SlideShare a Scribd company logo

Cyber Security for the Employee - AFP Annual Conference 2016

Brad Deflin
Brad Deflin

This document outlines a proposed employee-based cyber security training and education program. It begins by establishing the need for such a program, noting that cyber risk is increasing and now poses an existential threat. It argues that the human element remains the weakest link for enterprises. The goals of the program are to instill long-term cultural and behavioral changes across the enterprise to better manage cyber risk. The program aims to inform employees about cyber threats, educate them on security frameworks, and empower them with skills for life-long cyber security. It would involve interactive workshops, online awareness training, testing, and attack simulations to train and assess employees.

Internet
1 of 28
Cyber Security for the Employee - A fresh approach to managing and mitigating cyber risk at the enterprise. October 25th, 2016 Laura Harkins and Brad Deflin
① Do you believe cyber risk is a big deal today? ② Do you think it will get better or worse? ① Do you feel ready for it? Pop Quiz
Why We’re Here • The Risk is Real – Director of U.S. National Intelligence warns of widespread vulnerabilities in the civilian infrastructure and calls it one or our two greatest risks as a nation. March 2nd. • The Risk is Increasing – the FBI reported a 270% increase in cybercrime over the last year – April 4th. • The Risk has Become Existential – the UK’s National Crime Agency declared cybercrime surpassed traditional crime and is now greater than all other crimes combined - July 7th.
Cyber Threat VAR • It’s a very big deal. • It’s getting worse, maybe a lot worse. • Most need to do more.
Speaker Introduction “The New Face of Risk” “The Democratization of Cyber Risk”
Today… • WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
Today… • WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
Why ....? • WHY? Why an employee-based cyber security training and education program? “Its become easier to hack a human than a company’s technology. “ Deloitte – Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
Why …
Watch the Delta “It’s become easier to hack a human than a company’s technology.” You are here X “Life” is here Y • Apathy • Fear • Confusion • Denial The rate of change in our every day lives is accelerating.
Why … • HBR – Cyber Security’s Human Factor • TrustWave Global Security Report • Cisco Midyear 2016 Cybersecurity Report Another day at the office.
Why … The arbitrage trade of the millennium. Misevaluation of our personal information has created an arbitrage trade that is minting history’s greatest fortunes over the shortest periods of time. Isn’t it great that we have to pay nothing for the barn? Yes! And even the food is free. Etc…
Why … Why an employee-based program? • The human element is still the weakest link. • The Democratization of Cyber Risk • Profit Motives and Trends in Cyber Crime “It’s become easier to hack a human than a company’s technology.”
The Democratization of Cyber Risk.
The Profit Motive in Cyber Crime. “In our research into underground markets, we’ve estimated that cybercriminals today enjoy an ROI of 1,425 percent.” Trustwave – 2015 Global Security Report
The Profit Motive in Cyber Crime. “Cisco engineers determined a typical hacker can make $34 million a year using today’s ransomware software tools. Tools available to anyone. For rent.” Cisco, May 18th, 2016
Conclusion –  Great risk increasingly resides at the intersection of people and the technology they use every day.  Individuals at all levels of the enterprise must adjust and adapt to participate and contribute to its management and mitigation. Why? Protecting Your Family in the Digital Age.
Today… WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
What? What are the goals of the program? • Enterprise-wide cultural adjustment and adaptation. • Heightened and sustained levels of awareness. • Behavioral change, personally and professionally. • Benchmarked and managed compliance. • Long-term program ROI.
What? Goal –  To increase and instill long-term and sustained changes that manage and mitigate cyber risk across the enterprise with optimal program efficacy, and cost efficiency.
Today… WHY? Why an employee-based cyber security training and education program? WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
How? The Big Idea - Informing, educating, and empowering individuals for survival and success in their personal and professional lives is an effective and efficient approach to cyber risk mitigation at the enterprise.
How? Inform through Context. Educate for Framework. Empower for: “Cyber Security for Life.”
How? • Inform through Context Internalizes the risk. The Democratization of Cyber Risk. • How did this happen? • What does the future hold? • Mobile • Clouds • Big Data • “Free” • Ransomware • Phishing and Social Engineering • End-user Threats Protecting Home and Family in the Digital Age.
How? • Educate for Framework Personalizes the issues. • The nature of technology and cybercrime. • Precepts for the future. Managing Change for Survival and Success in the Digital Age. Protecting Home and Family in the Digital Age. • Exponentials • Moore’s Law & the Digital Age • Digital Currencies • Internet of Things • Crime-as-a-Service • Phone and WiFi Hacks • Hackers-for Hire
How? • Empower for Cyber Security for Life. Empowers the Individual. • The Four Fundamentals. • The Art and Science of Passwords. • Encryption. • Trends in Security Technology. • Best Practices. • Protecting Home and Family. Cyber Security for Life.
How? Logistics - Training • Interactive Workshop Sessions: o Max 50 attendees – 90 - minute session with Q&A. o 2 times per year. • Online Awareness Training: o On demand by employee, 2 times per year. Testing • Online Testing: o On demand by employee, 2 times per year. • Attack Simulations: o Monthly Phishing and Ransomware attack simulations. • Data Analysis o Attribution reporting. o Program optimization
Questions????

Recommended

BSides Manchester
BSides ManchesterBSides Manchester
BSides Manchester
Jane Frankland
 
Foresight: Your Hidden Superpower
Foresight: Your Hidden SuperpowerForesight: Your Hidden Superpower
Foresight: Your Hidden Superpower
John Smart
 
Learning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicLearning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global Pandemic
Tyrone Grandison
 
The Big Think
The Big ThinkThe Big Think
The Big Think
Tyrone Grandison
 
Systemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessSystemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and Access
Tyrone Grandison
 
Information Management In The 21st Century
Information Management In The 21st CenturyInformation Management In The 21st Century
Information Management In The 21st Century
Steve Weissman
 
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
Steve Weissman
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 

Recommended

BSides Manchester
BSides ManchesterBSides Manchester
BSides Manchester
Jane Frankland
 
Foresight: Your Hidden Superpower
Foresight: Your Hidden SuperpowerForesight: Your Hidden Superpower
Foresight: Your Hidden Superpower
John Smart
 
Learning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicLearning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global Pandemic
Tyrone Grandison
 
The Big Think
The Big ThinkThe Big Think
The Big Think
Tyrone Grandison
 
Systemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessSystemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and Access
Tyrone Grandison
 
Information Management In The 21st Century
Information Management In The 21st CenturyInformation Management In The 21st Century
Information Management In The 21st Century
Steve Weissman
 
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
Steve Weissman
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way ForwardBlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry
 
Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...
Damien ARNAUD
 
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Clive Bates
 
Eyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The FactsEyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The Facts
HBT Media Management Ltd
 
Progamme unum 2017
Progamme unum 2017Progamme unum 2017
Progamme unum 2017
Adm Medef
 
Plentiful energy
Plentiful energyPlentiful energy
Plentiful energy
www.thiiink.com
 
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
Localogy
 
Alimentation comme bien commun
Alimentation comme bien communAlimentation comme bien commun
Alimentation comme bien commun
Universite Catholique de Louvain
 
Design in Tech Report 2017
Design in Tech Report 2017Design in Tech Report 2017
Design in Tech Report 2017
John Maeda
 
INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012
Instituto Nacional de Evaluación Educativa
 
Great B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using LinkedinGreat B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using Linkedin
Bryan K. O'Rourke
 
Redundancy and Interchangeability
Redundancy and InterchangeabilityRedundancy and Interchangeability
Redundancy and Interchangeability
LOESCHE
 
Investments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise FoskorInvestments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise Foskor
LOESCHE
 
Pecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile EducationPecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile Education
Rody Middelkoop
 
Design Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAllDesign Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAll
EnjoyDigitAll by BNP Paribas
 
Foot care for people with diabetes mellitus
Foot care for people with diabetes mellitusFoot care for people with diabetes mellitus
Foot care for people with diabetes mellitusCustom Orthotic Design Group Ltd.
 
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its CapabilitiesWhen to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
Olympus IMS
 
2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One
FRSecure
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1
FRSecure
 
BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"ChristiAKannapel
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017
Ray Bugg
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
William McBorrough
 

More Related Content

Viewers also liked

BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way ForwardBlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry
 
Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...
Damien ARNAUD
 
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Clive Bates
 
Eyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The FactsEyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The Facts
HBT Media Management Ltd
 
Progamme unum 2017
Progamme unum 2017Progamme unum 2017
Progamme unum 2017
Adm Medef
 
Plentiful energy
Plentiful energyPlentiful energy
Plentiful energy
www.thiiink.com
 
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
Localogy
 
Alimentation comme bien commun
Alimentation comme bien communAlimentation comme bien commun
Alimentation comme bien commun
Universite Catholique de Louvain
 
Design in Tech Report 2017
Design in Tech Report 2017Design in Tech Report 2017
Design in Tech Report 2017
John Maeda
 
INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012
Instituto Nacional de Evaluación Educativa
 
Great B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using LinkedinGreat B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using Linkedin
Bryan K. O'Rourke
 
Redundancy and Interchangeability
Redundancy and InterchangeabilityRedundancy and Interchangeability
Redundancy and Interchangeability
LOESCHE
 
Investments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise FoskorInvestments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise Foskor
LOESCHE
 
Pecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile EducationPecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile Education
Rody Middelkoop
 
Design Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAllDesign Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAll
EnjoyDigitAll by BNP Paribas
 
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its CapabilitiesWhen to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
Olympus IMS
 

Viewers also liked (17)

BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way ForwardBlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
 
Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...
 
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
 
Eyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The FactsEyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The Facts
 
Progamme unum 2017
Progamme unum 2017Progamme unum 2017
Progamme unum 2017
 
Plentiful energy
Plentiful energyPlentiful energy
Plentiful energy
 
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
 
Alimentation comme bien commun
Alimentation comme bien communAlimentation comme bien commun
Alimentation comme bien commun
 
Design in Tech Report 2017
Design in Tech Report 2017Design in Tech Report 2017
Design in Tech Report 2017
 
INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012
 
Great B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using LinkedinGreat B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using Linkedin
 
Redundancy and Interchangeability
Redundancy and InterchangeabilityRedundancy and Interchangeability
Redundancy and Interchangeability
 
Investments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise FoskorInvestments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise Foskor
 
Pecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile EducationPecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile Education
 
Design Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAllDesign Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAll
 
Foot care for people with diabetes mellitus
Foot care for people with diabetes mellitusFoot care for people with diabetes mellitus
Foot care for people with diabetes mellitus
 
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its CapabilitiesWhen to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
 

Similar to Cyber Security for the Employee - AFP Annual Conference 2016

2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One
FRSecure
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1
FRSecure
 
BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"ChristiAKannapel
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017
Ray Bugg
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
William McBorrough
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
William McBorrough
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity Program
Tyrone Grandison
 
HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018
hdicapitalarea
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
OCTF Industry Engagement
 
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec
 
The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
The Works 2018 - Industry Track - Cybersecurity for Staffing AgenciesThe Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
David Dourgarian
 
Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber Shocks
Phil Huggins FBCS CITP
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber security
zapp0
 
Opening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureOpening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital Future
Security Innovation
 
Business Intelligence & Predictive Analytic by Prof. Lili Saghafi
Business Intelligence & Predictive Analytic by Prof. Lili SaghafiBusiness Intelligence & Predictive Analytic by Prof. Lili Saghafi
Business Intelligence & Predictive Analytic by Prof. Lili Saghafi
Professor Lili Saghafi
 
20101012 isa larry_clinton
20101012 isa larry_clinton20101012 isa larry_clinton
20101012 isa larry_clintonCIONET
 
BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016
Whitbags
 
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
hdicapitalarea
 
National Conference on Youth Cyber Safety
National Conference on Youth Cyber SafetyNational Conference on Youth Cyber Safety
National Conference on Youth Cyber Safetyemilyensign
 

Similar to Cyber Security for the Employee - AFP Annual Conference 2016 (20)

2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1
 
BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity Program
 
HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
 
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
 
The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
The Works 2018 - Industry Track - Cybersecurity for Staffing AgenciesThe Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
 
Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber Shocks
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber security
 
Opening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureOpening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital Future
 
Business Intelligence & Predictive Analytic by Prof. Lili Saghafi
Business Intelligence & Predictive Analytic by Prof. Lili SaghafiBusiness Intelligence & Predictive Analytic by Prof. Lili Saghafi
Business Intelligence & Predictive Analytic by Prof. Lili Saghafi
 
20101012 isa larry_clinton
20101012 isa larry_clinton20101012 isa larry_clinton
20101012 isa larry_clinton
 
BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016
 
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
 
National Conference on Youth Cyber Safety
National Conference on Youth Cyber SafetyNational Conference on Youth Cyber Safety
National Conference on Youth Cyber Safety
 

Recently uploaded

原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
3ipehhoa
 
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
ufdana
 
Bài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docxBài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docx
nhiyenphan2005
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
cuobya
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
SEO Article Boost
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027
harveenkaur52
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
vmemo1
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
Javier Lasa
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
ukwwuq
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
eutxy
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
CIOWomenMagazine
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
Trending Blogers
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 

Recently uploaded (20)

原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
 
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
 
Bài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docxBài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docx
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 

Cyber Security for the Employee - AFP Annual Conference 2016

  • 1. Cyber Security for the Employee - A fresh approach to managing and mitigating cyber risk at the enterprise. October 25th, 2016 Laura Harkins and Brad Deflin
  • 2. ① Do you believe cyber risk is a big deal today? ② Do you think it will get better or worse? ① Do you feel ready for it? Pop Quiz
  • 3. Why We’re Here • The Risk is Real – Director of U.S. National Intelligence warns of widespread vulnerabilities in the civilian infrastructure and calls it one or our two greatest risks as a nation. March 2nd. • The Risk is Increasing – the FBI reported a 270% increase in cybercrime over the last year – April 4th. • The Risk has Become Existential – the UK’s National Crime Agency declared cybercrime surpassed traditional crime and is now greater than all other crimes combined - July 7th.
  • 4. Cyber Threat VAR • It’s a very big deal. • It’s getting worse, maybe a lot worse. • Most need to do more.
  • 5. Speaker Introduction “The New Face of Risk” “The Democratization of Cyber Risk”
  • 6. Today… • WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
  • 7. Today… • WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
  • 8. Why ....? • WHY? Why an employee-based cyber security training and education program? “Its become easier to hack a human than a company’s technology. “ Deloitte – Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  • 10. Watch the Delta “It’s become easier to hack a human than a company’s technology.” You are here X “Life” is here Y • Apathy • Fear • Confusion • Denial The rate of change in our every day lives is accelerating.
  • 11. Why … • HBR – Cyber Security’s Human Factor • TrustWave Global Security Report • Cisco Midyear 2016 Cybersecurity Report Another day at the office.
  • 12. Why … The arbitrage trade of the millennium. Misevaluation of our personal information has created an arbitrage trade that is minting history’s greatest fortunes over the shortest periods of time. Isn’t it great that we have to pay nothing for the barn? Yes! And even the food is free. Etc…
  • 13. Why … Why an employee-based program? • The human element is still the weakest link. • The Democratization of Cyber Risk • Profit Motives and Trends in Cyber Crime “It’s become easier to hack a human than a company’s technology.”
  • 14. The Democratization of Cyber Risk.
  • 15. The Profit Motive in Cyber Crime. “In our research into underground markets, we’ve estimated that cybercriminals today enjoy an ROI of 1,425 percent.” Trustwave – 2015 Global Security Report
  • 16. The Profit Motive in Cyber Crime. “Cisco engineers determined a typical hacker can make $34 million a year using today’s ransomware software tools. Tools available to anyone. For rent.” Cisco, May 18th, 2016
  • 17. Conclusion –  Great risk increasingly resides at the intersection of people and the technology they use every day.  Individuals at all levels of the enterprise must adjust and adapt to participate and contribute to its management and mitigation. Why? Protecting Your Family in the Digital Age.
  • 18. Today… WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
  • 19. What? What are the goals of the program? • Enterprise-wide cultural adjustment and adaptation. • Heightened and sustained levels of awareness. • Behavioral change, personally and professionally. • Benchmarked and managed compliance. • Long-term program ROI.
  • 20. What? Goal –  To increase and instill long-term and sustained changes that manage and mitigate cyber risk across the enterprise with optimal program efficacy, and cost efficiency.
  • 21. Today… WHY? Why an employee-based cyber security training and education program? WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
  • 22. How? The Big Idea - Informing, educating, and empowering individuals for survival and success in their personal and professional lives is an effective and efficient approach to cyber risk mitigation at the enterprise.
  • 23. How? Inform through Context. Educate for Framework. Empower for: “Cyber Security for Life.”
  • 24. How? • Inform through Context Internalizes the risk. The Democratization of Cyber Risk. • How did this happen? • What does the future hold? • Mobile • Clouds • Big Data • “Free” • Ransomware • Phishing and Social Engineering • End-user Threats Protecting Home and Family in the Digital Age.
  • 25. How? • Educate for Framework Personalizes the issues. • The nature of technology and cybercrime. • Precepts for the future. Managing Change for Survival and Success in the Digital Age. Protecting Home and Family in the Digital Age. • Exponentials • Moore’s Law & the Digital Age • Digital Currencies • Internet of Things • Crime-as-a-Service • Phone and WiFi Hacks • Hackers-for Hire
  • 26. How? • Empower for Cyber Security for Life. Empowers the Individual. • The Four Fundamentals. • The Art and Science of Passwords. • Encryption. • Trends in Security Technology. • Best Practices. • Protecting Home and Family. Cyber Security for Life.
  • 27. How? Logistics - Training • Interactive Workshop Sessions: o Max 50 attendees – 90 - minute session with Q&A. o 2 times per year. • Online Awareness Training: o On demand by employee, 2 times per year. Testing • Online Testing: o On demand by employee, 2 times per year. • Attack Simulations: o Monthly Phishing and Ransomware attack simulations. • Data Analysis o Attribution reporting. o Program optimization

Editor's Notes

  1. Title Introduction – new-school of thought with an organic genesis – didn’t happen by design, but through “in the field” experience, data, and lots of time spent at the intersection of people, the tech they use every day, and the the rapidly escalating risks at hand. But before we get ahead of ourselves – a quick pop quiz.... NEXT SLIDE
  2. lets start with 3 questions - ............... 1, 2, 3 ..... Also some data baked in here – consistently the response we get – c-suites, exec assistants, professional advisors, all the way down the food chain. Next slide 0 This is why we’re here.
  3. This is why we’re here today; it’s a big deal, it’s going to get worse, potentially a lot worse, before it starts to get any better. And, many need to do more to be ready. Etc Etc Etc You don’t need me to tell you -
  4. Not to belabor the point - ..... Mention figures…. WSJ $100b, .... Lloyds $400b ... $3-$6 trillion MSFT No element of the ledger- balance sheet or p/l is not potentially at risk in some form or another - of course IP, and then HR Data and financial risk, infrastructure, real and virtual, the supply-chain, and the partner network. So the assumption is we don’t need to spend any more time on the “Why cyber security”.
  5. PAUSE - So let’s pause a moment – at the start – I said the preso developed organically and thru years of actual experience in the field and data analysis. Started with my position in the financial services industry and 25 yrs, exec leadership most recently at JPM “The New Face of Risk...” The question becomes “Why an employee-based program?”
  6. So, here is what we talk about today .... Why? What - are the goals - SPOILER ALERT – includes words like; SUSTAINED, LONG-TERM, BEHAVIORAL CHANGE, ADAPTATION, CULTURAL,... And the reason we’re really here - HOW do you do this to successfully achieve these goals?
  7. The question becomes “Why an employee-based program?”
  8. WE know this ... BUT WHY?
  9. Coinciding trends fueling the activity. Its become easier to hack a human than a company’s technology. Deloitte - Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  10. Coinciding trends fueling the activity. Its become easier to hack a human than a company’s technology. Deloitte - Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  11. Coinciding trends fueling the activity. Its become easier to hack a human than a company’s technology. Deloitte - Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  12. Coinciding trends fueling the activity. Its become easier to hack a human than a company’s technology. Deloitte - Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  13. What it looks like where the rubber hits the road.
  14. What it looks like where the rubber hits the road.
  15. What it looks like where the rubber hits the road.
  16. PBIG – where we come from, the most personal intersection of people, technology, and risk.
  17. The question becomes “Why an employee-based program?” Our approach transcends the employees previous experience with the matter: training from the IT department, a visit from the FBI – and informs, educates, and empowers them for their individual survival and success – personally and professionally. This is the aim of the program because we believe and it is our experience in the field that this individual-oriented approach creates significant results in just the areas you want to see them … see “Goals of the Program” – but sound like heightened, sustained, cultural, behavioral, benchmarked, measurable, and ROI - but first, WHY
  18. Now, the meat of it. HOW?
  19. So, The Big Idea -
  20. This is what we found to increase understanding, awareness, adaptation, and long-term behavioral change -
  21. We’ve lived the movie ….” The Personalization of Cyber Risk.”
  22. Motivated compliance.
  23. Record investment capital inflows to the IT Security space - they are innovating and disrupting the world of hardware and traditional IT departments.
  24. Q&A