supporting Staff Who Are Delivering Rem...
 
Virtual Bridge Sessions: Pedagogy Matters
Virtual Bridge Sessions: Pedagogy MattersVirtual Bridge Sessions: Pedagogy Matters
Virtual Bridge Sessions: Pedagogy Matters
 
Virtual Bridge Sessions: Key Messages from Research on Blended or Digital Lea...
Virtual Bridge Sessions: Key Messages from Research on Blended or Digital Lea...Virtual Bridge Sessions: Key Messages from Research on Blended or Digital Lea...
Virtual Bridge Sessions: Key Messages from Research on Blended or Digital Lea...
 
Virtual Bridge Sessions: Messages from international experiences
Virtual Bridge Sessions: Messages from international experiencesVirtual Bridge Sessions: Messages from international experiences
Virtual Bridge Sessions: Messages from international experiences
 
Public Sector Accessibility Guidelines: What you need to know (and do!)
Public Sector Accessibility Guidelines: What you need to know (and do!)Public Sector Accessibility Guidelines: What you need to know (and do!)
Public Sector Accessibility Guidelines: What you need to know (and do!)
 
Enhancing Performance through Data-led Decision Making
Enhancing Performance through Data-led Decision MakingEnhancing Performance through Data-led Decision Making
Enhancing Performance through Data-led Decision Making
 
FES Update Summary
FES Update SummaryFES Update Summary
FES Update Summary
 
MyDay Portal
MyDay PortalMyDay Portal
MyDay Portal
 
Online Enrolment and “Onboarding”
Online Enrolment and “Onboarding”Online Enrolment and “Onboarding”
Online Enrolment and “Onboarding”
 
Post-College Destination Data
Post-College Destination DataPost-College Destination Data
Post-College Destination Data
 

Recently uploaded

Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxAnaBeatriceAblay2
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,Virag Sontakke
 

Recently uploaded (20)

Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
 

Cybersecurity as MIS

  • 1. CYBERSECURITY AS MIS JORDAN M. SCHROEDER COO HEFESTIS LTD.
  • 2. OVERVIEW •Cyber is not an IT issue but a business issue •Cyber depts consume the most business data •Cyber is trying to be MIS, but poorly •Mismatch between existing MIS and Cyber •How MIS and Cyber can work together
  • 3. CYBER IS NOT AN IT ISSUE •Business strategy •Business processes •Behaviors •Technology, tools, training
  • 4. EXAMPLE: FIREWALLS •Connecting to the Internet is a benefit to the business • Information access • Information sharing • Speed • Services
  • 5. EXAMPLE: FIREWALLS •Just like doors, they allow access both ways •Doors need locks •Process for locking and checking the locks at night is a management issue •Same for the process for installing and reviewing firewalls
  • 6. “ ” IF EVERYONE DID EVERYTHING THEY WERE SUPPOSED TO DO, NO ONE WOULD NEED OUR PRODUCT. Symantec CTO Technology exists to support good behaviors and processes.
  • 7. CYBER CONSUMES THE MOST DATA •Cyber departments connect to every business system •Network data •Operational data •Risk-based content data •DLP (Data Loss Prevention) systems
  • 8. CYBER CONSUMES THE MOST DATA •# of successful audits •# of systems patched •# of policy violations •# of flaws found by audits •# of compromised accounts •% of systems risk- assessed •% of staff taking training •% of bad network traffic •% of code peer-
  • 9. CYBER ANALYSES THE MOST DATA •Thresholds •KPIs •Anomalies •Direct risks to the organisation
  • 10. TYPICAL ANALYSES •Operational incidents •Non-compliant behavior •Results of inefficient processes •Internal & External business threats •Internal & External process vulnerabilities
  • 11. CYBER DATA COLLECTION PROBLEM •Too many systems •Systems not designed to interface with each other •No common data definition •No common foundation to compare data collected •Systems to collect and process varied data is
  • 12. MIS ASKS CYBER FOR ACCESS TO DATA
  • 13. CYBER METRICS PROBLEM •Lots of things to measure •Metrics require meaning to the measures •What’s important? What’s not? •What needs to get reported at the top? •How are KPIs defined?
  • 14. CYBER TRYING TO LEARN MIS •Common conference and article topic •Not a lot of mature advice
  • 15. CYBER TRYING TO LEARN MIS •Curse of Knowledge •Non-business people trying to figure out what business cares about •Business people hoping someone tells them something they should care about
  • 16. CYBER TRYING TO LEARN MIS •Protection tools purchased without defining benefit • Biz: “Stop bad things from happening” • Cyber: “We installed this thing to stop bad things” • Biz: “We won’t have any more bad things?” • Cyber: “No, but maybe fewer bad things will happen. Just in case, don’t click on dodgy emails.”
  • 17. MIS IS ABOUT DECISION-MAKING SUPPORT
  • 18. MIS, MEET CYBER •ROI and cyber don’t mix •“Cyber isn’t a thing” •Fraud, compliance, uptime, customer data toxic assets, operational impacts
  • 19. MIS, MEET CYBER •MIS can fill a gap that the business and the cyber department don’t even know they have •MIS knows what the business needs to know •Tie the cyber measures to business and project goals
  • 21. MIS, MEET CYBER •Guide cyber in creating meaningful metrics •Gain access to cyber data and include cybersecurity elements to the reporting you are already doing
  • 22. BE THE TRANSLATOR BETWEEN CYBER AND THE BUSINESS BOTH WILL THANK YOU FOR IT