Business Continuity requires a Security Architecture to reduce risk and cost

PECB
PECB PECB
Business Continuity requires a Security Architecture to reduce risk and cost Jeff Primus CEO & Principal Advisor
2 JEFF PRIMUS Founder, CEO & Principal Advisor @ ACTAGIS Advisor, experienced manager & expert of the subject, since over 25 years Actively implements ISO compliant, Governance, Cyber Security, Risk & Business Continuity, management Systems for the public sector and multinational companies in Switzerland, Europe and the Middle-East. Official & accredited PECB, ISACA and BCI, trainer for several courses, including the ISO 22301, CBCI, GDPR- CDPO, ISO 31000, ISO 27001, ISO 20000, ISO 9001, ISO 27005, CGEIT, CRISC, CISA, CISM, CISSP, SABSA- SCF, and COBIT5 (teaching more than 10 years in English, French, Turkish). Lead lecturer at Sorbonne-Paris-1 and at Geneva Universities for Cyber Security, Governance, Business Continuity, Risk Management, publishes articles and performs on radio and television shows. Board member of ISACA Switzerland. He has been an active participant in the SC27 Workgroup, which co- defines the new releases of the ISO/IEC 27001 standard Contact information +41 21 353 03 30 team@actagis.ch www.actagis.ch https://ch.linkedin.com/in/jeffprimus https://twitter.com/ACTAGIS https://www.facebook.com/actagis
3 Agenda
4 Cyber Security & Risk Management Landscape  The frequency of cyber-attacks continues to increase at an unparalleled pace  According recent studies, the number of security incidents across all industries rose by 38% in 2015  By attacking the most vulnerable value chains of organizations, they result in  information confidentiality & integrity breaches  discontinuity of business activities and  huge financial and reputational damages  Historically, the information System is considered predominantly as a technological issue
5 Business Continuity Management (BCM) Landscape  Lack of historical synergies between BCM and ISSM  But things are changing because of the rise of cyber threats  The synergies are essential in order to implement an efficient BCM taking care also the ISSM  Standards and frameworks exist but lack methodological approach to address existing gaps  So, how can we enable the synergies ?
6 Business across multiple layers
7
8 ISO 22301 Standard
9
10 SABSA: Enterprise Security Architecture
11 SABSA matrix and processes © Jeff Primus – 2018 – www.actagis.ch - Based on www.sabsa.org
12
13 Linkage between ISO 22301 & SABSA
14 Linkage between ISO 22301 & SABSA © Jeff Primus – 2018 – www.actagis.ch - Based on www.iso.org & www.sabsa.org
15 Linkage between ISO 22301 & SABSA
16 Thank you ! Contact information +41 21 353 03 30 team@actagis.ch www.actagis.ch https://ch.linkedin.com/in/jeffprimus https://twitter.com/ACTAGIS https://www.facebook.com/actagis Questions
1 de 16

Business Continuity requires a Security Architecture to reduce risk and cost

Educação

This presentation has been delivered by Jeff Primus at the PECB Insights Conference 2018 in Paris.

PECB
PECB PECB

Recomendados

Organizational Resilience Management - an Integrated GRC Approach por
Organizational Resilience Management - an Integrated GRC ApproachOrganizational Resilience Management - an Integrated GRC Approach
Organizational Resilience Management - an Integrated GRC ApproachPECB
1.2K visualizações21 slides
Segregation of Duties por
Segregation of DutiesSegregation of Duties
Segregation of DutiesPECB
2.9K visualizações20 slides
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPR por
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPRHow an ISO/IEC 27001 Based ISMS Will Support the EU GDPR
How an ISO/IEC 27001 Based ISMS Will Support the EU GDPRPECB
1.1K visualizações36 slides
Approche intégrée de la gestion des risques, de la sécurité de l’information,... por
Approche intégrée de la gestion des risques, de la sécurité de l’information,...Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...PECB
971 visualizações50 slides
Organizational Integrity & Its Relationship with Management Systems and Enter... por
Organizational Integrity & Its Relationship with Management Systems and Enter...Organizational Integrity & Its Relationship with Management Systems and Enter...
Organizational Integrity & Its Relationship with Management Systems and Enter...PECB
1.6K visualizações26 slides
Cyber Crime Simulation Game - incl quick overview of ISO 27001 por
Cyber Crime Simulation Game - incl quick overview of ISO 27001Cyber Crime Simulation Game - incl quick overview of ISO 27001
Cyber Crime Simulation Game - incl quick overview of ISO 27001PECB
1.2K visualizações36 slides

Mais conteúdo relacionado

Mais procurados

Intégrating ISO 37001 MS with other MSs por
Intégrating ISO 37001 MS with other MSsIntégrating ISO 37001 MS with other MSs
Intégrating ISO 37001 MS with other MSsPECB
983 visualizações14 slides
The developing world of cyber litigation and compliance por
The developing world of cyber litigation and complianceThe developing world of cyber litigation and compliance
The developing world of cyber litigation and compliancePECB
1.4K visualizações19 slides
Security Framework for Digital Risk Managment por
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
2.5K visualizações43 slides
The CISO in 2020: Prepare for the Unexpected por
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedIBM Security
1.6K visualizações14 slides
MCGlobalTech Consulting Service Presentation por
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
447 visualizações13 slides
Information security governance por
Information security governanceInformation security governance
Information security governanceKoen Maris
3.2K visualizações17 slides

Mais procurados(20)

Intégrating ISO 37001 MS with other MSs por PECB
Intégrating ISO 37001 MS with other MSsIntégrating ISO 37001 MS with other MSs
Intégrating ISO 37001 MS with other MSs
PECB 983 visualizações
The developing world of cyber litigation and compliance por PECB
The developing world of cyber litigation and complianceThe developing world of cyber litigation and compliance
The developing world of cyber litigation and compliance
PECB 1.4K visualizações
Security Framework for Digital Risk Managment por Securestorm
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk Managment
Securestorm2.5K visualizações
The CISO in 2020: Prepare for the Unexpected por IBM Security
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the Unexpected
IBM Security1.6K visualizações
MCGlobalTech Consulting Service Presentation por William McBorrough
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
William McBorrough447 visualizações
Information security governance por Koen Maris
Information security governanceInformation security governance
Information security governance
Koen Maris3.2K visualizações
Security services mind map por David Kennedy
Security services mind mapSecurity services mind map
Security services mind map
David Kennedy6.1K visualizações
Super CISO 2020: How to Keep Your Job por Priyanka Aash
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your Job
Priyanka Aash1.4K visualizações
Cybersecurity solution-guide por AdilsonSuende
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
AdilsonSuende158 visualizações
Size, complexity and nature of the organisation – a key to effective audit por PECB
Size, complexity and nature of the organisation – a key to effective auditSize, complexity and nature of the organisation – a key to effective audit
Size, complexity and nature of the organisation – a key to effective audit
PECB 2.6K visualizações
Business impact of new EU General Data Protection Regulation (GDPR) on organi... por PECB
Business impact of new EU General Data Protection Regulation (GDPR) on organi...Business impact of new EU General Data Protection Regulation (GDPR) on organi...
Business impact of new EU General Data Protection Regulation (GDPR) on organi...
PECB 2.2K visualizações
Simplifying Security for Cloud Adoption - Defining your game plan por Securestorm
Simplifying Security for Cloud Adoption - Defining your game planSimplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game plan
Securestorm491 visualizações
What CIOs and CFOs Need to Know About Cyber Security por Phil Agcaoili
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
Phil Agcaoili1.9K visualizações
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map? por PECB
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
PECB 2.5K visualizações
What it Takes to be a CISO in 2017 por Doug Copley
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017
Doug Copley328 visualizações
PECB Webinar: Risk Treatment according to ISO 27005 por PECB
PECB Webinar: Risk Treatment according to ISO 27005PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005
PECB 5.3K visualizações
The significance of the Shift to Risk Management from Threat & Vulnerability ... por PECB
The significance of the Shift to Risk Management from Threat & Vulnerability ...The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...
PECB 1.1K visualizações
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an... por Phil Agcaoili
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Phil Agcaoili582 visualizações
Cyber Security Risk Management por Shaun Sloan
Cyber Security Risk ManagementCyber Security Risk Management
Cyber Security Risk Management
Shaun Sloan137 visualizações
Any Standard is Better Than None: GDPR and the ISO Standards por PECB
Any Standard is Better Than None: GDPR and the ISO StandardsAny Standard is Better Than None: GDPR and the ISO Standards
Any Standard is Better Than None: GDPR and the ISO Standards
PECB 2.1K visualizações

Similar a Business Continuity requires a Security Architecture to reduce risk and cost

Business Continuity Management System: How, Why and for What? por
Business Continuity Management System: How, Why and for What?Business Continuity Management System: How, Why and for What?
Business Continuity Management System: How, Why and for What?Alvin Integrated Services [AIS]
63 visualizações14 slides
Responding to the Pandemic: Information Security and Technology Trends por
Responding to the Pandemic: Information Security and Technology Trends Responding to the Pandemic: Information Security and Technology Trends
Responding to the Pandemic: Information Security and Technology Trends Enterprise Management Associates
66 visualizações21 slides
Info sec concept paper-Ahmed.Ragab por
Info sec concept paper-Ahmed.RagabInfo sec concept paper-Ahmed.Ragab
Info sec concept paper-Ahmed.Ragabpromediakw
137 visualizações2 slides
Info sec concept paper-ahmed.ragab por
Info sec concept paper-ahmed.ragabInfo sec concept paper-ahmed.ragab
Info sec concept paper-ahmed.ragabpromediakw
162 visualizações2 slides
CV 2.4 18/06/2016 por
CV 2.4 18/06/2016CV 2.4 18/06/2016
CV 2.4 18/06/2016Neil Barnacle FBCS CITP
120 visualizações5 slides
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N... por
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
1K visualizações29 slides

Similar a Business Continuity requires a Security Architecture to reduce risk and cost(20)

Business Continuity Management System: How, Why and for What? por Alvin Integrated Services [AIS]
Business Continuity Management System: How, Why and for What?Business Continuity Management System: How, Why and for What?
Business Continuity Management System: How, Why and for What?
Alvin Integrated Services [AIS]63 visualizações
Responding to the Pandemic: Information Security and Technology Trends por Enterprise Management Associates
Responding to the Pandemic: Information Security and Technology Trends Responding to the Pandemic: Information Security and Technology Trends
Responding to the Pandemic: Information Security and Technology Trends
Enterprise Management Associates66 visualizações
Info sec concept paper-Ahmed.Ragab por promediakw
Info sec concept paper-Ahmed.RagabInfo sec concept paper-Ahmed.Ragab
Info sec concept paper-Ahmed.Ragab
promediakw137 visualizações
Info sec concept paper-ahmed.ragab por promediakw
Info sec concept paper-ahmed.ragabInfo sec concept paper-ahmed.ragab
Info sec concept paper-ahmed.ragab
promediakw162 visualizações
CV 2.4 18/06/2016 por Neil Barnacle FBCS CITP
CV 2.4 18/06/2016CV 2.4 18/06/2016
CV 2.4 18/06/2016
Neil Barnacle FBCS CITP120 visualizações
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N... por International Federation of Accountants
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
International Federation of Accountants1K visualizações
MullaneyChrisER por Chris Mullaney
MullaneyChrisERMullaneyChrisER
MullaneyChrisER
Chris Mullaney204 visualizações
S Rod Simpson Resume por Rod Simpson CRISC, CISM, CISA
S Rod Simpson ResumeS Rod Simpson Resume
S Rod Simpson Resume
Rod Simpson CRISC, CISM, CISA352 visualizações
NQA Your Risk Assurance Partner por NQA
NQA Your Risk Assurance PartnerNQA Your Risk Assurance Partner
NQA Your Risk Assurance Partner
NQA 47 visualizações
Resume_IshitaKundu_CISA por Ishita Kundu
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
Ishita Kundu97 visualizações
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t... por Cohesive Networks
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
Cohesive Networks1.2K visualizações
Evolving State of the Endpoint Webinar por Lumension
Evolving State of the Endpoint WebinarEvolving State of the Endpoint Webinar
Evolving State of the Endpoint Webinar
Lumension376 visualizações
New COBIT 5 Framework: Master the skills to review Implementation - By Compli... por Compliance Global Inc
New COBIT 5 Framework: Master the skills to review Implementation - By Compli...New COBIT 5 Framework: Master the skills to review Implementation - By Compli...
New COBIT 5 Framework: Master the skills to review Implementation - By Compli...
Compliance Global Inc18 visualizações
Iso27001- Nashwan Mustafa por Fahmi Albaheth
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
Fahmi Albaheth736 visualizações
10 Security Essentials Every CxO Should Know por IBM Security
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
IBM Security8.6K visualizações
Saikiran_CV_Operational Risk_updated por konchada
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
konchada56 visualizações
Saikiran_CV_Operational Risk_updated por konchada
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
konchada35 visualizações
Security of the future - Adapting Approaches to What We Need por simplyme12345
Security of the future - Adapting Approaches to What We NeedSecurity of the future - Adapting Approaches to What We Need
Security of the future - Adapting Approaches to What We Need
simplyme12345161 visualizações
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf por ControlCase
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
ControlCase811 visualizações
Enterprise Architecture - Information Security por Ajay Kumar Uppal
Enterprise Architecture - Information SecurityEnterprise Architecture - Information Security
Enterprise Architecture - Information Security
Ajay Kumar Uppal105 visualizações

Mais de PECB

ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively por
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyPECB
457 visualizações18 slides
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help? por
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
1.5K visualizações52 slides
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie... por
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
998 visualizações22 slides
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu... por
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...PECB
1.3K visualizações93 slides
Student Information Session University KTMC por
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC PECB
21 visualizações9 slides
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a... por
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
230 visualizações23 slides

Mais de PECB (20)

ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively por PECB
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
PECB 457 visualizações
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help? por PECB
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
PECB 1.5K visualizações
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie... por PECB
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
PECB 998 visualizações
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu... por PECB
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
PECB 1.3K visualizações
Student Information Session University KTMC por PECB
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
PECB 21 visualizações
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a... por PECB
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB 230 visualizações
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an... por PECB
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
PECB 599 visualizações
Student Information Session University CREST ADVISORY AFRICA por PECB
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
PECB 105 visualizações
Information Session University Egybyte.pptx por PECB
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
PECB 34 visualizações
Student Information Session University Digital Encode.pptx por PECB
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
PECB 40 visualizações
Cybersecurity trends - What to expect in 2023 por PECB
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB 2.7K visualizações
ISO/IEC 27001:2022 – What are the changes? por PECB
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB 5.4K visualizações
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1... por PECB
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...
PECB 887 visualizações
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and... por PECB
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
PECB 1.4K visualizações
Business Continuity, Data Privacy, and Information Security: How do they link? por PECB
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?
PECB 1.1K visualizações
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference? por PECB
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
PECB 1.1K visualizações
Information Security vs. Data Governance vs. Data Protection: What Is the Rea... por PECB
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
PECB 1.5K visualizações
GDPR vs US Regulations: Their differences and Commonalities with ISO/IEC 27701 por PECB
GDPR vs US Regulations: Their differences and Commonalities with ISO/IEC 27701GDPR vs US Regulations: Their differences and Commonalities with ISO/IEC 27701
GDPR vs US Regulations: Their differences and Commonalities with ISO/IEC 27701
PECB 1K visualizações
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee... por PECB
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
PECB 1.5K visualizações
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know por PECB
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
PECB 2.2K visualizações

Último

American Psychological Association 7th Edition.pptx por
American Psychological Association 7th Edition.pptxAmerican Psychological Association 7th Edition.pptx
American Psychological Association 7th Edition.pptxSamiullahAfridi4
74 visualizações8 slides
Use of Probiotics in Aquaculture.pptx por
Use of Probiotics in Aquaculture.pptxUse of Probiotics in Aquaculture.pptx
Use of Probiotics in Aquaculture.pptxAKSHAY MANDAL
81 visualizações15 slides
Narration ppt.pptx por
Narration ppt.pptxNarration ppt.pptx
Narration ppt.pptxTARIQ KHAN
110 visualizações24 slides
Narration lesson plan.docx por
Narration lesson plan.docxNarration lesson plan.docx
Narration lesson plan.docxTARIQ KHAN
99 visualizações11 slides
ACTIVITY BOOK key water sports.pptx por
ACTIVITY BOOK key water sports.pptxACTIVITY BOOK key water sports.pptx
ACTIVITY BOOK key water sports.pptxMar Caston Palacio
350 visualizações4 slides
UWP OA Week Presentation (1).pptx por
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
68 visualizações11 slides

Último(20)

American Psychological Association 7th Edition.pptx por SamiullahAfridi4
American Psychological Association 7th Edition.pptxAmerican Psychological Association 7th Edition.pptx
American Psychological Association 7th Edition.pptx
SamiullahAfridi474 visualizações
Use of Probiotics in Aquaculture.pptx por AKSHAY MANDAL
Use of Probiotics in Aquaculture.pptxUse of Probiotics in Aquaculture.pptx
Use of Probiotics in Aquaculture.pptx
AKSHAY MANDAL81 visualizações
Narration ppt.pptx por TARIQ KHAN
Narration ppt.pptxNarration ppt.pptx
Narration ppt.pptx
TARIQ KHAN110 visualizações
Narration lesson plan.docx por TARIQ KHAN
Narration lesson plan.docxNarration lesson plan.docx
Narration lesson plan.docx
TARIQ KHAN99 visualizações
ACTIVITY BOOK key water sports.pptx por Mar Caston Palacio
ACTIVITY BOOK key water sports.pptxACTIVITY BOOK key water sports.pptx
ACTIVITY BOOK key water sports.pptx
Mar Caston Palacio350 visualizações
UWP OA Week Presentation (1).pptx por Jisc
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
Jisc68 visualizações
BYSC infopack.pdf por Fundacja Rozwoju Społeczeństwa Przedsiębiorczego
BYSC infopack.pdfBYSC infopack.pdf
BYSC infopack.pdf
Fundacja Rozwoju Społeczeństwa Przedsiębiorczego164 visualizações
Education and Diversity.pptx por DrHafizKosar
Education and Diversity.pptxEducation and Diversity.pptx
Education and Diversity.pptx
DrHafizKosar107 visualizações
Structure and Functions of Cell.pdf por Nithya Murugan
Structure and Functions of Cell.pdfStructure and Functions of Cell.pdf
Structure and Functions of Cell.pdf
Nithya Murugan317 visualizações
SIMPLE PRESENT TENSE_new.pptx por nisrinamadani2
SIMPLE PRESENT TENSE_new.pptxSIMPLE PRESENT TENSE_new.pptx
SIMPLE PRESENT TENSE_new.pptx
nisrinamadani2173 visualizações
Google solution challenge..pptx por ChitreshGyanani1
Google solution challenge..pptxGoogle solution challenge..pptx
Google solution challenge..pptx
ChitreshGyanani182 visualizações
ICS3211_lecture 08_2023.pdf por Vanessa Camilleri
ICS3211_lecture 08_2023.pdfICS3211_lecture 08_2023.pdf
ICS3211_lecture 08_2023.pdf
Vanessa Camilleri95 visualizações
ANATOMY AND PHYSIOLOGY UNIT 1 { PART-1} por DR .PALLAVI PATHANIA
ANATOMY AND PHYSIOLOGY UNIT 1 { PART-1}ANATOMY AND PHYSIOLOGY UNIT 1 { PART-1}
ANATOMY AND PHYSIOLOGY UNIT 1 { PART-1}
DR .PALLAVI PATHANIA234 visualizações
The basics - information, data, technology and systems.pdf por JonathanCovena1
The basics - information, data, technology and systems.pdfThe basics - information, data, technology and systems.pdf
The basics - information, data, technology and systems.pdf
JonathanCovena177 visualizações
Compare the flora and fauna of Kerala and Chhattisgarh ( Charttabulation) por AnshulDewangan3
Compare the flora and fauna of Kerala and Chhattisgarh ( Charttabulation) Compare the flora and fauna of Kerala and Chhattisgarh ( Charttabulation)
Compare the flora and fauna of Kerala and Chhattisgarh ( Charttabulation)
AnshulDewangan3275 visualizações
2022 CAPE Merit List 2023 por Caribbean Examinations Council
2022 CAPE Merit List 2023 2022 CAPE Merit List 2023
2022 CAPE Merit List 2023
Caribbean Examinations Council3.9K visualizações
discussion post.pdf por jessemercerail
discussion post.pdfdiscussion post.pdf
discussion post.pdf
jessemercerail106 visualizações
Material del tarjetero LEES Travesías.docx por Norberto Millán Muñoz
Material del tarjetero LEES Travesías.docxMaterial del tarjetero LEES Travesías.docx
Material del tarjetero LEES Travesías.docx
Norberto Millán Muñoz68 visualizações
Classification of crude drugs.pptx por GayatriPatra14
Classification of crude drugs.pptxClassification of crude drugs.pptx
Classification of crude drugs.pptx
GayatriPatra1465 visualizações
CWP_23995_2013_17_11_2023_FINAL_ORDER.pdf por SukhwinderSingh895865
CWP_23995_2013_17_11_2023_FINAL_ORDER.pdfCWP_23995_2013_17_11_2023_FINAL_ORDER.pdf
CWP_23995_2013_17_11_2023_FINAL_ORDER.pdf
SukhwinderSingh895865501 visualizações

Business Continuity requires a Security Architecture to reduce risk and cost

  • 1. Business Continuity requires a Security Architecture to reduce risk and cost Jeff Primus CEO & Principal Advisor
  • 2. 2 JEFF PRIMUS Founder, CEO & Principal Advisor @ ACTAGIS Advisor, experienced manager & expert of the subject, since over 25 years Actively implements ISO compliant, Governance, Cyber Security, Risk & Business Continuity, management Systems for the public sector and multinational companies in Switzerland, Europe and the Middle-East. Official & accredited PECB, ISACA and BCI, trainer for several courses, including the ISO 22301, CBCI, GDPR- CDPO, ISO 31000, ISO 27001, ISO 20000, ISO 9001, ISO 27005, CGEIT, CRISC, CISA, CISM, CISSP, SABSA- SCF, and COBIT5 (teaching more than 10 years in English, French, Turkish). Lead lecturer at Sorbonne-Paris-1 and at Geneva Universities for Cyber Security, Governance, Business Continuity, Risk Management, publishes articles and performs on radio and television shows. Board member of ISACA Switzerland. He has been an active participant in the SC27 Workgroup, which co- defines the new releases of the ISO/IEC 27001 standard Contact information +41 21 353 03 30 team@actagis.ch www.actagis.ch https://ch.linkedin.com/in/jeffprimus https://twitter.com/ACTAGIS https://www.facebook.com/actagis
  • 4. 4 Cyber Security & Risk Management Landscape  The frequency of cyber-attacks continues to increase at an unparalleled pace  According recent studies, the number of security incidents across all industries rose by 38% in 2015  By attacking the most vulnerable value chains of organizations, they result in  information confidentiality & integrity breaches  discontinuity of business activities and  huge financial and reputational damages  Historically, the information System is considered predominantly as a technological issue
  • 5. 5 Business Continuity Management (BCM) Landscape  Lack of historical synergies between BCM and ISSM  But things are changing because of the rise of cyber threats  The synergies are essential in order to implement an efficient BCM taking care also the ISSM  Standards and frameworks exist but lack methodological approach to address existing gaps  So, how can we enable the synergies ?
  • 7. 7
  • 9. 9
  • 11. 11 SABSA matrix and processes © Jeff Primus – 2018 – www.actagis.ch - Based on www.sabsa.org
  • 12. 12
  • 13. 13 Linkage between ISO 22301 & SABSA
  • 14. 14 Linkage between ISO 22301 & SABSA © Jeff Primus – 2018 – www.actagis.ch - Based on www.iso.org & www.sabsa.org
  • 15. 15 Linkage between ISO 22301 & SABSA
  • 16. 16 Thank you ! Contact information +41 21 353 03 30 team@actagis.ch www.actagis.ch https://ch.linkedin.com/in/jeffprimus https://twitter.com/ACTAGIS https://www.facebook.com/actagis Questions