SlideShare a Scribd company logo
Emerging Cyber Security Threats and Data Protection
Nanda Mohan Shenoy D
CAIIB,DBM-Part I,, NSE Certified Market Professional Level-1 ,P G Diploma in IRPM, PG Diploma in
EDP and Computer Management, DIM,LA ISO 9001,LA ISO 27001 NISM empanelled CPE Trainer
Director
1
Agenda
• Overview
• Protection
• Emerging Regulations on Data Protection
• Cyber Liability Insurance
• Question & Answers
2
Agenda
• Overview
• Protection
• Emerging Regulations on Data Protection
• Cyber Liability Insurance
• Question & Answers
3
India’s Rank in GCI (195 Countries)
23
4
GCI Parameters
5
GCI Report
6
Insurance
7
Ransomware- Statistics
• A company is hit with ransomware
every 40 seconds
• 6 in 10 malware payloads were
ransomware in Q1 2017.
• There were 4.3x new ransomware
variants in Q1 2017 than in Q1
2016
• 15% or more of businesses in the
top 10 industry sectors have been
attacked.
• 1 in 4 businesses hit with
ransomware have 1,000
employees or more
• 71% of companies targeted by
ransomware attacks have been
infected
Source: https://blog.barkly.com/ransonware-statistics-2017
8
Data Breach
9
Fish Tank Attack on a Casino
in USA
Financial Impact
10
India Statistics
13,08349,4552015
9,50044,6792014
16,46850,3622016
NA27,4822017 (H1)
FYCY
11
Cyber Crime
State & UT
Metropolitan Cities > 2 Mio Population
12
Trend
13
Emergence of Cyber Threat
• Cloud
• Mobile Applications
• Internet
• Third party beyond boundaries
• Email
–Biggest source
–Research by IBM reveals that 59% of
ransomware attacks originate with
phishing emails and a remarkable 91%
of all malware is delivered by email
14
Agenda
• Overview
• Protection Strategy
• Emerging Regulations on Data Protection
• Cyber Liability Insurance
• Question & Answers
15
Protection Strategy
Unconventional Thinking required for
protection
• Technology
–Deception Technologies
–IPF,DKIM,DMARC
• Human Control
• Cyber Drills
16
Agenda
• Overview
• Protective Technology
• Data Protection
• Cyber Liability Insurance
• Question & Answers
17
Data Classification
• From Organisational perspective
– PII or SPDI*
• Customers
• Employees
– Audit Logs (like his login and transaction
details)
– Organisation Data
• Financial
• Vendors
* There are regulatory requirements for protection
of these data
18
PII or SPDI
(iii) "sensitive personal
data or information"
means such personal
information as may be
prescribed by the
Central Government in
consultation with such
professional bodies or
associations as it may
deem fit.
19
What Constitutes SPDI ?
(i) Password
(ii) Financial information such as bank account, credit card,
debit card or other paymentment details
(iii) Physical, physiological and mental health condition
(iv) Sexual orientation
(v) Medical records and history
(vi) Biometric information
– Finger prints
– Eye retina and irises
– Voice patterns
– Facial patterns
– Hand measurement
– DNA
Rules &
Regulatio
ns
20
Sec-43 A
• Where a body corporate, possessing,
dealing or handling any sensitive personal
data or information in a computer resource
which it owns, controls or operates, is
negligent in implementing and maintaining
reasonable security practices and
procedures and thereby causes wrongful loss
or wrongful gain to any person, such body
corporate shall be liable to pay damages by
way of compensation, to the person so
affected. (Change vide ITAA 2008)
21
Talk of the Town
• Fine: 20,000,000 Euros or
4% of Global Turnover, for
offenses related to:
–Data processing;
–Consent;
–Data subject rights;
–Non-compliance with
DPR order; and
–Transfer of data to third
party
22
Data Protection Framework-India
• Committee of Experts under the
Chairmanship of Justice B N Srikrishna,
Former Judge, Supreme Court of India, to
identify key data protection issues in India
and recommend methods of addressing
them.
• Released for Public Comments on 27th
Nov 2017
• 243 pages
23
Contents
• Part-I Context Setting
• Part-II Scope and exemptions
–Ch3- What is personal Data?
–Ch4- SPDI
–Ch5- What is processing?
• Part-III Grounds of Processing
Cross reference to GDPR
24
New Trends in Data Protection
• Tokenisation
–PCI
–Aadhaar Data
• Data Vault
25
Tokenisation
26
Information Security Governance for
Data Protection
• Board Level review of the policies
• Legal requirement mapping and review
• Budgetary allocations
27
Agenda
• Overview
• Protective Technology
• Data Protection
• Cyber Liability Insurance
• Question & Answers
28
Transfer of Risk
• Most of the Cyber Risks can be
transferred through Liability Insurance
• Bajaj Allianz has launched a policy for
Individuals as well recently
29
Companies Offering Cyber Liability
Srl
No
Insurance Company
Name
Product Name UIN
1 Bajaj Allainz BAJAJ ALLIANZ CYBER PROTECT
PREMIUM -DIGITAL BUSINESS
AND DATA PROTECTION
INSURANCE
BAL-LI-P15-11-
V01-15-16
2 HDFC ERGO HDFC ERGO CYBER
SECURITY INSURANCE
POLICY
IRDAN125P0005-
VO1-2011-12
4 Tata AIG CyberRisk Protector Insurance IRDAN108P0
003V0120
1314
5 Universal Sompo* Cyber Security Insurance USG-LI-P13-
103-V01-
12-13
30
Types of Losses Insured
31
Third
Party
First
Party
Services/
Expenses
Exclusions
Similar to Own Damage
and Third Party Damage
in Motor Insurance
nmds@bestfitsolutions.in, 09820409261
nநன்றி
ध यवाद
32

More Related Content

What's hot

Using international standards to improve US cybersecurity
Using international standards to improve US cybersecurityUsing international standards to improve US cybersecurity
Using international standards to improve US cybersecurity
IT Governance Ltd
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 -  rohit nagarajanIBM security systems overview v1.0 -  rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
Shwetank Jayaswal
 
Cyber Six: Managing Security in Internet
Cyber Six: Managing Security in InternetCyber Six: Managing Security in Internet
Cyber Six: Managing Security in Internet
Richardus Indrajit
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
Tanmay Shinde
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
Nanda Mohan Shenoy
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
Tripwire
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
Phil Agcaoili
 
[null] Iso 27001 a business view by Sripathi
[null] Iso 27001   a business view by Sripathi[null] Iso 27001   a business view by Sripathi
[null] Iso 27001 a business view by Sripathi
Prajwal Panchmahalkar
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
Hamed Moghaddam
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
Capgemini
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security Essentials
Skoda Minotti
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
PECB
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
William McBorrough
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
AdilsonSuende
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Phil Agcaoili
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber Security
Ernest Staats
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i Access
Precisely
 
A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...
Dimitrios Stergiou
 
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPR
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPRHow an ISO/IEC 27001 Based ISMS Will Support the EU GDPR
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPR
PECB
 

What's hot (20)

Using international standards to improve US cybersecurity
Using international standards to improve US cybersecurityUsing international standards to improve US cybersecurity
Using international standards to improve US cybersecurity
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 -  rohit nagarajanIBM security systems overview v1.0 -  rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
 
Cyber Six: Managing Security in Internet
Cyber Six: Managing Security in InternetCyber Six: Managing Security in Internet
Cyber Six: Managing Security in Internet
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
 
[null] Iso 27001 a business view by Sripathi
[null] Iso 27001   a business view by Sripathi[null] Iso 27001   a business view by Sripathi
[null] Iso 27001 a business view by Sripathi
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security Essentials
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber Security
 
Information security
Information securityInformation security
Information security
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i Access
 
A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...
 
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPR
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPRHow an ISO/IEC 27001 Based ISMS Will Support the EU GDPR
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPR
 

Similar to Senior Management Awareness presetnation

Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
Precisely
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
Ulf Mattsson
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting Introduction
Blackbaud
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
SecurityScorecard
 
2011 hildebrandt institute cio forum data privacy and security presentation...
2011 hildebrandt institute cio forum   data privacy and security presentation...2011 hildebrandt institute cio forum   data privacy and security presentation...
2011 hildebrandt institute cio forum data privacy and security presentation...
David Cunningham
 
Improve IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in SplunkImprove IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in Splunk
Precisely
 
Data Protection & Aadhaar Act
Data Protection & Aadhaar ActData Protection & Aadhaar Act
Data Protection & Aadhaar Act
Nanda Mohan Shenoy
 
Panel Cyber Security and Privacy without Carrie Waggoner
Panel Cyber Security and Privacy without Carrie WaggonerPanel Cyber Security and Privacy without Carrie Waggoner
Panel Cyber Security and Privacy without Carrie Waggoner
mihinpr
 
How to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsHow to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity Requirements
Kyle Brown
 
Isaca new delhi india privacy and big data
Isaca new delhi india   privacy and big dataIsaca new delhi india   privacy and big data
Isaca new delhi india privacy and big data
Ulf Mattsson
 
Don't let them take a byte
Don't let them take a byteDon't let them take a byte
Don't let them take a byte
lgcdcpas
 
nerfslides.pptx
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
ssusera5ade5
 
Isaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big dataIsaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big data
Ulf Mattsson
 
A Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachA Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data Breach
Jim Brashear
 
Is it time for an IT Assessment?
Is it time for an IT Assessment?Is it time for an IT Assessment?
Is it time for an IT Assessment?
Raffa Learning Community
 
Accelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i SystemsAccelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i Systems
Precisely
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...
IT Governance Ltd
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
Ethos Media S.A.
 
Complying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataComplying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and Data
Precisely
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
Ulf Mattsson
 

Similar to Senior Management Awareness presetnation (20)

Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting Introduction
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
 
2011 hildebrandt institute cio forum data privacy and security presentation...
2011 hildebrandt institute cio forum   data privacy and security presentation...2011 hildebrandt institute cio forum   data privacy and security presentation...
2011 hildebrandt institute cio forum data privacy and security presentation...
 
Improve IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in SplunkImprove IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in Splunk
 
Data Protection & Aadhaar Act
Data Protection & Aadhaar ActData Protection & Aadhaar Act
Data Protection & Aadhaar Act
 
Panel Cyber Security and Privacy without Carrie Waggoner
Panel Cyber Security and Privacy without Carrie WaggonerPanel Cyber Security and Privacy without Carrie Waggoner
Panel Cyber Security and Privacy without Carrie Waggoner
 
How to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsHow to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity Requirements
 
Isaca new delhi india privacy and big data
Isaca new delhi india   privacy and big dataIsaca new delhi india   privacy and big data
Isaca new delhi india privacy and big data
 
Don't let them take a byte
Don't let them take a byteDon't let them take a byte
Don't let them take a byte
 
nerfslides.pptx
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
 
Isaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big dataIsaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big data
 
A Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachA Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data Breach
 
Is it time for an IT Assessment?
Is it time for an IT Assessment?Is it time for an IT Assessment?
Is it time for an IT Assessment?
 
Accelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i SystemsAccelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i Systems
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
 
Complying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataComplying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and Data
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
 

More from Nanda Mohan Shenoy

Srimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdfSrimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdf
Nanda Mohan Shenoy
 
D07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdfD07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdfD06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdfD05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdfD04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdfD03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdfD02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdfD01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx
Nanda Mohan Shenoy
 
03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf
Nanda Mohan Shenoy
 
02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
CEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdfCEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdf
Nanda Mohan Shenoy
 
Digitial Personal Data Bill 2022 feedback
Digitial Personal Data Bill 2022 feedbackDigitial Personal Data Bill 2022 feedback
Digitial Personal Data Bill 2022 feedback
Nanda Mohan Shenoy
 
IS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptxIS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptx
Nanda Mohan Shenoy
 

More from Nanda Mohan Shenoy (20)

Srimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdfSrimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdf
 
D07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdfD07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdf
 
D06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdfD06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdf
 
D05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdfD05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdf
 
D04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdfD04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdf
 
D03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdfD03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdf
 
D02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdfD02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdf
 
D01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdfD01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdf
 
09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf
 
08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf
 
07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf
 
06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf
 
05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf
 
04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx
 
03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf
 
02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf
 
01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf
 
CEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdfCEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdf
 
Digitial Personal Data Bill 2022 feedback
Digitial Personal Data Bill 2022 feedbackDigitial Personal Data Bill 2022 feedback
Digitial Personal Data Bill 2022 feedback
 
IS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptxIS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptx
 

Recently uploaded

join illuminati brotherhood church today in polokwane 0789994657
join illuminati brotherhood church today in polokwane 0789994657join illuminati brotherhood church today in polokwane 0789994657
join illuminati brotherhood church today in polokwane 0789994657
henrymbali
 
Top 5 website development companies in Noida
Top 5 website development companies in NoidaTop 5 website development companies in Noida
Top 5 website development companies in Noida
techcentrica1
 
SocialCTR Revolutionizing Social Media Advertising.pdf
SocialCTR Revolutionizing Social Media Advertising.pdfSocialCTR Revolutionizing Social Media Advertising.pdf
SocialCTR Revolutionizing Social Media Advertising.pdf
dinojames1228
 
CCA biyezheng degree offer diploma Transcript
CCA biyezheng degree offer diploma TranscriptCCA biyezheng degree offer diploma Transcript
CCA biyezheng degree offer diploma Transcript
nkats1
 
Building a Robust Cloud CIAM Framework: A Detailed Checklist
Building a Robust Cloud CIAM Framework: A Detailed ChecklistBuilding a Robust Cloud CIAM Framework: A Detailed Checklist
Building a Robust Cloud CIAM Framework: A Detailed Checklist
kevinmathew2816
 
Cleaning Schedules That Work.pdf
Cleaning Schedules That Work.pdfCleaning Schedules That Work.pdf
Cleaning Schedules That Work.pdf
All Services in One
 
Top Girls Call Navi Mumbai 9930245274 Provide Best And Top Girl Service And N...
Top Girls Call Navi Mumbai 9930245274 Provide Best And Top Girl Service And N...Top Girls Call Navi Mumbai 9930245274 Provide Best And Top Girl Service And N...
Top Girls Call Navi Mumbai 9930245274 Provide Best And Top Girl Service And N...
sharonblush
 
Enhancing Connectivity -The Comprehensive Guide to Industrial Ethernet Soluti...
Enhancing Connectivity -The Comprehensive Guide to Industrial Ethernet Soluti...Enhancing Connectivity -The Comprehensive Guide to Industrial Ethernet Soluti...
Enhancing Connectivity -The Comprehensive Guide to Industrial Ethernet Soluti...
Global Infotech Solutions
 
Netaji Subhas Dock A lynchpin of Kolkata's Maritime Trade.docx
Netaji Subhas Dock A lynchpin of Kolkata's Maritime Trade.docxNetaji Subhas Dock A lynchpin of Kolkata's Maritime Trade.docx
Netaji Subhas Dock A lynchpin of Kolkata's Maritime Trade.docx
Amity University Kolkata
 
Advancing Your Landscape: Expert Tree Installation Services
Advancing Your Landscape: Expert Tree Installation ServicesAdvancing Your Landscape: Expert Tree Installation Services
Advancing Your Landscape: Expert Tree Installation Services
GBA Trees Services
 
Celebrity Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDel...
Celebrity Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDel...Celebrity Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDel...
Celebrity Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDel...
87tomato
 
Verified Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service An...
Verified Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service An...Verified Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service An...
Verified Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service An...
norina2645
 
The Future of Interior Design : Best Trends For 2024
The Future of Interior Design : Best Trends For 2024The Future of Interior Design : Best Trends For 2024
The Future of Interior Design : Best Trends For 2024
interiosplash
 
"Streamlining the Import Procedure: A Comprehensive Guide to Efficient Practi...
"Streamlining the Import Procedure: A Comprehensive Guide to Efficient Practi..."Streamlining the Import Procedure: A Comprehensive Guide to Efficient Practi...
"Streamlining the Import Procedure: A Comprehensive Guide to Efficient Practi...
Amity University Kolkata
 
Military Thin Ribbons - Service Ribbons.pdf
Military Thin Ribbons - Service Ribbons.pdfMilitary Thin Ribbons - Service Ribbons.pdf
Military Thin Ribbons - Service Ribbons.pdf
Pin-iT Military Uniform Tools
 
Learn How to Hire a Chief Technology Officer (CTO)?
Learn How to Hire a Chief Technology Officer (CTO)?Learn How to Hire a Chief Technology Officer (CTO)?
Learn How to Hire a Chief Technology Officer (CTO)?
Deliverables Agency
 
Financing solutions for home renovation, education, and property investment
Financing solutions for home renovation, education, and property investmentFinancing solutions for home renovation, education, and property investment
Financing solutions for home renovation, education, and property investment
Lakshay Gandhi
 
INNOVATIONS IN STEEL PEMB MANUFACTURERS LEADING THE WAY
INNOVATIONS IN STEEL PEMB MANUFACTURERS LEADING THE WAYINNOVATIONS IN STEEL PEMB MANUFACTURERS LEADING THE WAY
INNOVATIONS IN STEEL PEMB MANUFACTURERS LEADING THE WAY
clarkroofingtexas1
 
CSUEB biyezheng degree offer diploma Transcript
CSUEB biyezheng degree offer diploma TranscriptCSUEB biyezheng degree offer diploma Transcript
CSUEB biyezheng degree offer diploma Transcript
nkats1
 
Killeen: Privacy Enhancing Technologies (PETs)
Killeen: Privacy Enhancing Technologies (PETs)Killeen: Privacy Enhancing Technologies (PETs)
Killeen: Privacy Enhancing Technologies (PETs)
Centextech
 

Recently uploaded (20)

join illuminati brotherhood church today in polokwane 0789994657
join illuminati brotherhood church today in polokwane 0789994657join illuminati brotherhood church today in polokwane 0789994657
join illuminati brotherhood church today in polokwane 0789994657
 
Top 5 website development companies in Noida
Top 5 website development companies in NoidaTop 5 website development companies in Noida
Top 5 website development companies in Noida
 
SocialCTR Revolutionizing Social Media Advertising.pdf
SocialCTR Revolutionizing Social Media Advertising.pdfSocialCTR Revolutionizing Social Media Advertising.pdf
SocialCTR Revolutionizing Social Media Advertising.pdf
 
CCA biyezheng degree offer diploma Transcript
CCA biyezheng degree offer diploma TranscriptCCA biyezheng degree offer diploma Transcript
CCA biyezheng degree offer diploma Transcript
 
Building a Robust Cloud CIAM Framework: A Detailed Checklist
Building a Robust Cloud CIAM Framework: A Detailed ChecklistBuilding a Robust Cloud CIAM Framework: A Detailed Checklist
Building a Robust Cloud CIAM Framework: A Detailed Checklist
 
Cleaning Schedules That Work.pdf
Cleaning Schedules That Work.pdfCleaning Schedules That Work.pdf
Cleaning Schedules That Work.pdf
 
Top Girls Call Navi Mumbai 9930245274 Provide Best And Top Girl Service And N...
Top Girls Call Navi Mumbai 9930245274 Provide Best And Top Girl Service And N...Top Girls Call Navi Mumbai 9930245274 Provide Best And Top Girl Service And N...
Top Girls Call Navi Mumbai 9930245274 Provide Best And Top Girl Service And N...
 
Enhancing Connectivity -The Comprehensive Guide to Industrial Ethernet Soluti...
Enhancing Connectivity -The Comprehensive Guide to Industrial Ethernet Soluti...Enhancing Connectivity -The Comprehensive Guide to Industrial Ethernet Soluti...
Enhancing Connectivity -The Comprehensive Guide to Industrial Ethernet Soluti...
 
Netaji Subhas Dock A lynchpin of Kolkata's Maritime Trade.docx
Netaji Subhas Dock A lynchpin of Kolkata's Maritime Trade.docxNetaji Subhas Dock A lynchpin of Kolkata's Maritime Trade.docx
Netaji Subhas Dock A lynchpin of Kolkata's Maritime Trade.docx
 
Advancing Your Landscape: Expert Tree Installation Services
Advancing Your Landscape: Expert Tree Installation ServicesAdvancing Your Landscape: Expert Tree Installation Services
Advancing Your Landscape: Expert Tree Installation Services
 
Celebrity Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDel...
Celebrity Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDel...Celebrity Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDel...
Celebrity Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDel...
 
Verified Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service An...
Verified Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service An...Verified Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service An...
Verified Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service An...
 
The Future of Interior Design : Best Trends For 2024
The Future of Interior Design : Best Trends For 2024The Future of Interior Design : Best Trends For 2024
The Future of Interior Design : Best Trends For 2024
 
"Streamlining the Import Procedure: A Comprehensive Guide to Efficient Practi...
"Streamlining the Import Procedure: A Comprehensive Guide to Efficient Practi..."Streamlining the Import Procedure: A Comprehensive Guide to Efficient Practi...
"Streamlining the Import Procedure: A Comprehensive Guide to Efficient Practi...
 
Military Thin Ribbons - Service Ribbons.pdf
Military Thin Ribbons - Service Ribbons.pdfMilitary Thin Ribbons - Service Ribbons.pdf
Military Thin Ribbons - Service Ribbons.pdf
 
Learn How to Hire a Chief Technology Officer (CTO)?
Learn How to Hire a Chief Technology Officer (CTO)?Learn How to Hire a Chief Technology Officer (CTO)?
Learn How to Hire a Chief Technology Officer (CTO)?
 
Financing solutions for home renovation, education, and property investment
Financing solutions for home renovation, education, and property investmentFinancing solutions for home renovation, education, and property investment
Financing solutions for home renovation, education, and property investment
 
INNOVATIONS IN STEEL PEMB MANUFACTURERS LEADING THE WAY
INNOVATIONS IN STEEL PEMB MANUFACTURERS LEADING THE WAYINNOVATIONS IN STEEL PEMB MANUFACTURERS LEADING THE WAY
INNOVATIONS IN STEEL PEMB MANUFACTURERS LEADING THE WAY
 
CSUEB biyezheng degree offer diploma Transcript
CSUEB biyezheng degree offer diploma TranscriptCSUEB biyezheng degree offer diploma Transcript
CSUEB biyezheng degree offer diploma Transcript
 
Killeen: Privacy Enhancing Technologies (PETs)
Killeen: Privacy Enhancing Technologies (PETs)Killeen: Privacy Enhancing Technologies (PETs)
Killeen: Privacy Enhancing Technologies (PETs)
 

Senior Management Awareness presetnation

  • 1. Emerging Cyber Security Threats and Data Protection Nanda Mohan Shenoy D CAIIB,DBM-Part I,, NSE Certified Market Professional Level-1 ,P G Diploma in IRPM, PG Diploma in EDP and Computer Management, DIM,LA ISO 9001,LA ISO 27001 NISM empanelled CPE Trainer Director 1
  • 2. Agenda • Overview • Protection • Emerging Regulations on Data Protection • Cyber Liability Insurance • Question & Answers 2
  • 3. Agenda • Overview • Protection • Emerging Regulations on Data Protection • Cyber Liability Insurance • Question & Answers 3
  • 4. India’s Rank in GCI (195 Countries) 23 4
  • 8. Ransomware- Statistics • A company is hit with ransomware every 40 seconds • 6 in 10 malware payloads were ransomware in Q1 2017. • There were 4.3x new ransomware variants in Q1 2017 than in Q1 2016 • 15% or more of businesses in the top 10 industry sectors have been attacked. • 1 in 4 businesses hit with ransomware have 1,000 employees or more • 71% of companies targeted by ransomware attacks have been infected Source: https://blog.barkly.com/ransonware-statistics-2017 8
  • 9. Data Breach 9 Fish Tank Attack on a Casino in USA
  • 12. Cyber Crime State & UT Metropolitan Cities > 2 Mio Population 12
  • 14. Emergence of Cyber Threat • Cloud • Mobile Applications • Internet • Third party beyond boundaries • Email –Biggest source –Research by IBM reveals that 59% of ransomware attacks originate with phishing emails and a remarkable 91% of all malware is delivered by email 14
  • 15. Agenda • Overview • Protection Strategy • Emerging Regulations on Data Protection • Cyber Liability Insurance • Question & Answers 15
  • 16. Protection Strategy Unconventional Thinking required for protection • Technology –Deception Technologies –IPF,DKIM,DMARC • Human Control • Cyber Drills 16
  • 17. Agenda • Overview • Protective Technology • Data Protection • Cyber Liability Insurance • Question & Answers 17
  • 18. Data Classification • From Organisational perspective – PII or SPDI* • Customers • Employees – Audit Logs (like his login and transaction details) – Organisation Data • Financial • Vendors * There are regulatory requirements for protection of these data 18
  • 19. PII or SPDI (iii) "sensitive personal data or information" means such personal information as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit. 19
  • 20. What Constitutes SPDI ? (i) Password (ii) Financial information such as bank account, credit card, debit card or other paymentment details (iii) Physical, physiological and mental health condition (iv) Sexual orientation (v) Medical records and history (vi) Biometric information – Finger prints – Eye retina and irises – Voice patterns – Facial patterns – Hand measurement – DNA Rules & Regulatio ns 20
  • 21. Sec-43 A • Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation, to the person so affected. (Change vide ITAA 2008) 21
  • 22. Talk of the Town • Fine: 20,000,000 Euros or 4% of Global Turnover, for offenses related to: –Data processing; –Consent; –Data subject rights; –Non-compliance with DPR order; and –Transfer of data to third party 22
  • 23. Data Protection Framework-India • Committee of Experts under the Chairmanship of Justice B N Srikrishna, Former Judge, Supreme Court of India, to identify key data protection issues in India and recommend methods of addressing them. • Released for Public Comments on 27th Nov 2017 • 243 pages 23
  • 24. Contents • Part-I Context Setting • Part-II Scope and exemptions –Ch3- What is personal Data? –Ch4- SPDI –Ch5- What is processing? • Part-III Grounds of Processing Cross reference to GDPR 24
  • 25. New Trends in Data Protection • Tokenisation –PCI –Aadhaar Data • Data Vault 25
  • 27. Information Security Governance for Data Protection • Board Level review of the policies • Legal requirement mapping and review • Budgetary allocations 27
  • 28. Agenda • Overview • Protective Technology • Data Protection • Cyber Liability Insurance • Question & Answers 28
  • 29. Transfer of Risk • Most of the Cyber Risks can be transferred through Liability Insurance • Bajaj Allianz has launched a policy for Individuals as well recently 29
  • 30. Companies Offering Cyber Liability Srl No Insurance Company Name Product Name UIN 1 Bajaj Allainz BAJAJ ALLIANZ CYBER PROTECT PREMIUM -DIGITAL BUSINESS AND DATA PROTECTION INSURANCE BAL-LI-P15-11- V01-15-16 2 HDFC ERGO HDFC ERGO CYBER SECURITY INSURANCE POLICY IRDAN125P0005- VO1-2011-12 4 Tata AIG CyberRisk Protector Insurance IRDAN108P0 003V0120 1314 5 Universal Sompo* Cyber Security Insurance USG-LI-P13- 103-V01- 12-13 30
  • 31. Types of Losses Insured 31 Third Party First Party Services/ Expenses Exclusions Similar to Own Damage and Third Party Damage in Motor Insurance