SlideShare a Scribd company logo

Cyber Security roadmap.pptx

Download as PPTX, PDF
S
SandeepK707540

This slide can be act as baseline to build and set Cyber security roadmap especially in Airline industries.

Technology
1 of 16
Cyber Security solutions, Roadmap and implementation
What’s challenging then ? It wasn’t too long ago that sophisticated executives could have long, thoughtful discussions on technology strategy without even mentioning security. Today, companies have substantial assets and value manifested in digital form, and they are deeply connected to global technology networks – even as cyberattacks become ever more sophisticated and adaptable to defenses. At most companies, boards and senior executives acknowledge the serious threats that cyberattacks pose to their business. What they are not sure of is how to create a strategy that helps them understand and address the threats, in all their forms, today and in the years ahead. And they’re asking for such a strategy every day. Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 2
Why Cyber security needed in Airlines Industry Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 3
Cyber-attacks on the aviation industry have recently increased. Threat actor might be of following: APT (Advanced Persistent Threat): These organizations conduct state- sponsored attacks to steal intellectual property and intelligence to weaken other countries’ aviation capabilities, improve local aviation capabilities, and develop preventive technologies against other countries’ capabilities. Cybercrime attackers: They attack to make money. They concentrate on causing the most damage possible and have the necessary knowledge and skills. Cyber-terrorists: They are triggered by political, religious, ideological, and social factors. They attack to endanger national security, cause mass casualties, harm the economy, disrupt public order and morale, and undermine trust in aviation systems. Nation-state actors: They can attack for political reasons or as part of a cyber war. Insiders: Employees, ex-employees, or business partners who are dissatisfied. Their motivation could be monetary gain or a desire for revenge. 2021 Security Plan Template 4
The major systems frequently exposed to cyber threats in the aviation industry are: 1. Aircraft IP networks of flights 2. Digital Air Traffic Controls (ATCs) and traffic management systems 3. In-flight interface devices 4. Fleet and route planning systems 5. Ticket booking portals. 6. Cabin Crew devices 7. Insider threats Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 5
Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 6
But wait, Is it achievable? Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar • Airlines is looking at Digitally transforming themselves, for which, they have hired a set of consultants, to define their Digital Strategy and Roadmap. • The Digital Strategy is in place to build a marketplace platform and drive the organization towards data driven operations facilitated by smart products and Smart Operations enabled through IoT. However, the Security Strategy and Roadmap still needs to be worked out. 7
Cyber security Program for Airline? 8
Bottleneck Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 9 .Lack of Trained and Qualified Staff • Lack of General Awareness of Cybersecurity • A Weak IT Act with obsolete Cyberlaws • Lack of Coherence with Eco-System Partners • Inadequate Governance Mechanisms • Lack of an effective Security Policy
Challenge 1: Cyber Risk Management and compliance Implementing - Cyber Risk Management - Cyber insurance - Third party Risk Assessment. - Security and regulatory compliance Cyber Training , Education and Awareness - Cyber Security awareness program - Insider Risk Management - Technical cyber training - Certification readiness Infrastructure Protection - IOT Strategies - Cloud Security - Vulnerability Management - Phishing campaign program - Secure by design (Secure SDLC) - Application Security - IAM Solutions Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
Challenge : Information Privacy - Privacy or GDPR Maturity. Challenge: Cyber Training , Education and Awareness - Cyber Security awareness program - Insider Risk Management - Technical cyber training - Certification readiness Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
Challenge 1: Infrastructure Protection - Data Loss Prevention - People Risk - Cryptography - Data Governance & Information Classification Challenge 2: Advance Threat Readiness & Preparation - Advance Threat Simulation/Red Teaming - Purple teaming - SIEM Capabilities Security operations Centre (SOC) - 24/7 Threat Monitoring - SOC capability design and deployment - Cyber Threat intelligence - Reporting - Cyber incidence response - Cyber Forensics Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
13
14
15
Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 16

Recommended

Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
PECB
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best Practices
Greenway Health
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
SandeshUprety4
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
Ersoy AKSOY
 

Recommended

Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
PECB
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best Practices
Greenway Health
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
SandeshUprety4
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
Ersoy AKSOY
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
Dam Frank
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
The Open Group SA
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
Security risk management
Security risk managementSecurity risk management
Security risk management
G Prachi
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
Leon Fouche
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
SlideTeam
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
Digital Bond
 
Cyber security career development paths
Cyber security career development pathsCyber security career development paths
Cyber security career development paths
Chelsea Jarvie
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
Mark Arena
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
Dam Frank
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
Brencil Kaimba
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
Fidelis Cybersecurity
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
Erick Kish, U.S. Commercial Service
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
FERMA
 
Business RISKS From IT
Business RISKS From IT Business RISKS From IT
Business RISKS From IT
Sanjiv Arora
 

More Related Content

What's hot

SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
Dam Frank
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
The Open Group SA
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
Security risk management
Security risk managementSecurity risk management
Security risk management
G Prachi
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
Leon Fouche
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
SlideTeam
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
Digital Bond
 
Cyber security career development paths
Cyber security career development pathsCyber security career development paths
Cyber security career development paths
Chelsea Jarvie
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
Mark Arena
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
Dam Frank
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
Brencil Kaimba
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
Fidelis Cybersecurity
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
Erick Kish, U.S. Commercial Service
 

What's hot (20)

SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
Security risk management
Security risk managementSecurity risk management
Security risk management
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesHow To Handle Cybersecurity Risk PowerPoint Presentation Slides
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
Cyber security career development paths
Cyber security career development pathsCyber security career development paths
Cyber security career development paths
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
 

Similar to Cyber Security roadmap.pptx

Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
FERMA
 
Business RISKS From IT
Business RISKS From IT Business RISKS From IT
Business RISKS From IT
Sanjiv Arora
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Cristian Garcia G.
 
This domain reviews the diverse areas of knowledge needed to develop and man...
This domain reviews the diverse areas of knowledge needed to develop and man...This domain reviews the diverse areas of knowledge needed to develop and man...
This domain reviews the diverse areas of knowledge needed to develop and man...
bikheet
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
cyberprosocial
 
Module 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdfModule 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdf
Humphrey Humphrey
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
PECB
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
TraintechTde
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
FERMA
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
Fahmi Albaheth
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Matthew Rosenquist
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security Risk
Murray Security Services
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
International Federation of Accountants
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
Matthew Rosenquist
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security Essentials
Skoda Minotti
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance
EnergyTech2015
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
FinTech Belgium
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Rahul Neel Mani
 
A Major Revision of the CISRCP Program
A Major Revision of the CISRCP ProgramA Major Revision of the CISRCP Program
A Major Revision of the CISRCP Program
GoogleNewsSubmit
 
How to Raise Cyber Risk Awareness and Management to the C-Suite
How to Raise Cyber Risk Awareness and Management to the C-SuiteHow to Raise Cyber Risk Awareness and Management to the C-Suite
How to Raise Cyber Risk Awareness and Management to the C-Suite
SurfWatch Labs
 

Similar to Cyber Security roadmap.pptx (20)

Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
Business RISKS From IT
Business RISKS From IT Business RISKS From IT
Business RISKS From IT
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
This domain reviews the diverse areas of knowledge needed to develop and man...
This domain reviews the diverse areas of knowledge needed to develop and man...This domain reviews the diverse areas of knowledge needed to develop and man...
This domain reviews the diverse areas of knowledge needed to develop and man...
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
 
Module 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdfModule 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdf
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security Risk
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security Essentials
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
 
A Major Revision of the CISRCP Program
A Major Revision of the CISRCP ProgramA Major Revision of the CISRCP Program
A Major Revision of the CISRCP Program
 
How to Raise Cyber Risk Awareness and Management to the C-Suite
How to Raise Cyber Risk Awareness and Management to the C-SuiteHow to Raise Cyber Risk Awareness and Management to the C-Suite
How to Raise Cyber Risk Awareness and Management to the C-Suite
 

Recently uploaded

AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Ajin Abraham
 
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
saastr
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
AstuteBusiness
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
DianaGray10
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
Jason Yip
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Neo4j
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
christinelarrosa
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
christinelarrosa
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
c5vrf27qcz
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
LizaNolte
 
Must Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during MigrationMust Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during Migration
Mydbops
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving
 

Recently uploaded (20)

AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
 
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
 
Must Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during MigrationMust Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during Migration
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
 

Cyber Security roadmap.pptx

  • 2. What’s challenging then ? It wasn’t too long ago that sophisticated executives could have long, thoughtful discussions on technology strategy without even mentioning security. Today, companies have substantial assets and value manifested in digital form, and they are deeply connected to global technology networks – even as cyberattacks become ever more sophisticated and adaptable to defenses. At most companies, boards and senior executives acknowledge the serious threats that cyberattacks pose to their business. What they are not sure of is how to create a strategy that helps them understand and address the threats, in all their forms, today and in the years ahead. And they’re asking for such a strategy every day. Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 2
  • 3. Why Cyber security needed in Airlines Industry Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 3
  • 4. Cyber-attacks on the aviation industry have recently increased. Threat actor might be of following: APT (Advanced Persistent Threat): These organizations conduct state- sponsored attacks to steal intellectual property and intelligence to weaken other countries’ aviation capabilities, improve local aviation capabilities, and develop preventive technologies against other countries’ capabilities. Cybercrime attackers: They attack to make money. They concentrate on causing the most damage possible and have the necessary knowledge and skills. Cyber-terrorists: They are triggered by political, religious, ideological, and social factors. They attack to endanger national security, cause mass casualties, harm the economy, disrupt public order and morale, and undermine trust in aviation systems. Nation-state actors: They can attack for political reasons or as part of a cyber war. Insiders: Employees, ex-employees, or business partners who are dissatisfied. Their motivation could be monetary gain or a desire for revenge. 2021 Security Plan Template 4
  • 5. The major systems frequently exposed to cyber threats in the aviation industry are: 1. Aircraft IP networks of flights 2. Digital Air Traffic Controls (ATCs) and traffic management systems 3. In-flight interface devices 4. Fleet and route planning systems 5. Ticket booking portals. 6. Cabin Crew devices 7. Insider threats Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 5
  • 6. Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 6
  • 7. But wait, Is it achievable? Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar • Airlines is looking at Digitally transforming themselves, for which, they have hired a set of consultants, to define their Digital Strategy and Roadmap. • The Digital Strategy is in place to build a marketplace platform and drive the organization towards data driven operations facilitated by smart products and Smart Operations enabled through IoT. However, the Security Strategy and Roadmap still needs to be worked out. 7
  • 9. Bottleneck Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 9 .Lack of Trained and Qualified Staff • Lack of General Awareness of Cybersecurity • A Weak IT Act with obsolete Cyberlaws • Lack of Coherence with Eco-System Partners • Inadequate Governance Mechanisms • Lack of an effective Security Policy
  • 10. Challenge 1: Cyber Risk Management and compliance Implementing - Cyber Risk Management - Cyber insurance - Third party Risk Assessment. - Security and regulatory compliance Cyber Training , Education and Awareness - Cyber Security awareness program - Insider Risk Management - Technical cyber training - Certification readiness Infrastructure Protection - IOT Strategies - Cloud Security - Vulnerability Management - Phishing campaign program - Secure by design (Secure SDLC) - Application Security - IAM Solutions Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
  • 11. Challenge : Information Privacy - Privacy or GDPR Maturity. Challenge: Cyber Training , Education and Awareness - Cyber Security awareness program - Insider Risk Management - Technical cyber training - Certification readiness Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
  • 12. Challenge 1: Infrastructure Protection - Data Loss Prevention - People Risk - Cryptography - Data Governance & Information Classification Challenge 2: Advance Threat Readiness & Preparation - Advance Threat Simulation/Red Teaming - Purple teaming - SIEM Capabilities Security operations Centre (SOC) - 24/7 Threat Monitoring - SOC capability design and deployment - Cyber Threat intelligence - Reporting - Cyber incidence response - Cyber Forensics Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
  • 13. 13
  • 14. 14
  • 15. 15
  • 16. Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 16

Editor's Notes

  1. The most seen attack types in the last three years (2020, 2021, and 2022) are Ransomware (%22), Data Breach (%18.6), Phishing (%15.3), and DDoS (%7.3). Meanwhile, %16 of the attack type was other/unknown.  Philippine Airlines confirmed that a cybersecurity breach had affected their third-party IT provider for their frequent flyer program. Members’ names, birth dates, nationality, gender, joining date, tier level, and points balance were among the information compromised. The airline advised members to change their passwords immediately.