Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Resilience is the new cyber security


Published on

A short introductory presentation I gave at the 2015 Fund Management Summit in London on the 8th October. This was simplified and much material was discussed rather than on the slides.

Published in: Leadership & Management
  • Be the first to comment

  • Be the first to like this

Resilience is the new cyber security

  1. 1. Resilience is the new cyber security Phil Huggins
  2. 2. Stroz Friedberg 2 Leading experts on cyber defence - pragmatic, evidence-driven, strategies and tactics that work World class response to digital trouble – and advice on how to prepare for cyber attacks Discrete global advisors when it matters
  3. 3. Cyber attacks are going to happen 3 Average breach cost £2.5m Average cost per record breached £101 Time to detect a breach 206 Days Time to contain a breach 69 Days Attacks completed in minutes 60% Attacks spread to second victim in one hour 40% Malware samples unique to target 70-90% Exploited vulnerabilities older than 1 year 99.9% New vulnerabilities exploited within 2 weeks 50% Organised crime attacks using crimeware 73% Activist attacks targeting web applications 61% Chance of 1 breach every 10 years 71%
  4. 4. Cyber Resistance is not enough. 4 95% of vulnerabilities patched is not enough $250m invested in cyber is not enough 1000+ cyber professionals is not enough Constant organizational change Competitive cyber job market Rapidly evolving cyber threat environment Increasingly fragile controls Failure is often silent
  5. 5. We need Cyber Resilience 5 See the attacks earlier Absorb the damage Limit the spread of the damage Controlled graceful degradation Handle delays in recovery
  6. 6. Preparation is key 6 Gradually build capability Consider key decisions before the emotion hits Develop muscle-memory
  7. 7. Cyber Security 7 Cyber hygiene matters Organisational culture really matters Technical agility matters They are necessary but are not enough anymore
  8. 8. Cyber Resilience 8 Identify relevant cyber scenarios Build situational awareness Prepare for attacks Recover from attacks Learn from attacks
  9. 9. Prepare for attacks 9 Plan for incident response Practice crisis management Partner with experienced experts
  10. 10. Summary 10 Cyber attacks are going to happen Don’t panic Prepare
  11. 11. THANK YOU Phil Huggins, Vice President T: +44 207 061 2299 ©2015 Stroz Friedberg. All rights reserved.