SlideShare a Scribd company logo

Craig McGill on Cyber Security at #PRFest

Download as PPTX, PDF
PRFest
PRFest

Craig McGill, Comms for PwC in Scotland, was invited to speak at #PRFest about cyber security and how PR had to be involved from the outset. www.prfest.co.uk

Marketing
1 of 29
Cyber security and PR Crisis comms www.pwc.co.uk/Scotland
PwC Annoying but not the end of the world and relatively easy to fix – unless defamatory material or phishing links posted: • Change passwords and login details • Enable – where possible – two-factor or multi-factor login • Check access privileges • Inform relevant stakeholders • Inform media if necessary • Apologise where necessary – either to groups or at individual level – • Remove offensive material • Work with law-enforcement and cyber security teams if necessary • Remind staff of user guidelines for social media accounts Where is cyber security an issue? Quite simply: everywhere PwC REPUTATION Social media accounts hacked and off-brand messaging posted STAKEHOLDER AND CUSTOMER INFLUENCE Website breached and defaced FINANCIAL Corporate network breached and company data accessed by unauthorised third party/parties Irritating, embarrassing with potential for far more serious consequences: • Same actions as for social media account issues • Double check all links, code and material on site • Ensure website plugins, CMS are at latest versions • Work with experts to ensure no further data – customer credit cards for example – was stolen • If necessary, inform authorities • Upgrade to HTTPS if not already done so • Consider a reward/bounty scheme to prevent future incidents The worst kind of attack: • All information, including emails, on a network may have been copied • Staff details, including addresses and banking information • Customer details inc cards, personal data and passwords • Company plans including product timelines and intellectual property • Confidential material company would have preferred to remain discrete • Access codes • Information relating to any third- parties the company works with, which may also include IP • May have been breached via third- party #prfest
PwC 2016 Cyber Security Breaches Survey Source: HM Government #prfest
PwC Why is this an issue? #prfest
PwC Why is this an issue? #prfest
PwC Why is this an issue? #prfest
PwC Why is this an issue? #prfest
PwC Why is this an issue? #prfest
PwC Who would do this and what is their capability? PwC Disgruntled customers or competitors who want to embarrass you or steal your data – potentially even media Script kiddies, bored people and wannabee Mr Robot types just looking for something to do or to make a name for themselves Professional breachers looking for data to either steal or hold a firm to ransom for Staff – either current or ex-staff who are disgruntled and want access to information for personal gain or those duped into giving access • The sad reality is that in 2017 there are multiple people with multiple reasons to want unauthorised access to your data • The even more inconvenient fact is that even with the best systems in the world the odds are you cannot stop people accessing • What you can do is ensure you have multiple systems to try and deter them in the hope they go away and have the best tools so that when a breach happens you are ready to react. Better to be prepared and it never happens than the alternative People or bots who want control of your machine so they can use it for things like DDoS attacks #prfest
PwC Source: Verizon Data Breach Report 2016 It’s as much an internal issue as external… Harder to spot malicious activity when user access is authorised Legal hurdles to monitoring all staff interactions Why are they so hard to manage? Insiders remain the biggest threat…. #prfest
PwC So this happens… #prfest
PwC What does an attack look like? Reconnaissance Infiltrate Execute attack & Cover tracks www Embed & Orientate >_ DLL Attacker gathers intelligence on the target organisation and it‘s customers to refine their attack and increase their chances of success. • Social media analysis • Digital footprinting • Network scanning Attacker tricks a user into executing malicious software to compromise their machine or gain unauthorised access to the network. • Targeted phishing emails • Social engineering Attacker gains more access and installs tools to monitor systems and business processes, increasing the potential impact or financial rewards for their attack. • Privilege escalation • Network traversal • Passive monitoring Attacker quickly executes the attack and the remove evidence in order to stop the target identifying the attacker and preventing future attacks. • Data extraction • Financial fraud • Denial of Service (DoS) StageTactic/Technique The majority of attacks target poor security behaviours by individuals to gain initial access, they then use this access to prepare and then execute their attack for maximum impact/financial gain. #prfest
PwC Operation Cloud Hopper https://www.pwc.co.uk/issues/cyber-security-data-privacy/insights/operation-cloud-hopper.html #prfest
PwC Compromise/Detection times Source: Verizon Data Breach Report 2016 #prfest
PwC Annoying but not the end of the world and relatively easy to fix – unless defamatory material or phishing links posted: • Change passwords and login details • Enable – where possible – two-factor or multi-factor login • Check access privileges • Inform stakeholders inc media • Check what links where shared • Apologise where necessary – either to groups or at individual level – • Remove offensive material • Work with law-enforcement and cyber security teams if necessary • Remind staff of user guidelines for social media accounts REPUTATION Social media accounts hacked and off-brand messaging posted STAKEHOLDER AND CUSTOMER INFLUENCE Website breached and defaced FINANCIAL Corporate network breached and company data accessed by unauthorised third party/parties Irritating, embarrassing with potential for far more serious consequences: • Same actions as for social media account issues • Double check all links, code and material on site • Ensure website plugins, CMS are at latest versions • Work with experts to ensure no further data – customer credit cards for example – was stolen • If necessary, inform authorities • Upgrade to HTTPS if not already done so • Consider a reward/bounty scheme to prevent future incidents The worst kind of attack: • All information, including emails, on a network may have been copied • Staff details, including addresses and banking information • Customer details inc cards, personal data and passwords • Company plans including product timelines and intellectual property • Confidential material company would have preferred to remain discrete • Access codes • Information relating to any third- parties the company works with, which may also include IP • May have been breached via third- party From the moment you detect a breach, the battle for comms is to save and restore the company’s reputation After the technical team, there is no-one more important #prfest
PwC Annoying but not the end of the world and relatively easy to fix – unless defamatory material or phishing links posted: • Check what links where shared The more serious breach REPUTATION Social media accounts hacked and off-brand messaging posted STAKEHOLDER AND CUSTOMER INFLUENCE Website breached and defaced FINANCIAL Corporate network breached and company data accessed by unauthorised third party/parties Irritating, embarrassing with potential for far more serious consequences: • Work with experts to ensure no further data – customer credit cards for example – was stolen The worst kind of attack: • All information, including emails, on a network may have been copied • Staff details, including addresses and banking information • Customer details inc cards, personal data and passwords • Company plans including product timelines and intellectual property • Confidential material company would have preferred to remain discrete • Access codes • Information relating to any third- parties the company works with, which may also include IP • May have been breached via third- party #prfest
PwC Most companies have a relatively conservative and reactive stance – but in a crisis that needs to flip and quickly • Are the C Suite and other seniors able to see the value in going from their traditional approach to a far faster, proactive pace – especially when most don’t speak tech or cyber? • Has that been tested to ensure the company is able to demonstrate control (or as much as is possible) • A company’s stance is not just a comms issue but is one that comms need to be heavily involved with Comms informing the bigger picture proactively STANCE CORPORATE VALUES TRAINING Despite the nature of a crisis, leadership teams need to be able to hold fast to some, if not all, corporate values • Ensure the C Suite and other seniors are able to align to the company corporate values and use them in time of crisis • Crisis situations are when leaders are often defined – their actions remembered for months if not years. Will they be remembered for putting customers first, for pulling down the hatches or some other action? • Will they agree to stick to the corporate values and not suddenly flipflop in the heat of the crisis? Most media training these days is relatively benign • Do the relevant people have proper, hardened crisis training? • Can they speak professionally and with authority without falling back on jargon? • Could they sustain a tense live atmosphere where every action or utterance – even if meant to be off- record – could dictate the fate of the company? • Will they hold the lines – and the corporate values – when under sustained pressure? • Have they been tested? #prfest
PwC The first big decisions The sort of issues a crisis comms plans around cyber security include the following… • Who do we call if informed of a breach or it is detected? • Who makes the call? • Who is our spokesperson? Do we need more than one? • Do we drop the website? Even at 2am in the morning? • Who authorises pulling all the pipes – especially at 2am? • Do we close the social channels? • Do we cancel our advertising? • How do we balance business needs with customer needs? • How often can we get an update from the technical team? #prfest
PwC So what to do? What’s the one process you see in the company that instinctively doesn’t feel right? Challenge it. On projects you are involved in– challenge how security – and privacy - is being built in Look for opportunities to share data with colleagues in financial crime, risk, physical security Raise awareness of phishing, data leakage through interactions with business contacts ‘Hook’ interest with strategic links Where you see datasets being held in shared drives, ask ‘why are we doing that?’, and ‘who has access?’ Are your security risks raised, logged and prioritised? Do they have the correct priority? Inform customers and staff first – but only when certain a breach has confirmed. Do not broadcast a breach when it is ongoing Ensure customers are reached in as many ways as possible – think PESO but do not just think digital - and if data has potentially been stolen, that they understand this Ensure social and customer teams know exactly what to say (and what not to say) to customers Regular updates on website and social. Encourage media to get material from these sites to minimise duplication of effort One narrative for every channel, updates on a regular basis Have a Comms ‘war room’ and have Comms at heart of decision making Ensure legal and tech teams understand the urgency involved – but heed their advice too Best way to restore that reputation is by being transparent This starts internally (including legal and tech teams) but spreads to external, customer service, social Stakeholders will go to four places when they find out: • website • social • customer phone lines • media Only two of those four channels can be directly controlled #prfest
PwC As the technical teams get, well, technical, the role of comms is to communicate Customers Regulators Investors Politicians Media Third- party orgs Security orgs Legal Staff and C Suite #prfest
PwC What sort of comms should be going out – and who do you prioritise? Customer emails Media statements Website – front page Visuals Customer video(s) Postal letters Intranet Staff email, Slack, etc Video(s) for others Info for suppliers, third parties, FAQ and responses Script for phone customer teams PPC and social spend Advertising #prfest
PwC How will it play out? Every scenario is different but there can be similarities… DAY ONE • Attack discovered • Motive understood – publicity, cash, IP theft, credit card/login theft • Technical investigation launched • Initial alert to customers • Update to customers • Media informed and updated across rolling news cycle • CEO and C-Suite aligned to corporate values and do not stray WEEK ONE • All customers reached • Technical issues resolved – or ongoing to be resolved • Review begins – internal and independent • Ongoing updates • Ensure functionality of websites is restored • Never say you are now breach-proof • Review internal security procedures and remind staff MONTH ONE • Ensure customers have done all they can to protect data • Campaign to try and minimise customer losses • Review processes • Share as much as possible to rebuild confidence by all stakeholders • Remind staff cyber security is not just an IT matter #prfest
PwC Preventing a next time – from comms perspective Disgruntled customers or competitors who want to embarrass you or steal your data – potentially even media Script kiddies, bored people and wannabee Mr Robot types just looking for something to do or to make a name for themselves Professional breachers looking for data to either steal or hold a firm to ransom for Staff – either current or ex-staff who are disgruntled and want access to information for personal gain or those duped into giving access • Ensure staff are up to date with cyber security policy/process • Have an up to date policy • Introduce no-blame policy • Run drills • Treat staff and ex-staff in the best way possible – salaries, holidays, perks, place of work and so on • Offer bounties and rewards for those who find weaknesses • Be more involved in cyber community • Befriend as many as possible • Hide comms in the code that only hackers would see • Be honest and be authentic • Be the best company you can be • Engage with audience and change things for them • Treat customers as partners, not as a cash grab • Monitor and respond to everything • Use key dates to ensure all stakeholders are aware of improvements #prfest
PwC The checklist Does your crisis comms plan have all of these covered? • Do we have standing statements ready to go for the most common and most likely scenarios? • Is the crisis comms plan integrated into the master crisis document? • What budgets have been agreed for emergency spend? • Who can approach who when a situation arises? • Are there pre-agreed time periods for comms to get updates, minimising intrusion on tech team time? • Do we have all the relevant contact details – for media, internally and other stakeholders? • Are we monitoring all the right channels on a 24/7 basis • Do we have a response plan in place for when we are informed of a breach by a third-party? • Does the comms plan include us contacting external orgs that trust us with their data? • Have we recently tested our crisis comms scenarios? • Do we accept we will be on the back foot for a lot of this and do the relevant powers that be accept that? • Do we have holding statement webpages and imagery ready to go? • Is our data as secure as can be? • Is the leadership sure this is aligned to core values and can respond in that way in a live crisis? • How good is our crisis media training? #prfest
PwC Cyber security is not going away… Digital revolution Growing cyber risk More regulation Cloud“IoTs” Big DataSocial Media Evolving threats More connections Talent shortage Arms race #prfest
PwC General Data Protection Regulation (GDPR) is coming… GDPR is built around 3 key pillars: Transparency Framework Compliance Journey Punishment Regime • Prior information must be clearer • Consent rules toughened up • Access rights are boosted • Mandatory breach disclosure • Enhanced rights of regulatory inspection and audit • Privacy by Design • Privacy Impact Assessments • Accountability • Data Portability • Right to be Forgotten • Tougher enforcement powers for regulators • Financial penalties at 4% Group Annual Worldwide Turnover • Compensation rights for distress • Litigation rights for Civil Society Organisations • Data Processors liable #prfest
PwC In summary… What’s the one process you see in the company that instinctively doesn’t feel right? Challenge it. On projects you are involved in– challenge how security – and privacy - is being built in Look for opportunities to share data with colleagues in financial crime, risk, physical security Raise awareness of phishing, data leakage through interactions with business contacts ‘Hook’ interest with strategic links Where you see datasets being held in shared drives, ask ‘why are we doing that?’, and ‘who has access?’ Are your security risks raised, logged and prioritised? Do they have the correct priority? • Identify – What are our crown jewels and biggest threats? • Protect – Implement controls in line with risk appetite • Detect – Implement monitoring processes • Respond – Have tried and tested response plan. Learn from past incidents. Treat cyber security as you would any other risk Understand your exposure and appetite – set controls accordingly #prfest
PwC The key messages… • Cyber security has become a key risk for businesses of all sizes and across all industries • Cyber security goes beyond the realms of IT and should involve the entire organisation • People remain the biggest weakness in Cyber security defences – education & awareness programs should be a key strategic priority • External cyber attacks are becoming ever increasingly indiscriminate – assuming you will not be a target is no longer an option. You may even be collateral damage • Those organisations who have tried and tested responses processes are those least impacted by an incident • The cost of failure is huge – Comprises not just business disruption and remedial activity, but reputational and increasingly punitive damages… #prfest
PwC The key point to remember… Cyber security and infosec is no longer an IT issue, it is something that impacts upon all staff at all levels and as such should be treated that way (And ensure you have everything drilled and rehearsed in training) This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PriceWaterhouseCooper LLP, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2017 PriceWaterhouseCooper LLP. All rights reserved. In this document, “PwC” refers to PriceWaterhouseCooper LLP which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity. #prfest

Recommended

PR measurement and evaluation
PR measurement and evaluationPR measurement and evaluation
PR measurement and evaluation
PRFest
 
Strategic Communications and Personal Branding
Strategic Communications and Personal BrandingStrategic Communications and Personal Branding
Strategic Communications and Personal Branding
Alan Weinkrantz
 
Essential Nonprofit Communications Plan
Essential Nonprofit Communications PlanEssential Nonprofit Communications Plan
Essential Nonprofit Communications PlanTheGivingPartner
 
Staying Competitive in Today's Digital Workforce: Advanced Social Media Strat...
Staying Competitive in Today's Digital Workforce: Advanced Social Media Strat...Staying Competitive in Today's Digital Workforce: Advanced Social Media Strat...
Staying Competitive in Today's Digital Workforce: Advanced Social Media Strat...
Hootsuite
 
INTEGRATE Chicago - Clarissa Beyah-Taylor
INTEGRATE Chicago - Clarissa Beyah-TaylorINTEGRATE Chicago - Clarissa Beyah-Taylor
INTEGRATE Chicago - Clarissa Beyah-Taylor
IMCWVU
 
Digtial PR Strategy in 8 Steps
Digtial PR Strategy in 8 StepsDigtial PR Strategy in 8 Steps
Digtial PR Strategy in 8 Steps
Digital Training Institute
 
A PR planning exercise using free tools
A PR planning exercise using free toolsA PR planning exercise using free tools
A PR planning exercise using free tools
Stephen Waddington
 
Digital Communications Strategy
Digital Communications StrategyDigital Communications Strategy
Digital Communications Strategy
Tim Davies
 

Recommended

PR measurement and evaluation
PR measurement and evaluationPR measurement and evaluation
PR measurement and evaluation
PRFest
 
Strategic Communications and Personal Branding
Strategic Communications and Personal BrandingStrategic Communications and Personal Branding
Strategic Communications and Personal Branding
Alan Weinkrantz
 
Essential Nonprofit Communications Plan
Essential Nonprofit Communications PlanEssential Nonprofit Communications Plan
Essential Nonprofit Communications PlanTheGivingPartner
 
Staying Competitive in Today's Digital Workforce: Advanced Social Media Strat...
Staying Competitive in Today's Digital Workforce: Advanced Social Media Strat...Staying Competitive in Today's Digital Workforce: Advanced Social Media Strat...
Staying Competitive in Today's Digital Workforce: Advanced Social Media Strat...
Hootsuite
 
INTEGRATE Chicago - Clarissa Beyah-Taylor
INTEGRATE Chicago - Clarissa Beyah-TaylorINTEGRATE Chicago - Clarissa Beyah-Taylor
INTEGRATE Chicago - Clarissa Beyah-Taylor
IMCWVU
 
Digtial PR Strategy in 8 Steps
Digtial PR Strategy in 8 StepsDigtial PR Strategy in 8 Steps
Digtial PR Strategy in 8 Steps
Digital Training Institute
 
A PR planning exercise using free tools
A PR planning exercise using free toolsA PR planning exercise using free tools
A PR planning exercise using free tools
Stephen Waddington
 
Digital Communications Strategy
Digital Communications StrategyDigital Communications Strategy
Digital Communications Strategy
Tim Davies
 
PR Measurement Matters
PR Measurement MattersPR Measurement Matters
PR Measurement Matters
Agility PR Solutions
 
Are We Engaged Yet - Measuring the Success of Social PR
Are We Engaged Yet - Measuring the Success of Social PRAre We Engaged Yet - Measuring the Success of Social PR
Are We Engaged Yet - Measuring the Success of Social PR
Influence People
 
Developing a communication strategy
Developing a communication strategyDeveloping a communication strategy
Developing a communication strategy
ISAAA AfriCenter Slides
 
Measuring the Success of Your Community
Measuring the Success of Your CommunityMeasuring the Success of Your Community
Measuring the Success of Your Community
CMX
 
Ch. 7 selecting communication tactics
Ch. 7 selecting communication tacticsCh. 7 selecting communication tactics
Ch. 7 selecting communication tactics
Craig Carroll
 
Building Community with PR
Building Community with PRBuilding Community with PR
Building Community with PR
Mike Lewis
 
Internal Communications - Part 1
Internal Communications - Part 1Internal Communications - Part 1
Internal Communications - Part 1
Estragon
 
IABC Social Media Measurement Workshop
IABC Social Media Measurement WorkshopIABC Social Media Measurement Workshop
IABC Social Media Measurement Workshop
Communicatto Inc.
 
How to integrate social media with PR, communications, and crisis management,...
How to integrate social media with PR, communications, and crisis management,...How to integrate social media with PR, communications, and crisis management,...
How to integrate social media with PR, communications, and crisis management,...
SocialMedia.org
 
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
jleigh206
 
Social listening-insights-emetrics-presentation
Social listening-insights-emetrics-presentationSocial listening-insights-emetrics-presentation
Social listening-insights-emetrics-presentation
Performics
 
Social media measurement standards: How to demonstrate social media's value t...
Social media measurement standards: How to demonstrate social media's value t...Social media measurement standards: How to demonstrate social media's value t...
Social media measurement standards: How to demonstrate social media's value t...
SocialMedia.org
 
Social communications the myths and realities
Social communications the myths and realitiesSocial communications the myths and realities
Social communications the myths and realities
lloydgofton
 
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
FeverBee Limited
 
How to Plan and Implement a Social PR Strategy that works for Your Organisation
How to Plan and Implement a Social PR Strategy that works for Your OrganisationHow to Plan and Implement a Social PR Strategy that works for Your Organisation
How to Plan and Implement a Social PR Strategy that works for Your Organisation
Influence People
 
Email Gone Viral Email Share To Social
Email Gone Viral Email Share To SocialEmail Gone Viral Email Share To Social
Email Gone Viral Email Share To Social
Silverpop
 
Developing A Social Strategy Webinar
Developing A Social Strategy WebinarDeveloping A Social Strategy Webinar
Developing A Social Strategy Webinar
Charlene Li
 
Managing Strategic Communications in the public sector
Managing Strategic Communications in the public sectorManaging Strategic Communications in the public sector
Managing Strategic Communications in the public sector
Ronnie Semley Dip. CIPR, MCIPR
 
Best Practices in Writing and Business Communication
Best Practices in Writing and Business CommunicationBest Practices in Writing and Business Communication
Best Practices in Writing and Business Communication
veronier32
 
Forrester POST Model - Corporate Social Media Strategy
Forrester POST Model - Corporate Social Media StrategyForrester POST Model - Corporate Social Media Strategy
Forrester POST Model - Corporate Social Media Strategy
Communicatto Inc.
 
DWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for NonprofitsDWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for Nonprofits
DWP Information Architects Inc.
 
External-WB Foundational Security 1.4.pptx
External-WB Foundational Security 1.4.pptxExternal-WB Foundational Security 1.4.pptx
External-WB Foundational Security 1.4.pptx
SattarKiani
 

More Related Content

What's hot

PR Measurement Matters
PR Measurement MattersPR Measurement Matters
PR Measurement Matters
Agility PR Solutions
 
Are We Engaged Yet - Measuring the Success of Social PR
Are We Engaged Yet - Measuring the Success of Social PRAre We Engaged Yet - Measuring the Success of Social PR
Are We Engaged Yet - Measuring the Success of Social PR
Influence People
 
Developing a communication strategy
Developing a communication strategyDeveloping a communication strategy
Developing a communication strategy
ISAAA AfriCenter Slides
 
Measuring the Success of Your Community
Measuring the Success of Your CommunityMeasuring the Success of Your Community
Measuring the Success of Your Community
CMX
 
Ch. 7 selecting communication tactics
Ch. 7 selecting communication tacticsCh. 7 selecting communication tactics
Ch. 7 selecting communication tactics
Craig Carroll
 
Building Community with PR
Building Community with PRBuilding Community with PR
Building Community with PR
Mike Lewis
 
Internal Communications - Part 1
Internal Communications - Part 1Internal Communications - Part 1
Internal Communications - Part 1
Estragon
 
IABC Social Media Measurement Workshop
IABC Social Media Measurement WorkshopIABC Social Media Measurement Workshop
IABC Social Media Measurement Workshop
Communicatto Inc.
 
How to integrate social media with PR, communications, and crisis management,...
How to integrate social media with PR, communications, and crisis management,...How to integrate social media with PR, communications, and crisis management,...
How to integrate social media with PR, communications, and crisis management,...
SocialMedia.org
 
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
jleigh206
 
Social listening-insights-emetrics-presentation
Social listening-insights-emetrics-presentationSocial listening-insights-emetrics-presentation
Social listening-insights-emetrics-presentation
Performics
 
Social media measurement standards: How to demonstrate social media's value t...
Social media measurement standards: How to demonstrate social media's value t...Social media measurement standards: How to demonstrate social media's value t...
Social media measurement standards: How to demonstrate social media's value t...
SocialMedia.org
 
Social communications the myths and realities
Social communications the myths and realitiesSocial communications the myths and realities
Social communications the myths and realities
lloydgofton
 
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
FeverBee Limited
 
How to Plan and Implement a Social PR Strategy that works for Your Organisation
How to Plan and Implement a Social PR Strategy that works for Your OrganisationHow to Plan and Implement a Social PR Strategy that works for Your Organisation
How to Plan and Implement a Social PR Strategy that works for Your Organisation
Influence People
 
Email Gone Viral Email Share To Social
Email Gone Viral Email Share To SocialEmail Gone Viral Email Share To Social
Email Gone Viral Email Share To Social
Silverpop
 
Developing A Social Strategy Webinar
Developing A Social Strategy WebinarDeveloping A Social Strategy Webinar
Developing A Social Strategy Webinar
Charlene Li
 
Managing Strategic Communications in the public sector
Managing Strategic Communications in the public sectorManaging Strategic Communications in the public sector
Managing Strategic Communications in the public sector
Ronnie Semley Dip. CIPR, MCIPR
 
Best Practices in Writing and Business Communication
Best Practices in Writing and Business CommunicationBest Practices in Writing and Business Communication
Best Practices in Writing and Business Communication
veronier32
 
Forrester POST Model - Corporate Social Media Strategy
Forrester POST Model - Corporate Social Media StrategyForrester POST Model - Corporate Social Media Strategy
Forrester POST Model - Corporate Social Media Strategy
Communicatto Inc.
 

What's hot (20)

PR Measurement Matters
PR Measurement MattersPR Measurement Matters
PR Measurement Matters
 
Are We Engaged Yet - Measuring the Success of Social PR
Are We Engaged Yet - Measuring the Success of Social PRAre We Engaged Yet - Measuring the Success of Social PR
Are We Engaged Yet - Measuring the Success of Social PR
 
Developing a communication strategy
Developing a communication strategyDeveloping a communication strategy
Developing a communication strategy
 
Measuring the Success of Your Community
Measuring the Success of Your CommunityMeasuring the Success of Your Community
Measuring the Success of Your Community
 
Ch. 7 selecting communication tactics
Ch. 7 selecting communication tacticsCh. 7 selecting communication tactics
Ch. 7 selecting communication tactics
 
Building Community with PR
Building Community with PRBuilding Community with PR
Building Community with PR
 
Internal Communications - Part 1
Internal Communications - Part 1Internal Communications - Part 1
Internal Communications - Part 1
 
IABC Social Media Measurement Workshop
IABC Social Media Measurement WorkshopIABC Social Media Measurement Workshop
IABC Social Media Measurement Workshop
 
How to integrate social media with PR, communications, and crisis management,...
How to integrate social media with PR, communications, and crisis management,...How to integrate social media with PR, communications, and crisis management,...
How to integrate social media with PR, communications, and crisis management,...
 
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
Alliance for Nonprofit Excellence Training 5.4.10 Strategic Communications fo...
 
Social listening-insights-emetrics-presentation
Social listening-insights-emetrics-presentationSocial listening-insights-emetrics-presentation
Social listening-insights-emetrics-presentation
 
Social media measurement standards: How to demonstrate social media's value t...
Social media measurement standards: How to demonstrate social media's value t...Social media measurement standards: How to demonstrate social media's value t...
Social media measurement standards: How to demonstrate social media's value t...
 
Social communications the myths and realities
Social communications the myths and realitiesSocial communications the myths and realities
Social communications the myths and realities
 
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
What To Do In A Post Reach World (Attracting An Audience In A Competitive Fie...
 
How to Plan and Implement a Social PR Strategy that works for Your Organisation
How to Plan and Implement a Social PR Strategy that works for Your OrganisationHow to Plan and Implement a Social PR Strategy that works for Your Organisation
How to Plan and Implement a Social PR Strategy that works for Your Organisation
 
Email Gone Viral Email Share To Social
Email Gone Viral Email Share To SocialEmail Gone Viral Email Share To Social
Email Gone Viral Email Share To Social
 
Developing A Social Strategy Webinar
Developing A Social Strategy WebinarDeveloping A Social Strategy Webinar
Developing A Social Strategy Webinar
 
Managing Strategic Communications in the public sector
Managing Strategic Communications in the public sectorManaging Strategic Communications in the public sector
Managing Strategic Communications in the public sector
 
Best Practices in Writing and Business Communication
Best Practices in Writing and Business CommunicationBest Practices in Writing and Business Communication
Best Practices in Writing and Business Communication
 
Forrester POST Model - Corporate Social Media Strategy
Forrester POST Model - Corporate Social Media StrategyForrester POST Model - Corporate Social Media Strategy
Forrester POST Model - Corporate Social Media Strategy
 

Similar to Craig McGill on Cyber Security at #PRFest

DWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for NonprofitsDWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for Nonprofits
DWP Information Architects Inc.
 
External-WB Foundational Security 1.4.pptx
External-WB Foundational Security 1.4.pptxExternal-WB Foundational Security 1.4.pptx
External-WB Foundational Security 1.4.pptx
SattarKiani
 
Keeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory OversightKeeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory Oversight
CBIZ, Inc.
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
EC-Council
 
Cybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideCybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guide
JoAnna Cheshire
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1
NetWatcher
 
nist_small_business_fundamentals_july_2019.pptx
nist_small_business_fundamentals_july_2019.pptxnist_small_business_fundamentals_july_2019.pptx
nist_small_business_fundamentals_july_2019.pptx
JkYt1
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Stephen Cobb
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSonny Hashmi
 
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb es
Sonny Hashmi
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
North Texas Chapter of the ISSA
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
Risk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure WorldRisk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure World
Forte Advisory, Inc.
 
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Wendy Knox Everette
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More
Community IT Innovators
 
Cyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessCyber Security and the Impact on your Business
Cyber Security and the Impact on your Business
Lucy Denver
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
Resilient Systems
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
NetWatcher
 
Social Engineering Audit & Security Awareness
Social Engineering Audit & Security AwarenessSocial Engineering Audit & Security Awareness
Social Engineering Audit & Security Awareness
CBIZ, Inc.
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Compliancy Group
 

Similar to Craig McGill on Cyber Security at #PRFest (20)

DWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for NonprofitsDWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for Nonprofits
 
External-WB Foundational Security 1.4.pptx
External-WB Foundational Security 1.4.pptxExternal-WB Foundational Security 1.4.pptx
External-WB Foundational Security 1.4.pptx
 
Keeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory OversightKeeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory Oversight
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
 
Cybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guideCybersecurity crisis management a prep guide
Cybersecurity crisis management a prep guide
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1
 
nist_small_business_fundamentals_july_2019.pptx
nist_small_business_fundamentals_july_2019.pptxnist_small_business_fundamentals_july_2019.pptx
nist_small_business_fundamentals_july_2019.pptx
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEs
 
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb es
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Risk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure WorldRisk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure World
 
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More
 
Cyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessCyber Security and the Impact on your Business
Cyber Security and the Impact on your Business
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
Social Engineering Audit & Security Awareness
Social Engineering Audit & Security AwarenessSocial Engineering Audit & Security Awareness
Social Engineering Audit & Security Awareness
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...
 

More from PRFest

PRFest - setting the scene with industry stats
PRFest - setting the scene with industry statsPRFest - setting the scene with industry stats
PRFest - setting the scene with industry stats
PRFest
 
State of internal communications (2018)
State of internal communications (2018)State of internal communications (2018)
State of internal communications (2018)
PRFest
 
PRFest 2018 - John Brown
PRFest 2018 - John BrownPRFest 2018 - John Brown
PRFest 2018 - John Brown
PRFest
 
PRFest - Friday, 15 June 2018
PRFest - Friday, 15 June 2018PRFest - Friday, 15 June 2018
PRFest - Friday, 15 June 2018
PRFest
 
PRFest - Thursday, 14 June
PRFest - Thursday, 14 JunePRFest - Thursday, 14 June
PRFest - Thursday, 14 June
PRFest
 
Day 2 of PRFest - John Brown dispells myths
Day 2 of PRFest - John Brown dispells mythsDay 2 of PRFest - John Brown dispells myths
Day 2 of PRFest - John Brown dispells myths
PRFest
 
World PR Report by Francis Ingham at #PRFest
World PR Report by Francis Ingham at #PRFestWorld PR Report by Francis Ingham at #PRFest
World PR Report by Francis Ingham at #PRFest
PRFest
 
Sarah Hall speaks at #PRFest about public relations in business
Sarah Hall speaks at #PRFest about public relations in businessSarah Hall speaks at #PRFest about public relations in business
Sarah Hall speaks at #PRFest about public relations in business
PRFest
 
Rich Leigh talks PR stunts at #PRFest
Rich Leigh talks PR stunts at #PRFestRich Leigh talks PR stunts at #PRFest
Rich Leigh talks PR stunts at #PRFest
PRFest
 
Paul Sutton on mental health in PR at #PRFest
Paul Sutton on mental health in PR at #PRFestPaul Sutton on mental health in PR at #PRFest
Paul Sutton on mental health in PR at #PRFest
PRFest
 
Nick Jones on CSR - fit for today and tomorrow at #PRFest
Nick Jones on CSR - fit for today and tomorrow at #PRFestNick Jones on CSR - fit for today and tomorrow at #PRFest
Nick Jones on CSR - fit for today and tomorrow at #PRFest
PRFest
 
Jim Hawker on PR & SEO at #PRFest
Jim Hawker on PR & SEO at #PRFestJim Hawker on PR & SEO at #PRFest
Jim Hawker on PR & SEO at #PRFest
PRFest
 
Andy Barr on Influencer Marketing at #PRFest
Andy Barr on Influencer Marketing at #PRFestAndy Barr on Influencer Marketing at #PRFest
Andy Barr on Influencer Marketing at #PRFest
PRFest
 
Andrew Bruce Smith - using data and analytics to inform PR strategy - #PRFest
Andrew Bruce Smith - using data and analytics to inform PR strategy - #PRFestAndrew Bruce Smith - using data and analytics to inform PR strategy - #PRFest
Andrew Bruce Smith - using data and analytics to inform PR strategy - #PRFest
PRFest
 
Jung Relations, Stockholm on Absolut Vodka
Jung Relations, Stockholm on Absolut VodkaJung Relations, Stockholm on Absolut Vodka
Jung Relations, Stockholm on Absolut Vodka
PRFest
 
Creativity workshop
Creativity workshopCreativity workshop
Creativity workshop
PRFest
 
Grow up or get out! Stephen Waddington at PRFest
Grow up or get out! Stephen Waddington at PRFestGrow up or get out! Stephen Waddington at PRFest
Grow up or get out! Stephen Waddington at PRFest
PRFest
 
Friday, 17 June
Friday, 17 June Friday, 17 June
Friday, 17 June
PRFest
 
Thursday, 16 June PR festival master slides
Thursday, 16 June PR festival master slidesThursday, 16 June PR festival master slides
Thursday, 16 June PR festival master slides
PRFest
 
Sponsor slides - PRFest
Sponsor slides - PRFestSponsor slides - PRFest
Sponsor slides - PRFest
PRFest
 

More from PRFest (20)

PRFest - setting the scene with industry stats
PRFest - setting the scene with industry statsPRFest - setting the scene with industry stats
PRFest - setting the scene with industry stats
 
State of internal communications (2018)
State of internal communications (2018)State of internal communications (2018)
State of internal communications (2018)
 
PRFest 2018 - John Brown
PRFest 2018 - John BrownPRFest 2018 - John Brown
PRFest 2018 - John Brown
 
PRFest - Friday, 15 June 2018
PRFest - Friday, 15 June 2018PRFest - Friday, 15 June 2018
PRFest - Friday, 15 June 2018
 
PRFest - Thursday, 14 June
PRFest - Thursday, 14 JunePRFest - Thursday, 14 June
PRFest - Thursday, 14 June
 
Day 2 of PRFest - John Brown dispells myths
Day 2 of PRFest - John Brown dispells mythsDay 2 of PRFest - John Brown dispells myths
Day 2 of PRFest - John Brown dispells myths
 
World PR Report by Francis Ingham at #PRFest
World PR Report by Francis Ingham at #PRFestWorld PR Report by Francis Ingham at #PRFest
World PR Report by Francis Ingham at #PRFest
 
Sarah Hall speaks at #PRFest about public relations in business
Sarah Hall speaks at #PRFest about public relations in businessSarah Hall speaks at #PRFest about public relations in business
Sarah Hall speaks at #PRFest about public relations in business
 
Rich Leigh talks PR stunts at #PRFest
Rich Leigh talks PR stunts at #PRFestRich Leigh talks PR stunts at #PRFest
Rich Leigh talks PR stunts at #PRFest
 
Paul Sutton on mental health in PR at #PRFest
Paul Sutton on mental health in PR at #PRFestPaul Sutton on mental health in PR at #PRFest
Paul Sutton on mental health in PR at #PRFest
 
Nick Jones on CSR - fit for today and tomorrow at #PRFest
Nick Jones on CSR - fit for today and tomorrow at #PRFestNick Jones on CSR - fit for today and tomorrow at #PRFest
Nick Jones on CSR - fit for today and tomorrow at #PRFest
 
Jim Hawker on PR & SEO at #PRFest
Jim Hawker on PR & SEO at #PRFestJim Hawker on PR & SEO at #PRFest
Jim Hawker on PR & SEO at #PRFest
 
Andy Barr on Influencer Marketing at #PRFest
Andy Barr on Influencer Marketing at #PRFestAndy Barr on Influencer Marketing at #PRFest
Andy Barr on Influencer Marketing at #PRFest
 
Andrew Bruce Smith - using data and analytics to inform PR strategy - #PRFest
Andrew Bruce Smith - using data and analytics to inform PR strategy - #PRFestAndrew Bruce Smith - using data and analytics to inform PR strategy - #PRFest
Andrew Bruce Smith - using data and analytics to inform PR strategy - #PRFest
 
Jung Relations, Stockholm on Absolut Vodka
Jung Relations, Stockholm on Absolut VodkaJung Relations, Stockholm on Absolut Vodka
Jung Relations, Stockholm on Absolut Vodka
 
Creativity workshop
Creativity workshopCreativity workshop
Creativity workshop
 
Grow up or get out! Stephen Waddington at PRFest
Grow up or get out! Stephen Waddington at PRFestGrow up or get out! Stephen Waddington at PRFest
Grow up or get out! Stephen Waddington at PRFest
 
Friday, 17 June
Friday, 17 June Friday, 17 June
Friday, 17 June
 
Thursday, 16 June PR festival master slides
Thursday, 16 June PR festival master slidesThursday, 16 June PR festival master slides
Thursday, 16 June PR festival master slides
 
Sponsor slides - PRFest
Sponsor slides - PRFestSponsor slides - PRFest
Sponsor slides - PRFest
 

Recently uploaded

Core Web Vitals SEO Workshop - improve your performance [pdf]
Core Web Vitals SEO Workshop - improve your performance [pdf]Core Web Vitals SEO Workshop - improve your performance [pdf]
Core Web Vitals SEO Workshop - improve your performance [pdf]
Peter Mead
 
Email Marketing Master Class - Chris Ferris
Email Marketing Master Class - Chris FerrisEmail Marketing Master Class - Chris Ferris
Email Marketing Master Class - Chris Ferris
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
How to Run Landing Page Tests On and Off Paid Social Platforms
How to Run Landing Page Tests On and Off Paid Social PlatformsHow to Run Landing Page Tests On and Off Paid Social Platforms
How to Run Landing Page Tests On and Off Paid Social Platforms
VWO
 
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting GroupSEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
Generative AI - Unleash Creative Opportunity - Peter Weltman
Generative AI - Unleash Creative Opportunity - Peter WeltmanGenerative AI - Unleash Creative Opportunity - Peter Weltman
Generative AI - Unleash Creative Opportunity - Peter Weltman
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
15 ideas and frameworks on the art of storytelling
15 ideas and frameworks on the art of storytelling15 ideas and frameworks on the art of storytelling
15 ideas and frameworks on the art of storytelling
Aatir Abdul Rauf
 
Is AI-Generated Content the Future of Content Creation?
Is AI-Generated Content the Future of Content Creation?Is AI-Generated Content the Future of Content Creation?
Is AI-Generated Content the Future of Content Creation?
Cut-the-SaaS
 
Playlist and Paint Event with Sony Music U
Playlist and Paint Event with Sony Music UPlaylist and Paint Event with Sony Music U
Playlist and Paint Event with Sony Music U
SemajahParker
 
How to use Short Form Video To Grow Your Brand and Business - Keenya Kelly
How to use Short Form Video To Grow Your Brand and Business - Keenya KellyHow to use Short Form Video To Grow Your Brand and Business - Keenya Kelly
How to use Short Form Video To Grow Your Brand and Business - Keenya Kelly
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel LeminTurn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
The New Era Of SEO - How AI Has Changed SEO Forever - Danny Leibrandt
The New Era Of SEO - How AI Has Changed SEO Forever - Danny LeibrandtThe New Era Of SEO - How AI Has Changed SEO Forever - Danny Leibrandt
The New Era Of SEO - How AI Has Changed SEO Forever - Danny Leibrandt
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
DMF Portfolio Piece Smart Goals - Artist Management.docx
DMF Portfolio Piece Smart Goals - Artist Management.docxDMF Portfolio Piece Smart Goals - Artist Management.docx
DMF Portfolio Piece Smart Goals - Artist Management.docx
TravisMalana
 
Offissa Dizayn - Otel, Kafe, Restoran Kataloqu_240603_011042.pdf
Offissa Dizayn - Otel, Kafe, Restoran Kataloqu_240603_011042.pdfOffissa Dizayn - Otel, Kafe, Restoran Kataloqu_240603_011042.pdf
Offissa Dizayn - Otel, Kafe, Restoran Kataloqu_240603_011042.pdf
offisadizayn
 
Your Path to Profits - The Game-Changing Power of a Marketing - Daniel Bussius
Your Path to Profits - The Game-Changing Power of a Marketing - Daniel BussiusYour Path to Profits - The Game-Changing Power of a Marketing - Daniel Bussius
Your Path to Profits - The Game-Changing Power of a Marketing - Daniel Bussius
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
The What, Why & How of 3D and AR in Digital Commerce
The What, Why & How of 3D and AR in Digital CommerceThe What, Why & How of 3D and AR in Digital Commerce
The What, Why & How of 3D and AR in Digital Commerce
PushON Ltd
 
Your Path to Profits - The Game-Changing Power of a Marketing OS for Your Bus...
Your Path to Profits - The Game-Changing Power of a Marketing OS for Your Bus...Your Path to Profits - The Game-Changing Power of a Marketing OS for Your Bus...
Your Path to Profits - The Game-Changing Power of a Marketing OS for Your Bus...
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
Digital Commerce Lecture for Advanced Digital & Social Media Strategy at UCLA...
Digital Commerce Lecture for Advanced Digital & Social Media Strategy at UCLA...Digital Commerce Lecture for Advanced Digital & Social Media Strategy at UCLA...
Digital Commerce Lecture for Advanced Digital & Social Media Strategy at UCLA...
Valters Lauzums
 
Digital Marketing Trends - Experts Insights on How to Gain a Competitive Edge
Digital Marketing Trends - Experts Insights on How to Gain a Competitive EdgeDigital Marketing Trends - Experts Insights on How to Gain a Competitive Edge
Digital Marketing Trends - Experts Insights on How to Gain a Competitive Edge
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
Marketing as a Primary Revenue Driver - Lee Levitt
Marketing as a Primary Revenue Driver - Lee LevittMarketing as a Primary Revenue Driver - Lee Levitt
Marketing as a Primary Revenue Driver - Lee Levitt
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
Winning local SEO in the Age of AI - Dennis Yu
Winning local SEO in the Age of AI - Dennis YuWinning local SEO in the Age of AI - Dennis Yu
Winning local SEO in the Age of AI - Dennis Yu
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 

Recently uploaded (20)

Core Web Vitals SEO Workshop - improve your performance [pdf]
Core Web Vitals SEO Workshop - improve your performance [pdf]Core Web Vitals SEO Workshop - improve your performance [pdf]
Core Web Vitals SEO Workshop - improve your performance [pdf]
 
Email Marketing Master Class - Chris Ferris
Email Marketing Master Class - Chris FerrisEmail Marketing Master Class - Chris Ferris
Email Marketing Master Class - Chris Ferris
 
How to Run Landing Page Tests On and Off Paid Social Platforms
How to Run Landing Page Tests On and Off Paid Social PlatformsHow to Run Landing Page Tests On and Off Paid Social Platforms
How to Run Landing Page Tests On and Off Paid Social Platforms
 
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting GroupSEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
 
Generative AI - Unleash Creative Opportunity - Peter Weltman
Generative AI - Unleash Creative Opportunity - Peter WeltmanGenerative AI - Unleash Creative Opportunity - Peter Weltman
Generative AI - Unleash Creative Opportunity - Peter Weltman
 
15 ideas and frameworks on the art of storytelling
15 ideas and frameworks on the art of storytelling15 ideas and frameworks on the art of storytelling
15 ideas and frameworks on the art of storytelling
 
Is AI-Generated Content the Future of Content Creation?
Is AI-Generated Content the Future of Content Creation?Is AI-Generated Content the Future of Content Creation?
Is AI-Generated Content the Future of Content Creation?
 
Playlist and Paint Event with Sony Music U
Playlist and Paint Event with Sony Music UPlaylist and Paint Event with Sony Music U
Playlist and Paint Event with Sony Music U
 
How to use Short Form Video To Grow Your Brand and Business - Keenya Kelly
How to use Short Form Video To Grow Your Brand and Business - Keenya KellyHow to use Short Form Video To Grow Your Brand and Business - Keenya Kelly
How to use Short Form Video To Grow Your Brand and Business - Keenya Kelly
 
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel LeminTurn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
 
The New Era Of SEO - How AI Has Changed SEO Forever - Danny Leibrandt
The New Era Of SEO - How AI Has Changed SEO Forever - Danny LeibrandtThe New Era Of SEO - How AI Has Changed SEO Forever - Danny Leibrandt
The New Era Of SEO - How AI Has Changed SEO Forever - Danny Leibrandt
 
DMF Portfolio Piece Smart Goals - Artist Management.docx
DMF Portfolio Piece Smart Goals - Artist Management.docxDMF Portfolio Piece Smart Goals - Artist Management.docx
DMF Portfolio Piece Smart Goals - Artist Management.docx
 
Offissa Dizayn - Otel, Kafe, Restoran Kataloqu_240603_011042.pdf
Offissa Dizayn - Otel, Kafe, Restoran Kataloqu_240603_011042.pdfOffissa Dizayn - Otel, Kafe, Restoran Kataloqu_240603_011042.pdf
Offissa Dizayn - Otel, Kafe, Restoran Kataloqu_240603_011042.pdf
 
Your Path to Profits - The Game-Changing Power of a Marketing - Daniel Bussius
Your Path to Profits - The Game-Changing Power of a Marketing - Daniel BussiusYour Path to Profits - The Game-Changing Power of a Marketing - Daniel Bussius
Your Path to Profits - The Game-Changing Power of a Marketing - Daniel Bussius
 
The What, Why & How of 3D and AR in Digital Commerce
The What, Why & How of 3D and AR in Digital CommerceThe What, Why & How of 3D and AR in Digital Commerce
The What, Why & How of 3D and AR in Digital Commerce
 
Your Path to Profits - The Game-Changing Power of a Marketing OS for Your Bus...
Your Path to Profits - The Game-Changing Power of a Marketing OS for Your Bus...Your Path to Profits - The Game-Changing Power of a Marketing OS for Your Bus...
Your Path to Profits - The Game-Changing Power of a Marketing OS for Your Bus...
 
Digital Commerce Lecture for Advanced Digital & Social Media Strategy at UCLA...
Digital Commerce Lecture for Advanced Digital & Social Media Strategy at UCLA...Digital Commerce Lecture for Advanced Digital & Social Media Strategy at UCLA...
Digital Commerce Lecture for Advanced Digital & Social Media Strategy at UCLA...
 
Digital Marketing Trends - Experts Insights on How to Gain a Competitive Edge
Digital Marketing Trends - Experts Insights on How to Gain a Competitive EdgeDigital Marketing Trends - Experts Insights on How to Gain a Competitive Edge
Digital Marketing Trends - Experts Insights on How to Gain a Competitive Edge
 
Marketing as a Primary Revenue Driver - Lee Levitt
Marketing as a Primary Revenue Driver - Lee LevittMarketing as a Primary Revenue Driver - Lee Levitt
Marketing as a Primary Revenue Driver - Lee Levitt
 
Winning local SEO in the Age of AI - Dennis Yu
Winning local SEO in the Age of AI - Dennis YuWinning local SEO in the Age of AI - Dennis Yu
Winning local SEO in the Age of AI - Dennis Yu
 

Craig McGill on Cyber Security at #PRFest

  • 1. Cyber security and PR Crisis comms www.pwc.co.uk/Scotland
  • 2. PwC Annoying but not the end of the world and relatively easy to fix – unless defamatory material or phishing links posted: • Change passwords and login details • Enable – where possible – two-factor or multi-factor login • Check access privileges • Inform relevant stakeholders • Inform media if necessary • Apologise where necessary – either to groups or at individual level – • Remove offensive material • Work with law-enforcement and cyber security teams if necessary • Remind staff of user guidelines for social media accounts Where is cyber security an issue? Quite simply: everywhere PwC REPUTATION Social media accounts hacked and off-brand messaging posted STAKEHOLDER AND CUSTOMER INFLUENCE Website breached and defaced FINANCIAL Corporate network breached and company data accessed by unauthorised third party/parties Irritating, embarrassing with potential for far more serious consequences: • Same actions as for social media account issues • Double check all links, code and material on site • Ensure website plugins, CMS are at latest versions • Work with experts to ensure no further data – customer credit cards for example – was stolen • If necessary, inform authorities • Upgrade to HTTPS if not already done so • Consider a reward/bounty scheme to prevent future incidents The worst kind of attack: • All information, including emails, on a network may have been copied • Staff details, including addresses and banking information • Customer details inc cards, personal data and passwords • Company plans including product timelines and intellectual property • Confidential material company would have preferred to remain discrete • Access codes • Information relating to any third- parties the company works with, which may also include IP • May have been breached via third- party #prfest
  • 3. PwC 2016 Cyber Security Breaches Survey Source: HM Government #prfest
  • 4. PwC Why is this an issue? #prfest
  • 5. PwC Why is this an issue? #prfest
  • 6. PwC Why is this an issue? #prfest
  • 7. PwC Why is this an issue? #prfest
  • 8. PwC Why is this an issue? #prfest
  • 9. PwC Who would do this and what is their capability? PwC Disgruntled customers or competitors who want to embarrass you or steal your data – potentially even media Script kiddies, bored people and wannabee Mr Robot types just looking for something to do or to make a name for themselves Professional breachers looking for data to either steal or hold a firm to ransom for Staff – either current or ex-staff who are disgruntled and want access to information for personal gain or those duped into giving access • The sad reality is that in 2017 there are multiple people with multiple reasons to want unauthorised access to your data • The even more inconvenient fact is that even with the best systems in the world the odds are you cannot stop people accessing • What you can do is ensure you have multiple systems to try and deter them in the hope they go away and have the best tools so that when a breach happens you are ready to react. Better to be prepared and it never happens than the alternative People or bots who want control of your machine so they can use it for things like DDoS attacks #prfest
  • 10. PwC Source: Verizon Data Breach Report 2016 It’s as much an internal issue as external… Harder to spot malicious activity when user access is authorised Legal hurdles to monitoring all staff interactions Why are they so hard to manage? Insiders remain the biggest threat…. #prfest
  • 12. PwC What does an attack look like? Reconnaissance Infiltrate Execute attack & Cover tracks www Embed & Orientate >_ DLL Attacker gathers intelligence on the target organisation and it‘s customers to refine their attack and increase their chances of success. • Social media analysis • Digital footprinting • Network scanning Attacker tricks a user into executing malicious software to compromise their machine or gain unauthorised access to the network. • Targeted phishing emails • Social engineering Attacker gains more access and installs tools to monitor systems and business processes, increasing the potential impact or financial rewards for their attack. • Privilege escalation • Network traversal • Passive monitoring Attacker quickly executes the attack and the remove evidence in order to stop the target identifying the attacker and preventing future attacks. • Data extraction • Financial fraud • Denial of Service (DoS) StageTactic/Technique The majority of attacks target poor security behaviours by individuals to gain initial access, they then use this access to prepare and then execute their attack for maximum impact/financial gain. #prfest
  • 14. PwC Compromise/Detection times Source: Verizon Data Breach Report 2016 #prfest
  • 15. PwC Annoying but not the end of the world and relatively easy to fix – unless defamatory material or phishing links posted: • Change passwords and login details • Enable – where possible – two-factor or multi-factor login • Check access privileges • Inform stakeholders inc media • Check what links where shared • Apologise where necessary – either to groups or at individual level – • Remove offensive material • Work with law-enforcement and cyber security teams if necessary • Remind staff of user guidelines for social media accounts REPUTATION Social media accounts hacked and off-brand messaging posted STAKEHOLDER AND CUSTOMER INFLUENCE Website breached and defaced FINANCIAL Corporate network breached and company data accessed by unauthorised third party/parties Irritating, embarrassing with potential for far more serious consequences: • Same actions as for social media account issues • Double check all links, code and material on site • Ensure website plugins, CMS are at latest versions • Work with experts to ensure no further data – customer credit cards for example – was stolen • If necessary, inform authorities • Upgrade to HTTPS if not already done so • Consider a reward/bounty scheme to prevent future incidents The worst kind of attack: • All information, including emails, on a network may have been copied • Staff details, including addresses and banking information • Customer details inc cards, personal data and passwords • Company plans including product timelines and intellectual property • Confidential material company would have preferred to remain discrete • Access codes • Information relating to any third- parties the company works with, which may also include IP • May have been breached via third- party From the moment you detect a breach, the battle for comms is to save and restore the company’s reputation After the technical team, there is no-one more important #prfest
  • 16. PwC Annoying but not the end of the world and relatively easy to fix – unless defamatory material or phishing links posted: • Check what links where shared The more serious breach REPUTATION Social media accounts hacked and off-brand messaging posted STAKEHOLDER AND CUSTOMER INFLUENCE Website breached and defaced FINANCIAL Corporate network breached and company data accessed by unauthorised third party/parties Irritating, embarrassing with potential for far more serious consequences: • Work with experts to ensure no further data – customer credit cards for example – was stolen The worst kind of attack: • All information, including emails, on a network may have been copied • Staff details, including addresses and banking information • Customer details inc cards, personal data and passwords • Company plans including product timelines and intellectual property • Confidential material company would have preferred to remain discrete • Access codes • Information relating to any third- parties the company works with, which may also include IP • May have been breached via third- party #prfest
  • 17. PwC Most companies have a relatively conservative and reactive stance – but in a crisis that needs to flip and quickly • Are the C Suite and other seniors able to see the value in going from their traditional approach to a far faster, proactive pace – especially when most don’t speak tech or cyber? • Has that been tested to ensure the company is able to demonstrate control (or as much as is possible) • A company’s stance is not just a comms issue but is one that comms need to be heavily involved with Comms informing the bigger picture proactively STANCE CORPORATE VALUES TRAINING Despite the nature of a crisis, leadership teams need to be able to hold fast to some, if not all, corporate values • Ensure the C Suite and other seniors are able to align to the company corporate values and use them in time of crisis • Crisis situations are when leaders are often defined – their actions remembered for months if not years. Will they be remembered for putting customers first, for pulling down the hatches or some other action? • Will they agree to stick to the corporate values and not suddenly flipflop in the heat of the crisis? Most media training these days is relatively benign • Do the relevant people have proper, hardened crisis training? • Can they speak professionally and with authority without falling back on jargon? • Could they sustain a tense live atmosphere where every action or utterance – even if meant to be off- record – could dictate the fate of the company? • Will they hold the lines – and the corporate values – when under sustained pressure? • Have they been tested? #prfest
  • 18. PwC The first big decisions The sort of issues a crisis comms plans around cyber security include the following… • Who do we call if informed of a breach or it is detected? • Who makes the call? • Who is our spokesperson? Do we need more than one? • Do we drop the website? Even at 2am in the morning? • Who authorises pulling all the pipes – especially at 2am? • Do we close the social channels? • Do we cancel our advertising? • How do we balance business needs with customer needs? • How often can we get an update from the technical team? #prfest
  • 19. PwC So what to do? What’s the one process you see in the company that instinctively doesn’t feel right? Challenge it. On projects you are involved in– challenge how security – and privacy - is being built in Look for opportunities to share data with colleagues in financial crime, risk, physical security Raise awareness of phishing, data leakage through interactions with business contacts ‘Hook’ interest with strategic links Where you see datasets being held in shared drives, ask ‘why are we doing that?’, and ‘who has access?’ Are your security risks raised, logged and prioritised? Do they have the correct priority? Inform customers and staff first – but only when certain a breach has confirmed. Do not broadcast a breach when it is ongoing Ensure customers are reached in as many ways as possible – think PESO but do not just think digital - and if data has potentially been stolen, that they understand this Ensure social and customer teams know exactly what to say (and what not to say) to customers Regular updates on website and social. Encourage media to get material from these sites to minimise duplication of effort One narrative for every channel, updates on a regular basis Have a Comms ‘war room’ and have Comms at heart of decision making Ensure legal and tech teams understand the urgency involved – but heed their advice too Best way to restore that reputation is by being transparent This starts internally (including legal and tech teams) but spreads to external, customer service, social Stakeholders will go to four places when they find out: • website • social • customer phone lines • media Only two of those four channels can be directly controlled #prfest
  • 20. PwC As the technical teams get, well, technical, the role of comms is to communicate Customers Regulators Investors Politicians Media Third- party orgs Security orgs Legal Staff and C Suite #prfest
  • 21. PwC What sort of comms should be going out – and who do you prioritise? Customer emails Media statements Website – front page Visuals Customer video(s) Postal letters Intranet Staff email, Slack, etc Video(s) for others Info for suppliers, third parties, FAQ and responses Script for phone customer teams PPC and social spend Advertising #prfest
  • 22. PwC How will it play out? Every scenario is different but there can be similarities… DAY ONE • Attack discovered • Motive understood – publicity, cash, IP theft, credit card/login theft • Technical investigation launched • Initial alert to customers • Update to customers • Media informed and updated across rolling news cycle • CEO and C-Suite aligned to corporate values and do not stray WEEK ONE • All customers reached • Technical issues resolved – or ongoing to be resolved • Review begins – internal and independent • Ongoing updates • Ensure functionality of websites is restored • Never say you are now breach-proof • Review internal security procedures and remind staff MONTH ONE • Ensure customers have done all they can to protect data • Campaign to try and minimise customer losses • Review processes • Share as much as possible to rebuild confidence by all stakeholders • Remind staff cyber security is not just an IT matter #prfest
  • 23. PwC Preventing a next time – from comms perspective Disgruntled customers or competitors who want to embarrass you or steal your data – potentially even media Script kiddies, bored people and wannabee Mr Robot types just looking for something to do or to make a name for themselves Professional breachers looking for data to either steal or hold a firm to ransom for Staff – either current or ex-staff who are disgruntled and want access to information for personal gain or those duped into giving access • Ensure staff are up to date with cyber security policy/process • Have an up to date policy • Introduce no-blame policy • Run drills • Treat staff and ex-staff in the best way possible – salaries, holidays, perks, place of work and so on • Offer bounties and rewards for those who find weaknesses • Be more involved in cyber community • Befriend as many as possible • Hide comms in the code that only hackers would see • Be honest and be authentic • Be the best company you can be • Engage with audience and change things for them • Treat customers as partners, not as a cash grab • Monitor and respond to everything • Use key dates to ensure all stakeholders are aware of improvements #prfest
  • 24. PwC The checklist Does your crisis comms plan have all of these covered? • Do we have standing statements ready to go for the most common and most likely scenarios? • Is the crisis comms plan integrated into the master crisis document? • What budgets have been agreed for emergency spend? • Who can approach who when a situation arises? • Are there pre-agreed time periods for comms to get updates, minimising intrusion on tech team time? • Do we have all the relevant contact details – for media, internally and other stakeholders? • Are we monitoring all the right channels on a 24/7 basis • Do we have a response plan in place for when we are informed of a breach by a third-party? • Does the comms plan include us contacting external orgs that trust us with their data? • Have we recently tested our crisis comms scenarios? • Do we accept we will be on the back foot for a lot of this and do the relevant powers that be accept that? • Do we have holding statement webpages and imagery ready to go? • Is our data as secure as can be? • Is the leadership sure this is aligned to core values and can respond in that way in a live crisis? • How good is our crisis media training? #prfest
  • 25. PwC Cyber security is not going away… Digital revolution Growing cyber risk More regulation Cloud“IoTs” Big DataSocial Media Evolving threats More connections Talent shortage Arms race #prfest
  • 26. PwC General Data Protection Regulation (GDPR) is coming… GDPR is built around 3 key pillars: Transparency Framework Compliance Journey Punishment Regime • Prior information must be clearer • Consent rules toughened up • Access rights are boosted • Mandatory breach disclosure • Enhanced rights of regulatory inspection and audit • Privacy by Design • Privacy Impact Assessments • Accountability • Data Portability • Right to be Forgotten • Tougher enforcement powers for regulators • Financial penalties at 4% Group Annual Worldwide Turnover • Compensation rights for distress • Litigation rights for Civil Society Organisations • Data Processors liable #prfest
  • 27. PwC In summary… What’s the one process you see in the company that instinctively doesn’t feel right? Challenge it. On projects you are involved in– challenge how security – and privacy - is being built in Look for opportunities to share data with colleagues in financial crime, risk, physical security Raise awareness of phishing, data leakage through interactions with business contacts ‘Hook’ interest with strategic links Where you see datasets being held in shared drives, ask ‘why are we doing that?’, and ‘who has access?’ Are your security risks raised, logged and prioritised? Do they have the correct priority? • Identify – What are our crown jewels and biggest threats? • Protect – Implement controls in line with risk appetite • Detect – Implement monitoring processes • Respond – Have tried and tested response plan. Learn from past incidents. Treat cyber security as you would any other risk Understand your exposure and appetite – set controls accordingly #prfest
  • 28. PwC The key messages… • Cyber security has become a key risk for businesses of all sizes and across all industries • Cyber security goes beyond the realms of IT and should involve the entire organisation • People remain the biggest weakness in Cyber security defences – education & awareness programs should be a key strategic priority • External cyber attacks are becoming ever increasingly indiscriminate – assuming you will not be a target is no longer an option. You may even be collateral damage • Those organisations who have tried and tested responses processes are those least impacted by an incident • The cost of failure is huge – Comprises not just business disruption and remedial activity, but reputational and increasingly punitive damages… #prfest
  • 29. PwC The key point to remember… Cyber security and infosec is no longer an IT issue, it is something that impacts upon all staff at all levels and as such should be treated that way (And ensure you have everything drilled and rehearsed in training) This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PriceWaterhouseCooper LLP, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2017 PriceWaterhouseCooper LLP. All rights reserved. In this document, “PwC” refers to PriceWaterhouseCooper LLP which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity. #prfest

Editor's Notes

  1. Digital Revolution: means that companies are increasingly operating in an environment where they do not own the systems they use nor do they control the data they rely on. Growing Cyber Risk: When assessing third party dependencies and hence risks, companies must consider not only suppliers, but also brand partners who are likely to be handling your customers’ data. Growing Cyber Risk: Target hack which cost the company over $260m is perfect example of the interconnected business ecosystem we operate in. Retailers in Asia suffer increased fraud due to hack of HVAC company based in Pennsylvania (ultimately cost banks $200m replacing cards and covering fraudulent purchases). Growing Cyber Risk: In essence, you cannot outsource cyber risk; you are always accountable for the security of your sensitive data no matter who handles it. More Regulation: We can expect to see financial services regulators around the globe to adopt some of the measures deployed by the Bank of England to assess and manage systemic risk to the markets posed by cyber.