SlideShare a Scribd company logo

Managing Security Risks in Manufacturing

Download as PPTX, PDF
William McBorrough
William McBorrough

MCGlobalTech presentation to manufacturing sector executives on managing cybersecurity risks by implementing an enterprise information security management program.

Leadership & Management
1 of 14
1 Mission Critical Global Technology Group (MCGlobalTech) Managing Security Risks in Manufacturing
2 Manufacturing Threat Landscape Increasing • Symantec reports that manufacturing was the most targeted sector in 2012, accounting for 24% of all targeted attacks. ermined; and (iv) monitor risk on an ongoing basis.
3 Manufacturing Threat Landscape Increasing • Symantec’s Internet Security Report 2013 reports that manufacturing was the most targeted sector in 2012, accounting for 24% of all targeted attacks. • Verizon’s 2014 Data Breach Investigations Report identified Manufacturing as one of the most victimized industries by hackers, with companies of all sizes equally targeted. • National Association of Manufacturers estimate that $239.9 billion in revenue has been lost to cyber-piracy over the past 10 years.
4 Manufacturing and Cyber Espionage
5 Frequency of Security Incidents
6 Proactive Approach to Addressing Risks Implementing an Enterprise Risk Management Program allows Manufacturers to: 1. Understand the threat facing their organizations 2. Understand their business and technical environments relative the threat 3. Identify and asses weakness that exists in defenses around critical business assets including information, systems and people 4. Proactively mitigate the risk to business operations, reputation and profits
7 Enterprise Risk Management Program Enterprise Risk Management is a: • Comprehensive process that requires organizations to: (i) frame risk (i.e., establish the context for risk-based decisions); (ii) assess risk; (iii) respond to risk once determined; and (iv) monitor risk on an ongoing basis. Underlying Principles: • Every entity, whether for-profit or not, exists to realize value for its stakeholders. • Value is created, preserved, or eroded by management decisions in all activities, from setting strategy to operating the enterprise day-to-day.
8 Risk Management Levels • Organization Level – Governance: • Senior Leadership responsible for an organization’s mission ensuring that the risks are managed appropriately and the resources are used responsibly – Risk Management Strategy • Strategic-level decisions and considerations on how senior leaders/executives are to manage information security risk to organizational operations, assets and individuals
9 Risk Management Levels • Mission/Business Process Level – Identify and establish risk-aware mission/business processes – The understanding of Senior Leadership on: • Types of threats sources and events • Potential adverse impacts/consequences • Resilience of information technology to a compromise – Key output: Risk Response Strategy
10 Risk Management Levels • Information Systems Level – Risk Management incorporated in all system life cycles, including procurement and disposal – Risk Management activities reflect organization’s risk management strategy and addresses any risk related to cost, schedule and performance requirements for individual information systems. – Key output: Risk Management Reports
11 Additional Fundamental Components • Trust and Trustworthiness – Establishing trust among organizations – Trustworthiness of information systems • Organizational Culture – Values, beliefs, and norms that influence behavior • Relationship Among Key Risk Concepts – Governance, Risk Tolerance, and Trust
12 MCGlobalTech EISM Program
13 Questions
14 Contact Us Mission Critical Global Technology Group 1776 I Street, NW Washington, District of Columbia 20006 Phone: 571-249-3932 Email: Info@mcglobaltech.com William McBorrough Morris Cody Managing Principal Managing Principal wjm4@mcglobaltech.com mcody@mcglobaltech.com

Recommended

Assuring Digital Strategic Initiatives by
Assuring Digital Strategic Initiatives by Assuring Digital Strategic Initiatives by
Assuring Digital Strategic Initiatives by
FirstMutualHoldings
 
Nabil Malik - Security performance metrics
Nabil Malik - Security performance metricsNabil Malik - Security performance metrics
Nabil Malik - Security performance metrics
nooralmousa
 
Mandelaris_SecureWorld_2016_FINAL
Mandelaris_SecureWorld_2016_FINALMandelaris_SecureWorld_2016_FINAL
Mandelaris_SecureWorld_2016_FINAL
Christopher Mandelaris
 
Information Security Risk Management Overview
Information Security Risk Management OverviewInformation Security Risk Management Overview
Information Security Risk Management Overview
Wesley Moore
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
Yaser Alrefai
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
Enterprise Mobile
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and response
ZyrellLalaguna
 

Recommended

Assuring Digital Strategic Initiatives by
Assuring Digital Strategic Initiatives by Assuring Digital Strategic Initiatives by
Assuring Digital Strategic Initiatives by
FirstMutualHoldings
 
Nabil Malik - Security performance metrics
Nabil Malik - Security performance metricsNabil Malik - Security performance metrics
Nabil Malik - Security performance metrics
nooralmousa
 
Mandelaris_SecureWorld_2016_FINAL
Mandelaris_SecureWorld_2016_FINALMandelaris_SecureWorld_2016_FINAL
Mandelaris_SecureWorld_2016_FINAL
Christopher Mandelaris
 
Information Security Risk Management Overview
Information Security Risk Management OverviewInformation Security Risk Management Overview
Information Security Risk Management Overview
Wesley Moore
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
Yaser Alrefai
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
Enterprise Mobile
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and response
ZyrellLalaguna
 
Lesson 1- Information Policy
Lesson 1- Information PolicyLesson 1- Information Policy
Lesson 1- Information Policy
MLG College of Learning, Inc
 
Information Security Project
Information Security ProjectInformation Security Project
Information Security Project
novemberchild
 
Its time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerIts time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primer
EnclaveSecurity
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk management
Michael Francis
 
Information Security
Information SecurityInformation Security
Information Security
chenpingling
 
Developing A Risk Based Information Security Program
Developing A Risk Based Information Security ProgramDeveloping A Risk Based Information Security Program
Developing A Risk Based Information Security Program
Tammy Clark
 
Lesson 3- Fair Approach
Lesson 3- Fair ApproachLesson 3- Fair Approach
Lesson 3- Fair Approach
MLG College of Learning, Inc
 
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningRisk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
Keyaan Williams
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
sivadnolram
 
MCGlobalTech Enterprise Risk Management Program
MCGlobalTech Enterprise Risk Management ProgramMCGlobalTech Enterprise Risk Management Program
MCGlobalTech Enterprise Risk Management Program
William McBorrough
 
DHS Guidelines
DHS GuidelinesDHS Guidelines
DHS Guidelines
Meg Weber
 
Department of Homeland Security Guidance
Department of Homeland Security GuidanceDepartment of Homeland Security Guidance
Department of Homeland Security Guidance
Meg Weber
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
WGroup
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
360 BSI
 
PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005
PECB
 
Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09
Tammy Clark
 
Security Organization/ Infrastructure
Security Organization/ InfrastructureSecurity Organization/ Infrastructure
Security Organization/ Infrastructure
Priyank Hada
 
Generic_Sample_INFOSECPolicy_and_Procedures
Generic_Sample_INFOSECPolicy_and_ProceduresGeneric_Sample_INFOSECPolicy_and_Procedures
Generic_Sample_INFOSECPolicy_and_Procedures
Samuel Loomis
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
primeteacher32
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
John Gilligan
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
yaseraljohani
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpoint
randalje86
 

More Related Content

What's hot

Information Security Project
Information Security ProjectInformation Security Project
Information Security Project
novemberchild
 
Information Security
Information SecurityInformation Security
Information Security
chenpingling
 
Developing A Risk Based Information Security Program
Developing A Risk Based Information Security ProgramDeveloping A Risk Based Information Security Program
Developing A Risk Based Information Security Program
Tammy Clark
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
WGroup
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
360 BSI
 
PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005
PECB
 
Security Organization/ Infrastructure
Security Organization/ InfrastructureSecurity Organization/ Infrastructure
Security Organization/ Infrastructure
Priyank Hada
 
Generic_Sample_INFOSECPolicy_and_Procedures
Generic_Sample_INFOSECPolicy_and_ProceduresGeneric_Sample_INFOSECPolicy_and_Procedures
Generic_Sample_INFOSECPolicy_and_Procedures
Samuel Loomis
 

What's hot (20)

Lesson 1- Information Policy
Lesson 1- Information PolicyLesson 1- Information Policy
Lesson 1- Information Policy
 
Information Security Project
Information Security ProjectInformation Security Project
Information Security Project
 
Its time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerIts time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primer
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk management
 
Information Security
Information SecurityInformation Security
Information Security
 
Developing A Risk Based Information Security Program
Developing A Risk Based Information Security ProgramDeveloping A Risk Based Information Security Program
Developing A Risk Based Information Security Program
 
Lesson 3- Fair Approach
Lesson 3- Fair ApproachLesson 3- Fair Approach
Lesson 3- Fair Approach
 
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningRisk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
 
MCGlobalTech Enterprise Risk Management Program
MCGlobalTech Enterprise Risk Management ProgramMCGlobalTech Enterprise Risk Management Program
MCGlobalTech Enterprise Risk Management Program
 
DHS Guidelines
DHS GuidelinesDHS Guidelines
DHS Guidelines
 
Department of Homeland Security Guidance
Department of Homeland Security GuidanceDepartment of Homeland Security Guidance
Department of Homeland Security Guidance
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
 
PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005
 
Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09
 
Security Organization/ Infrastructure
Security Organization/ InfrastructureSecurity Organization/ Infrastructure
Security Organization/ Infrastructure
 
Generic_Sample_INFOSECPolicy_and_Procedures
Generic_Sample_INFOSECPolicy_and_ProceduresGeneric_Sample_INFOSECPolicy_and_Procedures
Generic_Sample_INFOSECPolicy_and_Procedures
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 

Similar to Managing Security Risks in Manufacturing

Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
yaseraljohani
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
FERMA
 
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeEnterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation Age
Career Communications Group
 
Build a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramBuild a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management Program
Info-Tech Research Group
 
Symantec Managed AV Service - KAZ
Symantec Managed AV Service - KAZSymantec Managed AV Service - KAZ
Symantec Managed AV Service - KAZ
Grant Chapman
 

Similar to Managing Security Risks in Manufacturing (20)

Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpoint
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
 
Selling security to the C-level
Selling security to the C-levelSelling security to the C-level
Selling security to the C-level
 
Microsoft InfoSec for cloud and mobile
Microsoft InfoSec for cloud and mobileMicrosoft InfoSec for cloud and mobile
Microsoft InfoSec for cloud and mobile
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service Presentation
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Connection can help keep your business secure!
Connection can help keep your business secure!Connection can help keep your business secure!
Connection can help keep your business secure!
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
 
7 Best Practices to Protect Critical Business Information [Infographic]
7 Best Practices to Protect Critical Business Information [Infographic]7 Best Practices to Protect Critical Business Information [Infographic]
7 Best Practices to Protect Critical Business Information [Infographic]
 
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeEnterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation Age
 
Build a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramBuild a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management Program
 
IT Risk assessment and Audit Planning
IT Risk assessment and Audit PlanningIT Risk assessment and Audit Planning
IT Risk assessment and Audit Planning
 
Symantec Managed AV Service - KAZ
Symantec Managed AV Service - KAZSymantec Managed AV Service - KAZ
Symantec Managed AV Service - KAZ
 
S Rod Simpson Resume
S Rod Simpson ResumeS Rod Simpson Resume
S Rod Simpson Resume
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
How to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachHow to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approach
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 

More from William McBorrough

MCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability StatementMCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability Statement
William McBorrough
 
MCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalMCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_Final
William McBorrough
 

More from William McBorrough (19)

MCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance ServiceMCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance Service
 
MCGlobalTech Managed Security Compliance Program
MCGlobalTech Managed Security Compliance ProgramMCGlobalTech Managed Security Compliance Program
MCGlobalTech Managed Security Compliance Program
 
MCGlobalTech Cyber Capability Statement
MCGlobalTech Cyber Capability Statement MCGlobalTech Cyber Capability Statement
MCGlobalTech Cyber Capability Statement
 
Cybersecurity Career Information by Next Gen Cyber
Cybersecurity Career Information by Next Gen CyberCybersecurity Career Information by Next Gen Cyber
Cybersecurity Career Information by Next Gen Cyber
 
Improving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkImproving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity Framework
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
 
MCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability StatementMCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability Statement
 
MCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalMCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_Final
 
MCG_OnePageBrochure_Final
MCG_OnePageBrochure_FinalMCG_OnePageBrochure_Final
MCG_OnePageBrochure_Final
 
Information Security Continuous Monitoring within a Risk Management Framework
Information Security Continuous Monitoring within a Risk Management FrameworkInformation Security Continuous Monitoring within a Risk Management Framework
Information Security Continuous Monitoring within a Risk Management Framework
 
MCGlobalTech Capability Statement
MCGlobalTech Capability StatementMCGlobalTech Capability Statement
MCGlobalTech Capability Statement
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial Industry
 
Protecting Customer Confidential Information
Protecting Customer Confidential InformationProtecting Customer Confidential Information
Protecting Customer Confidential Information
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law Please
 
FCC Report on Google Street View Wi-Fi Data Snooping
FCC Report on Google Street View Wi-Fi Data SnoopingFCC Report on Google Street View Wi-Fi Data Snooping
FCC Report on Google Street View Wi-Fi Data Snooping
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and Risks
 

Recently uploaded

internship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamrainternship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamra
AllTops
 
Mount abu Escort💋 Kajal Rate 4500/- Cash Payment 24/7
Mount abu Escort💋 Kajal Rate 4500/- Cash Payment 24/7Mount abu Escort💋 Kajal Rate 4500/- Cash Payment 24/7
Mount abu Escort💋 Kajal Rate 4500/- Cash Payment 24/7
ickkoo5
 
The Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard BrownThe Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard Brown
SandaliGurusinghe2
 
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot ModelGautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Nitya salvi
 
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalW.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
William (Bill) H. Bender, FCSI
 
How Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptxHow Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptx
Aaron Stannard
 

Recently uploaded (15)

internship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamrainternship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamra
 
Group work -meaning and definitions- Characteristics and Importance
Group work -meaning and definitions- Characteristics and ImportanceGroup work -meaning and definitions- Characteristics and Importance
Group work -meaning and definitions- Characteristics and Importance
 
Mount abu Escort💋 Kajal Rate 4500/- Cash Payment 24/7
Mount abu Escort💋 Kajal Rate 4500/- Cash Payment 24/7Mount abu Escort💋 Kajal Rate 4500/- Cash Payment 24/7
Mount abu Escort💋 Kajal Rate 4500/- Cash Payment 24/7
 
Internal Reconstruction Corporate accounting by bhumika Garg
Internal Reconstruction Corporate accounting by bhumika GargInternal Reconstruction Corporate accounting by bhumika Garg
Internal Reconstruction Corporate accounting by bhumika Garg
 
The Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard BrownThe Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard Brown
 
Siliguri Escorts Service Girl ^ 9332606886, WhatsApp Anytime Siliguri
Siliguri Escorts Service Girl ^ 9332606886, WhatsApp Anytime SiliguriSiliguri Escorts Service Girl ^ 9332606886, WhatsApp Anytime Siliguri
Siliguri Escorts Service Girl ^ 9332606886, WhatsApp Anytime Siliguri
 
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot ModelGautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Spring-2024-Priesthoods of Augustus Yale Historical Review
Spring-2024-Priesthoods of Augustus Yale Historical ReviewSpring-2024-Priesthoods of Augustus Yale Historical Review
Spring-2024-Priesthoods of Augustus Yale Historical Review
 
thesis-and-viva-voce preparation for research scholars
thesis-and-viva-voce preparation for research scholarsthesis-and-viva-voce preparation for research scholars
thesis-and-viva-voce preparation for research scholars
 
Marketing Management 16th edition by Philip Kotler test bank.docx
Marketing Management 16th edition by Philip Kotler test bank.docxMarketing Management 16th edition by Philip Kotler test bank.docx
Marketing Management 16th edition by Philip Kotler test bank.docx
 
Persuasive and Communication is the art of negotiation.
Persuasive and Communication is the art of negotiation.Persuasive and Communication is the art of negotiation.
Persuasive and Communication is the art of negotiation.
 
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalW.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
 
How Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptxHow Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptx
 
digital Human resource management presentation.pdf
digital Human resource management presentation.pdfdigital Human resource management presentation.pdf
digital Human resource management presentation.pdf
 
Information Technology Project Management, Revised 7th edition test bank.docx
Information Technology Project Management, Revised 7th edition test bank.docxInformation Technology Project Management, Revised 7th edition test bank.docx
Information Technology Project Management, Revised 7th edition test bank.docx
 

Managing Security Risks in Manufacturing

  • 1. 1 Mission Critical Global Technology Group (MCGlobalTech) Managing Security Risks in Manufacturing
  • 2. 2 Manufacturing Threat Landscape Increasing • Symantec reports that manufacturing was the most targeted sector in 2012, accounting for 24% of all targeted attacks. ermined; and (iv) monitor risk on an ongoing basis.
  • 3. 3 Manufacturing Threat Landscape Increasing • Symantec’s Internet Security Report 2013 reports that manufacturing was the most targeted sector in 2012, accounting for 24% of all targeted attacks. • Verizon’s 2014 Data Breach Investigations Report identified Manufacturing as one of the most victimized industries by hackers, with companies of all sizes equally targeted. • National Association of Manufacturers estimate that $239.9 billion in revenue has been lost to cyber-piracy over the past 10 years.
  • 4. 4 Manufacturing and Cyber Espionage
  • 5. 5 Frequency of Security Incidents
  • 6. 6 Proactive Approach to Addressing Risks Implementing an Enterprise Risk Management Program allows Manufacturers to: 1. Understand the threat facing their organizations 2. Understand their business and technical environments relative the threat 3. Identify and asses weakness that exists in defenses around critical business assets including information, systems and people 4. Proactively mitigate the risk to business operations, reputation and profits
  • 7. 7 Enterprise Risk Management Program Enterprise Risk Management is a: • Comprehensive process that requires organizations to: (i) frame risk (i.e., establish the context for risk-based decisions); (ii) assess risk; (iii) respond to risk once determined; and (iv) monitor risk on an ongoing basis. Underlying Principles: • Every entity, whether for-profit or not, exists to realize value for its stakeholders. • Value is created, preserved, or eroded by management decisions in all activities, from setting strategy to operating the enterprise day-to-day.
  • 8. 8 Risk Management Levels • Organization Level – Governance: • Senior Leadership responsible for an organization’s mission ensuring that the risks are managed appropriately and the resources are used responsibly – Risk Management Strategy • Strategic-level decisions and considerations on how senior leaders/executives are to manage information security risk to organizational operations, assets and individuals
  • 9. 9 Risk Management Levels • Mission/Business Process Level – Identify and establish risk-aware mission/business processes – The understanding of Senior Leadership on: • Types of threats sources and events • Potential adverse impacts/consequences • Resilience of information technology to a compromise – Key output: Risk Response Strategy
  • 10. 10 Risk Management Levels • Information Systems Level – Risk Management incorporated in all system life cycles, including procurement and disposal – Risk Management activities reflect organization’s risk management strategy and addresses any risk related to cost, schedule and performance requirements for individual information systems. – Key output: Risk Management Reports
  • 11. 11 Additional Fundamental Components • Trust and Trustworthiness – Establishing trust among organizations – Trustworthiness of information systems • Organizational Culture – Values, beliefs, and norms that influence behavior • Relationship Among Key Risk Concepts – Governance, Risk Tolerance, and Trust
  • 14. 14 Contact Us Mission Critical Global Technology Group 1776 I Street, NW Washington, District of Columbia 20006 Phone: 571-249-3932 Email: Info@mcglobaltech.com William McBorrough Morris Cody Managing Principal Managing Principal wjm4@mcglobaltech.com mcody@mcglobaltech.com