PwC's talented senior cybersecurity and infosec manager Ross Foley recently gave a great talk on the growing importance of security culture within infosec. Here are the slides to help raise awareness of this issue.
The July 2017 Cybersecurity Risk LandscapeCraig McGill
John Hinchcliffe, one of the talented cybersecurity experts at PwC in Scotland, recently spoke at an ISACA event, talking about the current security risk landscape, highlighting some of the forgotten security risks, and challenging attendees to think about the true value of their data.
Cyber Resilience: A New Perspective on SecurityIna Luft
Developing advanced cyber security strategies for the creation of a layered cyber defence, Cyber Resilience: A New Perspective on Security shall explore the establishment of a comprehensive defence from contemporary cyber threats to critical national infrastructure
As well as the strategies and architectures necessary for the establishment of this protection, the master class will explore optimal protocol for organizations of all sizes to take the necessary steps to prepare for the worst-case scenarios. Specifically, the ability to recover quickly in the event of a cyber-attack on their network and deal with the fall out of such an attack.
WHY YOU SHOULD ATTEND:
• Understand the contemporary threats to critical national infrastructure, the approaches of attackers and their intentions
• Master cyber security strategies and architectures for a thorough 1st line of defence
• from cyber threats, in doing so, build a more cyber resilient enterprise
• Prepare for the event in which your organisation’s cyber security is breached, effectively respond and recover by minimizing its impact and restore the functions of your people, processes and systems as soon as possible
EARLY BIRD DISCOUNT: Book by 29th January to save £100 – Book by 29th February to save £50
For more information and to register, please visit www.smi-online.co.uk/2016cyberresilience.asp or contact events@smi-online.co.uk.
Presented by Dr Sam De Silva, partner at Nabarro to over 100 CEOs and Executives in London.
Explains what leaders should do immediately after becoming aware of a cyber attack, from a legal perspective.
CEOs leading Recovery from Cyber AttackKevin Duffey
This presentation was given to senior representatives from the Cabinet Office (UK Government), Capita, E.ON, Institute of Directors, Microsoft, Saga plc, Zurich Insurance, etc, at an event organised by Cyber Rescue on 29th June 2016.
Estudio de Russell Reynolds Associates sobre ciberseguridad que explora la importancia de la relación entre el Chief Information Security Officer y el Consejo de Administración.
Strategies for cyber resilience - Everyone has a RoleKevin Duffey
Building on the observation that the significant majority of cyber-attacks succeed because of human error, this presentation explains how organisations can build, embed & sustain the resilient behaviours required across the whole workforce, regardless of their role or responsibility, to better protect their most valuable & commercially sensitive information.
The July 2017 Cybersecurity Risk LandscapeCraig McGill
John Hinchcliffe, one of the talented cybersecurity experts at PwC in Scotland, recently spoke at an ISACA event, talking about the current security risk landscape, highlighting some of the forgotten security risks, and challenging attendees to think about the true value of their data.
Cyber Resilience: A New Perspective on SecurityIna Luft
Developing advanced cyber security strategies for the creation of a layered cyber defence, Cyber Resilience: A New Perspective on Security shall explore the establishment of a comprehensive defence from contemporary cyber threats to critical national infrastructure
As well as the strategies and architectures necessary for the establishment of this protection, the master class will explore optimal protocol for organizations of all sizes to take the necessary steps to prepare for the worst-case scenarios. Specifically, the ability to recover quickly in the event of a cyber-attack on their network and deal with the fall out of such an attack.
WHY YOU SHOULD ATTEND:
• Understand the contemporary threats to critical national infrastructure, the approaches of attackers and their intentions
• Master cyber security strategies and architectures for a thorough 1st line of defence
• from cyber threats, in doing so, build a more cyber resilient enterprise
• Prepare for the event in which your organisation’s cyber security is breached, effectively respond and recover by minimizing its impact and restore the functions of your people, processes and systems as soon as possible
EARLY BIRD DISCOUNT: Book by 29th January to save £100 – Book by 29th February to save £50
For more information and to register, please visit www.smi-online.co.uk/2016cyberresilience.asp or contact events@smi-online.co.uk.
Presented by Dr Sam De Silva, partner at Nabarro to over 100 CEOs and Executives in London.
Explains what leaders should do immediately after becoming aware of a cyber attack, from a legal perspective.
CEOs leading Recovery from Cyber AttackKevin Duffey
This presentation was given to senior representatives from the Cabinet Office (UK Government), Capita, E.ON, Institute of Directors, Microsoft, Saga plc, Zurich Insurance, etc, at an event organised by Cyber Rescue on 29th June 2016.
Estudio de Russell Reynolds Associates sobre ciberseguridad que explora la importancia de la relación entre el Chief Information Security Officer y el Consejo de Administración.
Strategies for cyber resilience - Everyone has a RoleKevin Duffey
Building on the observation that the significant majority of cyber-attacks succeed because of human error, this presentation explains how organisations can build, embed & sustain the resilient behaviours required across the whole workforce, regardless of their role or responsibility, to better protect their most valuable & commercially sensitive information.
Maggie Philbin - the UK's Digitial Personality of 2016 - tells CEOs how to find & develop the people who will help them recover from future cyber attacks.
Be Angry - why CEOs should join the coalition against cyber crimeKevin Duffey
Phil Reitinger shares his experience as Director at the National Cyber Security Center, Microsoft, Sony and elsewhere, with over 100 CEOs and executives in London. Join the GCA to fight systemic cyber risks.
Cyber Security Threats Facing Small Businesses--June 2019Dawn Yankeelov
This presentation was made by Cloudnexus Founder Jay Rollins at the Technology Association of Louisville Kentucky's Cybersecurity Summit on June 14, 2019.
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
Companies are under increasing risks of breaches, theft of intellectual property and erosion of customer trust. CIOs and CISOs need to be able to explain to executive management what's being done to shore up their company's security strategy and defenses.
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
Highlights of the 2015 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2015. The full report can be downloaded at: http://hubs.ly/y0tFbr0
Cybersecurity is a fast-expanding field spanning network infrastructure, remote services, device diversity, even the nuances of human interaction and behaviour within the enterprise. Today’s IT expert is part technician, part detective, and part sociologist.
This SlideShare presentation is a blow-by-blow account of the issues that matter in today’s hyperlinked, cross-connected, time-shifted organisation—with each threat backed up by some key statistics.
Improving Cyber Security Literacy in Boards & ExecutivesTripwire
In response to the rapidly evolving threat landscape, Boards of Directors (BoDs) and executives are now more aware of today’s cyber threats and how they might adversely affect their business. However, most executives are nonetheless limited in their knowledge of security and do not know what to ask their security teams.
It is therefore up to security professionals to help their executives become more cyber security literate and thereby assist in framing security considerations as an integral part of any risk/opportunity discussion, as well as a wider enterprise risk management strategy.
Acknowledging this responsibility on the part of information security personnel, Tripwire has asked a number of prominent experts in the field how security teams can improve their executives’ cyber security literacy.
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
Boards of Directors have an inescapable legal responsibility to protect their organisation’s assets and shareholder value against risks. Where does cybersecurity fit in the agenda? Many boards lack the knowledge, awareness and confidence to connect security to the business.
In this webcast, moderator Paul Edon, Director of Customer Services at Tripwire, will provide a variety of perspectives from experienced professionals in the industry — including Amar Singh UK CISO for Elsevier, Ray Stanton EVP Professional Services at BT and Advisory Board Member of ISF, and Gary Cheetham, CISO at NFU Mutual.
Wilson Consulting Group (WCG) is an innovative global cybersecurity consulting firm headquartered in Washington D.C., with a European office in London, England.
The Tech Revolution and Cybersecurity: A tumultuous relationship? With evolving applications of technology within the asset management industry, data protection remains top of mind. While many large and tech-savvy asset managers are employing advanced cybersecurity protections, many smaller firms are also adopting a new norm, hoping to demonstrate a true commitment to data protection.
Do you have an end-to-end view of your total IT and data flow environment? Hear from information security experts on how asset managers can keep risk assessments current and follow best practices to help safeguard the industry from cyber threats.
Fund companies and professional service firms will benefit from this informative webinar, addressing issues such as:
- The evolving public policy landscape
- Shifts in IT security priorities
- Roadmap for remaining cyber-ready
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
Presented at the annual UK Security Expo in London, to help traditional Security Directors understand and feel confident about the practical ways in which their role should extend to cyber security issues. This presentation was followed by a simple cyber attack simulation (not shown here).
Presented by Barrie Millett and Kevin Duffey of Cyber Rescue.
Wilson Consulting Group (WCG) is an innovative global cyber security consulting firm headquartered in Washington D.C., with a European office in London, England. We specialize in governance, risk, and compliance consulting services, providing our clients with strategic guidance, technical solutions, and business advice to best serve their individual needs.
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdfSania Baker
There are many problems facing businesses today, and cybersecurity is becoming one of the biggest. To avoid falling victim to unforeseen attacks, firms should consider cybersecurity consultants to keep them alert.
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Proofpoint
Business Has Changed. The Threat Landscape Has Changed. Are You Prepared?
Today’s workers have gone beyond the network, using multiple devices to conduct business, anywhere, any time. The move has resulted in greater productivity and collaboration—and a greater risk of attack by cyber criminals. How can you protect your business today?
Under cyber attack: EY's Global information security survey 2013EY
Under cyber-attack, EY's 16th annual Global Information Security Survey 2013 tracks the level of awareness and action by companies in response to cyber threats and canvases the opinion of over 1,900 senior executives globally. This year’s results show that as companies continue to invest heavily to protect themselves against cyber-attacks, the number of security breaches is on the rise and it is no longer of question of if, but when, a company will be the target of an attack.
For further information, visit: http://www.ey.com/GL/en/Services/Advisory/Cyber-security
Maggie Philbin - the UK's Digitial Personality of 2016 - tells CEOs how to find & develop the people who will help them recover from future cyber attacks.
Be Angry - why CEOs should join the coalition against cyber crimeKevin Duffey
Phil Reitinger shares his experience as Director at the National Cyber Security Center, Microsoft, Sony and elsewhere, with over 100 CEOs and executives in London. Join the GCA to fight systemic cyber risks.
Cyber Security Threats Facing Small Businesses--June 2019Dawn Yankeelov
This presentation was made by Cloudnexus Founder Jay Rollins at the Technology Association of Louisville Kentucky's Cybersecurity Summit on June 14, 2019.
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
Companies are under increasing risks of breaches, theft of intellectual property and erosion of customer trust. CIOs and CISOs need to be able to explain to executive management what's being done to shore up their company's security strategy and defenses.
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
Highlights of the 2015 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2015. The full report can be downloaded at: http://hubs.ly/y0tFbr0
Cybersecurity is a fast-expanding field spanning network infrastructure, remote services, device diversity, even the nuances of human interaction and behaviour within the enterprise. Today’s IT expert is part technician, part detective, and part sociologist.
This SlideShare presentation is a blow-by-blow account of the issues that matter in today’s hyperlinked, cross-connected, time-shifted organisation—with each threat backed up by some key statistics.
Improving Cyber Security Literacy in Boards & ExecutivesTripwire
In response to the rapidly evolving threat landscape, Boards of Directors (BoDs) and executives are now more aware of today’s cyber threats and how they might adversely affect their business. However, most executives are nonetheless limited in their knowledge of security and do not know what to ask their security teams.
It is therefore up to security professionals to help their executives become more cyber security literate and thereby assist in framing security considerations as an integral part of any risk/opportunity discussion, as well as a wider enterprise risk management strategy.
Acknowledging this responsibility on the part of information security personnel, Tripwire has asked a number of prominent experts in the field how security teams can improve their executives’ cyber security literacy.
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
Boards of Directors have an inescapable legal responsibility to protect their organisation’s assets and shareholder value against risks. Where does cybersecurity fit in the agenda? Many boards lack the knowledge, awareness and confidence to connect security to the business.
In this webcast, moderator Paul Edon, Director of Customer Services at Tripwire, will provide a variety of perspectives from experienced professionals in the industry — including Amar Singh UK CISO for Elsevier, Ray Stanton EVP Professional Services at BT and Advisory Board Member of ISF, and Gary Cheetham, CISO at NFU Mutual.
Wilson Consulting Group (WCG) is an innovative global cybersecurity consulting firm headquartered in Washington D.C., with a European office in London, England.
The Tech Revolution and Cybersecurity: A tumultuous relationship? With evolving applications of technology within the asset management industry, data protection remains top of mind. While many large and tech-savvy asset managers are employing advanced cybersecurity protections, many smaller firms are also adopting a new norm, hoping to demonstrate a true commitment to data protection.
Do you have an end-to-end view of your total IT and data flow environment? Hear from information security experts on how asset managers can keep risk assessments current and follow best practices to help safeguard the industry from cyber threats.
Fund companies and professional service firms will benefit from this informative webinar, addressing issues such as:
- The evolving public policy landscape
- Shifts in IT security priorities
- Roadmap for remaining cyber-ready
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
Presented at the annual UK Security Expo in London, to help traditional Security Directors understand and feel confident about the practical ways in which their role should extend to cyber security issues. This presentation was followed by a simple cyber attack simulation (not shown here).
Presented by Barrie Millett and Kevin Duffey of Cyber Rescue.
Wilson Consulting Group (WCG) is an innovative global cyber security consulting firm headquartered in Washington D.C., with a European office in London, England. We specialize in governance, risk, and compliance consulting services, providing our clients with strategic guidance, technical solutions, and business advice to best serve their individual needs.
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdfSania Baker
There are many problems facing businesses today, and cybersecurity is becoming one of the biggest. To avoid falling victim to unforeseen attacks, firms should consider cybersecurity consultants to keep them alert.
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Proofpoint
Business Has Changed. The Threat Landscape Has Changed. Are You Prepared?
Today’s workers have gone beyond the network, using multiple devices to conduct business, anywhere, any time. The move has resulted in greater productivity and collaboration—and a greater risk of attack by cyber criminals. How can you protect your business today?
Under cyber attack: EY's Global information security survey 2013EY
Under cyber-attack, EY's 16th annual Global Information Security Survey 2013 tracks the level of awareness and action by companies in response to cyber threats and canvases the opinion of over 1,900 senior executives globally. This year’s results show that as companies continue to invest heavily to protect themselves against cyber-attacks, the number of security breaches is on the rise and it is no longer of question of if, but when, a company will be the target of an attack.
For further information, visit: http://www.ey.com/GL/en/Services/Advisory/Cyber-security
Enhancing Cyber Security Awareness: Building a Safer Digital Worldcyberprosocial
In today’s interconnected world, where digital technology plays an integral role in our personal and professional lives, cyber security awareness has never been more important. With cyber threats becoming increasingly sophisticated and prevalent, it’s essential for individuals and organizations to stay vigilant and informed about potential risks and best practices for staying safe online.
Stephane Nappo. January 2023. Top Cyber News MAGAZINE.pdfStéphane Nappo
"One of the main Cyber risks is to think they don't exist. The other is to try to treat all risks".
Key cybersecurity quotes, key methodologies, and advanced risk management approches. Seeking for simplicity and efficiency in the complex realm... Do read.
Practical Advantages of a Security Educated WorkforceKeyaan Williams
Don't allow compliance-driven security awareness training stop you from educating your workforce and producing meaningful results with education, training, and awareness.
What Small Business Can Do To Protect Themselves Now in CybersecurityReading Works Detroit
On October 16, Daniel Cherrin spoke at the Wall Street Journal PRO Cybersecurity Small Business Academy at the Monarch Beach Resort in Dana Park, California. You can find an excerpt from his remarks on Incident Response on a Budget at http://www.northcoaststrategies.com/blog/steps-you-can-take-now-to-prepare-for-the-next-data-breach-that-wont-cost-a-lot-of-money.
Brunswick Intelligence - Building reputational resilience to cyber attackBrunswick Group
Cybersecurity is a business critical risk not just an IT issue. The reputational damage of a cyber breach is often less than the technical damage inflicted, the money lost, or the regulatory fines. With new threats proliferating at startling speed how companies respond to an attack can be more important than the attack itself. The good news is that companies can seize this challenge to differentiate themselves from the competition and earn a greater level of trust from stakeholders.
Learn more about the four steps companies can take to build their reputational resilience to cyber attack.
Empower Business by Filling Gap of Cyber Security SkillsClickSSL
In the digital world that we live in today, everyone has a lot to worry in the realm of data security and the security of computing devices. This is why the term cyber security is growing vital each passing day as individuals, government and companies look for protection. Well, what exactly is this term known as cyber security?
So much effort has been put into educating people about hackers, viruses, ransomware and other cybersecurity threats and a key component of the problem has been largely overlooked - we're all human and we all make mistakes! I'm a firm believer that education is the route forward. For a few pounds a month you can with Doherty Associates continually educate your most important business assets - your staff - in a fun and rewarding manner. Google "employee cyber security negligence" and various reports will confirm the number one cause of data breaches is human error. Usually, these data breaches are accidental and are the result of an employee losing a mobile device or document containing passwords or sensitive information! I'd be happy to assist if you think your staff need some help.
"Security on the Brain" Security & Risk Psychology Workshop Nov 2013Adrian Wright
Security on the Brain – Using Human Psychology to Achieve Compliance: ISSA-UK Expert Workshop
Presented by Adrian Wright - ISSA-UK VP of Research
One of the biggest wake-up calls in recent times is the realisation that more than 60% of major security breaches and data losses are down to 'human factor' failings.
Our main weapon in mitigating these failings is to spend more on in-house awareness campaigns and on technical measures to minimise any losses - yet incidents and losses continue to increase. Clearly these existing awareness campaigns and controls are not enough, as the message is still not getting through or isn't being complied with.
This presentation and workshop session challenges current thinking and strategies in dealing with people as both an asset and a source of risk, by leveraging human psychology and people's differing motivations to improve communication, change opinions and turn basic awareness into actual compliance.
In this session
Learn:
- The psychology of why we don't comply - why awareness alone won't do
- What motivates people to do - or not do - specific things
- Neurolinguistics - it's not just what you say; but how you say it and to who
- Divide and conquer - adapting your message to target specific personality types
- Changing the security culture by changing people's belief systems
- Dirty tricks (slightly) - tactics that work in changing behaviour
- Selling the unsellable - lessons from other sectors in making boring stuff sexy
Participate:
- Informal group discussion of challenges and successes from your experience
- Identifying your audience’s character types and shaping the message
- Influencing the Board by speaking their language
- Developing an internal PR strategy to improve security's image and influence
- Develop a brand new and more effective mission statement for your team
About the Presenter:
Adrian Wright CISA
20 years experience in Information Security, IT Risk Management & Compliance. Specialist in managing security, risk and compliance awareness campaigns;
9 Years Global CISO Head of InfoSec at Reuters - covering 142 countries and 250,000 systems;
10 years founder and programme director at Secoda Risk Management. Experienced speaker and writer on all things cyber security, governance, risk & compliance.
2 Years Director of Projects & 1 Year VP of Research & Board member at ISSA-UK
Having spent decades looking into the darker recesses and failings within technology; Adrian has recently turned his attention to the darker recesses and failings within the human beings that work with the technology…
This global study, conducted by the Economist Intelligence Unit (EIU) and sponsored by Palo Alto Networks, sheds light on the ways business leaders are dealing with the increasing volume of threats they face from insecurities that arise because of disruption beyond their corporate borders.
For in-depth interviews from industry leaders on how companies are combating security threats, go to https://goo.gl/fXcnLN
How to Create a Security-Aware Culture in Your CompanyDavid McHale
Learn how to create a security-aware culture in your organization in just a few minutes with our new psychological security presentation, courtesy of HailBytes.com!
Craig McGill personal branding talk at ScotappconCraig McGill
Talk given to 700 apprentices in Scotland in November 2018 about how to do basic personal branding and marketing by Craig McGill, communications, PR and marketing expert.
Whisky, social media and digital engagement for ROICraig McGill
A look at how the scotch whisky trade has used online and social media to boost ROI and digital engagement based on seven years of working social media with the alcohol industry including BrewDog, Whyte & Mackay, Dalmore, Jura, Glenmorangie and other brands.
Slides from a talk in 2012 by Craig McGill who has advised a number of whisky and drinks companies on using social media and online engagement to find new customers, keep current customers happy and boost ROI. He was worked with Whyte and Mackay, The Shackleton Whisky, Dalmore, Fettercairn, Jura Whisky, Burns Stewart, BrewDog and many others, including rum and vodka companies. He has also appeared at a number of marketing and alcohol events talking about digital marketing.
Napier CrossPlatform Content week two - Journalist as a brandCraig McGill
This week, the CrossPlatform Journalism and Content module looks at online branding for journalists with a quick look at how they should be online before moving on to advice maximising their time online, ensuring they are seen in the right places. You can follow the course on Twitter @mainjournalism and the course lecturer Craig McGill @craigmcgill.
A version with audio is available on YouTube.
Lustre Pure Light acne treatment asked nearly 600 adult women in the UK for their thoughts on how adult acne impacted on their lives.
Many replied that despite no longer being teens, it was still a considerable issue for them, with many saying they would cancel nights out or other events due to bad acne.
Scotland & the Social Media Problem with BusinessCraig McGill
Presentation given to students at Stirling University about the challenges they face in Scotland about getting companies to adopt social media. More information on the event can be found at http://bit.ly/9ISbV7
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
Personal Brand Statement:
As an Army veteran dedicated to lifelong learning, I bring a disciplined, strategic mindset to my pursuits. I am constantly expanding my knowledge to innovate and lead effectively. My journey is driven by a commitment to excellence, and to make a meaningful impact in the world.
In the Adani-Hindenburg case, what is SEBI investigating.pptxAdani case
Adani SEBI investigation revealed that the latter had sought information from five foreign jurisdictions concerning the holdings of the firm’s foreign portfolio investors (FPIs) in relation to the alleged violations of the MPS Regulations. Nevertheless, the economic interest of the twelve FPIs based in tax haven jurisdictions still needs to be determined. The Adani Group firms classed these FPIs as public shareholders. According to Hindenburg, FPIs were used to get around regulatory standards.
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraAvirahi City Dholera
The Tata Group, a titan of Indian industry, is making waves with its advanced talks with Taiwanese chipmakers Powerchip Semiconductor Manufacturing Corporation (PSMC) and UMC Group. The goal? Establishing a cutting-edge semiconductor fabrication unit (fab) in Dholera, Gujarat. This isn’t just any project; it’s a potential game changer for India’s chipmaking aspirations and a boon for investors seeking promising residential projects in dholera sir.
Visit : https://www.avirahi.com/blog/tata-group-dials-taiwan-for-its-chipmaking-ambition-in-gujarats-dholera/
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.AnnySerafinaLove
This letter, written by Kellen Harkins, Course Director at Full Sail University, commends Anny Love's exemplary performance in the Video Sharing Platforms class. It highlights her dedication, willingness to challenge herself, and exceptional skills in production, editing, and marketing across various video platforms like YouTube, TikTok, and Instagram.
Recruiting in the Digital Age: A Social Media MasterclassLuanWise
In this masterclass, presented at the Global HR Summit on 5th June 2024, Luan Wise explored the essential features of social media platforms that support talent acquisition, including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok.
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
Digital Transformation and IT Strategy Toolkit and TemplatesAurelien Domont, MBA
This Digital Transformation and IT Strategy Toolkit was created by ex-McKinsey, Deloitte and BCG Management Consultants, after more than 5,000 hours of work. It is considered the world's best & most comprehensive Digital Transformation and IT Strategy Toolkit. It includes all the Frameworks, Best Practices & Templates required to successfully undertake the Digital Transformation of your organization and define a robust IT Strategy.
Editable Toolkit to help you reuse our content: 700 Powerpoint slides | 35 Excel sheets | 84 minutes of Video training
This PowerPoint presentation is only a small preview of our Toolkits. For more details, visit www.domontconsulting.com
Implicitly or explicitly all competing businesses employ a strategy to select a mix
of marketing resources. Formulating such competitive strategies fundamentally
involves recognizing relationships between elements of the marketing mix (e.g.,
price and product quality), as well as assessing competitive and market conditions
(i.e., industry structure in the language of economics).
Discover the innovative and creative projects that highlight my journey throu...dylandmeas
Discover the innovative and creative projects that highlight my journey through Full Sail University. Below, you’ll find a collection of my work showcasing my skills and expertise in digital marketing, event planning, and media production.
2. Blackhat 2017
Security Culture | 2
““We focus too much on
complexity, not harm…
the things that we see, that
we come across every day,
that cause people to lose
control of their information
are not that advanced
Alex Stamos
Chief Security Offer, Facebook
3. The security culture journey
Security Culture | 3
Culture is more
than awareness
There has been under
investment in the
people components.
Understanding
your culture,
human
motivation and
cognitive bias is
critical.
Behaviours
need to change
first and then
mindsets will
follow.
144%
increase
in successful
cyber attacks
on
businesses.
is the average total
cost of the worst
security incidents
experienced by large
organisations in 2015,
an increase of
between 143% and
173% on 2014.
£1.5
to
£3.1m
Cyber threats
are evolving
Threats are changing
rapidly, with regulation
following, and the
public increasing its
expectations on
security.
GDPR
People are
the weak link
Cybersecurity
generally fails
where people
meet technology.
Humans
are often
the weak
link.
of the worst
breaches in
the year were
caused by
inadvertent
human error
up from 30%
one yearago.
75%
large
organisations
suffered staff
related
security.
breaches last
year.
50%
We are not rational.
Our decisions are
influenced by
emotions.
We miscalculate risk.
4. Why is culture so important?
Security Culture | 4
““81% of hacking-related
breaches leveraged either
stolen and/or weak
passwords
Source: Verizon Data Breach Survey 2017
Source: HM Gov. Cyber Security Breaches Survey 2017
5. But it’s not just about phishing!
Security Culture | 5
The best security technology in the world cannot
help you unless employees understand their
roles and responsibilities in safeguarding
sensitive data and protecting company
resources
US National Cyber Security Alliance
6. So what is culture?
Security Culture | 6
“
“The assumptions or beliefs which are
common across the organisation that
allow you to predict how your people will
behave and what they will achieve
PwC
Risk Culture
Organisational
culture
Behaviours
Ethics
Personal
predisposition
to risk
IRM
7. Common challenges to culture change
Security Culture | 7
Organisation
structure
Embedded
behaviours
Prevailing
mindset
Time to change
8. And there is no accounting for people…
Security Culture | 8
9. But what does this mean for security?
Security Culture | 9
Security is a
reality…
…but it is
also a feeling
“
“We have zero appetite for
cyber security risk
10. The psychology of risk management…
Security Culture | 10
People exaggerate
risks that are:
People downplay
risks that are:
Rare Common
Spectacular Pedestrian
Personified Anonymous
Outside of their control Under their control
Talked about Not discussed
Immediate / sudden Long term / evolving
Affect them personally Affect others
11. Measuring your security culture
Security Culture | 11
It’s not just about awareness training or ethical phishing! Focus on the “moments that matter”
Do they proactively
manage cyber risk?
• Ratio of leavers to users removed
during attestation
• Exceptions to policy
• Average time to close risks
Would staff spot a
cyber threat?
• Volume of email traffic to webmail
• Volume of (attempted) web traffic to
file sharing or webmail
• % of users who receive targeted
training
How would they respond to
an incident?
• Number of submissions to phishing
mailbox
• Repeat DLP offenders
• Average time to report physical
data/asset losses
12. Setting the tone from the top
Effectivecyberriskmanagement
‘We understand cyber is a relevant topic and our
executives inform us regularly’
‘We maintain a considered cyber risk appetite and
see accurate management information which
demonstrates compliance’
‘We actively manage cyber risk, making well-
informed choices about how we run our business
and placing clear requirements on executives. Risk
appetite influences our strategy and vice versa’
‘We are leading a business in the digital age. Cyber
risk is an integral part of innovation and growth; it is
led from the top and managed by all executives’
Owner: CTO
Awareness
Owner: CEO
Understanding
Owner: Board
Good
Governance
Owner: Board +
Whole Enterprise
Effective
Leadership
Denial?
Awareness and Leadership
Views from the Board
Security Culture | 12
13. What can I do tomorrow?
Security Culture | 13
Remember you are not alone & utilise
alternative skillsets across the business
Widen your metrics to include more
than just than completion of awareness
training & ethical phishing results
Get more targeted! Tailor your training
based on risk
Maximise the visual impact of your
initial awareness activity
Create a brand for security within the
organisation & promote positive
behaviour