Macro and strategic trends in digital security for leaders trying to understand and communicate what matters to be assured and secured. Master the connection between business value and cybersecurity management through a non-technical lens.

1. www.holivia.com
WHAT
MATTERS IN
SECURITY

2. www.holivia.com
YOUR
CYBERSECURTY
LANDSCAPE

3. www.holivia.com
C-LEVEL CONCERNS AND ATTITUDES
1.30%
8.40%
14%
16%
23%
28%
28%
31%
35%
36%
42%
45%
0% 10% 20% 30% 40% 50%
Other
Integration
Compliance
Data-driven decision-making
Innovation
Automation
Monetisation/transformation
Employee productivity
Business agility
Customer/user experience
Business continuity and resilience
Information Security
Which tech objectives are priority?
35%
43%
48%
50%
50%
53%
66%
0% 10% 20% 30% 40% 50% 60% 70%
Another global outbreak of COVID-
19 or other different infectuous
disease
Tighter restrictions on the cross-
border movement of people and
goods
Protracted disription of global
supply chains
Failure of industries or sectors in
certain countries to properly recover
Cyberattacks and data fraud due to
a sustained shift in working
patterns
Surge in bankrupcies and industy
consolidations
Prolonged recession of the global
economy
Most worrisome for your company?
Source: World Economic Form, 2021
Directly related to security

4. www.holivia.com
ORGANISATIONS COMPROMISED BY
AT LEAST 1 ATTACK
62%
71%
76%
79%
77% 78%
81%
86%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
2014 2015 2016 2017 2018 2019 2020 2021

5. www.holivia.com
NO SECTOR LEFT BEHIND
Source: Enisa, October 2021
0
50
100
150
200

6. www.holivia.com
SECURITY REPRESENTS YOUR STATE
Free from danger
or threat
Continuity
Enabled to advance
value

7. www.holivia.com
MULTI-VECTOR RISKS
• Disruption of services
• Compromised accounts
• Phishing
• Ransomware/Extortionware
• Denial of Service (DDoS)
attacks
• Employee ignorance
• Social Engineering
• Right precautions
• Impact of digital
transformation (on-prem,
cloud, hybrid)
• Control over IT Systems
• Systems security
• System vulnerabilities
• Layered security solutions
(Endpoint/Gateway)
• Data insecurity
• Improper backup/recovery
systems
• Regulatory compliance per
industry/area under
management
• Leaving default settings
• Sharing data with
unintended audiences
• Deletion of data
• Hardware failures
Knowledge /
Awareness
Cybercrime Mistakes
Due Diligence /
Regulatory

8. www.holivia.com
WHAT ATTACKERS TYPICALLY WANT
Disable
your ability
to work
Discredit
you
Your
digital
resources
or money
For personal
entertainment
or gain
Their Job / Hired
Service
or

9. www.holivia.com
CYBERCRIME
Source: Purplesec, Datto , Verison, 2021
600%
Cybercrime growth in
2020/2021, of which
86% are motivated by
financial gain.
43%
Of cyber-attacks target
small businesses, of which
70% are not equipped to
deal with such attacks
89%
Of MSPs reporting
ransomware as the
most common malware
threat to SMBs
90%
Of MSPs “very concerned”
about ransomware threats
with only 24% SMB clients
feeling the same
7.3 days
Average number of
days a ransomware
incident lasts
274K
Average cost (USD) of
ransomware incident

10. www.holivia.com
HIGHLY DISRUPTIVE
60 62
78
105
116
189 190
219
0
50
100
150
200
250
20 Q1 20 Q2 20 Q3 20 Q4 21 Q1 21 Q2 21 Q3 21 Q4 (Est)
Millions
Quarterly Attacks
Source: Datto, Sonicwall
2.5X
More damaging than
other incidents
5,600
(USD) Average global
ransom demand
274,000
(USD) Average downtime
cost of a ransomware attack

11. www.holivia.com
FINANCIAL IMPACT CATEGORIES
Additional Costs
Assistance & Emergency
Measures
Loss of Turnover &
Increase in cost of work
Liability Coverage
• Identification, assessment
and containment of security
incident (IT Forensic)
• Provision of external
expertise
• Provision of legal assistance
(Data breach of
confidentiality)
• Provision of crises
management or
communication assistance
• Restoring the IT system to
its state prior to the incident
• Maintaining operability of
the IT system
• Preparing claims
• Preventing or mitigating
liability exposure / improper
use of personal data (data
breach)
• Communication Strategy
• Notification to the
authorities and individuals
(data breach)
• Ransom
• Defense costs from an
investigation by a regulator
• Regulatory fines
• Defense costs and damages
arising out of claims made
by 3rd parties:
• Breach of confidentiality of
personal data
• Defamation, damage to
reputation, breach of
intellectual property,
violation of privacy etc.
• Business Interruption
• Extra expenses

12. www.holivia.com
GOVERNMENT & MARKET EXPECTATIONS
Scope
PCI DSS
Data
Sources
Security
Auditing
Right to
be
forgotten
Tooling
GDPR
Manage
Personal
Data
Law
Data
Training
Monitor
Use the effort to
implement to
differentiate your
brand by promoting
what you do to keep
your customers safe

13. www.holivia.com
FOR YOU THIS MEANS
Due Diligence
Due Care
Reasonable amount of
careful and persistent work to avoid
wilful ignorance, negligence, loss and
liability e.g., keeping policies and
standards, training, installing and
configuring security solutions like
antivirus, firewalls, VPNs
Pro-active processes invested in to
maintain and ensure the highest level of
performance while keeping your and third-
party assets
e.g., periodic audits, enforcing of policies, keeping solutions up to date e.g., AV and security updates,
implementing frameworks like ISO 127001, having formal change management processes,
researching and understanding legal responsibilities, conducting SLA negotiations
BUSINESS ASSETS
Core Products People
Operations
Value Chain

14. www.holivia.com
PROACTIVELY HANDLE YOUR
LEVEL OF RISK
DIGITAL ASSETS
READINESS TO
GROW
DIGITAL DEBT
COST BRAND EQUITY
PRIORITIES
TIMELINE

15. www.holivia.com
EXPANDING DIGITAL LANDSCAPE TO SECURE
Cloud Infrastructure
Desktops & Laptops
Applications
SaaS
Solutions
Servers
Networks
On-premise/ Hybrid
apps
Storage
(Local & Distributed)
Telecommunications
WFH Devices
Databases
Development &
Production
environments
Portable Devices &
Wearables
Data &
Data Management
Security
Data Centers
Operating Systems
Websites, Web APIs
and Web Portals
Email
Passwords
Audit info

16. www.holivia.com
CYBER-RELATED INSURANCE CLAIMS PER YEAR
80
249
495
849
1,114
1,217
0
200
400
600
800
1000
1200
1400
2016 2017 2018 2019 2020 1H 2021 (556) +
15% uplift on H2
Attacks
(all
-
including
ransomware)
Source: Allianz Insurance

17. www.holivia.com
READY TO DIVE
DEEPER?

18. www.holivia.com
LET’S TALK…WWW.HOLIVIA.COM
Macro and strategic trends in digital security for leaders trying to
understand and communicate what matters to be assured and secured.
Master the connection between business value and cybersecurity
management through a non-technical lens.
START
YOUR
CYBERSECURITY
LANDSCAPE
CYBERCRIME AS A
SERVICE
YES, YOU ARE A
TARGET OF INTEREST
DIGITAL
TRANSFORMATION
CYBER
RESILIENCE

19. www.holivia.com
This publication contains general information only and is being made available under the Terms of Services as published on
www.holivia.com.
This is an informational piece of work. In no way or means of this material, are we rendering accounting, business, financial, investment,
legal, tax, or other professional advice or services. This publication is not a substitute for engaged professional advice or services, nor
should it be used as a basis for any decision or action that may affect your business.
Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor to fully
assess your situation and context.
Holivia Ltd. shall not be responsible for any loss sustained by any person or organisation that relies on this publication.
Copyright © 2022 Holivia Ltd. All rights reserved
ABOUT