SlideShare une entreprise Scribd logo

#BCMeeting2019: Rethinking Cybersecurity

Télécharger en tant que PPTX, PDF
International Chamber of Commerce - ICC
International Chamber of Commerce - ICC

Presentation provided at the Annual ICC Banking Commission Meeting by Sukand Ramachandran on 11 April 2019.

Économie & finance
1  sur  4
Scenarios Threat Actors Attack Vectors Vulnerabilities Cyber threat scenarios … … act on assets … … to create a financial impact Datacentres Infrastructure BU 1 Apps + Data BU 2 Apps + Data BU 3 Apps + Data BU 4 Apps + Data Cyber control environment
NIST is an industry standard framework for categorising Cyber controls Governance Outlines key governance processes that must be in place to manage cybersecurity environments, centered around strategy, policy and audit Identify Assists in developing controls required to identify where a cybersecurity event may take place, and understand the risk to systems, people, assets, data, and capabilities Protect Outlines appropriate safeguards to ensure delivery of critical infrastructure services, and supports the ability to limit or contain the impact of a potential cybersecurity event Detect Defines the appropriate activities to identify the occurrence of a cybersecurity event, driving to timely discovery of cybersecurity events Respond Includes appropriate activities to take action regarding a detected cybersecurity incident, including how to contain the impact of a potential cybersecurity incident. Recover Identifies appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident Explains how to manage and minimise supply chain and third party dependency risks that organisations have less control over Supply chain/dep. management
Estimating the impact of cybersecurity events … … enables clear communication of impact/mitigations Taking a methodology we're comfortable with … Expected Loss = Likelihood of Default x Impact given Default Likelihood of success x Financial Impact = Exposure ThreatIntensity (ThreatActors+AttackVectors) Vulnerability (as a function of controls) …and applying it to different types of cyber risk Allows estimation of loss impacts on assets … … and how to reduce impact through cyber mitigations
Call To Action! We need alignment on taxonomy … ...and to use similar methodologies

Recommandé

2. Defence Systems
2. Defence Systems2. Defence Systems
2. Defence SystemsNapier University
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 
Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Kinetic Potential
 
Improving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkImproving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkWilliam McBorrough
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...
Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...
Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...Donald E. Hester
 
Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Avinash Ramineni
 

Recommandé

2. Defence Systems
2. Defence Systems2. Defence Systems
2. Defence SystemsNapier University
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 
Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Kinetic Potential
 
Improving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkImproving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkWilliam McBorrough
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...
Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...
Understanding the Risk Management Framework & (ISC)2 CAP Module 15: Incident ...Donald E. Hester
 
Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Avinash Ramineni
 
CCA study group
CCA study groupCCA study group
CCA study groupIIBA UK Chapter
 
Physical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentPhysical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentVidSys, Inc.
 
Enterprise Threat Management
Enterprise Threat ManagementEnterprise Threat Management
Enterprise Threat ManagementHaystax Technology
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellenceErik Taavila
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisIJERD Editor
 
What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813Kinetic Potential
 
Information risk management
Information risk managementInformation risk management
Information risk managementAkash Saraswat
 
Best cloud security practices with MITRE ATT&CK
Best cloud security practices with MITRE ATT&CKBest cloud security practices with MITRE ATT&CK
Best cloud security practices with MITRE ATT&CKShriya Rai
 
SIEM : Security Information and Event Management
SIEM : Security Information and Event Management SIEM : Security Information and Event Management
SIEM : Security Information and Event Management SHRIYARAI4
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayInfo-Tech Research Group
 
Lesson 3
Lesson 3Lesson 3
Lesson 3MLG College of Learning, Inc
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk ManagmentMLG College of Learning, Inc
 
Information Serurity Risk Assessment Basics
Information Serurity Risk Assessment BasicsInformation Serurity Risk Assessment Basics
Information Serurity Risk Assessment BasicsVidyalankar Institute of Technology
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency SolutionsAnthony Dials
 
Master Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolMaster Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolHernan Huwyler, MBA CPA
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Incident Response
Incident ResponseIncident Response
Incident ResponseMichaelRodriguesdosS1
 
RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2Ron Miller
 
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningRisk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningKeyaan Williams
 
Cybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCiente
 
Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfChris Galvan
 

Contenu connexe

Tendances

Physical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentPhysical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentVidSys, Inc.
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellenceErik Taavila
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisIJERD Editor
 
What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813Kinetic Potential
 
Information risk management
Information risk managementInformation risk management
Information risk managementAkash Saraswat
 
Best cloud security practices with MITRE ATT&CK
Best cloud security practices with MITRE ATT&CKBest cloud security practices with MITRE ATT&CK
Best cloud security practices with MITRE ATT&CKShriya Rai
 
SIEM : Security Information and Event Management
SIEM : Security Information and Event Management SIEM : Security Information and Event Management
SIEM : Security Information and Event Management SHRIYARAI4
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency SolutionsAnthony Dials
 
Master Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolMaster Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolHernan Huwyler, MBA CPA
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2Ron Miller
 
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningRisk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningKeyaan Williams
 

Tendances (20)

CCA study group
CCA study groupCCA study group
CCA study group
 
Physical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentPhysical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the Government
 
Enterprise Threat Management
Enterprise Threat ManagementEnterprise Threat Management
Enterprise Threat Management
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellence
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network Analysis
 
What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813
 
Information risk management
Information risk managementInformation risk management
Information risk management
 
Best cloud security practices with MITRE ATT&CK
Best cloud security practices with MITRE ATT&CKBest cloud security practices with MITRE ATT&CK
Best cloud security practices with MITRE ATT&CK
 
SIEM : Security Information and Event Management
SIEM : Security Information and Event Management SIEM : Security Information and Event Management
SIEM : Security Information and Event Management
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk Managment
 
Information Serurity Risk Assessment Basics
Information Serurity Risk Assessment BasicsInformation Serurity Risk Assessment Basics
Information Serurity Risk Assessment Basics
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency Solutions
 
Master Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolMaster Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines School
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2
 
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningRisk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
 

Similaire à #BCMeeting2019: Rethinking Cybersecurity

Cybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCiente
 
Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfChris Galvan
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxsoulscout02
 
Enterprise Risk Management-Paper
Enterprise Risk Management-PaperEnterprise Risk Management-Paper
Enterprise Risk Management-PaperPierre Samson
 
Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016Amgad Magdy
 
IT 552 Module Five Assignment Rubric The purpose of t.docx
IT 552 Module Five Assignment Rubric The purpose of t.docxIT 552 Module Five Assignment Rubric The purpose of t.docx
IT 552 Module Five Assignment Rubric The purpose of t.docxchristiandean12115
 
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachThe 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachProtected Harbor
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)April Mardock CISSP
 
Cybersecurity Assessment Framework - Slideshare.pptx
Cybersecurity Assessment Framework - Slideshare.pptxCybersecurity Assessment Framework - Slideshare.pptx
Cybersecurity Assessment Framework - Slideshare.pptxAzra'ee Mamat
 
case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)ishan parikh production
 
u10a1-Risk Assessment Report-Beji Jacob
u10a1-Risk Assessment Report-Beji Jacobu10a1-Risk Assessment Report-Beji Jacob
u10a1-Risk Assessment Report-Beji JacobBeji Jacob
 
Best Open Threat Management Platform in USA
Best Open Threat Management Platform in USABest Open Threat Management Platform in USA
Best Open Threat Management Platform in USACompanySeceon
 
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docx
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docxProject 4 Threat Analysis and ExploitationTranscript (backgroun.docx
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docxstilliegeorgiana
 
Ch08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.comCh08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.comphanleson
 
Satori Whitepaper: Threat Intelligence - a path to taming digital threats
Satori Whitepaper: Threat Intelligence - a path to taming digital threatsSatori Whitepaper: Threat Intelligence - a path to taming digital threats
Satori Whitepaper: Threat Intelligence - a path to taming digital threatsDean Evans
 
Ca world 2007 SOC integration
Ca world 2007 SOC integrationCa world 2007 SOC integration
Ca world 2007 SOC integrationMichael Nickle
 
Presentation1 A.pptx
Presentation1 A.pptxPresentation1 A.pptx
Presentation1 A.pptxRabinBidari
 
Forging Partnerships Between Auditors and Security Managers
Forging Partnerships Between Auditors and Security ManagersForging Partnerships Between Auditors and Security Managers
Forging Partnerships Between Auditors and Security Managersamiable_indian
 
Reorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsReorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsLumension
 

Similaire à #BCMeeting2019: Rethinking Cybersecurity (20)

Cybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdf
 
Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdf
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
 
Enterprise Risk Management-Paper
Enterprise Risk Management-PaperEnterprise Risk Management-Paper
Enterprise Risk Management-Paper
 
Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016
 
IT 552 Module Five Assignment Rubric The purpose of t.docx
IT 552 Module Five Assignment Rubric The purpose of t.docxIT 552 Module Five Assignment Rubric The purpose of t.docx
IT 552 Module Five Assignment Rubric The purpose of t.docx
 
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachThe 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)
 
Cybersecurity Assessment Framework - Slideshare.pptx
Cybersecurity Assessment Framework - Slideshare.pptxCybersecurity Assessment Framework - Slideshare.pptx
Cybersecurity Assessment Framework - Slideshare.pptx
 
case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)
 
u10a1-Risk Assessment Report-Beji Jacob
u10a1-Risk Assessment Report-Beji Jacobu10a1-Risk Assessment Report-Beji Jacob
u10a1-Risk Assessment Report-Beji Jacob
 
Best Open Threat Management Platform in USA
Best Open Threat Management Platform in USABest Open Threat Management Platform in USA
Best Open Threat Management Platform in USA
 
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docx
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docxProject 4 Threat Analysis and ExploitationTranscript (backgroun.docx
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docx
 
Ch08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.comCh08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.com
 
Satori Whitepaper: Threat Intelligence - a path to taming digital threats
Satori Whitepaper: Threat Intelligence - a path to taming digital threatsSatori Whitepaper: Threat Intelligence - a path to taming digital threats
Satori Whitepaper: Threat Intelligence - a path to taming digital threats
 
Ca world 2007 SOC integration
Ca world 2007 SOC integrationCa world 2007 SOC integration
Ca world 2007 SOC integration
 
Presentation1 A.pptx
Presentation1 A.pptxPresentation1 A.pptx
Presentation1 A.pptx
 
Forging Partnerships Between Auditors and Security Managers
Forging Partnerships Between Auditors and Security ManagersForging Partnerships Between Auditors and Security Managers
Forging Partnerships Between Auditors and Security Managers
 
ISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochureISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochure
 
Reorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsReorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's Threats
 

Plus de International Chamber of Commerce - ICC

Update on Incoterms® 2020, ICC Marketplace, ICC Digital Library and chambers ...
Update on Incoterms® 2020, ICC Marketplace, ICC Digital Library and chambers ...Update on Incoterms® 2020, ICC Marketplace, ICC Digital Library and chambers ...
Update on Incoterms® 2020, ICC Marketplace, ICC Digital Library and chambers ...International Chamber of Commerce - ICC
 
Reports from ICC BC Task Forces - Financial Crime Risk - Henri Dambrieres
Reports from ICC BC Task Forces - Financial Crime Risk - Henri DambrieresReports from ICC BC Task Forces - Financial Crime Risk - Henri Dambrieres
Reports from ICC BC Task Forces - Financial Crime Risk - Henri DambrieresInternational Chamber of Commerce - ICC
 
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative International Chamber of Commerce - ICC
 
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative International Chamber of Commerce - ICC
 
ICC BANKING COMMISSION MIAMI MEETING 2018: Day 2 @ 16:00 Sustainability and T...
ICC BANKING COMMISSION MIAMI MEETING 2018: Day 2 @ 16:00 Sustainability and T...ICC BANKING COMMISSION MIAMI MEETING 2018: Day 2 @ 16:00 Sustainability and T...
ICC BANKING COMMISSION MIAMI MEETING 2018: Day 2 @ 16:00 Sustainability and T...International Chamber of Commerce - ICC
 

Plus de International Chamber of Commerce - ICC (20)

Update from the Finance for Development Hub
Update from the Finance for Development Hub Update from the Finance for Development Hub
Update from the Finance for Development Hub
 
Digital Trade Roadmap
Digital Trade RoadmapDigital Trade Roadmap
Digital Trade Roadmap
 
Update on Incoterms® 2020, ICC Marketplace, ICC Digital Library and chambers ...
Update on Incoterms® 2020, ICC Marketplace, ICC Digital Library and chambers ...Update on Incoterms® 2020, ICC Marketplace, ICC Digital Library and chambers ...
Update on Incoterms® 2020, ICC Marketplace, ICC Digital Library and chambers ...
 
Uniform Rules for Digital Trade (URDT)
Uniform Rules for Digital Trade (URDT)Uniform Rules for Digital Trade (URDT)
Uniform Rules for Digital Trade (URDT)
 
Reports from ICC BC Task Forces - Financial Crime Risk - Henri Dambrieres
Reports from ICC BC Task Forces - Financial Crime Risk - Henri DambrieresReports from ICC BC Task Forces - Financial Crime Risk - Henri Dambrieres
Reports from ICC BC Task Forces - Financial Crime Risk - Henri Dambrieres
 
Reports from ICC BC Task Forces - Financial Crime Risk - Graham Baldock
Reports from ICC BC Task Forces - Financial Crime Risk - Graham BaldockReports from ICC BC Task Forces - Financial Crime Risk - Graham Baldock
Reports from ICC BC Task Forces - Financial Crime Risk - Graham Baldock
 
Documentary Credit Practices: Controversy & Guidance
Documentary Credit Practices: Controversy & GuidanceDocumentary Credit Practices: Controversy & Guidance
Documentary Credit Practices: Controversy & Guidance
 
#BCMeeting2019: Digital Transformation
#BCMeeting2019: Digital Transformation#BCMeeting2019: Digital Transformation
#BCMeeting2019: Digital Transformation
 
#BCMeeting2019: UR for Demand Guarantees
#BCMeeting2019: UR for Demand Guarantees#BCMeeting2019: UR for Demand Guarantees
#BCMeeting2019: UR for Demand Guarantees
 
#BCMeeting2019: Trade and the RMB Market
#BCMeeting2019: Trade and the RMB Market#BCMeeting2019: Trade and the RMB Market
#BCMeeting2019: Trade and the RMB Market
 
#BCMeeting2019: Outlook for Global Trade
#BCMeeting2019: Outlook for Global Trade #BCMeeting2019: Outlook for Global Trade
#BCMeeting2019: Outlook for Global Trade
 
#BCMeeting2019: Documentary Credit Practices
#BCMeeting2019: Documentary Credit Practices#BCMeeting2019: Documentary Credit Practices
#BCMeeting2019: Documentary Credit Practices
 
#BCMeeting2019: Basel III Reforms
#BCMeeting2019: Basel III Reforms#BCMeeting2019: Basel III Reforms
#BCMeeting2019: Basel III Reforms
 
#BCMeeting2019: ICC Trade Register Report
#BCMeeting2019: ICC Trade Register Report#BCMeeting2019: ICC Trade Register Report
#BCMeeting2019: ICC Trade Register Report
 
2018 10 17 Tbilisi Legal Committee
2018 10 17 Tbilisi Legal Committee2018 10 17 Tbilisi Legal Committee
2018 10 17 Tbilisi Legal Committee
 
ICC Banking Commission Technical Meeting
ICC Banking Commission Technical MeetingICC Banking Commission Technical Meeting
ICC Banking Commission Technical Meeting
 
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
 
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
ICC Banking Commission Technical Meeting 17/10/2018 - Outreach initiative
 
11h00 icc trade register - krishnan ramadurai (1)
11h00 icc trade register - krishnan ramadurai (1)11h00 icc trade register - krishnan ramadurai (1)
11h00 icc trade register - krishnan ramadurai (1)
 
ICC BANKING COMMISSION MIAMI MEETING 2018: Day 2 @ 16:00 Sustainability and T...
ICC BANKING COMMISSION MIAMI MEETING 2018: Day 2 @ 16:00 Sustainability and T...ICC BANKING COMMISSION MIAMI MEETING 2018: Day 2 @ 16:00 Sustainability and T...
ICC BANKING COMMISSION MIAMI MEETING 2018: Day 2 @ 16:00 Sustainability and T...
 

Dernier

The Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfThe Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfGale Pooley
 
Malad Call Girl in Services 9892124323 | ₹,4500 With Room Free Delivery
Malad Call Girl in Services 9892124323 | ₹,4500 With Room Free DeliveryMalad Call Girl in Services 9892124323 | ₹,4500 With Room Free Delivery
Malad Call Girl in Services 9892124323 | ₹,4500 With Room Free DeliveryPooja Nehwal
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptxFinTech Belgium
 
Lundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfLundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfAdnet Communications
 
00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptxFinTech Belgium
 
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With RoomVIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Roomdivyansh0kumar0
 
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Pooja Nehwal
 
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsHigh Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Delhi Call girls
 
Dividend Policy and Dividend Decision Theories.pptx
Dividend Policy and Dividend Decision Theories.pptxDividend Policy and Dividend Decision Theories.pptx
Dividend Policy and Dividend Decision Theories.pptxanshikagoel52
 
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...ssifa0344
 
Instant Issue Debit Cards - High School Spirit
Instant Issue Debit Cards - High School SpiritInstant Issue Debit Cards - High School Spirit
Instant Issue Debit Cards - High School Spiritegoetzinger
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfGale Pooley
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...Call Girls in Nagpur High Profile
 
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...ssifa0344
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Pooja Nehwal
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfGale Pooley
 
20240417-Calibre-April-2024-Investor-Presentation.pdf
20240417-Calibre-April-2024-Investor-Presentation.pdf20240417-Calibre-April-2024-Investor-Presentation.pdf
20240417-Calibre-April-2024-Investor-Presentation.pdfAdnet Communications
 
The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfGale Pooley
 

Dernier (20)

Commercial Bank Economic Capsule - April 2024
Commercial Bank Economic Capsule - April 2024Commercial Bank Economic Capsule - April 2024
Commercial Bank Economic Capsule - April 2024
 
The Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfThe Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdf
 
Malad Call Girl in Services 9892124323 | ₹,4500 With Room Free Delivery
Malad Call Girl in Services 9892124323 | ₹,4500 With Room Free DeliveryMalad Call Girl in Services 9892124323 | ₹,4500 With Room Free Delivery
Malad Call Girl in Services 9892124323 | ₹,4500 With Room Free Delivery
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
Lundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfLundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdf
 
00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx
 
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With RoomVIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
 
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
 
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsHigh Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
 
Dividend Policy and Dividend Decision Theories.pptx
Dividend Policy and Dividend Decision Theories.pptxDividend Policy and Dividend Decision Theories.pptx
Dividend Policy and Dividend Decision Theories.pptx
 
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
 
Instant Issue Debit Cards - High School Spirit
Instant Issue Debit Cards - High School SpiritInstant Issue Debit Cards - High School Spirit
Instant Issue Debit Cards - High School Spirit
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdf
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
 
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdf
 
20240417-Calibre-April-2024-Investor-Presentation.pdf
20240417-Calibre-April-2024-Investor-Presentation.pdf20240417-Calibre-April-2024-Investor-Presentation.pdf
20240417-Calibre-April-2024-Investor-Presentation.pdf
 
The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdf
 

#BCMeeting2019: Rethinking Cybersecurity

  • 1. Scenarios Threat Actors Attack Vectors Vulnerabilities Cyber threat scenarios … … act on assets … … to create a financial impact Datacentres Infrastructure BU 1 Apps + Data BU 2 Apps + Data BU 3 Apps + Data BU 4 Apps + Data Cyber control environment
  • 2. NIST is an industry standard framework for categorising Cyber controls Governance Outlines key governance processes that must be in place to manage cybersecurity environments, centered around strategy, policy and audit Identify Assists in developing controls required to identify where a cybersecurity event may take place, and understand the risk to systems, people, assets, data, and capabilities Protect Outlines appropriate safeguards to ensure delivery of critical infrastructure services, and supports the ability to limit or contain the impact of a potential cybersecurity event Detect Defines the appropriate activities to identify the occurrence of a cybersecurity event, driving to timely discovery of cybersecurity events Respond Includes appropriate activities to take action regarding a detected cybersecurity incident, including how to contain the impact of a potential cybersecurity incident. Recover Identifies appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident Explains how to manage and minimise supply chain and third party dependency risks that organisations have less control over Supply chain/dep. management
  • 3. Estimating the impact of cybersecurity events … … enables clear communication of impact/mitigations Taking a methodology we're comfortable with … Expected Loss = Likelihood of Default x Impact given Default Likelihood of success x Financial Impact = Exposure ThreatIntensity (ThreatActors+AttackVectors) Vulnerability (as a function of controls) …and applying it to different types of cyber risk Allows estimation of loss impacts on assets … … and how to reduce impact through cyber mitigations
  • 4. Call To Action! We need alignment on taxonomy … ...and to use similar methodologies