SlideShare a Scribd company logo

Resilience is the new cyber security

Download as PPTX, PDF
Phil Huggins FBCS CITP
Phil Huggins FBCS CITP

A short introductory presentation I gave at the 2015 Fund Management Summit in London on the 8th October. This was simplified and much material was discussed rather than on the slides.

Leadership & Management
1 of 11
Resilience is the new cyber security Phil Huggins
Stroz Friedberg 2 Leading experts on cyber defence - pragmatic, evidence-driven, strategies and tactics that work World class response to digital trouble – and advice on how to prepare for cyber attacks Discrete global advisors when it matters
Cyber attacks are going to happen 3 Average breach cost £2.5m Average cost per record breached £101 Time to detect a breach 206 Days Time to contain a breach 69 Days Attacks completed in minutes 60% Attacks spread to second victim in one hour 40% Malware samples unique to target 70-90% Exploited vulnerabilities older than 1 year 99.9% New vulnerabilities exploited within 2 weeks 50% Organised crime attacks using crimeware 73% Activist attacks targeting web applications 61% Chance of 1 breach every 10 years 71%
Cyber Resistance is not enough. 4 95% of vulnerabilities patched is not enough $250m invested in cyber is not enough 1000+ cyber professionals is not enough Constant organizational change Competitive cyber job market Rapidly evolving cyber threat environment Increasingly fragile controls Failure is often silent
We need Cyber Resilience 5 See the attacks earlier Absorb the damage Limit the spread of the damage Controlled graceful degradation Handle delays in recovery
Preparation is key 6 Gradually build capability Consider key decisions before the emotion hits Develop muscle-memory
Cyber Security 7 Cyber hygiene matters Organisational culture really matters Technical agility matters They are necessary but are not enough anymore
Cyber Resilience 8 Identify relevant cyber scenarios Build situational awareness Prepare for attacks Recover from attacks Learn from attacks
Prepare for attacks 9 Plan for incident response Practice crisis management Partner with experienced experts
Summary 10 Cyber attacks are going to happen Don’t panic Prepare
strozfriedberg.com THANK YOU Phil Huggins, Vice President phuggins@strozfriedberg.com T: +44 207 061 2299 ©2015 Stroz Friedberg. All rights reserved.

Recommended

Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksPhil Huggins FBCS CITP
 
Managing Insider Risk
Managing Insider RiskManaging Insider Risk
Managing Insider RiskPhil Huggins FBCS CITP
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber ResiliencePhil Huggins FBCS CITP
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber ThreatsPhil Huggins FBCS CITP
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond CyberPhil Huggins FBCS CITP
 
Pitfalls of Cyber Data
Pitfalls of Cyber DataPitfalls of Cyber Data
Pitfalls of Cyber DataPhil Huggins FBCS CITP
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtJohn D. Johnson
 
EVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEC-Council
 

Recommended

Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksPhil Huggins FBCS CITP
 
Managing Insider Risk
Managing Insider RiskManaging Insider Risk
Managing Insider RiskPhil Huggins FBCS CITP
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber ResiliencePhil Huggins FBCS CITP
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber ThreatsPhil Huggins FBCS CITP
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond CyberPhil Huggins FBCS CITP
 
Pitfalls of Cyber Data
Pitfalls of Cyber DataPitfalls of Cyber Data
Pitfalls of Cyber DataPhil Huggins FBCS CITP
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtJohn D. Johnson
 
EVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEC-Council
 
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...EC-Council
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 
Modern Security Risk
Modern Security RiskModern Security Risk
Modern Security RiskPhil Huggins FBCS CITP
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilienceAndrew Bycroft
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber SecurityJohn Gilligan
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?John D. Johnson
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldAlex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldPro Mrkt
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Matthew Rosenquist
 
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy Top Level Cyber Security Strategy
Top Level Cyber Security Strategy John Gilligan
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Pro Mrkt
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye, Inc.
 
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarNonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarCommunity IT Innovators
 
Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk ManagementEnergySec
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 ReportFortis
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Fidelis Cybersecurity
 
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Citrin Cooperman
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...Citrin Cooperman
 
Outpost24 webinar - Improve your organizations security with red teaming
Outpost24 webinar - Improve your organizations security with red teamingOutpost24 webinar - Improve your organizations security with red teaming
Outpost24 webinar - Improve your organizations security with red teamingOutpost24
 
Intelligence-led Cybersecurity
Intelligence-led Cybersecurity Intelligence-led Cybersecurity
Intelligence-led Cybersecurity Phil Huggins FBCS CITP
 
Security Architecture
Security ArchitectureSecurity Architecture
Security ArchitecturePhil Huggins FBCS CITP
 

More Related Content

What's hot

Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...EC-Council
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilienceAndrew Bycroft
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber SecurityJohn Gilligan
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?John D. Johnson
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldAlex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldPro Mrkt
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Matthew Rosenquist
 
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy Top Level Cyber Security Strategy
Top Level Cyber Security Strategy John Gilligan
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Pro Mrkt
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye, Inc.
 
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarNonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarCommunity IT Innovators
 
Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk ManagementEnergySec
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 ReportFortis
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Fidelis Cybersecurity
 
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Citrin Cooperman
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...Citrin Cooperman
 
Outpost24 webinar - Improve your organizations security with red teaming
Outpost24 webinar - Improve your organizations security with red teamingOutpost24 webinar - Improve your organizations security with red teaming
Outpost24 webinar - Improve your organizations security with red teamingOutpost24
 

What's hot (20)

Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
 
Modern Security Risk
Modern Security RiskModern Security Risk
Modern Security Risk
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber Security
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile WorldAlex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
Alex Michael - 2017/2018 Cyber Threat Report in an Enterprise Mobile World
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
 
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy Top Level Cyber Security Strategy
Top Level Cyber Security Strategy
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
 
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarNonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
 
Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk Management
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 Report
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology
 
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
 
Outpost24 webinar - Improve your organizations security with red teaming
Outpost24 webinar - Improve your organizations security with red teamingOutpost24 webinar - Improve your organizations security with red teaming
Outpost24 webinar - Improve your organizations security with red teaming
 

Viewers also liked

First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]Phil Huggins FBCS CITP
 
First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]Phil Huggins FBCS CITP
 
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]Phil Huggins FBCS CITP
 
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks Phil Huggins FBCS CITP
 
PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems Phil Huggins FBCS CITP
 
Penetration Testing; A customers perspective
Penetration Testing; A customers perspectivePenetration Testing; A customers perspective
Penetration Testing; A customers perspectivePhil Huggins FBCS CITP
 
First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]Phil Huggins FBCS CITP
 
First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]Phil Huggins FBCS CITP
 
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...Phil Huggins FBCS CITP
 

Viewers also liked (18)

Intelligence-led Cybersecurity
Intelligence-led Cybersecurity Intelligence-led Cybersecurity
Intelligence-led Cybersecurity
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 
Measuring black boxes
Measuring black boxesMeasuring black boxes
Measuring black boxes
 
First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]
 
Security Metrics [2008]
Security Metrics [2008]Security Metrics [2008]
Security Metrics [2008]
 
First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]
 
Introduction to Hacktivism
Introduction to HacktivismIntroduction to Hacktivism
Introduction to Hacktivism
 
UK Legal Framework (2003)
UK Legal Framework (2003)UK Legal Framework (2003)
UK Legal Framework (2003)
 
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
 
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
 
Network Reconnaissance Infographic
Network Reconnaissance InfographicNetwork Reconnaissance Infographic
Network Reconnaissance Infographic
 
PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems
 
Penetration Testing; A customers perspective
Penetration Testing; A customers perspectivePenetration Testing; A customers perspective
Penetration Testing; A customers perspective
 
Delivering Secure Projects
Delivering Secure ProjectsDelivering Secure Projects
Delivering Secure Projects
 
First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]
 
First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]
 
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
 
Probability Calibration
Probability CalibrationProbability Calibration
Probability Calibration
 

Similar to Resilience is the new cyber security

Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015Ingram Micro Cloud
 
Outpost24 webinar - Cybersecurity readiness in the post Covid-19 world
Outpost24 webinar - Cybersecurity readiness in the post Covid-19 worldOutpost24 webinar - Cybersecurity readiness in the post Covid-19 world
Outpost24 webinar - Cybersecurity readiness in the post Covid-19 worldOutpost24
 
INCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONSINCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONSSylvain Martinez
 
navigating-the-digital-battlefield-emerging-challenges-in-cyber-security.pdf
navigating-the-digital-battlefield-emerging-challenges-in-cyber-security.pdfnavigating-the-digital-battlefield-emerging-challenges-in-cyber-security.pdf
navigating-the-digital-battlefield-emerging-challenges-in-cyber-security.pdfagupta3304
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistMatthew Rosenquist
 
Flipping the Economics of Attacks
Flipping the Economics of AttacksFlipping the Economics of Attacks
Flipping the Economics of AttacksPaloAltoNetworks
 
El costo real de los ataques ¿Cómo te impacta en ROI?
El costo real de los ataques ¿Cómo te impacta en ROI?El costo real de los ataques ¿Cómo te impacta en ROI?
El costo real de los ataques ¿Cómo te impacta en ROI?Grupo Smartekh
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookMargarete McGrath
 
Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Oscar Romano
 
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...Pro Mrkt
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Graeme Wood
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistMatthew Rosenquist
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalJerome Chapolard
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience InsuranceAccenture Insurance
 
2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report2015 Global Threat Intelligence Report
2015 Global Threat Intelligence ReportDImension Data
 
Cybersecurity Myths for Small and Medium-Sized Businesses
Cybersecurity Myths for Small and Medium-Sized BusinessesCybersecurity Myths for Small and Medium-Sized Businesses
Cybersecurity Myths for Small and Medium-Sized BusinessesSeqrite
 
Ivanti Threat Thursday for December 2019
Ivanti Threat Thursday for December 2019Ivanti Threat Thursday for December 2019
Ivanti Threat Thursday for December 2019Ivanti
 

Similar to Resilience is the new cyber security (20)

Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
 
Outpost24 webinar - Cybersecurity readiness in the post Covid-19 world
Outpost24 webinar - Cybersecurity readiness in the post Covid-19 worldOutpost24 webinar - Cybersecurity readiness in the post Covid-19 world
Outpost24 webinar - Cybersecurity readiness in the post Covid-19 world
 
INCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONSINCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONS
 
navigating-the-digital-battlefield-emerging-challenges-in-cyber-security.pdf
navigating-the-digital-battlefield-emerging-challenges-in-cyber-security.pdfnavigating-the-digital-battlefield-emerging-challenges-in-cyber-security.pdf
navigating-the-digital-battlefield-emerging-challenges-in-cyber-security.pdf
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
Flipping the Economics of Attacks
Flipping the Economics of AttacksFlipping the Economics of Attacks
Flipping the Economics of Attacks
 
El costo real de los ataques ¿Cómo te impacta en ROI?
El costo real de los ataques ¿Cómo te impacta en ROI?El costo real de los ataques ¿Cómo te impacta en ROI?
El costo real de los ataques ¿Cómo te impacta en ROI?
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbook
 
Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016
 
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
Adam Maskatiya - Redefining Security in an Era of Digital Transformation #mid...
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_final
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance
 
2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report
 
Cybersecurity Myths for Small and Medium-Sized Businesses
Cybersecurity Myths for Small and Medium-Sized BusinessesCybersecurity Myths for Small and Medium-Sized Businesses
Cybersecurity Myths for Small and Medium-Sized Businesses
 
Ivanti Threat Thursday for December 2019
Ivanti Threat Thursday for December 2019Ivanti Threat Thursday for December 2019
Ivanti Threat Thursday for December 2019
 

Recently uploaded

Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Pooja Nehwal
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call Girladitipandeya
 
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Nehwal
 
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Pooja Nehwal
 
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, MumbaiPooja Nehwal
 
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With RoomVIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Roomdivyansh0kumar0
 
internal analysis on strategic management
internal analysis on strategic managementinternal analysis on strategic management
internal analysis on strategic managementharfimakarim
 
Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampPLCLeadershipDevelop
 
CEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyCEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyHafizMuhammadAbdulla5
 
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceanilsa9823
 

Recently uploaded (20)

Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call Girl
 
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
 
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
 
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
 
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
 
Disrupt or be Disrupted - Kirk Vallis.pdf
Disrupt or be Disrupted - Kirk Vallis.pdfDisrupt or be Disrupted - Kirk Vallis.pdf
Disrupt or be Disrupted - Kirk Vallis.pdf
 
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With RoomVIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
 
Imagine - Creating Healthy Workplaces - Anthony Montgomery.pdf
Imagine - Creating Healthy Workplaces - Anthony Montgomery.pdfImagine - Creating Healthy Workplaces - Anthony Montgomery.pdf
Imagine - Creating Healthy Workplaces - Anthony Montgomery.pdf
 
Becoming an Inclusive Leader - Bernadette Thompson
Becoming an Inclusive Leader - Bernadette ThompsonBecoming an Inclusive Leader - Bernadette Thompson
Becoming an Inclusive Leader - Bernadette Thompson
 
internal analysis on strategic management
internal analysis on strategic managementinternal analysis on strategic management
internal analysis on strategic management
 
Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC Bootcamp
 
Empowering Local Government Frontline Services - Mo Baines.pdf
Empowering Local Government Frontline Services - Mo Baines.pdfEmpowering Local Government Frontline Services - Mo Baines.pdf
Empowering Local Government Frontline Services - Mo Baines.pdf
 
LoveLocalGov - Chris Twigg, Inner Circle
LoveLocalGov - Chris Twigg, Inner CircleLoveLocalGov - Chris Twigg, Inner Circle
LoveLocalGov - Chris Twigg, Inner Circle
 
Imagine - HR; are handling the 'bad banter' - Stella Chandler.pdf
Imagine - HR; are handling the 'bad banter' - Stella Chandler.pdfImagine - HR; are handling the 'bad banter' - Stella Chandler.pdf
Imagine - HR; are handling the 'bad banter' - Stella Chandler.pdf
 
Discover -CQ Master Class - Rikita Wadhwa.pdf
Discover -CQ Master Class - Rikita Wadhwa.pdfDiscover -CQ Master Class - Rikita Wadhwa.pdf
Discover -CQ Master Class - Rikita Wadhwa.pdf
 
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
 
CEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyCEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biography
 
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
 
Leadership in Crisis - Helio Vogas, Risk & Leadership Keynote Speaker
Leadership in Crisis - Helio Vogas, Risk & Leadership Keynote SpeakerLeadership in Crisis - Helio Vogas, Risk & Leadership Keynote Speaker
Leadership in Crisis - Helio Vogas, Risk & Leadership Keynote Speaker
 

Resilience is the new cyber security

  • 1. Resilience is the new cyber security Phil Huggins
  • 2. Stroz Friedberg 2 Leading experts on cyber defence - pragmatic, evidence-driven, strategies and tactics that work World class response to digital trouble – and advice on how to prepare for cyber attacks Discrete global advisors when it matters
  • 3. Cyber attacks are going to happen 3 Average breach cost £2.5m Average cost per record breached £101 Time to detect a breach 206 Days Time to contain a breach 69 Days Attacks completed in minutes 60% Attacks spread to second victim in one hour 40% Malware samples unique to target 70-90% Exploited vulnerabilities older than 1 year 99.9% New vulnerabilities exploited within 2 weeks 50% Organised crime attacks using crimeware 73% Activist attacks targeting web applications 61% Chance of 1 breach every 10 years 71%
  • 4. Cyber Resistance is not enough. 4 95% of vulnerabilities patched is not enough $250m invested in cyber is not enough 1000+ cyber professionals is not enough Constant organizational change Competitive cyber job market Rapidly evolving cyber threat environment Increasingly fragile controls Failure is often silent
  • 5. We need Cyber Resilience 5 See the attacks earlier Absorb the damage Limit the spread of the damage Controlled graceful degradation Handle delays in recovery
  • 6. Preparation is key 6 Gradually build capability Consider key decisions before the emotion hits Develop muscle-memory
  • 7. Cyber Security 7 Cyber hygiene matters Organisational culture really matters Technical agility matters They are necessary but are not enough anymore
  • 8. Cyber Resilience 8 Identify relevant cyber scenarios Build situational awareness Prepare for attacks Recover from attacks Learn from attacks
  • 9. Prepare for attacks 9 Plan for incident response Practice crisis management Partner with experienced experts
  • 10. Summary 10 Cyber attacks are going to happen Don’t panic Prepare
  • 11. strozfriedberg.com THANK YOU Phil Huggins, Vice President phuggins@strozfriedberg.com T: +44 207 061 2299 ©2015 Stroz Friedberg. All rights reserved.