SlideShare a Scribd company logo

Cyber Resilience across Subsidiaries and Suppliers

Download as PPTX, PDF
Kevin Duffey
Kevin Duffey

Executive Briefing for Chief Risk Officers, Heads of Resilience and Security Directors, about how to measure and mitigate cyber risks

Business
1 of 50
Measuring Cyber Resilience across Subsidiaries & Suppliers because what gets measured gets managed Executive Briefing, 12th March 2019 Kevin Duffey Kevin.Duffey@CyberRescue.co.uk
HACK HERE FOR SECRETS…
THE SECRET PRIZE ON 12TH MARCH £5,000 worth of the Peer Comparison service, for the best contributor(s)
Cyber Rescue helps CEOs reduce harm from cyber attacks
What is Resilience? Resilience is the ability to: • anticipate • absorb and • adapt to challenges. Source: Resilience First
What is Resilience Resilience is the ability to: • anticipate  Intelligence • absorb and  Strength-In-Depth • adapt  Honesty to challenges. Source: Resilience First
I’m looking for someone to come on an adventure
Questions for your teammates • Where do you work? • What’s your job? • Are you intelligent, strong & honest?
Your Mission
Your Mission Keep it secret. Keep it safe.
Who do you trust with sensitive data? 1) Your boss 2) Your team 3) Your IT Department 4) Your Supplier(s)
Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 3) Your IT Department 4) Your Supplier(s)
Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 22% of staff clicked a phishing link in the last year 3) Your IT Department 4) Your Supplier(s)
Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 22% of staff clicked a phishing link in the last year 3) Your IT Department 34% of those that spend > 10% of IT budget on security identified a data breach in last 12 months 4) Your Supplier(s)
Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 22% of staff clicked a phishing link in the last year 3) Your IT Department 17% of those that spend < 10% of IT budget on security identified a data breach in last 12 months 4) Your Supplier(s)
Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 22% of staff clicked a phishing link in the last year 3) Your IT Department 17% of those that spend < 10% of IT budget on security identified a data breach in last 12 months 4) Your Supplier(s) 416% annual growth in number of records breached via a supplier or other third party
Who do you trust with sensitive data? It wants to be found
Who do you trust with sensitive data? 1) Your boss 1 2) Your team 1 3) Your IT Department 1 4) Your Supplier(s) 100
Who do you trust with sensitive data? 1) Your boss 1 1 2) Your team 1 10 3) Your IT Department 1 100 4) Your Supplier(s) 100 10,000
Example: who does HR Dept trust? Recruitment Agencies Staff Vetting Agencies Payroll Agencies Pension provider Private health care Other Benefits Providers Training Providers Coaches & Mentors Staff Survey Providers Staff Unions Legal Experts Outplacement Consultants Etc, Etc, … .
I am incredibly angry about this data breach. John Legere CEO, T-Mobile USA
“Equifax was using an ‘honor system’ for patching”
March 8th, 2019
What does an “honour system” for patching look like?
What does an “honour system” for patching look like?
What does an “honour system” for patching look like?
Who do you trust with sensitive data?
77% of FTSE 350 businesses fail to properly recognise risks associated with businesses in the supply chain – March 2019
We have a contract…
Regulators say Contract not Enough GDPR (Article 32) requires you to implement a process for regularly testing, assessing and evaluating technical and organisational measures for security of processing at suppliers. Banks operating in the USA must now conform to finance regulation 23 NYCRR 500 which requires continuous monitoring or periodic penetration tests of key suppliers. The European Banking Authority issued Guidelines for all banks to monitor the level of security at Suppliers.
How best to review suppliers? Attestation: 60 questions completed each year by 1 person at supplier Awareness: 1 hour online compliance training & assessment by all staff Certification: 8 hour audit completed every three years by external reviewer Discussion: 1 hour meeting where supplier explains security governance Cyber Range: 8 hour competition for IT staff, with scores & feedback Pen Testing: 10 days of probing each year, of 10% of the applications in use ScoreCard: 365 days monitoring, scores & feedback on all external systems Simulation: 2 hour simulation of executive decisions during a breach
How best to review suppliers? Attestation: 60 questions completed each year by 1 person at supplier Awareness: 1 hour online compliance training & assessment by all staff Certification: 8 hour audit completed every three years by external reviewer Discussion: 1 hour meeting where supplier explains security governance Cyber Range: 8 hour competition for IT staff, with scores & feedback Pen Testing: 10 days of probing each year, of 10% of the applications in use ScoreCard: 365 days assessment, scores & feedback on all external systems Simulation: 2 hour simulation of executive decisions during a breach
Discuss their Cyber Crisis Plan
Will suppliers (be able to) tell you?
Who do you trust with sensitive data? Is it secret? Is it safe?
Executive Simulation
HOW READY ARE YOU?
HOW READY ARE YOU?
HOW READY ARE YOU?
HOW READY ARE YOU?
HOW READY ARE YOU?
The most important question What will You do by 12 April to help your key Suppliers keep your secrets safe
Censored The Live Demonstration given to delegates on 12 March, of how to measure cyber resilience is Censored from this public version of the slides.
Measuring Cyber Resilience across Subsidiaries & Suppliers because what gets measured gets managed Executive Briefing, 12th March 2019 Kevin Duffey Kevin.Duffey@CyberRescue.co.uk

Recommended

Growth hacking company in gurgoan
Growth hacking company in gurgoanGrowth hacking company in gurgoan
Growth hacking company in gurgoangrowth hacking Company
 
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...accenture
 
Continuous KYC from Accenture + Quantexa
Continuous KYC from Accenture + QuantexaContinuous KYC from Accenture + Quantexa
Continuous KYC from Accenture + Quantexaaccenture
 
Seeking New Leadership
Seeking New LeadershipSeeking New Leadership
Seeking New Leadershipaccenture
 
Intelligent Finance Operations: The CFO's most powerful asset
Intelligent Finance Operations: The CFO's most powerful assetIntelligent Finance Operations: The CFO's most powerful asset
Intelligent Finance Operations: The CFO's most powerful assetAccenture Operations
 
San Francisco Jobs, Skills, and Opportunities in the Age of AI
San Francisco Jobs, Skills, and Opportunities in the Age of AISan Francisco Jobs, Skills, and Opportunities in the Age of AI
San Francisco Jobs, Skills, and Opportunities in the Age of AIaccenture
 
Accenture Getting To Equal 2020 Research Presentation
Accenture Getting To Equal 2020 Research Presentation Accenture Getting To Equal 2020 Research Presentation
Accenture Getting To Equal 2020 Research Presentation accenture
 
Decoding Organizational DNA
Decoding Organizational DNADecoding Organizational DNA
Decoding Organizational DNAaccenture
 

Recommended

Growth hacking company in gurgoan
Growth hacking company in gurgoanGrowth hacking company in gurgoan
Growth hacking company in gurgoangrowth hacking Company
 
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...
Whole Brain Leadership: New Rules of Engagement for the C-Suite| Accenture St...accenture
 
Continuous KYC from Accenture + Quantexa
Continuous KYC from Accenture + QuantexaContinuous KYC from Accenture + Quantexa
Continuous KYC from Accenture + Quantexaaccenture
 
Seeking New Leadership
Seeking New LeadershipSeeking New Leadership
Seeking New Leadershipaccenture
 
Intelligent Finance Operations: The CFO's most powerful asset
Intelligent Finance Operations: The CFO's most powerful assetIntelligent Finance Operations: The CFO's most powerful asset
Intelligent Finance Operations: The CFO's most powerful assetAccenture Operations
 
San Francisco Jobs, Skills, and Opportunities in the Age of AI
San Francisco Jobs, Skills, and Opportunities in the Age of AISan Francisco Jobs, Skills, and Opportunities in the Age of AI
San Francisco Jobs, Skills, and Opportunities in the Age of AIaccenture
 
Accenture Getting To Equal 2020 Research Presentation
Accenture Getting To Equal 2020 Research Presentation Accenture Getting To Equal 2020 Research Presentation
Accenture Getting To Equal 2020 Research Presentation accenture
 
Decoding Organizational DNA
Decoding Organizational DNADecoding Organizational DNA
Decoding Organizational DNAaccenture
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayAccenture Technology
 
Innovation Portfolio Management and Governance
Innovation Portfolio Management and GovernanceInnovation Portfolio Management and Governance
Innovation Portfolio Management and Governanceaccenture
 
Risk taking in SME's
Risk taking in SME'sRisk taking in SME's
Risk taking in SME'sBrian Stevens
 
Intelligent Talent & HR Operations | SlideShare | Accenture
Intelligent Talent & HR Operations | SlideShare | AccentureIntelligent Talent & HR Operations | SlideShare | Accenture
Intelligent Talent & HR Operations | SlideShare | AccentureAccenture Operations
 
Job One: Reimagine Today's State Government Workforce
Job One: Reimagine Today's State Government WorkforceJob One: Reimagine Today's State Government Workforce
Job One: Reimagine Today's State Government Workforceaccenture
 
Leading & Inspiring Employees In the Collaborative Economy
Leading & Inspiring Employees In the Collaborative EconomyLeading & Inspiring Employees In the Collaborative Economy
Leading & Inspiring Employees In the Collaborative EconomyAmy Bishop
 
PS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders WantedPS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders Wantedaccenture
 
AI: Built to Scale
AI: Built to ScaleAI: Built to Scale
AI: Built to Scaleaccenture
 
Driving High Performance Through Finance Workforce Mastery
Driving High Performance Through Finance Workforce MasteryDriving High Performance Through Finance Workforce Mastery
Driving High Performance Through Finance Workforce Masterycjazh
 
Maximizing Enterprise AI Investments | Accenture
Maximizing Enterprise AI Investments | AccentureMaximizing Enterprise AI Investments | Accenture
Maximizing Enterprise AI Investments | Accentureaccenture
 
Choosing The Right Credit Decisioning Model
Choosing The Right Credit Decisioning ModelChoosing The Right Credit Decisioning Model
Choosing The Right Credit Decisioning ModelExperian
 
Next Generation Digital Procurement | Accenture
Next Generation Digital Procurement | AccentureNext Generation Digital Procurement | Accenture
Next Generation Digital Procurement | AccentureAccenture Operations
 
2016 global outsourcing survey infographic
2016 global outsourcing survey infographic2016 global outsourcing survey infographic
2016 global outsourcing survey infographicDeloitte United States
 
Accenture future-of-hr-overview
Accenture future-of-hr-overviewAccenture future-of-hr-overview
Accenture future-of-hr-overviewRolling Plans Pvt. Ltd.
 
Maximizing AI Investments | Accenture
Maximizing AI Investments | AccentureMaximizing AI Investments | Accenture
Maximizing AI Investments | Accentureaccenture
 
Driving Digitalization in Biopharma R&D
Driving Digitalization in Biopharma R&DDriving Digitalization in Biopharma R&D
Driving Digitalization in Biopharma R&Daccenture
 
Shaping the Sustainable Organization | Accenture
Shaping the Sustainable Organization | AccentureShaping the Sustainable Organization | Accenture
Shaping the Sustainable Organization | Accentureaccenture
 
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018Aatif Awan
 
Getting to Equal 2018 - Spotlight on Young Leaders
Getting to Equal 2018 - Spotlight on Young LeadersGetting to Equal 2018 - Spotlight on Young Leaders
Getting to Equal 2018 - Spotlight on Young Leadersaccenture
 
startup-accelerator-programmes-a-practice-guide
startup-accelerator-programmes-a-practice-guide startup-accelerator-programmes-a-practice-guide
startup-accelerator-programmes-a-practice-guideHop Trieu Sung
 
Credit Union Cyber Security
Credit Union Cyber SecurityCredit Union Cyber Security
Credit Union Cyber SecurityStacy Willis
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 

More Related Content

What's hot

Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayAccenture Technology
 
Innovation Portfolio Management and Governance
Innovation Portfolio Management and GovernanceInnovation Portfolio Management and Governance
Innovation Portfolio Management and Governanceaccenture
 
Risk taking in SME's
Risk taking in SME'sRisk taking in SME's
Risk taking in SME'sBrian Stevens
 
Intelligent Talent & HR Operations | SlideShare | Accenture
Intelligent Talent & HR Operations | SlideShare | AccentureIntelligent Talent & HR Operations | SlideShare | Accenture
Intelligent Talent & HR Operations | SlideShare | AccentureAccenture Operations
 
Job One: Reimagine Today's State Government Workforce
Job One: Reimagine Today's State Government WorkforceJob One: Reimagine Today's State Government Workforce
Job One: Reimagine Today's State Government Workforceaccenture
 
Leading & Inspiring Employees In the Collaborative Economy
Leading & Inspiring Employees In the Collaborative EconomyLeading & Inspiring Employees In the Collaborative Economy
Leading & Inspiring Employees In the Collaborative EconomyAmy Bishop
 
PS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders WantedPS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders Wantedaccenture
 
AI: Built to Scale
AI: Built to ScaleAI: Built to Scale
AI: Built to Scaleaccenture
 
Driving High Performance Through Finance Workforce Mastery
Driving High Performance Through Finance Workforce MasteryDriving High Performance Through Finance Workforce Mastery
Driving High Performance Through Finance Workforce Masterycjazh
 
Maximizing Enterprise AI Investments | Accenture
Maximizing Enterprise AI Investments | AccentureMaximizing Enterprise AI Investments | Accenture
Maximizing Enterprise AI Investments | Accentureaccenture
 
Choosing The Right Credit Decisioning Model
Choosing The Right Credit Decisioning ModelChoosing The Right Credit Decisioning Model
Choosing The Right Credit Decisioning ModelExperian
 
Next Generation Digital Procurement | Accenture
Next Generation Digital Procurement | AccentureNext Generation Digital Procurement | Accenture
Next Generation Digital Procurement | AccentureAccenture Operations
 
2016 global outsourcing survey infographic
2016 global outsourcing survey infographic2016 global outsourcing survey infographic
2016 global outsourcing survey infographicDeloitte United States
 
Maximizing AI Investments | Accenture
Maximizing AI Investments | AccentureMaximizing AI Investments | Accenture
Maximizing AI Investments | Accentureaccenture
 
Driving Digitalization in Biopharma R&D
Driving Digitalization in Biopharma R&DDriving Digitalization in Biopharma R&D
Driving Digitalization in Biopharma R&Daccenture
 
Shaping the Sustainable Organization | Accenture
Shaping the Sustainable Organization | AccentureShaping the Sustainable Organization | Accenture
Shaping the Sustainable Organization | Accentureaccenture
 
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018Aatif Awan
 
Getting to Equal 2018 - Spotlight on Young Leaders
Getting to Equal 2018 - Spotlight on Young LeadersGetting to Equal 2018 - Spotlight on Young Leaders
Getting to Equal 2018 - Spotlight on Young Leadersaccenture
 
startup-accelerator-programmes-a-practice-guide
startup-accelerator-programmes-a-practice-guide startup-accelerator-programmes-a-practice-guide
startup-accelerator-programmes-a-practice-guideHop Trieu Sung
 

What's hot (20)

Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + Workday
 
Innovation Portfolio Management and Governance
Innovation Portfolio Management and GovernanceInnovation Portfolio Management and Governance
Innovation Portfolio Management and Governance
 
Risk taking in SME's
Risk taking in SME'sRisk taking in SME's
Risk taking in SME's
 
Intelligent Talent & HR Operations | SlideShare | Accenture
Intelligent Talent & HR Operations | SlideShare | AccentureIntelligent Talent & HR Operations | SlideShare | Accenture
Intelligent Talent & HR Operations | SlideShare | Accenture
 
Job One: Reimagine Today's State Government Workforce
Job One: Reimagine Today's State Government WorkforceJob One: Reimagine Today's State Government Workforce
Job One: Reimagine Today's State Government Workforce
 
Leading & Inspiring Employees In the Collaborative Economy
Leading & Inspiring Employees In the Collaborative EconomyLeading & Inspiring Employees In the Collaborative Economy
Leading & Inspiring Employees In the Collaborative Economy
 
PS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders WantedPS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders Wanted
 
AI: Built to Scale
AI: Built to ScaleAI: Built to Scale
AI: Built to Scale
 
Driving High Performance Through Finance Workforce Mastery
Driving High Performance Through Finance Workforce MasteryDriving High Performance Through Finance Workforce Mastery
Driving High Performance Through Finance Workforce Mastery
 
Maximizing Enterprise AI Investments | Accenture
Maximizing Enterprise AI Investments | AccentureMaximizing Enterprise AI Investments | Accenture
Maximizing Enterprise AI Investments | Accenture
 
Choosing The Right Credit Decisioning Model
Choosing The Right Credit Decisioning ModelChoosing The Right Credit Decisioning Model
Choosing The Right Credit Decisioning Model
 
Next Generation Digital Procurement | Accenture
Next Generation Digital Procurement | AccentureNext Generation Digital Procurement | Accenture
Next Generation Digital Procurement | Accenture
 
2016 global outsourcing survey infographic
2016 global outsourcing survey infographic2016 global outsourcing survey infographic
2016 global outsourcing survey infographic
 
Accenture future-of-hr-overview
Accenture future-of-hr-overviewAccenture future-of-hr-overview
Accenture future-of-hr-overview
 
Maximizing AI Investments | Accenture
Maximizing AI Investments | AccentureMaximizing AI Investments | Accenture
Maximizing AI Investments | Accenture
 
Driving Digitalization in Biopharma R&D
Driving Digitalization in Biopharma R&DDriving Digitalization in Biopharma R&D
Driving Digitalization in Biopharma R&D
 
Shaping the Sustainable Organization | Accenture
Shaping the Sustainable Organization | AccentureShaping the Sustainable Organization | Accenture
Shaping the Sustainable Organization | Accenture
 
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018
Expanding Internationally - A Primer with LinkedIn - SaaStr Annual 2018
 
Getting to Equal 2018 - Spotlight on Young Leaders
Getting to Equal 2018 - Spotlight on Young LeadersGetting to Equal 2018 - Spotlight on Young Leaders
Getting to Equal 2018 - Spotlight on Young Leaders
 
startup-accelerator-programmes-a-practice-guide
startup-accelerator-programmes-a-practice-guide startup-accelerator-programmes-a-practice-guide
startup-accelerator-programmes-a-practice-guide
 

Similar to Cyber Resilience across Subsidiaries and Suppliers

Credit Union Cyber Security
Credit Union Cyber SecurityCredit Union Cyber Security
Credit Union Cyber SecurityStacy Willis
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus
 
Common Mistakes to Avoid in Google Analytics
Common Mistakes to Avoid in Google AnalyticsCommon Mistakes to Avoid in Google Analytics
Common Mistakes to Avoid in Google AnalyticsSelesti-Ltd
 
Security Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfSecurity Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfIDG
 
Security Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfSecurity Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfIDG
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessArt Ocain
 
Brandon Consulting Overview
Brandon Consulting OverviewBrandon Consulting Overview
Brandon Consulting OverviewRonan Martin
 
2016 Risk Management Workshop
2016 Risk Management Workshop2016 Risk Management Workshop
2016 Risk Management WorkshopStacy Willis
 
Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Jim Kaplan CIA CFE
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOnRamp
 
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?Hitachi ID Systems, Inc.
 
Protecting the Core of Your Network
Protecting the Core of Your Network Protecting the Core of Your Network
Protecting the Core of Your Network Mighty Guides, Inc.
 
Corporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityCorporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityJoan Weber
 
Forrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the StandardForrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the StandardSecurityScorecard
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...GrapesTech Solutions
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionPrecisely
 

Similar to Cyber Resilience across Subsidiaries and Suppliers (20)

Credit Union Cyber Security
Credit Union Cyber SecurityCredit Union Cyber Security
Credit Union Cyber Security
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
 
Common Mistakes to Avoid in Google Analytics
Common Mistakes to Avoid in Google AnalyticsCommon Mistakes to Avoid in Google Analytics
Common Mistakes to Avoid in Google Analytics
 
Security Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfSecurity Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdf
 
Security Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfSecurity Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdf
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small Business
 
Brandon Consulting Overview
Brandon Consulting OverviewBrandon Consulting Overview
Brandon Consulting Overview
 
2016 Risk Management Workshop
2016 Risk Management Workshop2016 Risk Management Workshop
2016 Risk Management Workshop
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams
 
Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10)
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
 
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
 
Protecting the Core of Your Network
Protecting the Core of Your Network Protecting the Core of Your Network
Protecting the Core of Your Network
 
Corporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityCorporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber Security
 
Forrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the StandardForrester Webinar: Security Ratings Set the Standard
Forrester Webinar: Security Ratings Set the Standard
 
Cybersecurity report-vol-8
Cybersecurity report-vol-8Cybersecurity report-vol-8
Cybersecurity report-vol-8
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
 
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
 

More from Kevin Duffey

Cyber Insights from 100 surveys
Cyber Insights from 100 surveysCyber Insights from 100 surveys
Cyber Insights from 100 surveysKevin Duffey
 
Cyber TPRM - the journey ahead
Cyber TPRM - the journey aheadCyber TPRM - the journey ahead
Cyber TPRM - the journey aheadKevin Duffey
 
Ensuring Cyber Resilience in the Finance Sector
Ensuring Cyber Resilience in the Finance SectorEnsuring Cyber Resilience in the Finance Sector
Ensuring Cyber Resilience in the Finance SectorKevin Duffey
 
Breaches Anticipated in 2022 - November 1st, 2022
Breaches Anticipated in 2022 - November 1st, 2022Breaches Anticipated in 2022 - November 1st, 2022
Breaches Anticipated in 2022 - November 1st, 2022Kevin Duffey
 
Best Cyber Insights of 2022, from over 200 surveys
Best Cyber Insights of 2022, from over 200 surveysBest Cyber Insights of 2022, from over 200 surveys
Best Cyber Insights of 2022, from over 200 surveysKevin Duffey
 
Breaches Anticipated in 2022 as Cyber Security Posture so Low
Breaches Anticipated in 2022 as Cyber Security Posture so LowBreaches Anticipated in 2022 as Cyber Security Posture so Low
Breaches Anticipated in 2022 as Cyber Security Posture so LowKevin Duffey
 
Cyber Insurance - Best Insights of June 2022.pptx
Cyber Insurance - Best Insights of June 2022.pptxCyber Insurance - Best Insights of June 2022.pptx
Cyber Insurance - Best Insights of June 2022.pptxKevin Duffey
 
Best Cyber Risk Insights from 100 reports published in year to March 2022
Best Cyber Risk Insights from 100 reports published in year to March 2022Best Cyber Risk Insights from 100 reports published in year to March 2022
Best Cyber Risk Insights from 100 reports published in year to March 2022Kevin Duffey
 
Breaches Anticipated - because firms have weak cyber security visible to hac...
Breaches Anticipated - because firms have weak cyber security visible to hac...Breaches Anticipated - because firms have weak cyber security visible to hac...
Breaches Anticipated - because firms have weak cyber security visible to hac...Kevin Duffey
 
Cyber insurance insights - 17th feb 2022
Cyber insurance insights - 17th feb 2022Cyber insurance insights - 17th feb 2022
Cyber insurance insights - 17th feb 2022Kevin Duffey
 
Breaches anticipated in 2021 - Published 14th Jjune 2021
Breaches anticipated in 2021 - Published 14th Jjune 2021Breaches anticipated in 2021 - Published 14th Jjune 2021
Breaches anticipated in 2021 - Published 14th Jjune 2021Kevin Duffey
 
Cyber Resilience: managing 3rd Party Risks in Financial Services
Cyber Resilience: managing 3rd Party Risks in Financial ServicesCyber Resilience: managing 3rd Party Risks in Financial Services
Cyber Resilience: managing 3rd Party Risks in Financial ServicesKevin Duffey
 
Privacy & Security in Feb 2020: new Fintech regulations on Cyber Security at ...
Privacy & Security in Feb 2020: new Fintech regulations on Cyber Security at ...Privacy & Security in Feb 2020: new Fintech regulations on Cyber Security at ...
Privacy & Security in Feb 2020: new Fintech regulations on Cyber Security at ...Kevin Duffey
 
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020Kevin Duffey
 
Keynote at Operational Resilience summit - Financial Services - 18th Nov 2019
Keynote at Operational Resilience summit - Financial Services - 18th Nov 2019Keynote at Operational Resilience summit - Financial Services - 18th Nov 2019
Keynote at Operational Resilience summit - Financial Services - 18th Nov 2019Kevin Duffey
 
London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018Kevin Duffey
 
Cyber Attack Simulation for 450 Executives
Cyber Attack Simulation for 450 ExecutivesCyber Attack Simulation for 450 Executives
Cyber Attack Simulation for 450 ExecutivesKevin Duffey
 
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Kevin Duffey
 
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...Kevin Duffey
 
Equifax breach - how to lose friends and customers...
Equifax breach - how to lose friends and customers...Equifax breach - how to lose friends and customers...
Equifax breach - how to lose friends and customers...Kevin Duffey
 

More from Kevin Duffey (20)

Cyber Insights from 100 surveys
Cyber Insights from 100 surveysCyber Insights from 100 surveys
Cyber Insights from 100 surveys
 
Cyber TPRM - the journey ahead
Cyber TPRM - the journey aheadCyber TPRM - the journey ahead
Cyber TPRM - the journey ahead
 
Ensuring Cyber Resilience in the Finance Sector
Ensuring Cyber Resilience in the Finance SectorEnsuring Cyber Resilience in the Finance Sector
Ensuring Cyber Resilience in the Finance Sector
 
Breaches Anticipated in 2022 - November 1st, 2022
Breaches Anticipated in 2022 - November 1st, 2022Breaches Anticipated in 2022 - November 1st, 2022
Breaches Anticipated in 2022 - November 1st, 2022
 
Best Cyber Insights of 2022, from over 200 surveys
Best Cyber Insights of 2022, from over 200 surveysBest Cyber Insights of 2022, from over 200 surveys
Best Cyber Insights of 2022, from over 200 surveys
 
Breaches Anticipated in 2022 as Cyber Security Posture so Low
Breaches Anticipated in 2022 as Cyber Security Posture so LowBreaches Anticipated in 2022 as Cyber Security Posture so Low
Breaches Anticipated in 2022 as Cyber Security Posture so Low
 
Cyber Insurance - Best Insights of June 2022.pptx
Cyber Insurance - Best Insights of June 2022.pptxCyber Insurance - Best Insights of June 2022.pptx
Cyber Insurance - Best Insights of June 2022.pptx
 
Best Cyber Risk Insights from 100 reports published in year to March 2022
Best Cyber Risk Insights from 100 reports published in year to March 2022Best Cyber Risk Insights from 100 reports published in year to March 2022
Best Cyber Risk Insights from 100 reports published in year to March 2022
 
Breaches Anticipated - because firms have weak cyber security visible to hac...
Breaches Anticipated - because firms have weak cyber security visible to hac...Breaches Anticipated - because firms have weak cyber security visible to hac...
Breaches Anticipated - because firms have weak cyber security visible to hac...
 
Cyber insurance insights - 17th feb 2022
Cyber insurance insights - 17th feb 2022Cyber insurance insights - 17th feb 2022
Cyber insurance insights - 17th feb 2022
 
Breaches anticipated in 2021 - Published 14th Jjune 2021
Breaches anticipated in 2021 - Published 14th Jjune 2021Breaches anticipated in 2021 - Published 14th Jjune 2021
Breaches anticipated in 2021 - Published 14th Jjune 2021
 
Cyber Resilience: managing 3rd Party Risks in Financial Services
Cyber Resilience: managing 3rd Party Risks in Financial ServicesCyber Resilience: managing 3rd Party Risks in Financial Services
Cyber Resilience: managing 3rd Party Risks in Financial Services
 
Privacy & Security in Feb 2020: new Fintech regulations on Cyber Security at ...
Privacy & Security in Feb 2020: new Fintech regulations on Cyber Security at ...Privacy & Security in Feb 2020: new Fintech regulations on Cyber Security at ...
Privacy & Security in Feb 2020: new Fintech regulations on Cyber Security at ...
 
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020
 
Keynote at Operational Resilience summit - Financial Services - 18th Nov 2019
Keynote at Operational Resilience summit - Financial Services - 18th Nov 2019Keynote at Operational Resilience summit - Financial Services - 18th Nov 2019
Keynote at Operational Resilience summit - Financial Services - 18th Nov 2019
 
London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018
 
Cyber Attack Simulation for 450 Executives
Cyber Attack Simulation for 450 ExecutivesCyber Attack Simulation for 450 Executives
Cyber Attack Simulation for 450 Executives
 
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
 
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
 
Equifax breach - how to lose friends and customers...
Equifax breach - how to lose friends and customers...Equifax breach - how to lose friends and customers...
Equifax breach - how to lose friends and customers...
 

Recently uploaded

RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...BBPMedia1
 
Presentation: PLM loves Innovation PI 2013 Berlin
Presentation: PLM loves Innovation PI 2013 BerlinPresentation: PLM loves Innovation PI 2013 Berlin
Presentation: PLM loves Innovation PI 2013 BerlinJos Voskuil
 
sales plan presentation by mckinsey alum
sales plan presentation by mckinsey alumsales plan presentation by mckinsey alum
sales plan presentation by mckinsey alumzyqmx62fgm
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterNathanBaughman3
 
Pitch Deck Teardown: RAW Dating App's $3M Angel deck
Pitch Deck Teardown: RAW Dating App's $3M Angel deckPitch Deck Teardown: RAW Dating App's $3M Angel deck
Pitch Deck Teardown: RAW Dating App's $3M Angel deckHajeJanKamps
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementBojamma2
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
 
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...dvividconsultant15
 
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...BBPMedia1
 
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintNavpack & Print
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134LR1709MUSIC
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptseri bangash
 
Securing Your Peace of Mind: Private Security Guard Services’
Securing Your Peace of Mind: Private Security Guard Services’Securing Your Peace of Mind: Private Security Guard Services’
Securing Your Peace of Mind: Private Security Guard Services’Dragon Dream Bar
 
lecture 02 managerial accounting. chapter 02pptx
lecture 02 managerial accounting. chapter 02pptxlecture 02 managerial accounting. chapter 02pptx
lecture 02 managerial accounting. chapter 02pptxalshamahimohammed1
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiaFalcon Invoice Discounting
 
Global Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdfGlobal Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdfHenry Tapper
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfSam H
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxWorkforce Group
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanasabutalha2013
 

Recently uploaded (20)

RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
 
Presentation: PLM loves Innovation PI 2013 Berlin
Presentation: PLM loves Innovation PI 2013 BerlinPresentation: PLM loves Innovation PI 2013 Berlin
Presentation: PLM loves Innovation PI 2013 Berlin
 
sales plan presentation by mckinsey alum
sales plan presentation by mckinsey alumsales plan presentation by mckinsey alum
sales plan presentation by mckinsey alum
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
 
Pitch Deck Teardown: RAW Dating App's $3M Angel deck
Pitch Deck Teardown: RAW Dating App's $3M Angel deckPitch Deck Teardown: RAW Dating App's $3M Angel deck
Pitch Deck Teardown: RAW Dating App's $3M Angel deck
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
 
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
 
Commercial RO Plant Manufacturer In Noida.pdf
Commercial RO Plant Manufacturer In Noida.pdfCommercial RO Plant Manufacturer In Noida.pdf
Commercial RO Plant Manufacturer In Noida.pdf
 
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
 
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
 
Securing Your Peace of Mind: Private Security Guard Services’
Securing Your Peace of Mind: Private Security Guard Services’Securing Your Peace of Mind: Private Security Guard Services’
Securing Your Peace of Mind: Private Security Guard Services’
 
lecture 02 managerial accounting. chapter 02pptx
lecture 02 managerial accounting. chapter 02pptxlecture 02 managerial accounting. chapter 02pptx
lecture 02 managerial accounting. chapter 02pptx
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
 
Global Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdfGlobal Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdf
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
 

Cyber Resilience across Subsidiaries and Suppliers

  • 1. Measuring Cyber Resilience across Subsidiaries & Suppliers because what gets measured gets managed Executive Briefing, 12th March 2019 Kevin Duffey Kevin.Duffey@CyberRescue.co.uk
  • 2. HACK HERE FOR SECRETS…
  • 3. THE SECRET PRIZE ON 12TH MARCH £5,000 worth of the Peer Comparison service, for the best contributor(s)
  • 4. Cyber Rescue helps CEOs reduce harm from cyber attacks
  • 5. What is Resilience? Resilience is the ability to: • anticipate • absorb and • adapt to challenges. Source: Resilience First
  • 6. What is Resilience Resilience is the ability to: • anticipate  Intelligence • absorb and  Strength-In-Depth • adapt  Honesty to challenges. Source: Resilience First
  • 7. I’m looking for someone to come on an adventure
  • 8. Questions for your teammates • Where do you work? • What’s your job? • Are you intelligent, strong & honest?
  • 10. Your Mission Keep it secret. Keep it safe.
  • 11. Who do you trust with sensitive data? 1) Your boss 2) Your team 3) Your IT Department 4) Your Supplier(s)
  • 12. Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 3) Your IT Department 4) Your Supplier(s)
  • 13. Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 22% of staff clicked a phishing link in the last year 3) Your IT Department 4) Your Supplier(s)
  • 14. Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 22% of staff clicked a phishing link in the last year 3) Your IT Department 34% of those that spend > 10% of IT budget on security identified a data breach in last 12 months 4) Your Supplier(s)
  • 15. Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 22% of staff clicked a phishing link in the last year 3) Your IT Department 17% of those that spend < 10% of IT budget on security identified a data breach in last 12 months 4) Your Supplier(s)
  • 16. Who do you trust with sensitive data? 1) Your boss 63% of CEOs admit to clicking links by mistake 2) Your team 22% of staff clicked a phishing link in the last year 3) Your IT Department 17% of those that spend < 10% of IT budget on security identified a data breach in last 12 months 4) Your Supplier(s) 416% annual growth in number of records breached via a supplier or other third party
  • 17. Who do you trust with sensitive data? It wants to be found
  • 18. Who do you trust with sensitive data? 1) Your boss 1 2) Your team 1 3) Your IT Department 1 4) Your Supplier(s) 100
  • 19. Who do you trust with sensitive data? 1) Your boss 1 1 2) Your team 1 10 3) Your IT Department 1 100 4) Your Supplier(s) 100 10,000
  • 20. Example: who does HR Dept trust? Recruitment Agencies Staff Vetting Agencies Payroll Agencies Pension provider Private health care Other Benefits Providers Training Providers Coaches & Mentors Staff Survey Providers Staff Unions Legal Experts Outplacement Consultants Etc, Etc, … .
  • 21.
  • 22. I am incredibly angry about this data breach. John Legere CEO, T-Mobile USA
  • 25. What does an “honour system” for patching look like?
  • 26. What does an “honour system” for patching look like?
  • 27. What does an “honour system” for patching look like?
  • 28. Who do you trust with sensitive data?
  • 29. 77% of FTSE 350 businesses fail to properly recognise risks associated with businesses in the supply chain – March 2019
  • 30. We have a contract…
  • 31. Regulators say Contract not Enough GDPR (Article 32) requires you to implement a process for regularly testing, assessing and evaluating technical and organisational measures for security of processing at suppliers. Banks operating in the USA must now conform to finance regulation 23 NYCRR 500 which requires continuous monitoring or periodic penetration tests of key suppliers. The European Banking Authority issued Guidelines for all banks to monitor the level of security at Suppliers.
  • 32. How best to review suppliers? Attestation: 60 questions completed each year by 1 person at supplier Awareness: 1 hour online compliance training & assessment by all staff Certification: 8 hour audit completed every three years by external reviewer Discussion: 1 hour meeting where supplier explains security governance Cyber Range: 8 hour competition for IT staff, with scores & feedback Pen Testing: 10 days of probing each year, of 10% of the applications in use ScoreCard: 365 days monitoring, scores & feedback on all external systems Simulation: 2 hour simulation of executive decisions during a breach
  • 33. How best to review suppliers? Attestation: 60 questions completed each year by 1 person at supplier Awareness: 1 hour online compliance training & assessment by all staff Certification: 8 hour audit completed every three years by external reviewer Discussion: 1 hour meeting where supplier explains security governance Cyber Range: 8 hour competition for IT staff, with scores & feedback Pen Testing: 10 days of probing each year, of 10% of the applications in use ScoreCard: 365 days assessment, scores & feedback on all external systems Simulation: 2 hour simulation of executive decisions during a breach
  • 34. Discuss their Cyber Crisis Plan
  • 35. Will suppliers (be able to) tell you?
  • 36. Who do you trust with sensitive data? Is it secret? Is it safe?
  • 38.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48. The most important question What will You do by 12 April to help your key Suppliers keep your secrets safe
  • 49. Censored The Live Demonstration given to delegates on 12 March, of how to measure cyber resilience is Censored from this public version of the slides.
  • 50. Measuring Cyber Resilience across Subsidiaries & Suppliers because what gets measured gets managed Executive Briefing, 12th March 2019 Kevin Duffey Kevin.Duffey@CyberRescue.co.uk