SlideShare a Scribd company logo
www.pwc.com.au
October 2015
Digital Trust & Cyber
challenge now extends
beyond the Enterprise
PwC
Digital Trust
Securing your future in the digital world
2
Peter Malan lead Partner presents ‘ Take control of your future by looking at
risk differently’
Digital Trust
https://takecontrol.pwc.com.au/digital-trust/
PwC
PwC’s 2015 Survey’s, what we are seeing.
3
PwC
2015 Global state of information security survey
PwC and CSO Magazine recently launched the 2015 Global State of Information Security Survey
Key findings:
• 61% of customers would stop using a company’s product if there was a
breach in their security.
• Cyber security came third at 44% , in the top 3 risks categories.
• Reported information security incidents globally rose 48% to
42.8 million.
• Losses of $20 million or more increased 92% from the previous year
• Estimated reported average financial loss from Cyber security
incidents was $2.7 million – a 34% increase over 2013.
• Incidents caused by current employees increased 10%, service
providers, consultants and contractors rose 15% and 17%.
• 75% of CEOs now regard digital security as a serious threat to their
business.
• Only 49% of respondents say their organisation regularly convenes
to discuss, coordinate, and communicate Cyber security issues.
• 34% of respondents do not allocate security spending to their most
profitable lines of business.
• 88% of organisations are spending less than 1% of their revenue
Survey highlights
Cyber risks are a severe and
present danger 1
Incidents and financial impacts
continue to soar 2
Employees are the most cited
culprits of incidents 3
As incidents rise, security
spending is falling 4
There is a lack of involvement at
the Board level 5
There has been a decline in
fundamental security practices 6
4
PwC
2015 Global state of information security survey
PwC and CSO Magazine recently launched the 2015 Global State of Information Security Survey
Survey highlights
Cyber risks are a severe and
present danger 1
5
PwC
2015 Global state of information security survey
Incidents caused by current employees increased 10%.
Survey highlights
Incidents and financial impacts
continue to soar 2
Employees are the most cited
culprits of incidents 3
As incidents rise, security
spending is falling 4
6
PwC
2015 Global state of information security survey
Disconnect between increased level of concern and organisations focus
Survey highlights
There is a lack of involvement at
the Board level 5
7
of respondents review
privacy or cybersecurity
at every board meeting.
Only 8%
of respondents
rated their Board’s
oversight of privacy and
cybersecurity risks as weak,
or sufficient but needing
improvement.
95%
Many organisations have yet to assign specific role to govern privacy and cybersecurity risks,
and still view privacy and cybersecurity risks as a technology or legal / compliance issue.
Concern vs reality:
PwC
2015 Global state of information security survey
PwC and CSO Magazine recently launched the 2015 Global State of Information Security Survey
Survey highlights
There has been a decline in
fundamental security practices 6
8
PwC
The Digital World, an evolving perspective
9
PwC
Waves of digital transformation
10
PwC
The changing digital world
• Business is becoming ever increasingly interconnected
• The borders of where a business supply/value chain
starts and ends is vague
• Governments around the world are placing
a heightened level of focus and investment
into combatting cyber criminals and cyber espionage
• Corporations are being targeted directly by ‘hackers’
and indirectly via their business partners
• Company Boards need to understand the risks to their
business
- What risks are being inherited via third
party suppliers?
- Is Cloud enhancing or undermining
your business?
- Do only the right people have access to your
systems in a more ‘open’ world?
- Data, availability, integrity and
confidentiality are key to integration as part
of the business supply chain?
• Digital Trust is a key attribute in the new digital
business world.
11
PwC
Historical
IT Security
Perspectives
Today’s Leading
Digital security
Insights
Scope of the challenge • Limited to your “four walls”
and the extended enterprise
• Spans your interconnected global
business ecosystem
Ownership and
accountability
• IT led and operated • Business-aligned and owned; CEO
and board accountable
Adversaries’
characteristics
• One-off and opportunistic;
motivated by notoriety,
technical challenge, and
individual gain
• Organized, funded and targeted;
motivated by economic, monetary
and political gain
Information asset
protection
• One-size-fits-all approach • Prioritize and protect your “crown
jewels”
Defense posture • Protect the perimeter;
respond if attacked
• Plan, monitor, and rapidly respond
when attacked
Security intelligence and
information sharing
• Keep to yourself • Public/private partnerships;
collaboration with industry working
groups
12
Evolving perspectives
Considerations for businesses adapting to the new reality
PwC
Organisations are facing increasing digital challenges
13
Digital
Trust
“eBay data breach
sparks lawsuit”
Source: www.itnews.com.au
“Microsoft ordered to hand over
overseas email”
Source: www.zdnet.com
“40 million card numbers
and personal data stolen
from Target systems in
Nov/Dec 2013”
Source: www.target.com
“Hackers steal confidential
personal data from Sony
Pictures Entertainment
resulting in lawsuits”
Source: WIKI
“Target shares tumble as
retailer reveals cost of
data breach”
Source: www.forbes.com
“Bank IT ‘glitch’ leaves bank
facing £1bn bill”
Source: www.telegraph.co.uk
“Enterprises hacked after
neglecting third-party risks”
Source: www.csoonline.com
“Bank chief blames lack
of investment for IT
systems failure ”
Source: www.ft.com
Each of these incidents has an
impact on the level of
perceived trust by customers
and other key stakeholders
PwC 14
PwC 15
PwC
Data availability, integrity and
confidentiality, key to integration as part of
the business supply chain?
16
PwC 17
Digital technology is changing customer behaviour and business models at an
exponential rate and creating extraordinary and unforeseen opportunities for
growth and development.
Trust + Opportunity
= Business Growth
Opportunity and Danger
• Looking at digital security through the lens of
trust means you are considering the wider
business context in which you operate.
• In the digital space, your customers rely on you
to protect their information and privacy. If your
systems fail you, they will feel that you have
failed them.
PwC 18
Digital Trust, business enablers
• Build Trust –
• Focus on people and process not just technology
• Education and awareness - Raise digital knowledge and
awareness across internal staff.
• Focus on departmental relationships and trust
• Relational business partnership
• Be proactive and present a cooperative and collaborative face
of digital security.
• Being directors of change and thought leaders in the space.
• Present innovation, be solution
• Change how you present Cyber or security, it is all in the
wording…
• Does you organisation have an aversion with “Cyber’’ or
“Security” use Digital/trust?
• Opportunities –
• Mobile, cloud, analytics – technology to enhance
• Be approachable - the business will seek advice and
solutioning, they will come to you.
• The relationship will yield opportunities
Trust + Opportunity
= Business Growth
PwC 19
Building trust in the digital age
Managing risk
and building trust
underpins the digital
agenda as digital
platforms become
increasingly central
to the delivery of
business strategy.
To build trust you
will need confidence
in each of these
five areas:
Confidence in your security
.
Confidence in your data
Confidence in your systems
Confidence to take risks
Confidence in your digital transformation
programme
Supplier Security Ongoing Security Identity Management
Privacy and Data
Cloud Assurance Oracle ERP Controls SAP ERP Controls
Continuity and ResilienceIT Risk Diagnostic
Project Assurance
PwC 20
Key focus areas we too easily forget
• The majority of organisation has a multitude of
technologies.
• Data indicates that technology is not usually the key
issue, it is the lack of people and business process
that support the technologies and its process:
• People – Roles and responsibilities.
• Education and awareness (training).
• Processes – Lack of policies, standards etc.
• Governance offering the business .
assurance.
1
People, Process &
Technology
PwC 21
Key focus areas we too easily forget
• We too easily forget what end–to- end digital security
management is for.
• Availability
• Integrity
• Confidentiality
• We need to help the business through Education and awareness
as to why Digital security supports all 3 areas of the business.
Security is not just about technology.
• We have for too long segregated the business from IS.
• IS needs to become the conduit or integration layer between the
business and the new Digital Enterprise (Trust).
• Trust + Opportunity = Growth
2
Availability, Integrity & Confidentiality
of respondents rated
their Board’s oversight of privacy and
cybersecurity risks as weak, or
sufficient but needing improvement.
95%
of
respondents review privacy or
cybersecurity at every board meeting.
Only 8%
PwC
Where to from here?
22
PwC
The oil and gas industry has traditionally lagged behind other sectors in
cybersecurity practices.
• 81% of organizations have implemented an overall information security strategy, the basic
foundation for cybersecurity.
• Last year, the US National Institute of Standards and Technology (NIST) compiled a range of
these global standards into a single model for risk-based cybersecurity.
• Among US oil and gas participants,
• 25% say they have adopted the voluntary NIST Cybersecurity Framework; an additional
• 13% say adoption is a future priority.
• Hiring a Chief Information Security Officer (CISO) to lead the information security program, a
tactic that 77% of oil and gas businesses have embraced.
• Over the past two years, the number of respondents who employ a CISO has spiked 57%.
• The majority of oil and gas respondents follow this best practice: Their CISOs are most likely
to report to the COO, legal counsel, the Board, or the CEO.
23
Improvements in key strategic safeguards
Companies are getting serious about business-focused cybersecurity strategies.
PwC
Linking information security/digital trust and risk
• As security incidents continue to proliferate, it has become clear that cyber risks can never
be completely eliminated.
• Protective measures remain important, of course, but they cannot reliably be guaranteed
to stop determined and highly skilled adversaries.
• Businesses may need to reposition their security strategy by more closely linking
technologies, processes, and people skills with overall risk management activities.
• While a well-designed cybersecurity program will not deter all risks, it can enable:
- businesses to better manage threats through an informed decision-making process,
- boost efficiencies in security safeguards, and create a more resilient security
program.
24
Improvements in key Strategic Safeguards
PwC
How do you become a 'digitally trusted' company?
• Trust is hard won and easily eroded. Ultimately it's about having confidence
that you have the right systems, processes and controls in place.
• Boards and their risk committees have an important role to play by asking
the right questions of management. Too often boards ask 'how strong are
our security controls?', when they should be asking 'do our customers and
other key stakeholders trust us and how do we maintain this trust?'
• Digital trust is as much about opportunity as it is risk. And it's the
companies that are 'trusted' to whom customers will increasingly turn in the
digital economy. How does your organisation stack up?
• Over leaf are some critical questions to determine how digitally trusted your
company is:
25
Are you and your partners digitally trusted?
PwC 26
Assess you digital trust profile:
Key Digital questions that you should be asking
Risk management
Have we identified our risk appetite, the key risks and threats to our business
presented by cyber? Are our controls 'right-sized'?
Strategic alignment Is our cyber security program aligned with our business strategy?
Information assets
Do we know where our data is physically held? Do we know where the 'crown
jewels' are (ie our most commercially sensitive and critical data)? What are our key
systems and business processes?
Network & system
architecture
Have we (and our service providers) segregated our systems and networks to
minimise the impact of any potential cyber security breaches? Especially to protect
the ‘crown jewels’.
Third party
management
With the increased reliance on third parties to deliver services, including Cloud
providers, what monitoring controls are in place and what ongoing assurance do
we have to be sure those parties are handling our data appropriately?
PwC 27
Assess you digital trust profile:
Key Digital questions that you should be asking
Online and digital
integration
With increasing connectivity (eg cloud, mobile, social networking) how are we
managing the ways members or third parties access our systems and our data?
Identity and access
management
How are we ensuring that the right people have access to our core systems and
data, especially privileged access? How do we know that people (employees,
suppliers or members) really are who they say they are?
Privacy & data
protection
How are you meeting member expectations from a privacy and data protection
perspective, particularly if we are keeping and analysing member data (ie 'big
data')?
Regulation
How are we sure that we are meeting our regulatory requirements in relation to
Cyber security?
Incident response
It's highly likely that we will be subject to a cyber security breach. What's our
incident response plan? How will we rebuild trust?
Do we know how to respond when we have been targeted?
PwC
Successful security models have the following characteristics:
• You continually monitor your risk profile. You understand what matters to the success of
your business. You realise this changes as you move forward with your business.
• You understand in real time, the new threats within the digital landscape. You are fully
aware of the risks you’re exposing the organisation to as you execute your strategic plan.
• You understand how digital is changing the fabric of your business, introducing new
threats and changing your risk profile.
• Your eyes are fully open to digital threats.
• You recognise boundaries have shifted: your business architecture has changed, so have
the risks within your digital supply chain. You are aware that threats can come from
within your organisation as well as from outside it.
28
Our point of View
What good looks like, going beyond best practise
PwC 29
Our point of View
When is it time to Act
There are logical triggers in your business that prompt action. Here are
some examples.
• Changes to regulation or legislation that will affect your business.
• Change in the form of new suppliers, new technology, acquisitions, new markets or a
change in leadership.
• Trends or developments in your market that are likely to affect your business and
where it’s better to respond proactively.
PwC 30
Our point of View
How do you benefit
A well managed digital security program will gain the
trust of your customers and clients. Provide you the
confidence to realise the full potential of the digital
environment for your business.
Below are the six confidences that will help you apply
digital security to the heart of your business.
- Confidence in your people and processes
- Confidence in your technology
- Confidence in your connections
- Confidence to take risks
- Confidence during a crisis
- Confidence in your priorities
PwC 31
Our point of View
How we can help
We provide market leading end–to-end solutioning across people, process and technology offering to
help you build trust, capitalise on the opportunities and navigate the risks in the digital age – building
growth.
We bring:
• Access to the largest network of global expertise and insights from helping leading organisations.
• A multidisciplinary offering to address the multifaceted and complex nature of digital risk and
security.
• Innovation in our thinking and our tools to help you manage risk in the rapidly changing digital
landscape.
www.pwc.com.au
References:
© 2015 PricewaterhouseCoopers. All rights reserved.
PwC refers to the Australian member firm, and may sometimes refer to the PwC network.
Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details.
PwC’s 2016 Global State of Information Security Survey
http://www.pwc.com/gx/en/issues/cyber-security/information-security-survey/data-
explorer.html
PwC’s 2015 State of Compliance Survey
http://www.pwc.com/us/en/risk-management/state-of-compliance-survey/downloads.html
PwC’s Digital IQ Survey – Examining the digital health of Australian businesses
http://www.pwc.com.au/consulting/publications/2015-global-digital-iq-survey.htm
Take control of you future by looking at Risk differently – Peter Malan
https://takecontrol.pwc.com.au/digital-trust/
https://www.youtube.com/watch?v=BkkNifucWtE
www.pwc.com.au
If there is one question I leave
with you today,
‘Why is the digital world more
dangerous than the old world?
Questions time
PwC 34
Contact details
Further question, please forward or just call me
Mourad Khalil
Senior Manager Digital Risk
M: +61 403 980 718
mouradswork@gmail.com

More Related Content

What's hot

Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Accenture Technology
 
Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises? Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises?
Pierre Audoin Consultants
 
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the WarGary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
centralohioissa
 
State of Cyber Resilience In Australia 2018
State of Cyber Resilience In Australia 2018State of Cyber Resilience In Australia 2018
State of Cyber Resilience In Australia 2018
Accenture Australia
 
The Pulse of Pensions: What Members Really Think of Their Pension Plans and R...
The Pulse of Pensions: What Members Really Think of Their Pension Plans and R...The Pulse of Pensions: What Members Really Think of Their Pension Plans and R...
The Pulse of Pensions: What Members Really Think of Their Pension Plans and R...
accenture
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
Sarah Jarvis
 
Scot Secure 2019 Edinburgh (Day 1)
Scot Secure 2019 Edinburgh (Day 1)Scot Secure 2019 Edinburgh (Day 1)
Scot Secure 2019 Edinburgh (Day 1)
Ray Bugg
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber Resilient
Accenture Operations
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
Sarah Fane
 
Big Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouBig Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to You
DATAVERSITY
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
- Mark - Fullbright
 
Third Annual State of Cyber Resilience SlideShare
Third Annual State of Cyber Resilience SlideShare Third Annual State of Cyber Resilience SlideShare
Third Annual State of Cyber Resilience SlideShare
Accenture Security
 
Solving Your Top IT Challenges
Solving Your Top IT Challenges Solving Your Top IT Challenges
Solving Your Top IT Challenges
Insight
 
2018 U.S State of Cybercrime
2018 U.S State of Cybercrime2018 U.S State of Cybercrime
2018 U.S State of Cybercrime
IDG
 
Looking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data IncidentsLooking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data Incidents
Resilient Systems
 
CWIN17 telford gdpr or how to eat the elephant a bit at a time - andy powell
CWIN17 telford   gdpr or how to eat the elephant a bit at a time - andy powellCWIN17 telford   gdpr or how to eat the elephant a bit at a time - andy powell
CWIN17 telford gdpr or how to eat the elephant a bit at a time - andy powell
Capgemini
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Accenture Banking Security Index
Accenture Banking Security IndexAccenture Banking Security Index
Accenture Banking Security Index
accenture
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
Joseph Wynn
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lens
aakash malhotra
 

What's hot (20)

Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
 
Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises? Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises?
 
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the WarGary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the War
 
State of Cyber Resilience In Australia 2018
State of Cyber Resilience In Australia 2018State of Cyber Resilience In Australia 2018
State of Cyber Resilience In Australia 2018
 
The Pulse of Pensions: What Members Really Think of Their Pension Plans and R...
The Pulse of Pensions: What Members Really Think of Their Pension Plans and R...The Pulse of Pensions: What Members Really Think of Their Pension Plans and R...
The Pulse of Pensions: What Members Really Think of Their Pension Plans and R...
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
Scot Secure 2019 Edinburgh (Day 1)
Scot Secure 2019 Edinburgh (Day 1)Scot Secure 2019 Edinburgh (Day 1)
Scot Secure 2019 Edinburgh (Day 1)
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber Resilient
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
 
Big Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouBig Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to You
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
 
Third Annual State of Cyber Resilience SlideShare
Third Annual State of Cyber Resilience SlideShare Third Annual State of Cyber Resilience SlideShare
Third Annual State of Cyber Resilience SlideShare
 
Solving Your Top IT Challenges
Solving Your Top IT Challenges Solving Your Top IT Challenges
Solving Your Top IT Challenges
 
2018 U.S State of Cybercrime
2018 U.S State of Cybercrime2018 U.S State of Cybercrime
2018 U.S State of Cybercrime
 
Looking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data IncidentsLooking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data Incidents
 
CWIN17 telford gdpr or how to eat the elephant a bit at a time - andy powell
CWIN17 telford   gdpr or how to eat the elephant a bit at a time - andy powellCWIN17 telford   gdpr or how to eat the elephant a bit at a time - andy powell
CWIN17 telford gdpr or how to eat the elephant a bit at a time - andy powell
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Accenture Banking Security Index
Accenture Banking Security IndexAccenture Banking Security Index
Accenture Banking Security Index
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lens
 

Viewers also liked

Information Security Governance at Board and Executive Level
Information Security Governance at Board and Executive LevelInformation Security Governance at Board and Executive Level
Information Security Governance at Board and Executive Level
Koen Maris
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security Metrics
Jack Nichelson
 
Developing Metrics for Information Security Governance
Developing Metrics for Information Security GovernanceDeveloping Metrics for Information Security Governance
Developing Metrics for Information Security Governance
digitallibrary
 
2016
20162016
Jakes Portfolio Presentation
Jakes Portfolio PresentationJakes Portfolio Presentation
Jakes Portfolio Presentation
Jake Landmesser
 
Historia Del Iphone
Historia Del IphoneHistoria Del Iphone
Historia Del Iphone
Mauricio Molano
 
Medvi
MedviMedvi
Діти–сироти та діти позбавлені батьківського піклування 2015 рік
Діти–сироти та діти позбавлені   батьківського піклування 2015 рікДіти–сироти та діти позбавлені   батьківського піклування 2015 рік
Діти–сироти та діти позбавлені батьківського піклування 2015 рік
Анна Ткач
 
Informacja na temat działań związanych z jakością powietrza w Warszawie
Informacja na temat działań związanych z jakością powietrza w WarszawieInformacja na temat działań związanych z jakością powietrza w Warszawie
Informacja na temat działań związanych z jakością powietrza w Warszawie
Michał Olszewski
 
IDs Essay
IDs EssayIDs Essay

Viewers also liked (11)

Information Security Governance at Board and Executive Level
Information Security Governance at Board and Executive LevelInformation Security Governance at Board and Executive Level
Information Security Governance at Board and Executive Level
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security Metrics
 
Developing Metrics for Information Security Governance
Developing Metrics for Information Security GovernanceDeveloping Metrics for Information Security Governance
Developing Metrics for Information Security Governance
 
2016
20162016
2016
 
Jakes Portfolio Presentation
Jakes Portfolio PresentationJakes Portfolio Presentation
Jakes Portfolio Presentation
 
Historia Del Iphone
Historia Del IphoneHistoria Del Iphone
Historia Del Iphone
 
Medvi
MedviMedvi
Medvi
 
Діти–сироти та діти позбавлені батьківського піклування 2015 рік
Діти–сироти та діти позбавлені   батьківського піклування 2015 рікДіти–сироти та діти позбавлені   батьківського піклування 2015 рік
Діти–сироти та діти позбавлені батьківського піклування 2015 рік
 
Informacja na temat działań związanych z jakością powietrza w Warszawie
Informacja na temat działań związanych z jakością powietrza w WarszawieInformacja na temat działań związanych z jakością powietrza w Warszawie
Informacja na temat działań związanych z jakością powietrza w Warszawie
 
Thesis_CONTENTS
Thesis_CONTENTSThesis_CONTENTS
Thesis_CONTENTS
 
IDs Essay
IDs EssayIDs Essay
IDs Essay
 

Similar to Digital trust and cyber challenge now extends beyond the Enterprise

How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
SurfWatch Labs
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
International Federation of Accountants
 
Top 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondTop 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and Beyond
Nandita Nityanandam
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
Capgemini
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
Livingstone Advisory
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
Donald Tabone
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
Nathan Desfontaines
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation Report
Silicon Valley Bank
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital Future
Cognizant
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the Boardroom
Marko Suswanto
 
Common and Concerning Risks In IT
Common and Concerning Risks In ITCommon and Concerning Risks In IT
Common and Concerning Risks In IT
pbhugenberg3
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee Study
Hiten Sethi
 
Building Cyber Resilience
Building Cyber ResilienceBuilding Cyber Resilience
Building Cyber Resilience
Committee of iCIO Community
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono
 
SVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - Overview
Silicon Valley Bank
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilience
accenture
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
Charmaine Servado
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilience
accenture
 
2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update
GridCyberSec
 

Similar to Digital trust and cyber challenge now extends beyond the Enterprise (20)

How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
Top 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondTop 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and Beyond
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation Report
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital Future
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the Boardroom
 
Common and Concerning Risks In IT
Common and Concerning Risks In ITCommon and Concerning Risks In IT
Common and Concerning Risks In IT
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee Study
 
Building Cyber Resilience
Building Cyber ResilienceBuilding Cyber Resilience
Building Cyber Resilience
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
SVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - Overview
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilience
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilience
 
2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update
 

Recently uploaded

重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
vmemo1
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Florence Consulting
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
eutxy
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
keoku
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
Trending Blogers
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
CIOWomenMagazine
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
bseovas
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
SEO Article Boost
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
ukwwuq
 

Recently uploaded (20)

重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
 

Digital trust and cyber challenge now extends beyond the Enterprise

  • 1. www.pwc.com.au October 2015 Digital Trust & Cyber challenge now extends beyond the Enterprise
  • 2. PwC Digital Trust Securing your future in the digital world 2 Peter Malan lead Partner presents ‘ Take control of your future by looking at risk differently’ Digital Trust https://takecontrol.pwc.com.au/digital-trust/
  • 3. PwC PwC’s 2015 Survey’s, what we are seeing. 3
  • 4. PwC 2015 Global state of information security survey PwC and CSO Magazine recently launched the 2015 Global State of Information Security Survey Key findings: • 61% of customers would stop using a company’s product if there was a breach in their security. • Cyber security came third at 44% , in the top 3 risks categories. • Reported information security incidents globally rose 48% to 42.8 million. • Losses of $20 million or more increased 92% from the previous year • Estimated reported average financial loss from Cyber security incidents was $2.7 million – a 34% increase over 2013. • Incidents caused by current employees increased 10%, service providers, consultants and contractors rose 15% and 17%. • 75% of CEOs now regard digital security as a serious threat to their business. • Only 49% of respondents say their organisation regularly convenes to discuss, coordinate, and communicate Cyber security issues. • 34% of respondents do not allocate security spending to their most profitable lines of business. • 88% of organisations are spending less than 1% of their revenue Survey highlights Cyber risks are a severe and present danger 1 Incidents and financial impacts continue to soar 2 Employees are the most cited culprits of incidents 3 As incidents rise, security spending is falling 4 There is a lack of involvement at the Board level 5 There has been a decline in fundamental security practices 6 4
  • 5. PwC 2015 Global state of information security survey PwC and CSO Magazine recently launched the 2015 Global State of Information Security Survey Survey highlights Cyber risks are a severe and present danger 1 5
  • 6. PwC 2015 Global state of information security survey Incidents caused by current employees increased 10%. Survey highlights Incidents and financial impacts continue to soar 2 Employees are the most cited culprits of incidents 3 As incidents rise, security spending is falling 4 6
  • 7. PwC 2015 Global state of information security survey Disconnect between increased level of concern and organisations focus Survey highlights There is a lack of involvement at the Board level 5 7 of respondents review privacy or cybersecurity at every board meeting. Only 8% of respondents rated their Board’s oversight of privacy and cybersecurity risks as weak, or sufficient but needing improvement. 95% Many organisations have yet to assign specific role to govern privacy and cybersecurity risks, and still view privacy and cybersecurity risks as a technology or legal / compliance issue. Concern vs reality:
  • 8. PwC 2015 Global state of information security survey PwC and CSO Magazine recently launched the 2015 Global State of Information Security Survey Survey highlights There has been a decline in fundamental security practices 6 8
  • 9. PwC The Digital World, an evolving perspective 9
  • 10. PwC Waves of digital transformation 10
  • 11. PwC The changing digital world • Business is becoming ever increasingly interconnected • The borders of where a business supply/value chain starts and ends is vague • Governments around the world are placing a heightened level of focus and investment into combatting cyber criminals and cyber espionage • Corporations are being targeted directly by ‘hackers’ and indirectly via their business partners • Company Boards need to understand the risks to their business - What risks are being inherited via third party suppliers? - Is Cloud enhancing or undermining your business? - Do only the right people have access to your systems in a more ‘open’ world? - Data, availability, integrity and confidentiality are key to integration as part of the business supply chain? • Digital Trust is a key attribute in the new digital business world. 11
  • 12. PwC Historical IT Security Perspectives Today’s Leading Digital security Insights Scope of the challenge • Limited to your “four walls” and the extended enterprise • Spans your interconnected global business ecosystem Ownership and accountability • IT led and operated • Business-aligned and owned; CEO and board accountable Adversaries’ characteristics • One-off and opportunistic; motivated by notoriety, technical challenge, and individual gain • Organized, funded and targeted; motivated by economic, monetary and political gain Information asset protection • One-size-fits-all approach • Prioritize and protect your “crown jewels” Defense posture • Protect the perimeter; respond if attacked • Plan, monitor, and rapidly respond when attacked Security intelligence and information sharing • Keep to yourself • Public/private partnerships; collaboration with industry working groups 12 Evolving perspectives Considerations for businesses adapting to the new reality
  • 13. PwC Organisations are facing increasing digital challenges 13 Digital Trust “eBay data breach sparks lawsuit” Source: www.itnews.com.au “Microsoft ordered to hand over overseas email” Source: www.zdnet.com “40 million card numbers and personal data stolen from Target systems in Nov/Dec 2013” Source: www.target.com “Hackers steal confidential personal data from Sony Pictures Entertainment resulting in lawsuits” Source: WIKI “Target shares tumble as retailer reveals cost of data breach” Source: www.forbes.com “Bank IT ‘glitch’ leaves bank facing £1bn bill” Source: www.telegraph.co.uk “Enterprises hacked after neglecting third-party risks” Source: www.csoonline.com “Bank chief blames lack of investment for IT systems failure ” Source: www.ft.com Each of these incidents has an impact on the level of perceived trust by customers and other key stakeholders
  • 16. PwC Data availability, integrity and confidentiality, key to integration as part of the business supply chain? 16
  • 17. PwC 17 Digital technology is changing customer behaviour and business models at an exponential rate and creating extraordinary and unforeseen opportunities for growth and development. Trust + Opportunity = Business Growth Opportunity and Danger • Looking at digital security through the lens of trust means you are considering the wider business context in which you operate. • In the digital space, your customers rely on you to protect their information and privacy. If your systems fail you, they will feel that you have failed them.
  • 18. PwC 18 Digital Trust, business enablers • Build Trust – • Focus on people and process not just technology • Education and awareness - Raise digital knowledge and awareness across internal staff. • Focus on departmental relationships and trust • Relational business partnership • Be proactive and present a cooperative and collaborative face of digital security. • Being directors of change and thought leaders in the space. • Present innovation, be solution • Change how you present Cyber or security, it is all in the wording… • Does you organisation have an aversion with “Cyber’’ or “Security” use Digital/trust? • Opportunities – • Mobile, cloud, analytics – technology to enhance • Be approachable - the business will seek advice and solutioning, they will come to you. • The relationship will yield opportunities Trust + Opportunity = Business Growth
  • 19. PwC 19 Building trust in the digital age Managing risk and building trust underpins the digital agenda as digital platforms become increasingly central to the delivery of business strategy. To build trust you will need confidence in each of these five areas: Confidence in your security . Confidence in your data Confidence in your systems Confidence to take risks Confidence in your digital transformation programme Supplier Security Ongoing Security Identity Management Privacy and Data Cloud Assurance Oracle ERP Controls SAP ERP Controls Continuity and ResilienceIT Risk Diagnostic Project Assurance
  • 20. PwC 20 Key focus areas we too easily forget • The majority of organisation has a multitude of technologies. • Data indicates that technology is not usually the key issue, it is the lack of people and business process that support the technologies and its process: • People – Roles and responsibilities. • Education and awareness (training). • Processes – Lack of policies, standards etc. • Governance offering the business . assurance. 1 People, Process & Technology
  • 21. PwC 21 Key focus areas we too easily forget • We too easily forget what end–to- end digital security management is for. • Availability • Integrity • Confidentiality • We need to help the business through Education and awareness as to why Digital security supports all 3 areas of the business. Security is not just about technology. • We have for too long segregated the business from IS. • IS needs to become the conduit or integration layer between the business and the new Digital Enterprise (Trust). • Trust + Opportunity = Growth 2 Availability, Integrity & Confidentiality of respondents rated their Board’s oversight of privacy and cybersecurity risks as weak, or sufficient but needing improvement. 95% of respondents review privacy or cybersecurity at every board meeting. Only 8%
  • 22. PwC Where to from here? 22
  • 23. PwC The oil and gas industry has traditionally lagged behind other sectors in cybersecurity practices. • 81% of organizations have implemented an overall information security strategy, the basic foundation for cybersecurity. • Last year, the US National Institute of Standards and Technology (NIST) compiled a range of these global standards into a single model for risk-based cybersecurity. • Among US oil and gas participants, • 25% say they have adopted the voluntary NIST Cybersecurity Framework; an additional • 13% say adoption is a future priority. • Hiring a Chief Information Security Officer (CISO) to lead the information security program, a tactic that 77% of oil and gas businesses have embraced. • Over the past two years, the number of respondents who employ a CISO has spiked 57%. • The majority of oil and gas respondents follow this best practice: Their CISOs are most likely to report to the COO, legal counsel, the Board, or the CEO. 23 Improvements in key strategic safeguards Companies are getting serious about business-focused cybersecurity strategies.
  • 24. PwC Linking information security/digital trust and risk • As security incidents continue to proliferate, it has become clear that cyber risks can never be completely eliminated. • Protective measures remain important, of course, but they cannot reliably be guaranteed to stop determined and highly skilled adversaries. • Businesses may need to reposition their security strategy by more closely linking technologies, processes, and people skills with overall risk management activities. • While a well-designed cybersecurity program will not deter all risks, it can enable: - businesses to better manage threats through an informed decision-making process, - boost efficiencies in security safeguards, and create a more resilient security program. 24 Improvements in key Strategic Safeguards
  • 25. PwC How do you become a 'digitally trusted' company? • Trust is hard won and easily eroded. Ultimately it's about having confidence that you have the right systems, processes and controls in place. • Boards and their risk committees have an important role to play by asking the right questions of management. Too often boards ask 'how strong are our security controls?', when they should be asking 'do our customers and other key stakeholders trust us and how do we maintain this trust?' • Digital trust is as much about opportunity as it is risk. And it's the companies that are 'trusted' to whom customers will increasingly turn in the digital economy. How does your organisation stack up? • Over leaf are some critical questions to determine how digitally trusted your company is: 25 Are you and your partners digitally trusted?
  • 26. PwC 26 Assess you digital trust profile: Key Digital questions that you should be asking Risk management Have we identified our risk appetite, the key risks and threats to our business presented by cyber? Are our controls 'right-sized'? Strategic alignment Is our cyber security program aligned with our business strategy? Information assets Do we know where our data is physically held? Do we know where the 'crown jewels' are (ie our most commercially sensitive and critical data)? What are our key systems and business processes? Network & system architecture Have we (and our service providers) segregated our systems and networks to minimise the impact of any potential cyber security breaches? Especially to protect the ‘crown jewels’. Third party management With the increased reliance on third parties to deliver services, including Cloud providers, what monitoring controls are in place and what ongoing assurance do we have to be sure those parties are handling our data appropriately?
  • 27. PwC 27 Assess you digital trust profile: Key Digital questions that you should be asking Online and digital integration With increasing connectivity (eg cloud, mobile, social networking) how are we managing the ways members or third parties access our systems and our data? Identity and access management How are we ensuring that the right people have access to our core systems and data, especially privileged access? How do we know that people (employees, suppliers or members) really are who they say they are? Privacy & data protection How are you meeting member expectations from a privacy and data protection perspective, particularly if we are keeping and analysing member data (ie 'big data')? Regulation How are we sure that we are meeting our regulatory requirements in relation to Cyber security? Incident response It's highly likely that we will be subject to a cyber security breach. What's our incident response plan? How will we rebuild trust? Do we know how to respond when we have been targeted?
  • 28. PwC Successful security models have the following characteristics: • You continually monitor your risk profile. You understand what matters to the success of your business. You realise this changes as you move forward with your business. • You understand in real time, the new threats within the digital landscape. You are fully aware of the risks you’re exposing the organisation to as you execute your strategic plan. • You understand how digital is changing the fabric of your business, introducing new threats and changing your risk profile. • Your eyes are fully open to digital threats. • You recognise boundaries have shifted: your business architecture has changed, so have the risks within your digital supply chain. You are aware that threats can come from within your organisation as well as from outside it. 28 Our point of View What good looks like, going beyond best practise
  • 29. PwC 29 Our point of View When is it time to Act There are logical triggers in your business that prompt action. Here are some examples. • Changes to regulation or legislation that will affect your business. • Change in the form of new suppliers, new technology, acquisitions, new markets or a change in leadership. • Trends or developments in your market that are likely to affect your business and where it’s better to respond proactively.
  • 30. PwC 30 Our point of View How do you benefit A well managed digital security program will gain the trust of your customers and clients. Provide you the confidence to realise the full potential of the digital environment for your business. Below are the six confidences that will help you apply digital security to the heart of your business. - Confidence in your people and processes - Confidence in your technology - Confidence in your connections - Confidence to take risks - Confidence during a crisis - Confidence in your priorities
  • 31. PwC 31 Our point of View How we can help We provide market leading end–to-end solutioning across people, process and technology offering to help you build trust, capitalise on the opportunities and navigate the risks in the digital age – building growth. We bring: • Access to the largest network of global expertise and insights from helping leading organisations. • A multidisciplinary offering to address the multifaceted and complex nature of digital risk and security. • Innovation in our thinking and our tools to help you manage risk in the rapidly changing digital landscape.
  • 32. www.pwc.com.au References: © 2015 PricewaterhouseCoopers. All rights reserved. PwC refers to the Australian member firm, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details. PwC’s 2016 Global State of Information Security Survey http://www.pwc.com/gx/en/issues/cyber-security/information-security-survey/data- explorer.html PwC’s 2015 State of Compliance Survey http://www.pwc.com/us/en/risk-management/state-of-compliance-survey/downloads.html PwC’s Digital IQ Survey – Examining the digital health of Australian businesses http://www.pwc.com.au/consulting/publications/2015-global-digital-iq-survey.htm Take control of you future by looking at Risk differently – Peter Malan https://takecontrol.pwc.com.au/digital-trust/ https://www.youtube.com/watch?v=BkkNifucWtE
  • 33. www.pwc.com.au If there is one question I leave with you today, ‘Why is the digital world more dangerous than the old world? Questions time
  • 34. PwC 34 Contact details Further question, please forward or just call me Mourad Khalil Senior Manager Digital Risk M: +61 403 980 718 mouradswork@gmail.com