SlideShare a Scribd company logo

Private Equity at the Eye of a Perfect Storm: Why Cyber Risk and Regulation Matter

Iryna Chekanava
Iryna Chekanava

An overview of a changing landscape of cyber security and compliance and key challenges it presents for Private Equity and Venture Capital Organisations. It also provides handy advice on what cyber risks should be considered on each stage of an investment life cycle and how to prevent them.

Business
1 of 17
Private Equity at the eye of a perfect storm: Why cyber risk and regulation matters February 1st, 2017
Agenda 2 •  PE at the eye of a perfect storm: Setting the cyber risk scene •  How cyber risk is affecting the PE investment lifecycle – challenges and available solutions •  Panel discussion and Q&A 1 2 3
A new digital world 3 1
New cyber risks 4 1
Cyber exacerbates business risks 5 1 Source: Ponemon Institute: The True Cost of Compliance
Data protection in the 20th century 6 1 The value of private information •  1.09 bn daily active users •  15% of global population •  34% of global internet users •  85% of daily active users are outside US/Canada Value of Facebook = $370,000,000,000
The EU General Data Protection Regulation 7 1 Wider Scope Data Processors, not just Controllers. Catches companies outside of EU in certain circumstances Data Subject Rights Portability, erasure and objections to profiling. Enforcement Fines of up to 4% of worldwide turnover or EUR20,000,000, whichever is higher. Security Breaches Notify regulator within 72 hours and affected data subjects without undue delay. Data Protection Officers Required in certain circumstances. Compensation Compensation for non- material damage. Non-profit organisations to pursue claims on data subjects’ behalf (group litigation).
The EU General Data Protection Regulation 8 1 “We thought data was the new oil….. ….it turns out it is the new asbestos”
Setting the cyber risk scene: From risk identification to incident management 9 1 Risk identification Risk quantification Risk management and transfer Incident management
The investment life cycle from a cyber risk perspective 10 2 Fund raising Buy HoldExit Fund closure Enable Identify ProtectSustain Enable
Fundraising: Challenges and solutions 11 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Data security §  Secure communications §  Systems set-up and security §  LP requirements §  FCA requirements Solutions: §  Set scope of Compliance Officer §  Appoint Data Officer §  Security by design §  Training and awareness §  Early-stage security measures §  Cyber insurance at formation
Buy: Challenges and solutions 12 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Solutions: §  Include cyber security and compliance in DD process: §  vulnerability assessment §  cyber health check §  Secure communications §  CyberQuantified §  Insurance gap analysis §  Incorporate cyber security and data protection action plan onto 100-day plan Challenges: §  Maintaining confidentiality §  Managing multiple parties during DD and closure §  Correctly assessing/valuing cyber security within the target §  Visibility of compliance and cyber security posture (including 3rd parties)
Hold: Challenges and solutions 13 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Minimise cyber security and compliance risk to maximize ROI and exit price Solutions: §  Implement state-of-the-art cyber security and compliance solutions at GP, fund and portfolio company level §  On-going monitoring and reporting §  Training and awareness §  Design of risk transfer strategy and insurance placement §  Cyber crisis planning and response
Exit: Challenges and solutions 14 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Maximizing transaction value by demonstrating good cyber security practice and compliance §  Avoiding post-exit law suits over insufficient cyber risk disclosure Solutions: §  Evidence produced during Hold phase §  VDD: §  Cyber-Quantified §  Insurance gap analysis
Fund closure: Challenges and solutions 15 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Avoiding post-exit law suits over insufficient cyber risk disclosure §  Data security §  Secure communications Solutions: §  Introduce cyber security module along with internal audit each year
Panel discussion and Q&A 16 3 §  Chair: Steve Berry, Chairman, Cynation §  CyNation: Shadi A. Razak, Head of Cyber & Compliance Services §  DAC Beachcroft: Hans Allnutt, Partner §  WTW: Jamie Monck-Mason, Executive Director, Cyber & TMT
Finally… 17 Private Equity Venture Capital Digitalization Cyber crime Data legislation

Recommended

NCC Group C Suite Cyber Security Advisory Services
NCC Group C Suite Cyber Security Advisory ServicesNCC Group C Suite Cyber Security Advisory Services
NCC Group C Suite Cyber Security Advisory Services
Ollie Whitehouse
 
"How are SMEs addressing privacy and trust today and what do they need to kno...
"How are SMEs addressing privacy and trust today and what do they need to kno..."How are SMEs addressing privacy and trust today and what do they need to kno...
"How are SMEs addressing privacy and trust today and what do they need to kno...
Cyber Watching
 
NCC Group Pro-active Breach Discovery: Network Threat Assessment
NCC Group Pro-active Breach Discovery: Network Threat AssessmentNCC Group Pro-active Breach Discovery: Network Threat Assessment
NCC Group Pro-active Breach Discovery: Network Threat Assessment
Ollie Whitehouse
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentation
Kenneth Dorado, CISA, HCISPP
 
Cyber security incidents implications in business continuity planning
Cyber security incidents implications in business continuity planningCyber security incidents implications in business continuity planning
Cyber security incidents implications in business continuity planning
PECB
 
Is Your Use of Windows Backup Opening the Door to Hackers?
Is Your Use of Windows Backup Opening the Door to Hackers?Is Your Use of Windows Backup Opening the Door to Hackers?
Is Your Use of Windows Backup Opening the Door to Hackers?
marketingunitrends
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Phil Huggins FBCS CITP
 
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
Citrin Cooperman
 

Recommended

NCC Group C Suite Cyber Security Advisory Services
NCC Group C Suite Cyber Security Advisory ServicesNCC Group C Suite Cyber Security Advisory Services
NCC Group C Suite Cyber Security Advisory Services
Ollie Whitehouse
 
"How are SMEs addressing privacy and trust today and what do they need to kno...
"How are SMEs addressing privacy and trust today and what do they need to kno..."How are SMEs addressing privacy and trust today and what do they need to kno...
"How are SMEs addressing privacy and trust today and what do they need to kno...
Cyber Watching
 
NCC Group Pro-active Breach Discovery: Network Threat Assessment
NCC Group Pro-active Breach Discovery: Network Threat AssessmentNCC Group Pro-active Breach Discovery: Network Threat Assessment
NCC Group Pro-active Breach Discovery: Network Threat Assessment
Ollie Whitehouse
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentation
Kenneth Dorado, CISA, HCISPP
 
Cyber security incidents implications in business continuity planning
Cyber security incidents implications in business continuity planningCyber security incidents implications in business continuity planning
Cyber security incidents implications in business continuity planning
PECB
 
Is Your Use of Windows Backup Opening the Door to Hackers?
Is Your Use of Windows Backup Opening the Door to Hackers?Is Your Use of Windows Backup Opening the Door to Hackers?
Is Your Use of Windows Backup Opening the Door to Hackers?
marketingunitrends
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Phil Huggins FBCS CITP
 
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
Citrin Cooperman
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
Phil Huggins FBCS CITP
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM compliance
Sami Benafia
 
Communicating cybersecurity
Communicating cybersecurityCommunicating cybersecurity
Communicating cybersecurity
Jisc
 
Cyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateCyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the Corporate
Albert Hui
 
9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model 9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model
Defence and Security Accelerator
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
Citrin Cooperman
 
GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018
Richard Marti - Principal
 
Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008aThompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
MatrixDesign
 
Equity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsEquity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsMike Britt
 
Cloud Compliance Use Case Demo
Cloud Compliance Use Case DemoCloud Compliance Use Case Demo
Cloud Compliance Use Case Demo
forkish
 
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
EagleCompliance
 
Corporate presentation october_2011
Corporate presentation october_2011Corporate presentation october_2011
Corporate presentation october_2011Robin Schaffer
 
Trends in AML Compliance
Trends in AML ComplianceTrends in AML Compliance
Trends in AML Compliance
Amazon Web Services
 
CohnReznick Private Equity Services
CohnReznick Private Equity ServicesCohnReznick Private Equity Services
CohnReznick Private Equity Services
John A. Bova
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
Donald Tabone
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
Dimitri Sirota
 
Training Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdfTraining Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdf
dotco
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
Ethos Media S.A.
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFERMA
 
GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017
isc2-hellenic
 
David doughty presentation 181119
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119
David Doughty
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Citrin Cooperman
 

More Related Content

What's hot

Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
Phil Huggins FBCS CITP
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM compliance
Sami Benafia
 
Communicating cybersecurity
Communicating cybersecurityCommunicating cybersecurity
Communicating cybersecurity
Jisc
 
Cyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateCyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the Corporate
Albert Hui
 
9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model 9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model
Defence and Security Accelerator
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
Citrin Cooperman
 
GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018
Richard Marti - Principal
 

What's hot (7)

Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM compliance
 
Communicating cybersecurity
Communicating cybersecurityCommunicating cybersecurity
Communicating cybersecurity
 
Cyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateCyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the Corporate
 
9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model 9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
 
GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018
 

Viewers also liked

Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008aThompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
MatrixDesign
 
Equity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsEquity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsMike Britt
 
Cloud Compliance Use Case Demo
Cloud Compliance Use Case DemoCloud Compliance Use Case Demo
Cloud Compliance Use Case Demo
forkish
 
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
EagleCompliance
 
Corporate presentation october_2011
Corporate presentation october_2011Corporate presentation october_2011
Corporate presentation october_2011Robin Schaffer
 
Trends in AML Compliance
Trends in AML ComplianceTrends in AML Compliance
Trends in AML Compliance
Amazon Web Services
 
CohnReznick Private Equity Services
CohnReznick Private Equity ServicesCohnReznick Private Equity Services
CohnReznick Private Equity Services
John A. Bova
 

Viewers also liked (7)

Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008aThompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
 
Equity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsEquity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process Flows
 
Cloud Compliance Use Case Demo
Cloud Compliance Use Case DemoCloud Compliance Use Case Demo
Cloud Compliance Use Case Demo
 
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
 
Corporate presentation october_2011
Corporate presentation october_2011Corporate presentation october_2011
Corporate presentation october_2011
 
Trends in AML Compliance
Trends in AML ComplianceTrends in AML Compliance
Trends in AML Compliance
 
CohnReznick Private Equity Services
CohnReznick Private Equity ServicesCohnReznick Private Equity Services
CohnReznick Private Equity Services
 

Similar to Private Equity at the Eye of a Perfect Storm: Why Cyber Risk and Regulation Matter

Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
Donald Tabone
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
Dimitri Sirota
 
Training Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdfTraining Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdf
dotco
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
Ethos Media S.A.
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFERMA
 
GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017
isc2-hellenic
 
David doughty presentation 181119
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119
David Doughty
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Citrin Cooperman
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
Judith Beckhard Cardoso
 
Legal update 21 september 2012
Legal update 21 september 2012Legal update 21 september 2012
Legal update 21 september 2012Rachel Aldighieri
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...
IT Governance Ltd
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech Applications
Lionel Briand
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challengeFERMA
 
How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPR
Charlie Pownall
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Citrin Cooperman
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise
Mourad Khalil
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
SurfWatch Labs
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
This account is closed
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
PECB
 

Similar to Private Equity at the Eye of a Perfect Storm: Why Cyber Risk and Regulation Matter (20)

Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Training Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdfTraining Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdf
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for IT
 
GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017
 
David doughty presentation 181119
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
Legal update 21 september 2012
Legal update 21 september 2012Legal update 21 september 2012
Legal update 21 september 2012
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech Applications
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPR
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 

Recently uploaded

Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
Sam H
 
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).pptENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
zechu97
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
Nicola Wreford-Howard
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
BBPMedia1
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
seri bangash
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
Cynthia Clay
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
Lviv Startup Club
 
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraTata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Avirahi City Dholera
 
Digital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and TemplatesDigital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and Templates
Aurelien Domont, MBA
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
Bojamma2
 
5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
ofm712785
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
agatadrynko
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
Falcon Invoice Discounting
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
zoyaansari11365
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
Erika906060
 
BeMetals Presentation_May_22_2024 .pdf
BeMetals Presentation_May_22_2024 .pdfBeMetals Presentation_May_22_2024 .pdf
BeMetals Presentation_May_22_2024 .pdf
DerekIwanaka1
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
anasabutalha2013
 
Enterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdfEnterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdf
KaiNexus
 

Recently uploaded (20)

Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
 
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).pptENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
 
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraTata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
 
Digital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and TemplatesDigital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and Templates
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
 
5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
 
BeMetals Presentation_May_22_2024 .pdf
BeMetals Presentation_May_22_2024 .pdfBeMetals Presentation_May_22_2024 .pdf
BeMetals Presentation_May_22_2024 .pdf
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
 
Enterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdfEnterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdf
 

Private Equity at the Eye of a Perfect Storm: Why Cyber Risk and Regulation Matter

  • 1. Private Equity at the eye of a perfect storm: Why cyber risk and regulation matters February 1st, 2017
  • 2. Agenda 2 •  PE at the eye of a perfect storm: Setting the cyber risk scene •  How cyber risk is affecting the PE investment lifecycle – challenges and available solutions •  Panel discussion and Q&A 1 2 3
  • 3. A new digital world 3 1
  • 5. Cyber exacerbates business risks 5 1 Source: Ponemon Institute: The True Cost of Compliance
  • 6. Data protection in the 20th century 6 1 The value of private information •  1.09 bn daily active users •  15% of global population •  34% of global internet users •  85% of daily active users are outside US/Canada Value of Facebook = $370,000,000,000
  • 7. The EU General Data Protection Regulation 7 1 Wider Scope Data Processors, not just Controllers. Catches companies outside of EU in certain circumstances Data Subject Rights Portability, erasure and objections to profiling. Enforcement Fines of up to 4% of worldwide turnover or EUR20,000,000, whichever is higher. Security Breaches Notify regulator within 72 hours and affected data subjects without undue delay. Data Protection Officers Required in certain circumstances. Compensation Compensation for non- material damage. Non-profit organisations to pursue claims on data subjects’ behalf (group litigation).
  • 8. The EU General Data Protection Regulation 8 1 “We thought data was the new oil….. ….it turns out it is the new asbestos”
  • 9. Setting the cyber risk scene: From risk identification to incident management 9 1 Risk identification Risk quantification Risk management and transfer Incident management
  • 10. The investment life cycle from a cyber risk perspective 10 2 Fund raising Buy HoldExit Fund closure Enable Identify ProtectSustain Enable
  • 11. Fundraising: Challenges and solutions 11 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Data security §  Secure communications §  Systems set-up and security §  LP requirements §  FCA requirements Solutions: §  Set scope of Compliance Officer §  Appoint Data Officer §  Security by design §  Training and awareness §  Early-stage security measures §  Cyber insurance at formation
  • 12. Buy: Challenges and solutions 12 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Solutions: §  Include cyber security and compliance in DD process: §  vulnerability assessment §  cyber health check §  Secure communications §  CyberQuantified §  Insurance gap analysis §  Incorporate cyber security and data protection action plan onto 100-day plan Challenges: §  Maintaining confidentiality §  Managing multiple parties during DD and closure §  Correctly assessing/valuing cyber security within the target §  Visibility of compliance and cyber security posture (including 3rd parties)
  • 13. Hold: Challenges and solutions 13 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Minimise cyber security and compliance risk to maximize ROI and exit price Solutions: §  Implement state-of-the-art cyber security and compliance solutions at GP, fund and portfolio company level §  On-going monitoring and reporting §  Training and awareness §  Design of risk transfer strategy and insurance placement §  Cyber crisis planning and response
  • 14. Exit: Challenges and solutions 14 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Maximizing transaction value by demonstrating good cyber security practice and compliance §  Avoiding post-exit law suits over insufficient cyber risk disclosure Solutions: §  Evidence produced during Hold phase §  VDD: §  Cyber-Quantified §  Insurance gap analysis
  • 15. Fund closure: Challenges and solutions 15 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Avoiding post-exit law suits over insufficient cyber risk disclosure §  Data security §  Secure communications Solutions: §  Introduce cyber security module along with internal audit each year
  • 16. Panel discussion and Q&A 16 3 §  Chair: Steve Berry, Chairman, Cynation §  CyNation: Shadi A. Razak, Head of Cyber & Compliance Services §  DAC Beachcroft: Hans Allnutt, Partner §  WTW: Jamie Monck-Mason, Executive Director, Cyber & TMT