SlideShare a Scribd company logo

Security beyond compliance

Parakum Pathirana
Parakum Pathirana

The presentation conducted at SJMS/ Deloitte workshop on cyber security

Internet
1 of 16
Download to read offline
Security Beyond Compliance http://www.isaca.lk/ info@isaca.lk This work is licensed under a Creative Commons Attribution 3.0 Unported License. Parakum Pathirana president@isaca.lk MSc, FBCS, CISA, CISM, CGEIT, CISSP, ISO 27001 LA, MCP, CHFI, QCS, ITIL
Disclaimer • I’m employed in the #infosec industry, however not authorized to speak on behalf of my employer/ clients • Everything I say can be blamed on the voices in your head
My credentials • 10+ years in #Infosec field • Tutor, consultant/ advisor, auditor, head of InfoSec • Sectors: financial, leisure, manufacturing, advertising, gov, insurance, etc. • Crazy about #cycling, #infosec, #socialmedia • Still learning and not an expert at anything • lk.linkedin.com/pub/parakum-pathirana/2/a52/2a2/
Agenda • The World Today ! • Bangladeshi Central Bank Hack • Problem? • Solution? 
The Compliance myth?
The World Today
The World Today
The World Today
The World Today
Recent high profile breaches
Bangladeshi Central Bank Hack 1. Malware/ spear-phishing 2. Partner Networks 3. Infrastructure
Findings from a survey done in 2008 1. Protecting reputation and brand has become a significant driver for information security. 2. Despite economic pressures, organizations continue to invest in information security. 3. International information security standards are gaining greater acceptance and adoption. 4. Many organizations still struggle to achieve a strategic view of information security. 5. Privacy is now a priority, but actions are falling short. 6. People remain the weakest link for information security. 7. Growing third-party risks are not being addressed. 8. Business continuity is still bound to information technology. 9. Most organizations are unwilling to outsource key information security activities. 10. Few companies hedge information security risks with cyber insurance.
Problem Statement How many have deployed Information Security solutions purely to meet the compliance requirements? - According to a survey carried out at RSA Conference in 2015, • over 61% of attendees admitted that they had • nearly 70% of organizations don't believe they are getting the most from their security products because they think they are either too complicated, too time consuming or they don't believe they have the right expertise
So, what needs to be done? Improve on • Expert Knowledge • User behavior • Technology
“No Compliance for Compliance sake”
Thank you

Recommended

Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Keith Fricke - CISO for an Hour
Keith Fricke - CISO for an HourKeith Fricke - CISO for an Hour
Keith Fricke - CISO for an Hourcentralohioissa
 
Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mind
Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your MindBrian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mind
Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mindcentralohioissa
 
Any of these folks work with you?
Any of these folks work with you?Any of these folks work with you?
Any of these folks work with you?Kevin O'Connor
 
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?NUS-ISS
 
iboss Security Facts & Figures (Infographic)
iboss Security Facts & Figures (Infographic)iboss Security Facts & Figures (Infographic)
iboss Security Facts & Figures (Infographic)Purdicom
 
Laserfiche regulatory + technology convergence webinar
Laserfiche regulatory + technology convergence webinarLaserfiche regulatory + technology convergence webinar
Laserfiche regulatory + technology convergence webinarLaserfiche
 

Recommended

Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Keith Fricke - CISO for an Hour
Keith Fricke - CISO for an HourKeith Fricke - CISO for an Hour
Keith Fricke - CISO for an Hourcentralohioissa
 
Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mind
Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your MindBrian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mind
Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mindcentralohioissa
 
Any of these folks work with you?
Any of these folks work with you?Any of these folks work with you?
Any of these folks work with you?Kevin O'Connor
 
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?NUS-ISS
 
iboss Security Facts & Figures (Infographic)
iboss Security Facts & Figures (Infographic)iboss Security Facts & Figures (Infographic)
iboss Security Facts & Figures (Infographic)Purdicom
 
Laserfiche regulatory + technology convergence webinar
Laserfiche regulatory + technology convergence webinarLaserfiche regulatory + technology convergence webinar
Laserfiche regulatory + technology convergence webinarLaserfiche
 
Cloud Identity
Cloud IdentityCloud Identity
Cloud IdentityNetIQ
 
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...IT Network marcus evans
 
Strategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleStrategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleKevin Duffey
 
Digital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceDigital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceXenith Document Systems Ltd
 
Accenture High Performance Security Report 2016 For Communications
Accenture High Performance Security Report 2016 For CommunicationsAccenture High Performance Security Report 2016 For Communications
Accenture High Performance Security Report 2016 For Communicationsaccenture
 
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115A Krista Kivisild
 
The July 2017 Cybersecurity Risk Landscape
The July 2017 Cybersecurity Risk LandscapeThe July 2017 Cybersecurity Risk Landscape
The July 2017 Cybersecurity Risk LandscapeCraig McGill
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things NetIQ
 
Protecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingProtecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingIntralinks
 
CEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackCEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackKevin Duffey
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforcejlieberman07
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Uday Mittal
 
Social Media Can Not Be Ignored
Social Media Can Not Be IgnoredSocial Media Can Not Be Ignored
Social Media Can Not Be Ignoredrichard_turner
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingAstha Benevolent
 
Cyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldCyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldKevin Duffey
 
A6 pragmatic journey into cyber security
A6 pragmatic journey into cyber securityA6 pragmatic journey into cyber security
A6 pragmatic journey into cyber securityJorge Sebastiao
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeKevin Duffey
 
IoT vendor questions
IoT vendor questionsIoT vendor questions
IoT vendor questionsAndrew Tierney
 
Servicios Thinking People
Servicios Thinking PeopleServicios Thinking People
Servicios Thinking PeopleThinking People
 
Projeto de lei nº
Projeto de lei nºProjeto de lei nº
Projeto de lei nºSEDS/MG
 

More Related Content

What's hot

Cloud Identity
Cloud IdentityCloud Identity
Cloud IdentityNetIQ
 
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...IT Network marcus evans
 
Strategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleStrategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleKevin Duffey
 
Digital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceDigital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceXenith Document Systems Ltd
 
Accenture High Performance Security Report 2016 For Communications
Accenture High Performance Security Report 2016 For CommunicationsAccenture High Performance Security Report 2016 For Communications
Accenture High Performance Security Report 2016 For Communicationsaccenture
 
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115A Krista Kivisild
 
The July 2017 Cybersecurity Risk Landscape
The July 2017 Cybersecurity Risk LandscapeThe July 2017 Cybersecurity Risk Landscape
The July 2017 Cybersecurity Risk LandscapeCraig McGill
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things NetIQ
 
Protecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingProtecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingIntralinks
 
CEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackCEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackKevin Duffey
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforcejlieberman07
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Uday Mittal
 
Social Media Can Not Be Ignored
Social Media Can Not Be IgnoredSocial Media Can Not Be Ignored
Social Media Can Not Be Ignoredrichard_turner
 
Cyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldCyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldKevin Duffey
 
A6 pragmatic journey into cyber security
A6 pragmatic journey into cyber securityA6 pragmatic journey into cyber security
A6 pragmatic journey into cyber securityJorge Sebastiao
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeKevin Duffey
 

What's hot (20)

Cloud Identity
Cloud IdentityCloud Identity
Cloud Identity
 
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
 
Strategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleStrategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a Role
 
Digital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceDigital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – Finance
 
Accenture High Performance Security Report 2016 For Communications
Accenture High Performance Security Report 2016 For CommunicationsAccenture High Performance Security Report 2016 For Communications
Accenture High Performance Security Report 2016 For Communications
 
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115
Secure-Insights-From-the-People-Who-Keep-Information-Safe_joa_Eng_0115
 
The July 2017 Cybersecurity Risk Landscape
The July 2017 Cybersecurity Risk LandscapeThe July 2017 Cybersecurity Risk Landscape
The July 2017 Cybersecurity Risk Landscape
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
 
Protecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingProtecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File Sharing
 
CEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackCEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber Attack
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal Toolkit
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforce
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing
 
Social Media Can Not Be Ignored
Social Media Can Not Be IgnoredSocial Media Can Not Be Ignored
Social Media Can Not Be Ignored
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's worldCyber Heroes of tomorrow's world
Cyber Heroes of tomorrow's world
 
A6 pragmatic journey into cyber security
A6 pragmatic journey into cyber securityA6 pragmatic journey into cyber security
A6 pragmatic journey into cyber security
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crime
 
IoT vendor questions
IoT vendor questionsIoT vendor questions
IoT vendor questions
 

Viewers also liked

Servicios Thinking People
Servicios Thinking PeopleServicios Thinking People
Servicios Thinking PeopleThinking People
 
Projeto de lei nº
Projeto de lei nºProjeto de lei nº
Projeto de lei nºSEDS/MG
 
Determination of Thickness of Overburden in Basement Area Using Schlumberger ...
Determination of Thickness of Overburden in Basement Area Using Schlumberger ...Determination of Thickness of Overburden in Basement Area Using Schlumberger ...
Determination of Thickness of Overburden in Basement Area Using Schlumberger ...iosrjce
 
Információbiztonság: Hálózati hozzáférés szabályozás /Bring Your Own Device/
Információbiztonság: Hálózati hozzáférés szabályozás /Bring Your Own Device/Információbiztonság: Hálózati hozzáférés szabályozás /Bring Your Own Device/
Információbiztonság: Hálózati hozzáférés szabályozás /Bring Your Own Device/S&T Consulting Hungary
 
Kelompok six sigma
Kelompok six sigmaKelompok six sigma
Kelompok six sigmainapurba
 
Weight Loss Tips & Articles
Weight Loss Tips & ArticlesWeight Loss Tips & Articles
Weight Loss Tips & ArticlesFatBurnerPlus
 
Gestión y infraestructura de un proyecto seo internacional #seopro 2015
Gestión y infraestructura de un proyecto seo internacional #seopro 2015Gestión y infraestructura de un proyecto seo internacional #seopro 2015
Gestión y infraestructura de un proyecto seo internacional #seopro 2015Alberto Romero Sánchez
 
Relatório do conselho da comunidade
Relatório do conselho da comunidadeRelatório do conselho da comunidade
Relatório do conselho da comunidadeSEDS/MG
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?S&T Consulting Hungary
 
Social media & the Financial Sector
Social media & the Financial SectorSocial media & the Financial Sector
Social media & the Financial SectorParakum Pathirana
 
Нейроморфный чип
Нейроморфный чипНейроморфный чип
Нейроморфный чипmotivnt
 
Definisi Kualitas dalam Manajemen
Definisi Kualitas dalam ManajemenDefinisi Kualitas dalam Manajemen
Definisi Kualitas dalam Manajemendaffadaffa
 

Viewers also liked (16)

Servicios Thinking People
Servicios Thinking PeopleServicios Thinking People
Servicios Thinking People
 
Projeto de lei nº
Projeto de lei nºProjeto de lei nº
Projeto de lei nº
 
Determination of Thickness of Overburden in Basement Area Using Schlumberger ...
Determination of Thickness of Overburden in Basement Area Using Schlumberger ...Determination of Thickness of Overburden in Basement Area Using Schlumberger ...
Determination of Thickness of Overburden in Basement Area Using Schlumberger ...
 
Palabras e inquisición y otros relatos
Palabras e inquisición y otros relatosPalabras e inquisición y otros relatos
Palabras e inquisición y otros relatos
 
Információbiztonság: Hálózati hozzáférés szabályozás /Bring Your Own Device/
Információbiztonság: Hálózati hozzáférés szabályozás /Bring Your Own Device/Információbiztonság: Hálózati hozzáférés szabályozás /Bring Your Own Device/
Információbiztonság: Hálózati hozzáférés szabályozás /Bring Your Own Device/
 
Química
QuímicaQuímica
Química
 
Kelompok six sigma
Kelompok six sigmaKelompok six sigma
Kelompok six sigma
 
Adalmiro
AdalmiroAdalmiro
Adalmiro
 
Weight Loss Tips & Articles
Weight Loss Tips & ArticlesWeight Loss Tips & Articles
Weight Loss Tips & Articles
 
Gestión y infraestructura de un proyecto seo internacional #seopro 2015
Gestión y infraestructura de un proyecto seo internacional #seopro 2015Gestión y infraestructura de un proyecto seo internacional #seopro 2015
Gestión y infraestructura de un proyecto seo internacional #seopro 2015
 
Relatório do conselho da comunidade
Relatório do conselho da comunidadeRelatório do conselho da comunidade
Relatório do conselho da comunidade
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?
 
Social media & the Financial Sector
Social media & the Financial SectorSocial media & the Financial Sector
Social media & the Financial Sector
 
Нейроморфный чип
Нейроморфный чипНейроморфный чип
Нейроморфный чип
 
IoT Adoption
IoT AdoptionIoT Adoption
IoT Adoption
 
Definisi Kualitas dalam Manajemen
Definisi Kualitas dalam ManajemenDefinisi Kualitas dalam Manajemen
Definisi Kualitas dalam Manajemen
 

Similar to Security beyond compliance

Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Mourad Khalil
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...EC-Council
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016Shannon G., MBA
 
Rothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalRothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalBen Rothke
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxinfosec train
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
 
Aetna information security assurance program
Aetna information security assurance programAetna information security assurance program
Aetna information security assurance programSiddharth Janakiram
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environmentEvan Francen
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber SecurityMisha Hanin
 
What are the Job Prospects After Doing CISA.pptx
What are the Job Prospects After Doing CISA.pptxWhat are the Job Prospects After Doing CISA.pptx
What are the Job Prospects After Doing CISA.pptxinfosec train
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessArt Ocain
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...AIIM International
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
Common and Concerning Risks In IT
Common and Concerning Risks In ITCommon and Concerning Risks In IT
Common and Concerning Risks In ITpbhugenberg3
 
Getting your Strategy Right – in a SMAC World!
Getting your Strategy Right – in a SMAC World!Getting your Strategy Right – in a SMAC World!
Getting your Strategy Right – in a SMAC World!Continuity and Resilience
 

Similar to Security beyond compliance (20)

Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016
 
Rothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalRothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professional
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
 
Aetna information security assurance program
Aetna information security assurance programAetna information security assurance program
Aetna information security assurance program
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environment
 
Rogers eBook Security
Rogers eBook SecurityRogers eBook Security
Rogers eBook Security
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber Security
 
What are the Job Prospects After Doing CISA.pptx
What are the Job Prospects After Doing CISA.pptxWhat are the Job Prospects After Doing CISA.pptx
What are the Job Prospects After Doing CISA.pptx
 
GITA March 2015 Newsletter
GITA March 2015 NewsletterGITA March 2015 Newsletter
GITA March 2015 Newsletter
 
How To Become An IT Security Risk Analyst
How To Become An IT Security Risk AnalystHow To Become An IT Security Risk Analyst
How To Become An IT Security Risk Analyst
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small Business
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadays
 
Common and Concerning Risks In IT
Common and Concerning Risks In ITCommon and Concerning Risks In IT
Common and Concerning Risks In IT
 
Getting your Strategy Right – in a SMAC World!
Getting your Strategy Right – in a SMAC World!Getting your Strategy Right – in a SMAC World!
Getting your Strategy Right – in a SMAC World!
 

More from Parakum Pathirana

Cyber Threat Landscape - A Local Perspective
Cyber Threat Landscape - A Local PerspectiveCyber Threat Landscape - A Local Perspective
Cyber Threat Landscape - A Local PerspectiveParakum Pathirana
 
Why your digital reputation matters?
Why your digital reputation matters? Why your digital reputation matters?
Why your digital reputation matters? Parakum Pathirana
 
Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...
Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...
Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...Parakum Pathirana
 
Social media and Security risks
Social media and Security risksSocial media and Security risks
Social media and Security risksParakum Pathirana
 

More from Parakum Pathirana (9)

Cyber Threat Landscape - A Local Perspective
Cyber Threat Landscape - A Local PerspectiveCyber Threat Landscape - A Local Perspective
Cyber Threat Landscape - A Local Perspective
 
Unplug Yourself
Unplug YourselfUnplug Yourself
Unplug Yourself
 
Why your digital reputation matters?
Why your digital reputation matters? Why your digital reputation matters?
Why your digital reputation matters?
 
Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...
Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...
Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...
 
Social media and Security risks
Social media and Security risksSocial media and Security risks
Social media and Security risks
 
Social Media Governance
Social Media GovernanceSocial Media Governance
Social Media Governance
 
Disruptive Technologies
Disruptive TechnologiesDisruptive Technologies
Disruptive Technologies
 
Software Standards
Software StandardsSoftware Standards
Software Standards
 
digital tattoo
digital tattoodigital tattoo
digital tattoo
 

Recently uploaded

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewingbigorange77
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...akbard9823
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaimessage0108
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 

Recently uploaded (20)

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 

Security beyond compliance

  • 1. Security Beyond Compliance http://www.isaca.lk/ info@isaca.lk This work is licensed under a Creative Commons Attribution 3.0 Unported License. Parakum Pathirana president@isaca.lk MSc, FBCS, CISA, CISM, CGEIT, CISSP, ISO 27001 LA, MCP, CHFI, QCS, ITIL
  • 2. Disclaimer • I’m employed in the #infosec industry, however not authorized to speak on behalf of my employer/ clients • Everything I say can be blamed on the voices in your head
  • 3. My credentials • 10+ years in #Infosec field • Tutor, consultant/ advisor, auditor, head of InfoSec • Sectors: financial, leisure, manufacturing, advertising, gov, insurance, etc. • Crazy about #cycling, #infosec, #socialmedia • Still learning and not an expert at anything • lk.linkedin.com/pub/parakum-pathirana/2/a52/2a2/
  • 4. Agenda • The World Today ! • Bangladeshi Central Bank Hack • Problem? • Solution? 
  • 11. Bangladeshi Central Bank Hack 1. Malware/ spear-phishing 2. Partner Networks 3. Infrastructure
  • 12. Findings from a survey done in 2008 1. Protecting reputation and brand has become a significant driver for information security. 2. Despite economic pressures, organizations continue to invest in information security. 3. International information security standards are gaining greater acceptance and adoption. 4. Many organizations still struggle to achieve a strategic view of information security. 5. Privacy is now a priority, but actions are falling short. 6. People remain the weakest link for information security. 7. Growing third-party risks are not being addressed. 8. Business continuity is still bound to information technology. 9. Most organizations are unwilling to outsource key information security activities. 10. Few companies hedge information security risks with cyber insurance.
  • 13. Problem Statement How many have deployed Information Security solutions purely to meet the compliance requirements? - According to a survey carried out at RSA Conference in 2015, • over 61% of attendees admitted that they had • nearly 70% of organizations don't believe they are getting the most from their security products because they think they are either too complicated, too time consuming or they don't believe they have the right expertise
  • 14. So, what needs to be done? Improve on • Expert Knowledge • User behavior • Technology
  • 15. “No Compliance for Compliance sake”