Enviar pesquisa
Carregar
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
•
6 gostaram
•
5,150 visualizações
Knowledge Group
Seguir
Daryl's Presentation at 7th BankTech Asia 2015 -Series 1
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 22
Baixar agora
Baixar para ler offline
Recomendados
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
Cyber Security Incident Response Planning
Cyber Security Incident Response Planning
PECB
Case studies in cybersecurity strategies
Case studies in cybersecurity strategies
EyesOpen Association
NIST Cybersecurity Framework (CSF) 2.0: What has changed?
NIST Cybersecurity Framework (CSF) 2.0: What has changed?
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
Cyber Security For Organization Proposal Powerpoint Presentation Slides
Cyber Security For Organization Proposal Powerpoint Presentation Slides
SlideTeam
Cyber Table Top Exercise -- Model Roadmap
Cyber Table Top Exercise -- Model Roadmap
David Sweigert
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
Cyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
Recomendados
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
Cyber Security Incident Response Planning
Cyber Security Incident Response Planning
PECB
Case studies in cybersecurity strategies
Case studies in cybersecurity strategies
EyesOpen Association
NIST Cybersecurity Framework (CSF) 2.0: What has changed?
NIST Cybersecurity Framework (CSF) 2.0: What has changed?
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
Cyber Security For Organization Proposal Powerpoint Presentation Slides
Cyber Security For Organization Proposal Powerpoint Presentation Slides
SlideTeam
Cyber Table Top Exercise -- Model Roadmap
Cyber Table Top Exercise -- Model Roadmap
David Sweigert
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
Cyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Ulf Mattsson
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB
IT governance and Information System Security
IT governance and Information System Security
CSSRL PUNE
OT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience: Designing for Security Success
accenture
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
Schneider Electric
Cybersecurity
Cybersecurity
Eng Hasan Shamroukh CISCO Exams Author
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
Digital Bond
Cybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
Muhammad Akbar Yasin
The Future of Security Architecture Certification
The Future of Security Architecture Certification
danb02
12 Best Privacy Frameworks
12 Best Privacy Frameworks
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
Digital Business Transformation | Strategy + Execution
Digital Business Transformation | Strategy + Execution
feature[23]
PwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity Management
CA Technologies
Cyber Security Governance
Cyber Security Governance
Priyanka Aash
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
Priyanka Aash
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
The Open Group SA
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
Effective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security Controls
BSides Delhi
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
SlideTeam
Cyber crime and security ppt
Cyber crime and security ppt
Lipsita Behera
7 cyber security questions for boards
7 cyber security questions for boards
Paul McGillicuddy
Mais conteúdo relacionado
Mais procurados
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Ulf Mattsson
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB
IT governance and Information System Security
IT governance and Information System Security
CSSRL PUNE
OT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience: Designing for Security Success
accenture
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
Schneider Electric
Cybersecurity
Cybersecurity
Eng Hasan Shamroukh CISCO Exams Author
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
Digital Bond
Cybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
Muhammad Akbar Yasin
The Future of Security Architecture Certification
The Future of Security Architecture Certification
danb02
12 Best Privacy Frameworks
12 Best Privacy Frameworks
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
Digital Business Transformation | Strategy + Execution
Digital Business Transformation | Strategy + Execution
feature[23]
PwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity Management
CA Technologies
Cyber Security Governance
Cyber Security Governance
Priyanka Aash
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
Priyanka Aash
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
The Open Group SA
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
Effective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security Controls
BSides Delhi
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
SlideTeam
Mais procurados
(20)
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
IT governance and Information System Security
IT governance and Information System Security
OT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience: Designing for Security Success
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
Cybersecurity
Cybersecurity
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
Cybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
The Future of Security Architecture Certification
The Future of Security Architecture Certification
12 Best Privacy Frameworks
12 Best Privacy Frameworks
Digital Business Transformation | Strategy + Execution
Digital Business Transformation | Strategy + Execution
PwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity Management
Cyber Security Governance
Cyber Security Governance
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Effective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security Controls
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
Destaque
Cyber crime and security ppt
Cyber crime and security ppt
Lipsita Behera
7 cyber security questions for boards
7 cyber security questions for boards
Paul McGillicuddy
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Cohesive Networks
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy
John Gilligan
Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?
Henry Draughon
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Shawn Tuma
Cybersecurity and The Board
Cybersecurity and The Board
Paul Melson
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Phil Agcaoili
Cyber Risk Management & Audit, ISACA Switzerland chapter, Newsletter 15. Juni...
Cyber Risk Management & Audit, ISACA Switzerland chapter, Newsletter 15. Juni...
jiricejka
Cybersecurity: What the GC and CEO Need to Know
Cybersecurity: What the GC and CEO Need to Know
Shawn Tuma
Bo e v1.0
Bo e v1.0
Prof John Walker FRSA Purveyor Dark Intelligence
Cybersecurity & Data Protection: Thinking About Risk & Compliance
Cybersecurity & Data Protection: Thinking About Risk & Compliance
Shawn Tuma
Danish National Cyber Crime Centre - Kim Aarenstrup - how to fight cyber crime
Danish National Cyber Crime Centre - Kim Aarenstrup - how to fight cyber crime
Kevin Duffey
Cyber training 23 5 2012
Cyber training 23 5 2012
Jacqueline Fick
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For Mankind
Saurabh Kheni
Understanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisation
Jacqueline Fick
Bank Director List of Worries
Bank Director List of Worries
Bank Director
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attention
Ramón Gómez de Olea y Bustinza
Cybersecurity Issues All Lawyers Should Know -- Especially Litigators
Cybersecurity Issues All Lawyers Should Know -- Especially Litigators
Shawn Tuma
Websense
Websense
CMR WORLD TECH
Destaque
(20)
Cyber crime and security ppt
Cyber crime and security ppt
7 cyber security questions for boards
7 cyber security questions for boards
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy
Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity and The Board
Cybersecurity and The Board
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cyber Risk Management & Audit, ISACA Switzerland chapter, Newsletter 15. Juni...
Cyber Risk Management & Audit, ISACA Switzerland chapter, Newsletter 15. Juni...
Cybersecurity: What the GC and CEO Need to Know
Cybersecurity: What the GC and CEO Need to Know
Bo e v1.0
Bo e v1.0
Cybersecurity & Data Protection: Thinking About Risk & Compliance
Cybersecurity & Data Protection: Thinking About Risk & Compliance
Danish National Cyber Crime Centre - Kim Aarenstrup - how to fight cyber crime
Danish National Cyber Crime Centre - Kim Aarenstrup - how to fight cyber crime
Cyber training 23 5 2012
Cyber training 23 5 2012
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For Mankind
Understanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisation
Bank Director List of Worries
Bank Director List of Worries
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attention
Cybersecurity Issues All Lawyers Should Know -- Especially Litigators
Cybersecurity Issues All Lawyers Should Know -- Especially Litigators
Websense
Websense
Semelhante a Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
Knowledge Group
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
Addressing cyber risk managment from SME perspective
Addressing cyber risk managment from SME perspective
Cyber Watching
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Capgemini
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
International Federation of Accountants
Financier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual review
Morgan Jones
Re-imagine-Risk-Strategies-for-Success-IT-Internal-Audit-Conference-Highlight...
Re-imagine-Risk-Strategies-for-Success-IT-Internal-Audit-Conference-Highlight...
Charmaine Servado
Aon - Cyber Insurance in the World of Cyber Criminals
Aon - Cyber Insurance in the World of Cyber Criminals
CSNP
Les technologies disruptives de demain | une étude de KPMG
Les technologies disruptives de demain | une étude de KPMG
OpenYnnov
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for IT
FERMA
The digital economy and cybersecurity
The digital economy and cybersecurity
Mark Albala
FTSE350 Cyber Governance - An insight into the issues of today and tomorrow
FTSE350 Cyber Governance - An insight into the issues of today and tomorrow
Leona Markham
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry
BrianHuntMSFCPACRISC
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
Proofpoint
Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises?
Pierre Audoin Consultants
Internal Audit
Internal Audit
Nigel Robinson
MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018
Match-Maker Ventures
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
PECB
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
Cyber crime liability report
Cyber crime liability report
Sayali Sawant
Semelhante a Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
(20)
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Addressing cyber risk managment from SME perspective
Addressing cyber risk managment from SME perspective
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Financier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual review
Re-imagine-Risk-Strategies-for-Success-IT-Internal-Audit-Conference-Highlight...
Re-imagine-Risk-Strategies-for-Success-IT-Internal-Audit-Conference-Highlight...
Aon - Cyber Insurance in the World of Cyber Criminals
Aon - Cyber Insurance in the World of Cyber Criminals
Les technologies disruptives de demain | une étude de KPMG
Les technologies disruptives de demain | une étude de KPMG
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for IT
The digital economy and cybersecurity
The digital economy and cybersecurity
FTSE350 Cyber Governance - An insight into the issues of today and tomorrow
FTSE350 Cyber Governance - An insight into the issues of today and tomorrow
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
Is cyber security now too hard for enterprises?
Is cyber security now too hard for enterprises?
Internal Audit
Internal Audit
MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
Cyber crime liability report
Cyber crime liability report
Mais de Knowledge Group
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Knowledge Group
Technology Risk Management Simulation - Mahesh
Technology Risk Management Simulation - Mahesh
Knowledge Group
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip Victor
Knowledge Group
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Knowledge Group
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Knowledge Group
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Knowledge Group
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Knowledge Group
Suresh - Mobile Banking (Corporate Banking Stream)
Suresh - Mobile Banking (Corporate Banking Stream)
Knowledge Group
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Knowledge Group
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Knowledge Group
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Knowledge Group
Steven Gan - Signifying The Need for Speed Banking
Steven Gan - Signifying The Need for Speed Banking
Knowledge Group
David Wortley - Gamification Is Not Funny!
David Wortley - Gamification Is Not Funny!
Knowledge Group
Andrew Fell, Harnessing the Customer Experience via New Technology
Andrew Fell, Harnessing the Customer Experience via New Technology
Knowledge Group
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Knowledge Group
Mais de Knowledge Group
(15)
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Technology Risk Management Simulation - Mahesh
Technology Risk Management Simulation - Mahesh
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip Victor
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Suresh - Mobile Banking (Corporate Banking Stream)
Suresh - Mobile Banking (Corporate Banking Stream)
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Steven Gan - Signifying The Need for Speed Banking
Steven Gan - Signifying The Need for Speed Banking
David Wortley - Gamification Is Not Funny!
David Wortley - Gamification Is Not Funny!
Andrew Fell, Harnessing the Customer Experience via New Technology
Andrew Fell, Harnessing the Customer Experience via New Technology
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Último
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
itnewsafrica
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Knoldus Inc.
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
Farhan Tariq
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Jeffrey Haguewood
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
Karmanjay Verma
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
Michael Gough
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
Kari Kakkonen
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
Yoss Cohen
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
Kaya Weers
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Mark Goldstein
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
Manik S Magar
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
LoriGlavin3
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Nikki Chapple
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
LoriGlavin3
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Alkin Tezuysal
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
Ingrid Airi González
A Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
Ana-Maria Mihalceanu
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
Karmanjay Verma
Último
(20)
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
A Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
1.
Cyber Security Transformation –
A New Approach for 2015 and Beyond Daryl Pereira Partner ASEAN Management Consulting KPMG
2.
2© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Cyber Threat Landscape has Evolved Forecast by Word Economic Forum Delays in adopting cyber security capabilities could result in a US$ 3 trillion loss in economic value by 2020 Figure 1: Top 5 Global Risks in Terms of Likelihood 2014 - WEF Figure 2:Source: World Economic Forum “Global Risks 2014” World Economic Forum Cyber attacks are one of theTop 5 Global Risks inTerms of Likelihood in 2014 (missing in 2013)
3.
3© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Cyber Security is now the World’s 3rd Corporate-Risk Priority Overall Corporate risk priorities and attitudes among 588 C-Suite and board level executives* Survey respondents distributed across Asia-Pacific (31%), Europe (28%), North America (26%), Latin America (10%) and South Africa (5%). *Source: Lloyd’s Risk Index 2013
4.
4© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. J.P. Morgan Chase 83M customer PII were stolen Home Depot 56 million payment cards compromised Sony Company's inner workings completely exposed South Korea 27M Bank customer’s records were stolen SCB confidential information was stolen from 647 private bank clients Target 40M credit card records and 70M customer PII compromised BankMuscat and Rakbank Hackers stole total of US$45M Ghostnet large-scale cyber spying operation Subway 80,000 customer credit and debit card data lost Global Payment Systems Compromised 1.5M credit card records and 5.5M consumer records 20132008 to 2012 2014 The FS industry topped the list of 26 different industries targeted by cyber criminals* *Source: Mandiant 2013 Increasing Scale and Impact of Cyber Attacks
5.
5© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Who are the “Threat Actors” and the Targets? Hacktivists (i.e. Wikileaks, Anonymous, LulzSec) Malicious Insiders (i.e. Bradley Manning and the U.S. Department of State memos) Cyber Mafia - Organised crime (i.e. stealing credit card numbers) Cyber Warfare - State sponsored & corporate espionage (i.e. Night Dragon, StuxNet, DuQU, SHAMOON) Intellectual Property Data Merger & Acquisition Transaction Information Senior Executive Emails Control Systems Process Control Networks (supports exploration & production activity) Network and connectivity data Operational and assets specific data Targets Threat Actors Customer Data
6.
6© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Recent Cyber Security Incident – Retail sector Target could be facing losses of up to $420 million as a result of this breach US$61M in breach-related cost as of Feb 2014 CIO and CEO resigns Will spend US$100M to upgrade payment system 40M credit card records and 70M customer PID compromised Impact Malware installed on POS Phishing email sent to HVAC firm and credentials used to access Target’s Purchase/Order and Billing system Observation Target – 2014
7.
7© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Recent Cyber Security Incident – Insurance sector Biggest data theft in healthcare industry Reputational loss in Anthem regarding IT Security Impact PID of 80 million customers and clients were stolen, including Social Security Numbers Setup of evil WellPoint / Anthem infrastructure in the Internet Targeted attack (APT) by cyber espionage group Observation Infrastructure and malware was also used for attack on US Defense contractor Anthem – 2015
8.
8© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Recent Cyber Security Incident – Banking sector Computer security budget will be doubled in the next 5 years to $250M PID of 7 million small businesses were stolen Impact PID of 76 Million households were stolen, including email addresses, home addresses and phone numbers 12 other major US financial institutions alongside J.P.Morgan were targeted Hackers stole the login credentials for a J.P.Morgan employee in Spring 2014 Observation JP Morgan – 2014
9.
9© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Reputation and financial damage Attack was executed by a Hacktivist Information stolen from a 3rd party / vendor printing facility at Fuji Xerox Singapore Observation Reputational loss for Private Bank business MAS said it took "appropriate supervisory actions” against SCB Impact Financial Data of 647 clients stolen Recent Cyber Security Incident – Banking sector (outsourced vendor) Standard Chartered Bank & Fuji Xerox – 2013
10.
10© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Recent Cyber Security Incident – Entertainment sector North Korea is blamed for the attack When the breach was discovered, Sony had been infiltrated for one year Observation Massive impact to Sony Pictures, its employees and clients Sensitive personal and corporate data was leaked, including emails, salaries and unreleased movies Impact Company's inner workings completely exposed Sony Pictures – 2014
11.
11© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. “Are we prepared and resilient against cyber attacks?” Leadership and Governance Human Factors Information Risk Management Business Continuity and Crisis Management Operations and Technology Legal and Compliance
12.
12© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Cyber Security Transformation Lever 1: Implementing a strategic, institution-wide approach to cyber security Cyber Security Leadership & Governance Human Factors Information Risk Management BCM / Crisis Management Operations & Technology Legal & Compliance Cyber security collaboration to be extended beyond company walls to address common enemies A dedicated cyber security operations centre (SOC) to be established, using threat intelligence driven approach to security Cyber risk governance driven by the Board and Cyber risk strategy driven at Executive level as an integral part of corporate strategy. Looks beyond technical preparedness and takes a holistic view of people, process and technology The human factors in the defence chain must be strengthened as part of a cyber risk aware culture Focus on risk-based mitigation, early detection, robust response, automation and analytics to create internal and external risk transparency Resiliency and ability to quickly return to normal operations or repair damage
13.
13© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Respond Incident response capability is built by drafting playbooks, performing regular incident response exercises and doing red team testing. The capability to delay transactions for fraud investigations and having trained call centre employees are most important in being able to modern online banking attacks. Detect Real-time detection of incidents and fraudulent transactions requires correlation of information from various data sources. It is important to monitor customer behaviour, transactions and log files from applications and systems. Incident detection will not function properly without adequate processes and trained people for detection rule management. Threat Intelligence Acquiring external threat information is necessary to keep an up to date view on current and future threats for your organisation. Best practices include connecting external intelligence sources, information sharing with other banks and other industries, and cooperation with police and law enforcement. Cyber Security Transformation Lever 2: Actionable Threat Intelligence is the key to managing evolving cyber threats Threat Intelligence Prevention will ultimately fail. Actionable threat intelligence combined with detection and response capability is the key Prevent Protecting customers and your own infrastructure requires measures on people, processes and technology layers.
14.
14© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Training & awareness of all management and staff on Cyber Risks Better threat intelligence Establish an institution-wide accountability for managing cyber risks Leadership and Governance Insufficient understanding of cyber risk by Senior Management Increased awareness of Senior Management on Cyber Security risks Insufficient oversight of IT risk by CEO and CIO Accountability and responsibility for IT risk extended to the Board , CEO and senior management What went wrong? Cyber Security raised to Board & Senior Management agenda Sony Pictures What should you do? How can this be addressed? Board and Senior Management's governance, ownership, and effective management of risk. Target
15.
15© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Training and awareness programmes Tone from the top - leadership staff to demonstrate security/risk mindset to rank & file teams Process to assure appropriate skills and capabilities of vendor staff Human Factors POS was accessed using remote access software over internet, due to staff’s default password not being changed Proper security awareness programs should be provided to the employees Information stolen from the server s of a third party vendor providing printing services Upgrade security skills and capabilities of staff maintaining customer data & third party servers What went wrong? Subway Standard Chartered Bank What should you do? How can this be addressed? Level of security-focused culture that empowers and ensures the right people, skills, culture and knowledge. Extension of security policies & HR policies to vendors/3rd parties
16.
16© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Integration of information classification into security architecture design Data governance Detection mechanisms and alerts Analytics to correlate unusual customer behaviour, transactions and log files from applications and systems Information Risk Management All sensitive personal and corporate information was stolen Establish information classification process together with Data Loss Prevention solutions Intrusion of vendor servers containing customer data was not detected Detection tools and security assessments should be performed on all servers that connect to an external network What went wrong? Sony Pictures Standard Chartered Bank What should you do? How can this be addressed? The approach to achieving comprehensive and effective risk management of information throughout the organisation and its delivery and supply partners. Information sharing and data loss prevention
17.
17© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Business continuity with cyber resiliency Cyber incident response embedded into Crisis Management process Business Continuity and Crisis Management Employees needed to go back to pen and paper Backup & recovery coupled with resilient system architecture Information of the breach was announced too late causing public backlash Improvement of communication to public What went wrong? Business continuity plan incorporated as part of cyber security readiness Sony Pictures Target What should you do? How can this be addressed? The preparations for a security event and the ability to prevent or minimise the impact through successful crisis and stakeholder management. Internal and External Stakeholder management
18.
18© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Threat and vulnerability management Asset lifecycle management Network security Incident Response Actionable threat intelligence Network segmentation/isolation Operations and Technology 2FA missing on one neglected server Rollout of security services on all assets and properVulnerability Management Intrusion/malware was detected but SecurityOps did not follow-up Effective Incident Management process – diagnosis, prioritisation, and fast response What went wrong? Drafting playbooks, performing regular incident response exercises, doing red team testing Physical security Personnel security J.P. Morgan Chase Target What should you do? How can this be addressed? The level of control measures implemented within the organisation to address identified risks, and minimise the impact of compromise.
19.
19© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Outsourcing governance & risk management framework Outsourcing gap analysis and audit review Legislative compliance Role of the audit committee Legal and Compliance 647 of its private bank clients information stolen through outsourced vendor’s server. Bank needs to extend cyber security practices to all outsourced arrangements - new regulatory mandate. Faces several law cases due to violation of PID storage Legal department to address new cyber laws for processing and storage of sensitive information What went wrong? Threat intelligence and information sharing across other industries Collaboration with industry peers to address common enemies Standard Chartered Bank Sony Pictures What should you do? How can this be addressed? Regulatory, international standards and laws relevant to your organisation (e.g. ISO27000, PCI-DSS, Data Privacy laws,TRM regulatory requirements, NIST).
20.
20© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Conclusion Cyber Security Frameworks ISO 27032: Cyber Security MAS/HKMA TRM Guidelines NIST COBIT Etc. Strategic, Institution- wide approach Actionable Threat Intelligence Cyber Security Readiness
21.
21© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Appendix: KPMG Cyber Security Framework Cyber Maturity Assessment (CMA) Cyber Security Strategy Cyber Gaming Cyber Defense Operating Model Design Identity and Access Management Security and Technology Assessments Certification Services Development and Implementation of Threat Intelligence Operating Models Design and Implementation of Security Operations Centers Cyber Attack Detection Rapid Response Teams Forensic Evidence Recovery and Investigation Advanced Training and Cyber Response Capability Development Board Training Enterprise Risk Management and Implementation Business Continuity Planning Behavioral Change Management Design and Delivery of Institution-wide Cyber Security Transformation Programs
22.
22© 2015 KPMG
Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Contact Details darylpereira@kpmg.com.sg RISK & REGULATION | COST & EFFICIENCY | CUSTOMER & GROWTH © 2015 KPMG Services Pte. Ltd. (Registration No: 200003956G), a Singapore incorporated company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. DARYL PEREIRA Partner ASEAN Management Consulting KPMG Tel: +65 6411 8116
Baixar agora