SlideShare a Scribd company logo
1 of 19
Download to read offline
www.holivia.com
WHAT
MATTERS IN
SECURITY
www.holivia.com
YOUR
CYBERSECURTY
LANDSCAPE
www.holivia.com
C-LEVEL CONCERNS AND ATTITUDES
1.30%
8.40%
14%
16%
23%
28%
28%
31%
35%
36%
42%
45%
0% 10% 20% 30% 40% 50%
Other
Integration
Compliance
Data-driven decision-making
Innovation
Automation
Monetisation/transformation
Employee productivity
Business agility
Customer/user experience
Business continuity and resilience
Information Security
Which tech objectives are priority?
35%
43%
48%
50%
50%
53%
66%
0% 10% 20% 30% 40% 50% 60% 70%
Another global outbreak of COVID-
19 or other different infectuous
disease
Tighter restrictions on the cross-
border movement of people and
goods
Protracted disription of global
supply chains
Failure of industries or sectors in
certain countries to properly recover
Cyberattacks and data fraud due to
a sustained shift in working
patterns
Surge in bankrupcies and industy
consolidations
Prolonged recession of the global
economy
Most worrisome for your company?
Source: World Economic Form, 2021
Directly related to security
www.holivia.com
ORGANISATIONS COMPROMISED BY
AT LEAST 1 ATTACK
62%
71%
76%
79%
77% 78%
81%
86%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
2014 2015 2016 2017 2018 2019 2020 2021
www.holivia.com
NO SECTOR LEFT BEHIND
Source: Enisa, October 2021
0
50
100
150
200
www.holivia.com
SECURITY REPRESENTS YOUR STATE
Free from danger
or threat
Continuity
Enabled to advance
value
www.holivia.com
MULTI-VECTOR RISKS
• Disruption of services
• Compromised accounts
• Phishing
• Ransomware/Extortionware
• Denial of Service (DDoS)
attacks
• Employee ignorance
• Social Engineering
• Right precautions
• Impact of digital
transformation (on-prem,
cloud, hybrid)
• Control over IT Systems
• Systems security
• System vulnerabilities
• Layered security solutions
(Endpoint/Gateway)
• Data insecurity
• Improper backup/recovery
systems
• Regulatory compliance per
industry/area under
management
• Leaving default settings
• Sharing data with
unintended audiences
• Deletion of data
• Hardware failures
Knowledge /
Awareness
Cybercrime Mistakes
Due Diligence /
Regulatory
www.holivia.com
WHAT ATTACKERS TYPICALLY WANT
Disable
your ability
to work
Discredit
you
Your
digital
resources
or money
For personal
entertainment
or gain
Their Job / Hired
Service
or
www.holivia.com
CYBERCRIME
Source: Purplesec, Datto , Verison, 2021
600%
Cybercrime growth in
2020/2021, of which
86% are motivated by
financial gain.
43%
Of cyber-attacks target
small businesses, of which
70% are not equipped to
deal with such attacks
89%
Of MSPs reporting
ransomware as the
most common malware
threat to SMBs
90%
Of MSPs “very concerned”
about ransomware threats
with only 24% SMB clients
feeling the same
7.3 days
Average number of
days a ransomware
incident lasts
274K
Average cost (USD) of
ransomware incident
www.holivia.com
HIGHLY DISRUPTIVE
60 62
78
105
116
189 190
219
0
50
100
150
200
250
20 Q1 20 Q2 20 Q3 20 Q4 21 Q1 21 Q2 21 Q3 21 Q4 (Est)
Millions
Quarterly Attacks
Source: Datto, Sonicwall
2.5X
More damaging than
other incidents
5,600
(USD) Average global
ransom demand
274,000
(USD) Average downtime
cost of a ransomware attack
www.holivia.com
FINANCIAL IMPACT CATEGORIES
Additional Costs
Assistance & Emergency
Measures
Loss of Turnover &
Increase in cost of work
Liability Coverage
• Identification, assessment
and containment of security
incident (IT Forensic)
• Provision of external
expertise
• Provision of legal assistance
(Data breach of
confidentiality)
• Provision of crises
management or
communication assistance
• Restoring the IT system to
its state prior to the incident
• Maintaining operability of
the IT system
• Preparing claims
• Preventing or mitigating
liability exposure / improper
use of personal data (data
breach)
• Communication Strategy
• Notification to the
authorities and individuals
(data breach)
• Ransom
• Defense costs from an
investigation by a regulator
• Regulatory fines
• Defense costs and damages
arising out of claims made
by 3rd parties:
• Breach of confidentiality of
personal data
• Defamation, damage to
reputation, breach of
intellectual property,
violation of privacy etc.
• Business Interruption
• Extra expenses
www.holivia.com
GOVERNMENT & MARKET EXPECTATIONS
Scope
PCI DSS
Data
Sources
Security
Auditing
Right to
be
forgotten
Tooling
GDPR
Manage
Personal
Data
Law
Data
Training
Monitor
Use the effort to
implement to
differentiate your
brand by promoting
what you do to keep
your customers safe
www.holivia.com
FOR YOU THIS MEANS
Due Diligence
Due Care
Reasonable amount of
careful and persistent work to avoid
wilful ignorance, negligence, loss and
liability e.g., keeping policies and
standards, training, installing and
configuring security solutions like
antivirus, firewalls, VPNs
Pro-active processes invested in to
maintain and ensure the highest level of
performance while keeping your and third-
party assets
e.g., periodic audits, enforcing of policies, keeping solutions up to date e.g., AV and security updates,
implementing frameworks like ISO 127001, having formal change management processes,
researching and understanding legal responsibilities, conducting SLA negotiations
BUSINESS ASSETS
Core Products People
Operations
Value Chain
www.holivia.com
PROACTIVELY HANDLE YOUR
LEVEL OF RISK
DIGITAL ASSETS
READINESS TO
GROW
DIGITAL DEBT
COST BRAND EQUITY
PRIORITIES
TIMELINE
www.holivia.com
EXPANDING DIGITAL LANDSCAPE TO SECURE
Cloud Infrastructure
Desktops & Laptops
Applications
SaaS
Solutions
Servers
Networks
On-premise/ Hybrid
apps
Storage
(Local & Distributed)
Telecommunications
WFH Devices
Databases
Development &
Production
environments
Portable Devices &
Wearables
Data &
Data Management
Security
Data Centers
Operating Systems
Websites, Web APIs
and Web Portals
Email
Passwords
Audit info
www.holivia.com
CYBER-RELATED INSURANCE CLAIMS PER YEAR
80
249
495
849
1,114
1,217
0
200
400
600
800
1000
1200
1400
2016 2017 2018 2019 2020 1H 2021 (556) +
15% uplift on H2
Attacks
(all
-
including
ransomware)
Source: Allianz Insurance
www.holivia.com
READY TO DIVE
DEEPER?
www.holivia.com
LET’S TALK…WWW.HOLIVIA.COM
Macro and strategic trends in digital security for leaders trying to
understand and communicate what matters to be assured and secured.
Master the connection between business value and cybersecurity
management through a non-technical lens.
START
YOUR
CYBERSECURITY
LANDSCAPE
CYBERCRIME AS A
SERVICE
YES, YOU ARE A
TARGET OF INTEREST
DIGITAL
TRANSFORMATION
CYBER
RESILIENCE
www.holivia.com
This publication contains general information only and is being made available under the Terms of Services as published on
www.holivia.com.
This is an informational piece of work. In no way or means of this material, are we rendering accounting, business, financial, investment,
legal, tax, or other professional advice or services. This publication is not a substitute for engaged professional advice or services, nor
should it be used as a basis for any decision or action that may affect your business.
Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor to fully
assess your situation and context.
Holivia Ltd. shall not be responsible for any loss sustained by any person or organisation that relies on this publication.
Copyright © 2022 Holivia Ltd. All rights reserved
ABOUT

More Related Content

What's hot

Women in Technology Leadership
Women in Technology LeadershipWomen in Technology Leadership
Women in Technology Leadership
VARIndiaManishYadav
 
symc_annual2000
symc_annual2000symc_annual2000
symc_annual2000
finance40
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the game
Franco Ferrario
 

What's hot (20)

Preparing for the Future of Enterprise Mobility -- Insights Not to Miss
Preparing for the Future of Enterprise Mobility -- Insights Not to MissPreparing for the Future of Enterprise Mobility -- Insights Not to Miss
Preparing for the Future of Enterprise Mobility -- Insights Not to Miss
 
Women in Technology Leadership
Women in Technology LeadershipWomen in Technology Leadership
Women in Technology Leadership
 
Challenges and Risks for the CIO from Outsourcing in the digital era
Challenges and Risks for the CIO from Outsourcing in the digital eraChallenges and Risks for the CIO from Outsourcing in the digital era
Challenges and Risks for the CIO from Outsourcing in the digital era
 
Accenture + Red Hat
Accenture + Red HatAccenture + Red Hat
Accenture + Red Hat
 
Innovate for Cyber Resilience
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilience
 
Third Annual State of Cyber Resilience | Portugal
Third Annual State of Cyber Resilience | PortugalThird Annual State of Cyber Resilience | Portugal
Third Annual State of Cyber Resilience | Portugal
 
The Software Defined Business
The Software Defined BusinessThe Software Defined Business
The Software Defined Business
 
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
Government and Education Webinar: Public Sector Cybersecurity Survey - What I...
 
symc_annual2000
symc_annual2000symc_annual2000
symc_annual2000
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
Cybersecurity at a premium: The state of cyber resilience in insurance
Cybersecurity at a premium: The state of cyber resilience in insuranceCybersecurity at a premium: The state of cyber resilience in insurance
Cybersecurity at a premium: The state of cyber resilience in insurance
 
Accenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: Infographic
 
2016 CIO Agenda
2016 CIO Agenda2016 CIO Agenda
2016 CIO Agenda
 
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is HereAccenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
 
Securing the Industrial Enterprise
Securing the Industrial EnterpriseSecuring the Industrial Enterprise
Securing the Industrial Enterprise
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
 
Ninth Annual Cost of Cybercrime Study in Financial Services – 2019 Report
Ninth Annual Cost of Cybercrime Study in Financial Services – 2019 ReportNinth Annual Cost of Cybercrime Study in Financial Services – 2019 Report
Ninth Annual Cost of Cybercrime Study in Financial Services – 2019 Report
 
The state of cyber resilience in the UK
The state of cyber resilience in the UKThe state of cyber resilience in the UK
The state of cyber resilience in the UK
 
Technology Vision for Insurance 2019
Technology Vision for Insurance 2019Technology Vision for Insurance 2019
Technology Vision for Insurance 2019
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the game
 

Similar to What matters in security - A highlighter

Mr Jackson Verizon IP at all stages
Mr Jackson Verizon IP at all stagesMr Jackson Verizon IP at all stages
Mr Jackson Verizon IP at all stages
IDATE DigiWorld
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
Jyothi Satyanathan
 
Don't risk it presentation
Don't risk it presentationDon't risk it presentation
Don't risk it presentation
Vincent Kwon
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
Peggy Lawless
 

Similar to What matters in security - A highlighter (20)

Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11
 
Mr Jackson Verizon IP at all stages
Mr Jackson Verizon IP at all stagesMr Jackson Verizon IP at all stages
Mr Jackson Verizon IP at all stages
 
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
 
Cybercrime future perspectives
Cybercrime future perspectivesCybercrime future perspectives
Cybercrime future perspectives
 
Security and Accountability in the Cloud (in partnership with SANS)
Security and Accountability in the Cloud (in partnership with SANS)Security and Accountability in the Cloud (in partnership with SANS)
Security and Accountability in the Cloud (in partnership with SANS)
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
CyberArk Stock Pitch
CyberArk Stock PitchCyberArk Stock Pitch
CyberArk Stock Pitch
 
SolarWinds Federal Cybersecurity Survey 2016
SolarWinds Federal Cybersecurity Survey 2016SolarWinds Federal Cybersecurity Survey 2016
SolarWinds Federal Cybersecurity Survey 2016
 
Deep Dive into Operational Technology Security - USCSI®.pdf
Deep Dive into Operational Technology Security - USCSI®.pdfDeep Dive into Operational Technology Security - USCSI®.pdf
Deep Dive into Operational Technology Security - USCSI®.pdf
 
2008 Trends
2008 Trends2008 Trends
2008 Trends
 
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
 
Building Cyber Resilience
Building Cyber ResilienceBuilding Cyber Resilience
Building Cyber Resilience
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
 
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 TrendsCybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
Don't risk it presentation
Don't risk it presentationDon't risk it presentation
Don't risk it presentation
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa
 

Recently uploaded

Recently uploaded (20)

Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 

What matters in security - A highlighter

  • 3. www.holivia.com C-LEVEL CONCERNS AND ATTITUDES 1.30% 8.40% 14% 16% 23% 28% 28% 31% 35% 36% 42% 45% 0% 10% 20% 30% 40% 50% Other Integration Compliance Data-driven decision-making Innovation Automation Monetisation/transformation Employee productivity Business agility Customer/user experience Business continuity and resilience Information Security Which tech objectives are priority? 35% 43% 48% 50% 50% 53% 66% 0% 10% 20% 30% 40% 50% 60% 70% Another global outbreak of COVID- 19 or other different infectuous disease Tighter restrictions on the cross- border movement of people and goods Protracted disription of global supply chains Failure of industries or sectors in certain countries to properly recover Cyberattacks and data fraud due to a sustained shift in working patterns Surge in bankrupcies and industy consolidations Prolonged recession of the global economy Most worrisome for your company? Source: World Economic Form, 2021 Directly related to security
  • 4. www.holivia.com ORGANISATIONS COMPROMISED BY AT LEAST 1 ATTACK 62% 71% 76% 79% 77% 78% 81% 86% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 2014 2015 2016 2017 2018 2019 2020 2021
  • 5. www.holivia.com NO SECTOR LEFT BEHIND Source: Enisa, October 2021 0 50 100 150 200
  • 6. www.holivia.com SECURITY REPRESENTS YOUR STATE Free from danger or threat Continuity Enabled to advance value
  • 7. www.holivia.com MULTI-VECTOR RISKS • Disruption of services • Compromised accounts • Phishing • Ransomware/Extortionware • Denial of Service (DDoS) attacks • Employee ignorance • Social Engineering • Right precautions • Impact of digital transformation (on-prem, cloud, hybrid) • Control over IT Systems • Systems security • System vulnerabilities • Layered security solutions (Endpoint/Gateway) • Data insecurity • Improper backup/recovery systems • Regulatory compliance per industry/area under management • Leaving default settings • Sharing data with unintended audiences • Deletion of data • Hardware failures Knowledge / Awareness Cybercrime Mistakes Due Diligence / Regulatory
  • 8. www.holivia.com WHAT ATTACKERS TYPICALLY WANT Disable your ability to work Discredit you Your digital resources or money For personal entertainment or gain Their Job / Hired Service or
  • 9. www.holivia.com CYBERCRIME Source: Purplesec, Datto , Verison, 2021 600% Cybercrime growth in 2020/2021, of which 86% are motivated by financial gain. 43% Of cyber-attacks target small businesses, of which 70% are not equipped to deal with such attacks 89% Of MSPs reporting ransomware as the most common malware threat to SMBs 90% Of MSPs “very concerned” about ransomware threats with only 24% SMB clients feeling the same 7.3 days Average number of days a ransomware incident lasts 274K Average cost (USD) of ransomware incident
  • 10. www.holivia.com HIGHLY DISRUPTIVE 60 62 78 105 116 189 190 219 0 50 100 150 200 250 20 Q1 20 Q2 20 Q3 20 Q4 21 Q1 21 Q2 21 Q3 21 Q4 (Est) Millions Quarterly Attacks Source: Datto, Sonicwall 2.5X More damaging than other incidents 5,600 (USD) Average global ransom demand 274,000 (USD) Average downtime cost of a ransomware attack
  • 11. www.holivia.com FINANCIAL IMPACT CATEGORIES Additional Costs Assistance & Emergency Measures Loss of Turnover & Increase in cost of work Liability Coverage • Identification, assessment and containment of security incident (IT Forensic) • Provision of external expertise • Provision of legal assistance (Data breach of confidentiality) • Provision of crises management or communication assistance • Restoring the IT system to its state prior to the incident • Maintaining operability of the IT system • Preparing claims • Preventing or mitigating liability exposure / improper use of personal data (data breach) • Communication Strategy • Notification to the authorities and individuals (data breach) • Ransom • Defense costs from an investigation by a regulator • Regulatory fines • Defense costs and damages arising out of claims made by 3rd parties: • Breach of confidentiality of personal data • Defamation, damage to reputation, breach of intellectual property, violation of privacy etc. • Business Interruption • Extra expenses
  • 12. www.holivia.com GOVERNMENT & MARKET EXPECTATIONS Scope PCI DSS Data Sources Security Auditing Right to be forgotten Tooling GDPR Manage Personal Data Law Data Training Monitor Use the effort to implement to differentiate your brand by promoting what you do to keep your customers safe
  • 13. www.holivia.com FOR YOU THIS MEANS Due Diligence Due Care Reasonable amount of careful and persistent work to avoid wilful ignorance, negligence, loss and liability e.g., keeping policies and standards, training, installing and configuring security solutions like antivirus, firewalls, VPNs Pro-active processes invested in to maintain and ensure the highest level of performance while keeping your and third- party assets e.g., periodic audits, enforcing of policies, keeping solutions up to date e.g., AV and security updates, implementing frameworks like ISO 127001, having formal change management processes, researching and understanding legal responsibilities, conducting SLA negotiations BUSINESS ASSETS Core Products People Operations Value Chain
  • 14. www.holivia.com PROACTIVELY HANDLE YOUR LEVEL OF RISK DIGITAL ASSETS READINESS TO GROW DIGITAL DEBT COST BRAND EQUITY PRIORITIES TIMELINE
  • 15. www.holivia.com EXPANDING DIGITAL LANDSCAPE TO SECURE Cloud Infrastructure Desktops & Laptops Applications SaaS Solutions Servers Networks On-premise/ Hybrid apps Storage (Local & Distributed) Telecommunications WFH Devices Databases Development & Production environments Portable Devices & Wearables Data & Data Management Security Data Centers Operating Systems Websites, Web APIs and Web Portals Email Passwords Audit info
  • 16. www.holivia.com CYBER-RELATED INSURANCE CLAIMS PER YEAR 80 249 495 849 1,114 1,217 0 200 400 600 800 1000 1200 1400 2016 2017 2018 2019 2020 1H 2021 (556) + 15% uplift on H2 Attacks (all - including ransomware) Source: Allianz Insurance
  • 18. www.holivia.com LET’S TALK…WWW.HOLIVIA.COM Macro and strategic trends in digital security for leaders trying to understand and communicate what matters to be assured and secured. Master the connection between business value and cybersecurity management through a non-technical lens. START YOUR CYBERSECURITY LANDSCAPE CYBERCRIME AS A SERVICE YES, YOU ARE A TARGET OF INTEREST DIGITAL TRANSFORMATION CYBER RESILIENCE
  • 19. www.holivia.com This publication contains general information only and is being made available under the Terms of Services as published on www.holivia.com. This is an informational piece of work. In no way or means of this material, are we rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for engaged professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor to fully assess your situation and context. Holivia Ltd. shall not be responsible for any loss sustained by any person or organisation that relies on this publication. Copyright © 2022 Holivia Ltd. All rights reserved ABOUT