SlideShare a Scribd company logo

Cyber Security vs Cyber Resilience DLCRWeek Document

Download as PPTX, PDF
Jeremy Coates
Jeremy Coates

Downtown in Business Cyber Session, focusing on Cyber Security / Resilience and the General Data Protection Regulation coming into enforcement on 25th May 2018. Part of the Digital Leaders Cyber Resilience Week 11th-15th September 2017.

Small Business & Entrepreneurship
1 of 28
@magma_digital @DigiEnable#DLCRWeek
@magma_digital @DigiEnable#DLCRWeek
@magma_digital @DigiEnable#DLCRWeek
@magma_digital @DigiEnable#DLCRWeek Cyber Security vs Cyber Resilience
@magma_digital @DigiEnable#DLCRWeek ★ Blackburn Vehicle Hire company in 2015, lost 12000 files to hackers and had to pay £3000 to get them recovered ★ CEO fraud – cost businesses 32 million in the UK ★ If a cyber-attack caused systems to go offline, 30% of businesses would survive less than a day without their revenues being impacted. ★ 20% of respondents did not believe it would affect their organisation at all! ★ 77% of companies don’t have a security plan Cyber Threat Costs
@magma_digital @DigiEnable#DLCRWeek
@magma_digital @DigiEnable#DLCRWeek Liz Hardwick “Your people can be your best asset, but also one of your biggest security risks”
@magma_digital @DigiEnable#DLCRWeek
@magma_digital @DigiEnable#DLCRWeek ★ Threat Fatigue ★ BYOD ★ Remote Working ★ Removable Devices ★ Access Control Challenges https://1.bp.blogspot.com/-Y8aTaOm4CSc/VucaDRmLgSI/AAAAAAAAAk4/c4nD5qhUikQEyiTPDds8hVMyiCyqCY4IQ/s320/What-Meme-13.jpg
@magma_digital @DigiEnable#DLCRWeek ★ Access / Permissions ★ Passwords, Different Passwords & 2FA ★ Protocols & training against CEO Fraud & Phishing Practical Approaches https://www.puravidamultimedia.com/wp-content/uploads/2014/04/funny-password-meme-6.jpg
@magma_digital @DigiEnable#DLCRWeek GDPR a whistle-stop tour https://pbs.twimg.com/media/C5bUpr9WUAAZ9EJ.jpg:large
@magma_digital @DigiEnable#DLCRWeek
@magma_digital @DigiEnable#DLCRWeek ★ Approved 14th April 2016 ★ Comes into enforcement: 25th May 2018 ★ “Regulation” - binding legislation across EU, not just a directive ★ Applies to both Controller & Processors, any organisation processing data on EU citizens (anywhere) General Data Protection Regulation (GDPR) http://i.memecaptain.com/gend_images/nrN8Hg.jpg
@magma_digital @DigiEnable#DLCRWeek ★ Territorial scope ★ Consent ★ Penalties - apply to processors too ★ Breach Notification ★ Right to Access ★ Right to be Forgotten ★ Data Portability ★ Privacy by Design ★ Data Protection Officers GDPR key changes since DPA ‘98 http://www.cardwaveservices.com/wp-content/uploads/2016/12/Fotolia_85564322_M_6cr-860x573.jpg
@magma_digital @DigiEnable#DLCRWeek ★ Processed lawfully, fairly & transparently ★ Collected for specified, explicit & legitimate reasons & no more ★ Adequate, relevant & limited to what is necessary GDPR Principles Data shall be…
@magma_digital @DigiEnable#DLCRWeek ★ Accurate & up to date - erase & rectify without delay ★ Identifiable no longer than necessary ★ Processed securely GDPR Principles Data shall be…
@magma_digital @DigiEnable#DLCRWeek ★ The right to be informed ★ The right of access ★ The right to rectification ★ The right to erasure ★ The right to restrict processing ★ The right to data portability ★ The right to object ★ Rights in relation to automated decision making and profiling GDPR Rights For individuals…
@magma_digital @DigiEnable#DLCRWeek ★ GDPR defines personal data very broadly: • any data that relates to an identified or identifiable natural person. ★ Data can be found in: • Customer databases • Email content / lists • Feedback forms filled out by customers • Paper records • Photos / CCTV footage Personal data, what / where is it? • Loyalty program records • HR / employee databases https://www.l2cybersecurity.com/wp-content/uploads/2016/09/Data-Privacy-Violate-400.jpeg
@magma_digital @DigiEnable#DLCRWeek ★ Investigative Powers ★ Available Civil Sanctions: Tiered levels • Maximum €20m / £17m or 4% Global Turnover • Lower tier €10m / 2% - inadequate records • Regular periodic data protection audits • A warning in writing in cases of first and non-intentional non-compliance Regulation: Information Commissioner ★ Criminal Sanctions ★ Protection for Journalists / Whistleblowers https://media.licdn.com/mpr/mpr/AAEAAQAAAAAAAAzYAAAAJDY4ODA5NWI3LTQwYTktNGIxNC04ZTY2LTZiMTQwMmU5YmYyYw.jpg
@magma_digital @DigiEnable#DLCRWeek ★ Applies Brexit or not - extra-territorial rules ★ Data Protection Bill - planned to incorporate: • GDPR • DP Law Enforcement Directive • likely Network & Information Systems Directive ★ Aiming for gold standard, safest place to live & be online UK? https://castlebridge.ie/sites/default/files/default/files/e0f72_xlexvch5dkqaf6ktrqenoa2.jpg
@magma_digital @DigiEnable#DLCRWeek ★ Knowing • what your data is • where your data is • who has access to data ★ Enables • better control • reduces risk • greater resilience Opportunities
@magma_digital @DigiEnable#DLCRWeek ★ Remaining timescale - 252 days… ★ Lack of guidance: The Record ★ Dearth of staff available to audit, plan, control, report ★ Additional overhead alongside rising threat landscape Challenges http://blog.businessdecision.com/wp-content/uploads/2017/04/keep-calm-gdpr.png
@magma_digital @DigiEnable#DLCRWeek ★ Audit - data footprint, start point ★ Policies - structures to follow, measure against ★ Training - disseminate awareness, start now ★ Involvement - representation throughout organisation Practical Approaches https://cdn.meme.am/cache/instances/folder497/250x250/76905497/dr-evil-meme-gdpr-master-plan.jpg
@magma_digital @DigiEnable#DLCRWeek Example GDPR Plan Discover Manage Protect Report Needs / Challenges Identify what / where personal data is Govern how data is used & accessed Create security controls: prevent, detect, respond to breaches Record documentation, deal with data requests IT Team / Partners Security & Risk Assessments, locate personal data, plan compliance Compliance plans, design, configure, monitor policies and controls for data and applications Monitor, analyse & react to threats, address vulnerabilities, prevent breaches Admin services, documentation requirements, respond to data requests Providers Help locate & identify personal data you collect Manage policies, use cases Threat intelligence, provide tools to take advantage Help demonstrate due diligence, handling data requests
@magma_digital @DigiEnable#DLCRWeek http://oregonzoo.org/sites/default/files/styles/article-full/public/HV_Gestationinfographic3.jpg
@magma_digital @DigiEnable#DLCRWeek
@magma_digital @DigiEnable#DLCRWeek
@magma_digital @DigiEnable#DLCRWeek

Recommended

SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth
 
Digital Energy 2018 Day 2
Digital Energy 2018 Day 2Digital Energy 2018 Day 2
Digital Energy 2018 Day 2Ray Bugg
 
Worry free security breach - Gemalto
Worry free security breach - GemaltoWorry free security breach - Gemalto
Worry free security breach - GemaltoHarry Gunns
 
The European Union’s 
General Data Protection Regulation
The European Union’s 
General Data Protection Regulation The European Union’s 
General Data Protection Regulation
The European Union’s 
General Data Protection Regulation David Sayce
 
Data Discovery Automation: How to Save Time & Protect Customer Data
Data Discovery Automation: How to Save Time & Protect Customer DataData Discovery Automation: How to Save Time & Protect Customer Data
Data Discovery Automation: How to Save Time & Protect Customer DataTrustArc
 
Where is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudWhere is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudChris Swan
 
Blockchain - ISG Future Network Summit Presentation, 2018
Blockchain - ISG Future Network Summit Presentation, 2018Blockchain - ISG Future Network Summit Presentation, 2018
Blockchain - ISG Future Network Summit Presentation, 2018Alex Manders
 
Using Smart Technologies to Transform Legacy Data into Business Value
Using Smart Technologies to Transform Legacy Data into Business ValueUsing Smart Technologies to Transform Legacy Data into Business Value
Using Smart Technologies to Transform Legacy Data into Business ValueNuxeo
 

Recommended

SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth
 
Digital Energy 2018 Day 2
Digital Energy 2018 Day 2Digital Energy 2018 Day 2
Digital Energy 2018 Day 2Ray Bugg
 
Worry free security breach - Gemalto
Worry free security breach - GemaltoWorry free security breach - Gemalto
Worry free security breach - GemaltoHarry Gunns
 
The European Union’s 
General Data Protection Regulation
The European Union’s 
General Data Protection Regulation The European Union’s 
General Data Protection Regulation
The European Union’s 
General Data Protection Regulation David Sayce
 
Data Discovery Automation: How to Save Time & Protect Customer Data
Data Discovery Automation: How to Save Time & Protect Customer DataData Discovery Automation: How to Save Time & Protect Customer Data
Data Discovery Automation: How to Save Time & Protect Customer DataTrustArc
 
Where is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudWhere is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudChris Swan
 
Blockchain - ISG Future Network Summit Presentation, 2018
Blockchain - ISG Future Network Summit Presentation, 2018Blockchain - ISG Future Network Summit Presentation, 2018
Blockchain - ISG Future Network Summit Presentation, 2018Alex Manders
 
Using Smart Technologies to Transform Legacy Data into Business Value
Using Smart Technologies to Transform Legacy Data into Business ValueUsing Smart Technologies to Transform Legacy Data into Business Value
Using Smart Technologies to Transform Legacy Data into Business ValueNuxeo
 
12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slidesExponential_e
 
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to ArmageddonAdrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to ArmageddonMezzo Labs
 
GDPRforum London
GDPRforum LondonGDPRforum London
GDPRforum LondonAngry Creative (UK)
 
GDPR and Remote Access Security: What You Need To Know
GDPR and Remote Access Security: What You Need To KnowGDPR and Remote Access Security: What You Need To Know
GDPR and Remote Access Security: What You Need To KnowBomgar
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdprExponential_e
 
Webinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRWebinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRStorage Switzerland
 
All You Need To Know About Data Law Changes in 2018
All You Need To Know About Data Law Changes in 2018All You Need To Know About Data Law Changes in 2018
All You Need To Know About Data Law Changes in 2018The Drum
 
Cloud adoption in the EU - and analyst's perspective (revised)
Cloud adoption in the EU - and analyst's perspective (revised)Cloud adoption in the EU - and analyst's perspective (revised)
Cloud adoption in the EU - and analyst's perspective (revised)Mike Davis
 
Secrets of Successful Digital Transformers
Secrets of Successful Digital TransformersSecrets of Successful Digital Transformers
Secrets of Successful Digital TransformersVMware Tanzu
 
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...Bomgar
 
GDPR Scotland 2017
GDPR Scotland 2017GDPR Scotland 2017
GDPR Scotland 2017Ray Bugg
 
Let’s Get Cirrus About Personal Clouds
Let’s Get Cirrus About Personal CloudsLet’s Get Cirrus About Personal Clouds
Let’s Get Cirrus About Personal CloudsT.Rob Wyatt
 
Nimbox presentation
Nimbox presentationNimbox presentation
Nimbox presentationJason Newell
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...Data Con LA
 
GDPR - CISO Perspective
GDPR - CISO PerspectiveGDPR - CISO Perspective
GDPR - CISO PerspectiveGeorge Dragusin
 
Cyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessCyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessLucy Denver
 
Data.Monks sGTM is a universal endpoint.pptx
Data.Monks sGTM is a universal endpoint.pptxData.Monks sGTM is a universal endpoint.pptx
Data.Monks sGTM is a universal endpoint.pptxDoug Hall
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial servicesBitglass
 
Aspect Oriented Programming
Aspect Oriented ProgrammingAspect Oriented Programming
Aspect Oriented ProgrammingJeremy Coates
 
Why is PHP Awesome
Why is PHP AwesomeWhy is PHP Awesome
Why is PHP AwesomeJeremy Coates
 

More Related Content

Similar to Cyber Security vs Cyber Resilience DLCRWeek Document

12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slidesExponential_e
 
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to ArmageddonAdrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to ArmageddonMezzo Labs
 
GDPR and Remote Access Security: What You Need To Know
GDPR and Remote Access Security: What You Need To KnowGDPR and Remote Access Security: What You Need To Know
GDPR and Remote Access Security: What You Need To KnowBomgar
 
Webinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRWebinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRStorage Switzerland
 
All You Need To Know About Data Law Changes in 2018
All You Need To Know About Data Law Changes in 2018All You Need To Know About Data Law Changes in 2018
All You Need To Know About Data Law Changes in 2018The Drum
 
Cloud adoption in the EU - and analyst's perspective (revised)
Cloud adoption in the EU - and analyst's perspective (revised)Cloud adoption in the EU - and analyst's perspective (revised)
Cloud adoption in the EU - and analyst's perspective (revised)Mike Davis
 
Secrets of Successful Digital Transformers
Secrets of Successful Digital TransformersSecrets of Successful Digital Transformers
Secrets of Successful Digital TransformersVMware Tanzu
 
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...Bomgar
 
GDPR Scotland 2017
GDPR Scotland 2017GDPR Scotland 2017
GDPR Scotland 2017Ray Bugg
 
Let’s Get Cirrus About Personal Clouds
Let’s Get Cirrus About Personal CloudsLet’s Get Cirrus About Personal Clouds
Let’s Get Cirrus About Personal CloudsT.Rob Wyatt
 
Nimbox presentation
Nimbox presentationNimbox presentation
Nimbox presentationJason Newell
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...Data Con LA
 
Cyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessCyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessLucy Denver
 
Data.Monks sGTM is a universal endpoint.pptx
Data.Monks sGTM is a universal endpoint.pptxData.Monks sGTM is a universal endpoint.pptx
Data.Monks sGTM is a universal endpoint.pptxDoug Hall
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial servicesBitglass
 

Similar to Cyber Security vs Cyber Resilience DLCRWeek Document (20)

12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slides
 
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to ArmageddonAdrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
 
GDPRforum London
GDPRforum LondonGDPRforum London
GDPRforum London
 
GDPR and Remote Access Security: What You Need To Know
GDPR and Remote Access Security: What You Need To KnowGDPR and Remote Access Security: What You Need To Know
GDPR and Remote Access Security: What You Need To Know
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
 
Webinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRWebinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPR
 
All You Need To Know About Data Law Changes in 2018
All You Need To Know About Data Law Changes in 2018All You Need To Know About Data Law Changes in 2018
All You Need To Know About Data Law Changes in 2018
 
Cloud adoption in the EU - and analyst's perspective (revised)
Cloud adoption in the EU - and analyst's perspective (revised)Cloud adoption in the EU - and analyst's perspective (revised)
Cloud adoption in the EU - and analyst's perspective (revised)
 
Secrets of Successful Digital Transformers
Secrets of Successful Digital TransformersSecrets of Successful Digital Transformers
Secrets of Successful Digital Transformers
 
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...
Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend A...
 
GDPR Scotland 2017
GDPR Scotland 2017GDPR Scotland 2017
GDPR Scotland 2017
 
Let’s Get Cirrus About Personal Clouds
Let’s Get Cirrus About Personal CloudsLet’s Get Cirrus About Personal Clouds
Let’s Get Cirrus About Personal Clouds
 
Nimbox presentation
Nimbox presentationNimbox presentation
Nimbox presentation
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
 
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...
Data Con LA 2022 - Who Owns That Yacht? How Graphs Are Used to Identify Asset...
 
GDPR - CISO Perspective
GDPR - CISO PerspectiveGDPR - CISO Perspective
GDPR - CISO Perspective
 
Cyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessCyber Security and the Impact on your Business
Cyber Security and the Impact on your Business
 
Data.Monks sGTM is a universal endpoint.pptx
Data.Monks sGTM is a universal endpoint.pptxData.Monks sGTM is a universal endpoint.pptx
Data.Monks sGTM is a universal endpoint.pptx
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial services
 

More from Jeremy Coates

Aspect Oriented Programming
Aspect Oriented ProgrammingAspect Oriented Programming
Aspect Oriented ProgrammingJeremy Coates
 
Testing with Codeception
Testing with CodeceptionTesting with Codeception
Testing with CodeceptionJeremy Coates
 
An introduction to Phing the PHP build system (PHPDay, May 2012)
An introduction to Phing the PHP build system (PHPDay, May 2012)An introduction to Phing the PHP build system (PHPDay, May 2012)
An introduction to Phing the PHP build system (PHPDay, May 2012)Jeremy Coates
 
An introduction to Phing the PHP build system
An introduction to Phing the PHP build systemAn introduction to Phing the PHP build system
An introduction to Phing the PHP build systemJeremy Coates
 
Insects in your mind
Insects in your mindInsects in your mind
Insects in your mindJeremy Coates
 
Hudson Continuous Integration for PHP
Hudson Continuous Integration for PHPHudson Continuous Integration for PHP
Hudson Continuous Integration for PHPJeremy Coates
 
The Uncertainty Principle
The Uncertainty PrincipleThe Uncertainty Principle
The Uncertainty PrincipleJeremy Coates
 
Exploiting Php With Php
Exploiting Php With PhpExploiting Php With Php
Exploiting Php With PhpJeremy Coates
 
What's new, what's hot in PHP 5.3
What's new, what's hot in PHP 5.3What's new, what's hot in PHP 5.3
What's new, what's hot in PHP 5.3Jeremy Coates
 
Mysql Explain Explained
Mysql Explain ExplainedMysql Explain Explained
Mysql Explain ExplainedJeremy Coates
 
Introduction to Version Control
Introduction to Version ControlIntroduction to Version Control
Introduction to Version ControlJeremy Coates
 
PHPNW Conference Update
PHPNW Conference UpdatePHPNW Conference Update
PHPNW Conference UpdateJeremy Coates
 

More from Jeremy Coates (17)

Aspect Oriented Programming
Aspect Oriented ProgrammingAspect Oriented Programming
Aspect Oriented Programming
 
Why is PHP Awesome
Why is PHP AwesomeWhy is PHP Awesome
Why is PHP Awesome
 
Testing with Codeception
Testing with CodeceptionTesting with Codeception
Testing with Codeception
 
An introduction to Phing the PHP build system (PHPDay, May 2012)
An introduction to Phing the PHP build system (PHPDay, May 2012)An introduction to Phing the PHP build system (PHPDay, May 2012)
An introduction to Phing the PHP build system (PHPDay, May 2012)
 
An introduction to Phing the PHP build system
An introduction to Phing the PHP build systemAn introduction to Phing the PHP build system
An introduction to Phing the PHP build system
 
Insects in your mind
Insects in your mindInsects in your mind
Insects in your mind
 
Phing
PhingPhing
Phing
 
Hudson Continuous Integration for PHP
Hudson Continuous Integration for PHPHudson Continuous Integration for PHP
Hudson Continuous Integration for PHP
 
The Uncertainty Principle
The Uncertainty PrincipleThe Uncertainty Principle
The Uncertainty Principle
 
Exploiting Php With Php
Exploiting Php With PhpExploiting Php With Php
Exploiting Php With Php
 
What's new, what's hot in PHP 5.3
What's new, what's hot in PHP 5.3What's new, what's hot in PHP 5.3
What's new, what's hot in PHP 5.3
 
Kiss Phpnw08
Kiss Phpnw08Kiss Phpnw08
Kiss Phpnw08
 
Regex Basics
Regex BasicsRegex Basics
Regex Basics
 
Search Lucene
Search LuceneSearch Lucene
Search Lucene
 
Mysql Explain Explained
Mysql Explain ExplainedMysql Explain Explained
Mysql Explain Explained
 
Introduction to Version Control
Introduction to Version ControlIntroduction to Version Control
Introduction to Version Control
 
PHPNW Conference Update
PHPNW Conference UpdatePHPNW Conference Update
PHPNW Conference Update
 

Recently uploaded

Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7dollysharma2066
 
TDC Health Limited Nigeria Business Plan Opportunity Presentation 2024
TDC Health Limited Nigeria Business Plan Opportunity Presentation 2024TDC Health Limited Nigeria Business Plan Opportunity Presentation 2024
TDC Health Limited Nigeria Business Plan Opportunity Presentation 2024Fikrie Omar
 
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girlDelhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girlsoniya singh
 
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝soniya singh
 
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...LHelferty
 
Product Catalog Bandung Home Decor Design Furniture
Product Catalog Bandung Home Decor Design FurnitureProduct Catalog Bandung Home Decor Design Furniture
Product Catalog Bandung Home Decor Design Furniturem3resolve
 
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCRsoniya singh
 
Authentic No 1 Amil Baba In Pakistan Amil Baba In Faisalabad Amil Baba In Kar...
Authentic No 1 Amil Baba In Pakistan Amil Baba In Faisalabad Amil Baba In Kar...Authentic No 1 Amil Baba In Pakistan Amil Baba In Faisalabad Amil Baba In Kar...
Authentic No 1 Amil Baba In Pakistan Amil Baba In Faisalabad Amil Baba In Kar...Authentic No 1 Amil Baba In Pakistan
 
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls ServiceCall Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Servicedollysharma2066
 
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证0622mpom
 
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best ServicesGuwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Servicesnajka9823
 
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...soniya singh
 
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCRsoniya singh
 
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCRsoniya singh
 

Recently uploaded (20)

Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
 
TDC Health Limited Nigeria Business Plan Opportunity Presentation 2024
TDC Health Limited Nigeria Business Plan Opportunity Presentation 2024TDC Health Limited Nigeria Business Plan Opportunity Presentation 2024
TDC Health Limited Nigeria Business Plan Opportunity Presentation 2024
 
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girlDelhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
 
Cheap Rate ➥8448380779 ▻Call Girls In Sector 54 Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Sector 54 GurgaonCheap Rate ➥8448380779 ▻Call Girls In Sector 54 Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Sector 54 Gurgaon
 
Cheap Rate ➥8448380779 ▻Call Girls In Sector 56 Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Sector 56 GurgaonCheap Rate ➥8448380779 ▻Call Girls In Sector 56 Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Sector 56 Gurgaon
 
Pakistani Jumeirah Call Girls # +971559085003 # Pakistani Call Girls In Jumei...
Pakistani Jumeirah Call Girls # +971559085003 # Pakistani Call Girls In Jumei...Pakistani Jumeirah Call Girls # +971559085003 # Pakistani Call Girls In Jumei...
Pakistani Jumeirah Call Girls # +971559085003 # Pakistani Call Girls In Jumei...
 
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
 
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
 
Product Catalog Bandung Home Decor Design Furniture
Product Catalog Bandung Home Decor Design FurnitureProduct Catalog Bandung Home Decor Design Furniture
Product Catalog Bandung Home Decor Design Furniture
 
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
 
Cheap Rate ➥8448380779 ▻Call Girls In Sector 55 Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Sector 55 GurgaonCheap Rate ➥8448380779 ▻Call Girls In Sector 55 Gurgaon
Cheap Rate ➥8448380779 ▻Call Girls In Sector 55 Gurgaon
 
Authentic No 1 Amil Baba In Pakistan Amil Baba In Faisalabad Amil Baba In Kar...
Authentic No 1 Amil Baba In Pakistan Amil Baba In Faisalabad Amil Baba In Kar...Authentic No 1 Amil Baba In Pakistan Amil Baba In Faisalabad Amil Baba In Kar...
Authentic No 1 Amil Baba In Pakistan Amil Baba In Faisalabad Amil Baba In Kar...
 
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls ServiceCall Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
 
Hot Sexy call girls in Rajouri Garden🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rajouri Garden🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rajouri Garden🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rajouri Garden🔝 9953056974 🔝 Delhi escort Service
 
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
 
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best ServicesGuwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
 
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
 
Why Powderless DTF Printer is T-shirt Printing Game Changer.pptx
Why Powderless DTF Printer is T-shirt Printing Game Changer.pptxWhy Powderless DTF Printer is T-shirt Printing Game Changer.pptx
Why Powderless DTF Printer is T-shirt Printing Game Changer.pptx
 
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
 
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
 

Cyber Security vs Cyber Resilience DLCRWeek Document

Editor's Notes

  1. LiveSlide Site https://www.polleverywhere.com/discourses/Vj6GZRAzjV2ViBK?preview=true Q&A
  2. CEO Fraud and phishing – what it is, stat on costs, example from Blackburn company, phishing the largest common cyber breach cause
  3. LiveSlide Site http://map.norsecorp.com/#/
  4. People -       Your people can be your best asset, but also one of your biggest security risks -       Employees and accounts – who has access, passwords, permissions, remote logins, mobile devices -       Employees and Social Media – access, hacking risks -       Example – who in the room has previous or today logged onto Huntleys free wifi?
  5. LiveSlide Site https://youtu.be/opRMrEfAIiI?t=1m35s Passwords - idiots!
  6. Access control - People - leavers
  7. How to reduce these risks - Access/Permission – only give those who need it and audit who needs/has what access to what drives, folders, client data - passwords – don’t use simple passwords, don’t use same password for multiple platforms, use 2FA - CEO fraud and phishing – have protocols for processing payments within teams, top tips on how to check an email is legit (Phishing being the #1 reason for cyber attacks) - But what about the data your people have access to?.....
  8. LiveSlide Site https://youtu.be/AwHLG2chwwU Matt Hancock
  9. extended jurisdiction of the GDPR; applies to all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location; non-EU companies processing or monitoring consent strengthened; intelligible & easily accessible form with data processing purpose attached to consent; as easy to withdraw consent as give it Breaches notified within 72hrs to DPA & processors notify customers ‘controllers’ without undue delay Privacy by design - implement appropriate technical and org measures, in effective way; only hold and process data absolutely necessary for completion of duties; limit access to necessary people DPOs: < 250 employees records of higher risk processing, data risks rights or freedoms of individual, or processing special categories of data or criminal convictions or offences; > 250 additional internal records or processing activities
  10. Identifiable no longer than necessary - pseudonymisation - aka encryption with keys not kept with data
  11. Informed: at time data obtained; Id of controller, DPO etc; Purpose of processing; Legitimate interests of controller (third parties); Recipients/categories of recipient; Details of transfers to third country & safeguards; Retention period; details of other rights; Details of automated decision making Access: Confirmation data being processed; Access to that data (for free!); Less time to comply - within 1 month unless complex/numerous; Rectification: Respond within 1 month; Pass correction on to third parties where possible & inform the individual Erasure: Not absolute right to be forgotten; limited to data that causes unwarranted damage or distress; pass erasure notice on to third parties Restrict: Less than erasure, restrict further processing; applies when contested accuracy, objected to processing, individual defending legal claim Portability: obtain & reuse data for own purposes; move, copy or transfer in safe & secure way without hinderance to usability; for free; within 1 month Object: to processing based on legitimate interests; direct marketing; scientific/historical research & stats; inform at first point of communication Automated decision making: safeguards against risk of damaging decision taken automatically; right to obtain human intervention; provide meaningful information on logic involved
  12. DPIA - Impact assessments needed when new tech introduced; processing likely to introduce risk to rights or freedoms of individuals
  13. Belgium’s Privacy Commission DPA first to publish (June ’17) what The Record should contain: Controller: Name/Address; Representative/DPO; purposes of the processing; categories of data subjects and personal data; categories of recipients (internal or external), who will have access; details of transfers to third party countries or organisations (documentations of safeguards); time limits for erasure of diff categories of data; description of technical and organisational security measures established Processors: Underlined above + DPIA; past notifications to DPA; list of any breaches The Record must be kept constantly up to date; made available to DPA on request Failure to keep a Record can lead to administrative fines of up to €10m/2%.
  14. DPIA - Impact Assessment - understand risk & consequences of data during audit, required as part of The Record Embed DP training from induction, through entire lifecycle of tenure - culture of privacy protection. Get GDPR as a standing item/report on board agendas between now and May & beyond.
  15. LiveSlide Site http://localhost/workspace/gdpr-countdown/index.html GDPR Countdown
  16. LiveSlide Site https://www.polleverywhere.com/discourses/Vj6GZRAzjV2ViBK?preview=true Q&A
  17. LiveSlide Site https://www.polleverywhere.com/free_text_polls/QIv6y31PFVdfFR4?preview=true Satisfaction words