SlideShare une entreprise Scribd logo

Information Security and Corporate Risk

AgilOne
AgilOne
Marketing
1  sur  7
Industry Perspective Information Security and Corporate Risk Michael Lyons & Sean Curran Protiviti michael.lyons@protiviti.com sean.curran@protiviti.com
Information Security and Corporate Risk February 2014
3 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.
AP Twitter Feed Hacked April 23, 2013 1:07 PM April 23, 2013 1:08 PM 150 point drop 1:10 PM – AP tweets they have been hacked and it is erroneous 1:13 PM – News states bogus tweet, DOW recovers 1:16 PM – Jay Carney confirms POTUS is fine 1:17 PM – The Syrian Electronic Army takes responsibility Previous attacks include Reuters, CBS, and FIFA 1:30 PM – Mike Baker (AP) says attack occurred one hour after phishing email 2:28 PM – AP posts story and blames phishing attack 4 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.
Data Centric Security Security Program and Policy •  •  •  •  •  •  •  •  •  •  •  •  Data Governance Data Classification Data Leakage Encryption & Storage Strategy Privacy Management & Implementation PCI, HITRUST and Security Compliance Planning, Readiness & Assessment •  Vendor Due Diligence Security Policy & Program Security Strategy & Architecture Security Metrics Incident Response Program Awareness & Training Other Security Identity and Access Management •  Access Mgmt Policy & Standards •  IDAM Design & Implementation •  Identity Credential Selection •  Identity Federation Strategy & Implementation Incident Response and Forensics Security Operations & Implementation •  Incident Response Strategy and Planning •  Emergency Response •  Computer Forensics •  Proactive eDiscovery Planning •  Reactive eDiscovery Support •  Security Monitoring & Intelligence •  SIEM Technology •  SOC Training & Staffing Solutions Vulnerability/Pen Testing •  •  •  •  •  5 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party. Infrastructure Vulnerability Application Vulnerability Network Vulnerability Database Vulnerability Secure Code Reviews •  Security Product Implementation
The Lifecycle of a Breach 6 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.
Managing the Communication •  What is your sensitive data you are protecting and has there been a security breach –  IE…has the sensitive information left the building •  Have you had cybercrime experts confirm the breach •  How and when to release info –  Sony had significant failures due to reporting breach information too quickly without all the facts –  Hannaford sent notice to 4.2MM customers although only 1800 affected •  Have you tested the process –  Incident response is a significant portion in a proper data security program. Role playing and scenario modeling are important training tools •  Regulatory requirements –  Immediately work with your legal teams before sending anything out to understand what you are required by law to state •  What is your response…how are you correcting the problem? 7 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.

Recommandé

Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
BASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSBASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSMd Abu Syeem Dipu
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 

Recommandé

Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
BASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSBASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSMd Abu Syeem Dipu
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
Cyber security certification course
Cyber security certification courseCyber security certification course
Cyber security certification courseNishaPaunikar1
 
WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers Dinesh O Bareja
 
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the Board
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the BoardSeattle Biz-Tech Summit 10-2015 CyberSecurity and the Board
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the BoardLERNER Consulting
 
Cyber security
Cyber securityCyber security
Cyber securitycolebassett
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1NetWatcher
 
Cyber security
Cyber securityCyber security
Cyber securitySatbharai Sethar
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?Rapid7
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Knowledge Group
 
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...Plus Consulting
 
Security Awareness Training: Are We Getting Any Better at Organizational and ...
Security Awareness Training: Are We Getting Any Better at Organizational and ...Security Awareness Training: Are We Getting Any Better at Organizational and ...
Security Awareness Training: Are We Getting Any Better at Organizational and ...Enterprise Management Associates
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityRahul Tyagi
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
Cyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data BreachesCyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data BreachesParsons Behle & Latimer
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02ITNet
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeZeeshan Khan
 
Proven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your businessProven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your businessAnkitaKale12
 
Cyber security by nayan pandey
Cyber security by nayan pandeyCyber security by nayan pandey
Cyber security by nayan pandeyRithikaD1
 
Case Studies: Turning Browsers into Buyers
Case Studies: Turning Browsers into BuyersCase Studies: Turning Browsers into Buyers
Case Studies: Turning Browsers into BuyersAgilOne
 
AgilOne Enterprise Edition
AgilOne Enterprise EditionAgilOne Enterprise Edition
AgilOne Enterprise EditionAgilOne
 

Contenu connexe

Tendances

Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
Cyber security certification course
Cyber security certification courseCyber security certification course
Cyber security certification courseNishaPaunikar1
 
WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers Dinesh O Bareja
 
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the Board
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the BoardSeattle Biz-Tech Summit 10-2015 CyberSecurity and the Board
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the BoardLERNER Consulting
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1NetWatcher
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?Rapid7
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Knowledge Group
 
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...Plus Consulting
 
Security Awareness Training: Are We Getting Any Better at Organizational and ...
Security Awareness Training: Are We Getting Any Better at Organizational and ...Security Awareness Training: Are We Getting Any Better at Organizational and ...
Security Awareness Training: Are We Getting Any Better at Organizational and ...Enterprise Management Associates
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityRahul Tyagi
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
Cyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data BreachesCyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data BreachesParsons Behle & Latimer
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02ITNet
 
Proven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your businessProven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your businessAnkitaKale12
 
Cyber security by nayan pandey
Cyber security by nayan pandeyCyber security by nayan pandey
Cyber security by nayan pandeyRithikaD1
 

Tendances (20)

Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
 
Cyber security certification course
Cyber security certification courseCyber security certification course
Cyber security certification course
 
WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers
 
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the Board
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the BoardSeattle Biz-Tech Summit 10-2015 CyberSecurity and the Board
Seattle Biz-Tech Summit 10-2015 CyberSecurity and the Board
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
 
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...
Cyber-Security Threats: Why We are Losing the Battle (and Probably Don't Even...
 
Security Awareness Training: Are We Getting Any Better at Organizational and ...
Security Awareness Training: Are We Getting Any Better at Organizational and ...Security Awareness Training: Are We Getting Any Better at Organizational and ...
Security Awareness Training: Are We Getting Any Better at Organizational and ...
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe Security
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
 
Cyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data BreachesCyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data Breaches
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Proven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your businessProven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your business
 
Cyber security by nayan pandey
Cyber security by nayan pandeyCyber security by nayan pandey
Cyber security by nayan pandey
 

En vedette

Case Studies: Turning Browsers into Buyers
Case Studies: Turning Browsers into BuyersCase Studies: Turning Browsers into Buyers
Case Studies: Turning Browsers into BuyersAgilOne
 
AgilOne Enterprise Edition
AgilOne Enterprise EditionAgilOne Enterprise Edition
AgilOne Enterprise EditionAgilOne
 
AgilOne on Cause Marketing (partnership with Fashion Delivers)
AgilOne on Cause Marketing (partnership with Fashion Delivers)AgilOne on Cause Marketing (partnership with Fashion Delivers)
AgilOne on Cause Marketing (partnership with Fashion Delivers)AgilOne
 
AgilOne Email Edition
AgilOne Email EditionAgilOne Email Edition
AgilOne Email EditionAgilOne
 
What to do with the data?
What to do with the data?What to do with the data?
What to do with the data?AgilOne
 
2015 Predictive Marketing Survey
2015 Predictive Marketing Survey2015 Predictive Marketing Survey
2015 Predictive Marketing SurveyAgilOne
 
Case Study - Mavi: Using Loyalty Programs to Drive AOV and Purchase Frequency
Case Study - Mavi: Using Loyalty Programs to Drive AOV and Purchase FrequencyCase Study - Mavi: Using Loyalty Programs to Drive AOV and Purchase Frequency
Case Study - Mavi: Using Loyalty Programs to Drive AOV and Purchase FrequencyAgilOne
 
Bridging The Gap Between Online and Offline
Bridging The Gap Between Online and OfflineBridging The Gap Between Online and Offline
Bridging The Gap Between Online and OfflineAgilOne
 
Data-Driven Marketing
Data-Driven MarketingData-Driven Marketing
Data-Driven MarketingAgilOne
 
Tutorial: Customer Clustering 101
Tutorial: Customer Clustering 101Tutorial: Customer Clustering 101
Tutorial: Customer Clustering 101AgilOne
 
The Data-Driven Marketing Revolution
The Data-Driven Marketing RevolutionThe Data-Driven Marketing Revolution
The Data-Driven Marketing RevolutionAgilOne
 

En vedette (11)

Case Studies: Turning Browsers into Buyers
Case Studies: Turning Browsers into BuyersCase Studies: Turning Browsers into Buyers
Case Studies: Turning Browsers into Buyers
 
AgilOne Enterprise Edition
AgilOne Enterprise EditionAgilOne Enterprise Edition
AgilOne Enterprise Edition
 
AgilOne on Cause Marketing (partnership with Fashion Delivers)
AgilOne on Cause Marketing (partnership with Fashion Delivers)AgilOne on Cause Marketing (partnership with Fashion Delivers)
AgilOne on Cause Marketing (partnership with Fashion Delivers)
 
AgilOne Email Edition
AgilOne Email EditionAgilOne Email Edition
AgilOne Email Edition
 
What to do with the data?
What to do with the data?What to do with the data?
What to do with the data?
 
2015 Predictive Marketing Survey
2015 Predictive Marketing Survey2015 Predictive Marketing Survey
2015 Predictive Marketing Survey
 
Case Study - Mavi: Using Loyalty Programs to Drive AOV and Purchase Frequency
Case Study - Mavi: Using Loyalty Programs to Drive AOV and Purchase FrequencyCase Study - Mavi: Using Loyalty Programs to Drive AOV and Purchase Frequency
Case Study - Mavi: Using Loyalty Programs to Drive AOV and Purchase Frequency
 
Bridging The Gap Between Online and Offline
Bridging The Gap Between Online and OfflineBridging The Gap Between Online and Offline
Bridging The Gap Between Online and Offline
 
Data-Driven Marketing
Data-Driven MarketingData-Driven Marketing
Data-Driven Marketing
 
Tutorial: Customer Clustering 101
Tutorial: Customer Clustering 101Tutorial: Customer Clustering 101
Tutorial: Customer Clustering 101
 
The Data-Driven Marketing Revolution
The Data-Driven Marketing RevolutionThe Data-Driven Marketing Revolution
The Data-Driven Marketing Revolution
 

Similaire à Information Security and Corporate Risk

Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataAccellis Technology Group
 
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at RiskClearDATACloud
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedEnergySec
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityIT Governance Ltd
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
5 Technology Trends Construction Contractors Can't Afford To Ignore
5 Technology Trends Construction Contractors Can't Afford To Ignore5 Technology Trends Construction Contractors Can't Afford To Ignore
5 Technology Trends Construction Contractors Can't Afford To IgnoreGross, Mendelsohn & Associates
 
Ola Wittenby - Hotlandskapet på Internet
Ola Wittenby - Hotlandskapet på Internet Ola Wittenby - Hotlandskapet på Internet
Ola Wittenby - Hotlandskapet på Internet IBM Sverige
 
IBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Government
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
 
IT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckIT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckDon Gulling
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxchristiandean12115
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3Meg Weber
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
Michael curry security
Michael curry securityMichael curry security
Michael curry securityMassTLC
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsGDSCCVR
 
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET Journal
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
 

Similaire à Information Security and Corporate Risk (20)

Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
 
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun Intended
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber security
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
 
5 Technology Trends Construction Contractors Can't Afford To Ignore
5 Technology Trends Construction Contractors Can't Afford To Ignore5 Technology Trends Construction Contractors Can't Afford To Ignore
5 Technology Trends Construction Contractors Can't Afford To Ignore
 
Ola Wittenby - Hotlandskapet på Internet
Ola Wittenby - Hotlandskapet på Internet Ola Wittenby - Hotlandskapet på Internet
Ola Wittenby - Hotlandskapet på Internet
 
IBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Cyber Threat Analysis
IBM Cyber Threat Analysis
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
 
IT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckIT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide Deck
 
nerfslides.pptx
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
 
Targeted attacks
Targeted attacksTargeted attacks
Targeted attacks
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
Michael curry security
Michael curry securityMichael curry security
Michael curry security
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
 

Dernier

The Impact of Digital Technologies
The Impact of Digital Technologies The Impact of Digital Technologies
The Impact of Digital Technologies bruguardarib
 
The power of SEO-driven market intelligence
The power of SEO-driven market intelligenceThe power of SEO-driven market intelligence
The power of SEO-driven market intelligenceHinde Lamrani
 
ASO Process: What is App Store Optimization
ASO Process: What is App Store OptimizationASO Process: What is App Store Optimization
ASO Process: What is App Store OptimizationAli Raza
 
When to use Machine Learning Models in SEO and Which ones to use - Lazarina S...
When to use Machine Learning Models in SEO and Which ones to use - Lazarina S...When to use Machine Learning Models in SEO and Which ones to use - Lazarina S...
When to use Machine Learning Models in SEO and Which ones to use - Lazarina S...LazarinaStoyanova
 
Introduction to marketing Management Notes
Introduction to marketing Management NotesIntroduction to marketing Management Notes
Introduction to marketing Management NotesKiranTiwari42
 
Storyboards for my Final Major Project Video
Storyboards for my Final Major Project VideoStoryboards for my Final Major Project Video
Storyboards for my Final Major Project VideoSineadBidwell
 
From Chance to Choice - Tactical Link Building for International SEO
From Chance to Choice - Tactical Link Building for International SEOFrom Chance to Choice - Tactical Link Building for International SEO
From Chance to Choice - Tactical Link Building for International SEOSzymon Słowik
 
Inbound Marekting 2.0 - The Paradigm Shift in Marketing | Axon Garside
Inbound Marekting 2.0 - The Paradigm Shift in Marketing | Axon GarsideInbound Marekting 2.0 - The Paradigm Shift in Marketing | Axon Garside
Inbound Marekting 2.0 - The Paradigm Shift in Marketing | Axon Garsiderobwhite630290
 
Digital Marketing in 5G Era - Digital Transformation in 5G Age
Digital Marketing in 5G Era - Digital Transformation in 5G AgeDigital Marketing in 5G Era - Digital Transformation in 5G Age
Digital Marketing in 5G Era - Digital Transformation in 5G AgeDigiKarishma
 
Common Culture: Paul Willis Symbolic Creativity
Common Culture: Paul Willis Symbolic CreativityCommon Culture: Paul Willis Symbolic Creativity
Common Culture: Paul Willis Symbolic CreativityMonishka Adhikari
 
Most Impressive Construction Leaders in Tech, Making Waves in the Industry, 2...
Most Impressive Construction Leaders in Tech, Making Waves in the Industry, 2...Most Impressive Construction Leaders in Tech, Making Waves in the Industry, 2...
Most Impressive Construction Leaders in Tech, Making Waves in the Industry, 2...CIO Business World
 
Influencer Marketing Power point presentation
Influencer Marketing Power point presentationInfluencer Marketing Power point presentation
Influencer Marketing Power point presentationdgtivemarketingagenc
 
The 10 Most Inspirational Leaders LEADING THE WAY TO SUCCESS, 2024
The 10 Most Inspirational Leaders LEADING THE WAY TO SUCCESS, 2024The 10 Most Inspirational Leaders LEADING THE WAY TO SUCCESS, 2024
The 10 Most Inspirational Leaders LEADING THE WAY TO SUCCESS, 2024CIO Business World
 
5 Digital Marketing Tips | Devherds Software Solutions
5 Digital Marketing Tips | Devherds Software Solutions5 Digital Marketing Tips | Devherds Software Solutions
5 Digital Marketing Tips | Devherds Software SolutionsDevherds Software Solutions
 
top marketing posters - Fresh Spar Technologies - Manojkumar C
top marketing posters - Fresh Spar Technologies - Manojkumar Ctop marketing posters - Fresh Spar Technologies - Manojkumar C
top marketing posters - Fresh Spar Technologies - Manojkumar CManojkumar C
 
Exploring Web 3.0 Growth marketing: Navigating the Future of the Internet
Exploring Web 3.0 Growth marketing: Navigating the Future of the InternetExploring Web 3.0 Growth marketing: Navigating the Future of the Internet
Exploring Web 3.0 Growth marketing: Navigating the Future of the Internetnehapardhi711
 
Most Influential HR Leaders Leading the Corporate World, 2024 (Final file).pdf
Most Influential HR Leaders Leading the Corporate World, 2024 (Final file).pdfMost Influential HR Leaders Leading the Corporate World, 2024 (Final file).pdf
Most Influential HR Leaders Leading the Corporate World, 2024 (Final file).pdfCIO Business World
 
Digital Marketing Courses In Pune- school Of Internet Marketing
Digital Marketing Courses In Pune- school Of Internet MarketingDigital Marketing Courses In Pune- school Of Internet Marketing
Digital Marketing Courses In Pune- school Of Internet MarketingShauryaBadaya
 
A Comprehensive Guide to Technical SEO | Banyanbrain
A Comprehensive Guide to Technical SEO | BanyanbrainA Comprehensive Guide to Technical SEO | Banyanbrain
A Comprehensive Guide to Technical SEO | BanyanbrainBanyanbrain
 
Talent Management for mba 3rd sem useful
Talent Management for mba 3rd sem usefulTalent Management for mba 3rd sem useful
Talent Management for mba 3rd sem usefulAtifaArbar
 

Dernier (20)

The Impact of Digital Technologies
The Impact of Digital Technologies The Impact of Digital Technologies
The Impact of Digital Technologies
 
The power of SEO-driven market intelligence
The power of SEO-driven market intelligenceThe power of SEO-driven market intelligence
The power of SEO-driven market intelligence
 
ASO Process: What is App Store Optimization
ASO Process: What is App Store OptimizationASO Process: What is App Store Optimization
ASO Process: What is App Store Optimization
 
When to use Machine Learning Models in SEO and Which ones to use - Lazarina S...
When to use Machine Learning Models in SEO and Which ones to use - Lazarina S...When to use Machine Learning Models in SEO and Which ones to use - Lazarina S...
When to use Machine Learning Models in SEO and Which ones to use - Lazarina S...
 
Introduction to marketing Management Notes
Introduction to marketing Management NotesIntroduction to marketing Management Notes
Introduction to marketing Management Notes
 
Storyboards for my Final Major Project Video
Storyboards for my Final Major Project VideoStoryboards for my Final Major Project Video
Storyboards for my Final Major Project Video
 
From Chance to Choice - Tactical Link Building for International SEO
From Chance to Choice - Tactical Link Building for International SEOFrom Chance to Choice - Tactical Link Building for International SEO
From Chance to Choice - Tactical Link Building for International SEO
 
Inbound Marekting 2.0 - The Paradigm Shift in Marketing | Axon Garside
Inbound Marekting 2.0 - The Paradigm Shift in Marketing | Axon GarsideInbound Marekting 2.0 - The Paradigm Shift in Marketing | Axon Garside
Inbound Marekting 2.0 - The Paradigm Shift in Marketing | Axon Garside
 
Digital Marketing in 5G Era - Digital Transformation in 5G Age
Digital Marketing in 5G Era - Digital Transformation in 5G AgeDigital Marketing in 5G Era - Digital Transformation in 5G Age
Digital Marketing in 5G Era - Digital Transformation in 5G Age
 
Common Culture: Paul Willis Symbolic Creativity
Common Culture: Paul Willis Symbolic CreativityCommon Culture: Paul Willis Symbolic Creativity
Common Culture: Paul Willis Symbolic Creativity
 
Most Impressive Construction Leaders in Tech, Making Waves in the Industry, 2...
Most Impressive Construction Leaders in Tech, Making Waves in the Industry, 2...Most Impressive Construction Leaders in Tech, Making Waves in the Industry, 2...
Most Impressive Construction Leaders in Tech, Making Waves in the Industry, 2...
 
Influencer Marketing Power point presentation
Influencer Marketing Power point presentationInfluencer Marketing Power point presentation
Influencer Marketing Power point presentation
 
The 10 Most Inspirational Leaders LEADING THE WAY TO SUCCESS, 2024
The 10 Most Inspirational Leaders LEADING THE WAY TO SUCCESS, 2024The 10 Most Inspirational Leaders LEADING THE WAY TO SUCCESS, 2024
The 10 Most Inspirational Leaders LEADING THE WAY TO SUCCESS, 2024
 
5 Digital Marketing Tips | Devherds Software Solutions
5 Digital Marketing Tips | Devherds Software Solutions5 Digital Marketing Tips | Devherds Software Solutions
5 Digital Marketing Tips | Devherds Software Solutions
 
top marketing posters - Fresh Spar Technologies - Manojkumar C
top marketing posters - Fresh Spar Technologies - Manojkumar Ctop marketing posters - Fresh Spar Technologies - Manojkumar C
top marketing posters - Fresh Spar Technologies - Manojkumar C
 
Exploring Web 3.0 Growth marketing: Navigating the Future of the Internet
Exploring Web 3.0 Growth marketing: Navigating the Future of the InternetExploring Web 3.0 Growth marketing: Navigating the Future of the Internet
Exploring Web 3.0 Growth marketing: Navigating the Future of the Internet
 
Most Influential HR Leaders Leading the Corporate World, 2024 (Final file).pdf
Most Influential HR Leaders Leading the Corporate World, 2024 (Final file).pdfMost Influential HR Leaders Leading the Corporate World, 2024 (Final file).pdf
Most Influential HR Leaders Leading the Corporate World, 2024 (Final file).pdf
 
Digital Marketing Courses In Pune- school Of Internet Marketing
Digital Marketing Courses In Pune- school Of Internet MarketingDigital Marketing Courses In Pune- school Of Internet Marketing
Digital Marketing Courses In Pune- school Of Internet Marketing
 
A Comprehensive Guide to Technical SEO | Banyanbrain
A Comprehensive Guide to Technical SEO | BanyanbrainA Comprehensive Guide to Technical SEO | Banyanbrain
A Comprehensive Guide to Technical SEO | Banyanbrain
 
Talent Management for mba 3rd sem useful
Talent Management for mba 3rd sem usefulTalent Management for mba 3rd sem useful
Talent Management for mba 3rd sem useful
 

Information Security and Corporate Risk

  • 1. Industry Perspective Information Security and Corporate Risk Michael Lyons & Sean Curran Protiviti michael.lyons@protiviti.com sean.curran@protiviti.com
  • 3. 3 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.
  • 4. AP Twitter Feed Hacked April 23, 2013 1:07 PM April 23, 2013 1:08 PM 150 point drop 1:10 PM – AP tweets they have been hacked and it is erroneous 1:13 PM – News states bogus tweet, DOW recovers 1:16 PM – Jay Carney confirms POTUS is fine 1:17 PM – The Syrian Electronic Army takes responsibility Previous attacks include Reuters, CBS, and FIFA 1:30 PM – Mike Baker (AP) says attack occurred one hour after phishing email 2:28 PM – AP posts story and blames phishing attack 4 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.
  • 5. Data Centric Security Security Program and Policy •  •  •  •  •  •  •  •  •  •  •  •  Data Governance Data Classification Data Leakage Encryption & Storage Strategy Privacy Management & Implementation PCI, HITRUST and Security Compliance Planning, Readiness & Assessment •  Vendor Due Diligence Security Policy & Program Security Strategy & Architecture Security Metrics Incident Response Program Awareness & Training Other Security Identity and Access Management •  Access Mgmt Policy & Standards •  IDAM Design & Implementation •  Identity Credential Selection •  Identity Federation Strategy & Implementation Incident Response and Forensics Security Operations & Implementation •  Incident Response Strategy and Planning •  Emergency Response •  Computer Forensics •  Proactive eDiscovery Planning •  Reactive eDiscovery Support •  Security Monitoring & Intelligence •  SIEM Technology •  SOC Training & Staffing Solutions Vulnerability/Pen Testing •  •  •  •  •  5 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party. Infrastructure Vulnerability Application Vulnerability Network Vulnerability Database Vulnerability Secure Code Reviews •  Security Product Implementation
  • 6. The Lifecycle of a Breach 6 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.
  • 7. Managing the Communication •  What is your sensitive data you are protecting and has there been a security breach –  IE…has the sensitive information left the building •  Have you had cybercrime experts confirm the breach •  How and when to release info –  Sony had significant failures due to reporting breach information too quickly without all the facts –  Hannaford sent notice to 4.2MM customers although only 1800 affected •  Have you tested the process –  Incident response is a significant portion in a proper data security program. Role playing and scenario modeling are important training tools •  Regulatory requirements –  Immediately work with your legal teams before sending anything out to understand what you are required by law to state •  What is your response…how are you correcting the problem? 7 © 2012 Protiviti Inc. An Equal Opportunity Employer. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.