A short introductory presentation I gave at the 2015 Fund Management Summit in London on the 8th October. This was simplified and much material was discussed rather than on the slides.
2. Stroz Friedberg
2
Leading experts on cyber defence - pragmatic,
evidence-driven, strategies and tactics that work
World class response to digital trouble – and
advice on how to prepare for cyber attacks
Discrete global advisors when it matters
3. Cyber attacks are going to happen
3
Average breach
cost
£2.5m
Average cost per
record breached
£101
Time to detect a
breach
206 Days
Time to contain a
breach
69 Days
Attacks
completed in
minutes
60%
Attacks spread
to second victim
in one hour
40%
Malware
samples unique
to target
70-90%
Exploited
vulnerabilities
older than 1 year
99.9%
New
vulnerabilities
exploited within
2 weeks
50%
Organised crime
attacks using
crimeware
73%
Activist attacks
targeting web
applications
61%
Chance of 1
breach every 10
years
71%
4. Cyber Resistance is not enough.
4
95% of vulnerabilities patched is not enough
$250m invested in cyber is not enough
1000+ cyber professionals is not enough
Constant organizational change
Competitive cyber job market
Rapidly evolving cyber threat environment
Increasingly fragile controls
Failure is often silent
5. We need Cyber Resilience
5
See the attacks earlier
Absorb the damage
Limit the spread of the damage
Controlled graceful degradation
Handle delays in recovery
7. Cyber Security
7
Cyber hygiene matters
Organisational culture really matters
Technical agility matters
They are necessary but are not enough anymore