Risk Intelligence: Threats are the New Risk

•

0 j'aime•95 vues

Do you know the criticality of the assets within your organization? If your answer is ‘no’, don’t worry – chances are, your cyber teams don’t either. Security is badly in need of holistic security leadership. Most security practitioners don’t know that information security risk is processed the same way that physical security risk is processed. By increasing your overall risk awareness, you can take a leadership stance in security within your organization.

Direction et management

Risk Intelligence:
Threats are the New Risk

Hello!
I am Jeff Sieben
Product Manager at Resolver
@jeffsieben
jeff.sieben@resolver.com

69%Companies can identify controls
41%Identify Key Information
47%Categorize Information
Source: Ponemon Report The Imperative to Raise Enterprise Risk Intelligence, 2017

63%
51%
51%
Reputation Damage
Cyber breach
Business disruption
63% FEAR
Reputation Damage
Source: Ponemon Report The Imperative to Raise Enterprise Risk Intelligence, 2017

53%
STILL OPERATE
IN SILOS
Source: Ponemon Report The Imperative to Raise Enterprise Risk Intelligence, 2017

Smarter, Faster, Better
The Transformative Power of
REAL Productivity
By Charles Duhigg

$396M
Budget to Complete over 6 years
$20M
New Budget, Less than 2 years
20
People on Project Team
Source: Ponemon Report The Imperative to Raise Enterprise Risk Intelligence, 2017

106,000+CVE Vulnerabilities in NIST National Vulnerability Database
Source: https://nvd.nist.gov/general/nvd-dashboard MAY 2018

Relevant Resolver Tools
▪ Resolver Security Risk Management
▪ Incident Management
▪ Enterprise Risk Security Management
▪ Security Audit
▪ Information Security (RiskVision)
▪ Threat & Vulnerability Management
▪ Third Party Risk Management
▪ Business Resilience (Global AlertLink)
▪ Business Continuity
▪ Disaster Recovery
▪ Emergency Management

Resources to Check Out
▪ NIST National Vulnerability Database
▪ US-CERT – Computer Emergency Readiness Team
▪ SANS Institute
▪ Krebs on Security
▪ OWASP Top 10 – Vulnerabilities, Controls

Thanks!
Any questions?
@jeffsieben
jeff.sieben@resolver.com

Recommandé

Planning a move from Perspective to COREResolver Inc.

Why Your Organization Should Leverage Data Science for Risk Intelligence and ...Resolver Inc.

An Intro to CoreResolver Inc.

An Intro to Resolver's Incident Management ApplicationResolver Inc.

Integrated Risk Management 101Resolver Inc.

Int:rsect: CEO Address with Will AndersonResolver Inc.

Bring Better Data to the Office Opinion PartyResolver Inc.

The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.

Recommandé

Planning a move from Perspective to COREResolver Inc.

Why Your Organization Should Leverage Data Science for Risk Intelligence and ...Resolver Inc.

An Intro to CoreResolver Inc.

An Intro to Resolver's Incident Management ApplicationResolver Inc.

Integrated Risk Management 101Resolver Inc.

Int:rsect: CEO Address with Will AndersonResolver Inc.

Bring Better Data to the Office Opinion PartyResolver Inc.

The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.

An Intro to Resolver's Compliance ApplicationResolver Inc.

Improving Security MetricsDoug Copley

How to Prove the Value of Security InvestmentsResolver Inc.

Integrated Security & Risk Management: BenchmarkingResolver Inc.

An Intro to Resolver's Risk ApplicationResolver Inc.

Data Driven Risk ManagementResolver Inc.

7 Lessons Learned From BSIMMCigital

App Showcase: ComplianceResolver Inc.

MP_OneSheet_VulnThreatKatherine Johnston, CFE

Taking a Data-Driven Approach to Business ContinuityResolver Inc.

Improve Your Risk Assessment Process in 4 StepsResolver Inc.

The Security Practitioner of the FutureResolver Inc.

Introduction to Core AssessmentsResolver Inc.

Spreadsheets vs Software for SOX ComplianceResolver Inc.

Modern Security RiskPhil Huggins FBCS CITP

Measuring DDoS Risk using FAIR (Factor Analysis of Information RiskTony Martin-Vegue

Reporting to the Board on Corporate ComplianceResolver Inc.

Software Security MetricsCigital

Risk Management Case Study - Applied ConceptsResolver Inc.

011918 executive breach_simulation_customer_fac_rsRichard Smiraldi

Harvey Nash UK & IRE Cyber Security Survey 2016Bryan Smith

Cybersecurity Talent : The Big Gap in Cyber ProtectionCapgemini

Contenu connexe

Tendances

An Intro to Resolver's Compliance ApplicationResolver Inc.

Improving Security MetricsDoug Copley

How to Prove the Value of Security InvestmentsResolver Inc.

Integrated Security & Risk Management: BenchmarkingResolver Inc.

An Intro to Resolver's Risk ApplicationResolver Inc.

Data Driven Risk ManagementResolver Inc.

7 Lessons Learned From BSIMMCigital

App Showcase: ComplianceResolver Inc.

MP_OneSheet_VulnThreatKatherine Johnston, CFE

Taking a Data-Driven Approach to Business ContinuityResolver Inc.

Improve Your Risk Assessment Process in 4 StepsResolver Inc.

The Security Practitioner of the FutureResolver Inc.

Introduction to Core AssessmentsResolver Inc.

Spreadsheets vs Software for SOX ComplianceResolver Inc.

Modern Security RiskPhil Huggins FBCS CITP

Measuring DDoS Risk using FAIR (Factor Analysis of Information RiskTony Martin-Vegue

Reporting to the Board on Corporate ComplianceResolver Inc.

Software Security MetricsCigital

Risk Management Case Study - Applied ConceptsResolver Inc.

011918 executive breach_simulation_customer_fac_rsRichard Smiraldi

Tendances (20)

An Intro to Resolver's Compliance Application

Improving Security Metrics

How to Prove the Value of Security Investments

Integrated Security & Risk Management: Benchmarking

An Intro to Resolver's Risk Application

Data Driven Risk Management

7 Lessons Learned From BSIMM

App Showcase: Compliance

MP_OneSheet_VulnThreat

Taking a Data-Driven Approach to Business Continuity

Improve Your Risk Assessment Process in 4 Steps

The Security Practitioner of the Future

Introduction to Core Assessments

Spreadsheets vs Software for SOX Compliance

Modern Security Risk

Measuring DDoS Risk using FAIR (Factor Analysis of Information Risk

Reporting to the Board on Corporate Compliance

Software Security Metrics

Risk Management Case Study - Applied Concepts

011918 executive breach_simulation_customer_fac_rs

Similaire à Risk Intelligence: Threats are the New Risk

Harvey Nash UK & IRE Cyber Security Survey 2016Bryan Smith

Cybersecurity Talent : The Big Gap in Cyber ProtectionCapgemini

Adapted from an ESG report - Outnumbered, Outgunned. Proofpoint

Charney hr trendsRecruitingDaily.com LLC

Security Incident Response Readiness Survey Rahul Neel Mani

2019 DerbyCon - Ryan Elkins - Scientific Computing for Information SecurityRyan Elkins

New Synopsys research uncovers security's biggest challengesSynopsys Software Integrity Group

Cyber security incidents implications in business continuity planningPECB

Cybersecurity report-vol-8Mohamed Abdelhakim

High Performance Security Report - High TechnologyAccenture Security

Executive Summary of the 2016 Scalar Security StudyScalar Decisions

2016 Scalar Security Study Executive Summarypatmisasi

BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating ProvidersMighty Guides, Inc.

2018 U.S State of CybercrimeIDG

State of Endpoint Security: The Buyers MindsetCrowdStrike

Accenture 2017 Global Risk Study: Capital Markets Summaryaccenture

Using your Intranet to boost Employee EngagementStephan Schillerwein

The 7 Factors of CISO ImpactIANS

The 7 Factors of CISO ImpactAndrew Sanders

Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Mighty Guides, Inc.

Similaire à Risk Intelligence: Threats are the New Risk (20)

Harvey Nash UK & IRE Cyber Security Survey 2016

Cybersecurity Talent : The Big Gap in Cyber Protection

Adapted from an ESG report - Outnumbered, Outgunned.

Charney hr trends

Security Incident Response Readiness Survey

2019 DerbyCon - Ryan Elkins - Scientific Computing for Information Security

New Synopsys research uncovers security's biggest challenges

Cyber security incidents implications in business continuity planning

Cybersecurity report-vol-8

High Performance Security Report - High Technology

Executive Summary of the 2016 Scalar Security Study

2016 Scalar Security Study Executive Summary

BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers

2018 U.S State of Cybercrime

State of Endpoint Security: The Buyers Mindset

Accenture 2017 Global Risk Study: Capital Markets Summary

Using your Intranet to boost Employee Engagement

The 7 Factors of CISO Impact

Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...

Plus de Resolver Inc.

ERM Benchmarking Survey ResultsResolver Inc.

Best Practices and ROI for Risk-based Vulnerability ManagementResolver Inc.

Terrorism in a Corporate SettingResolver Inc.

Information Security Best Practices: Keeping Your Company's Data SafeResolver Inc.

Security Trends: From "Silos" to Integrated Risk ManagementResolver Inc.

Modelling your Business Processes with Resolver CoreResolver Inc.

How Resolver Uses ResolverResolver Inc.

Scammed: Defend Against Social EngineeringResolver Inc.

A Peek at adidas Group's Integrated Risk & Security Management StrategyResolver Inc.

An Intro to Resolver's Resilience ApplicationResolver Inc.

Data Driven Risk AssessmentResolver Inc.

How to Achieve a Fully Integrated Approach to Business ResilienceResolver Inc.

Keeping Your Data CleanResolver Inc.

Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...Resolver Inc.

An Intro to Resolver's InfoSec Application (RiskVision)Resolver Inc.

Leveraging Change Leadership to Find Success in your IRM ProgramResolver Inc.

How to Use Storytelling to Communicate with ExecutivesResolver Inc.

Creating an Enterprise-Wide Workplace Violence & Threat Assessment TeamResolver Inc.

Lessons Learned in the Aftermath of Hurricanes Harvey & IrmaResolver Inc.

Planning a move from GRC Cloud to COREResolver Inc.

Plus de Resolver Inc. (20)

ERM Benchmarking Survey Results

Best Practices and ROI for Risk-based Vulnerability Management

Terrorism in a Corporate Setting

Information Security Best Practices: Keeping Your Company's Data Safe

Security Trends: From "Silos" to Integrated Risk Management

Modelling your Business Processes with Resolver Core

How Resolver Uses Resolver

Scammed: Defend Against Social Engineering

A Peek at adidas Group's Integrated Risk & Security Management Strategy

An Intro to Resolver's Resilience Application

Data Driven Risk Assessment

How to Achieve a Fully Integrated Approach to Business Resilience

Keeping Your Data Clean

Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...

An Intro to Resolver's InfoSec Application (RiskVision)

Leveraging Change Leadership to Find Success in your IRM Program

How to Use Storytelling to Communicate with Executives

Creating an Enterprise-Wide Workplace Violence & Threat Assessment Team

Lessons Learned in the Aftermath of Hurricanes Harvey & Irma

Planning a move from GRC Cloud to CORE

Dernier

Discover -CQ Master Class - Rikita Wadhwa.pdfPPMA - Public Sector People Managers' Association

Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Pooja Nehwal

situational leadership theory by Misba Fathima Smisbafathima9940

Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Pooja Nehwal

internal analysis on strategic managementharfimakarim

Unlocking the Future - Dr Max Blumberg, Founder of Blumberg PartnershipPPMA - Public Sector People Managers' Association

{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, MumbaiPooja Nehwal

Becoming an Inclusive Leader - Bernadette ThompsonPPMA - Public Sector People Managers' Association

operational plan ppt.pptx nursing managementTulsiDhidhi1

Leadership in Crisis - Helio Vogas, Risk & Leadership Keynote SpeakerPPMA - Public Sector People Managers' Association

VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girladitipandeya

VIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call Girladitipandeya

Rohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceCall Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure

Empowering Local Government Frontline Services - Mo Baines.pdfPPMA - Public Sector People Managers' Association

LoveLocalGov - Chris Twigg, Inner CirclePPMA - Public Sector People Managers' Association

CEO of Google, Sunder Pichai's biographyHafizMuhammadAbdulla5

Does Leadership Possible Without a Vision.pptxSaqib Mansoor Ahmed

Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure

Dealing with Poor Performance - get the full picture from 3C Performance Mana...Hedda Bird

Disrupt or be Disrupted - Kirk Vallis.pdfPPMA - Public Sector People Managers' Association

Dernier (20)

Discover -CQ Master Class - Rikita Wadhwa.pdf

Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...

situational leadership theory by Misba Fathima S

Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...

internal analysis on strategic management

Unlocking the Future - Dr Max Blumberg, Founder of Blumberg Partnership

{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai

Becoming an Inclusive Leader - Bernadette Thompson

operational plan ppt.pptx nursing management

Leadership in Crisis - Helio Vogas, Risk & Leadership Keynote Speaker

VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl

VIP 7001035870 Find & Meet Hyderabad Call Girls Kondapur high-profile Call Girl

Rohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No Advance

Empowering Local Government Frontline Services - Mo Baines.pdf

LoveLocalGov - Chris Twigg, Inner Circle

CEO of Google, Sunder Pichai's biography

Does Leadership Possible Without a Vision.pptx

Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE

Dealing with Poor Performance - get the full picture from 3C Performance Mana...

Disrupt or be Disrupted - Kirk Vallis.pdf

Risk Intelligence: Threats are the New Risk

1. Risk Intelligence: Threats are the New Risk

2. Hello! I am Jeff Sieben Product Manager at Resolver @jeffsieben jeff.sieben@resolver.com

3. 69%Companies can identify controls 41%Identify Key Information 47%Categorize Information Source: Ponemon Report The Imperative to Raise Enterprise Risk Intelligence, 2017

4. 63% 51% 51% Reputation Damage Cyber breach Business disruption 63% FEAR Reputation Damage Source: Ponemon Report The Imperative to Raise Enterprise Risk Intelligence, 2017

5. 53% STILL OPERATE IN SILOS Source: Ponemon Report The Imperative to Raise Enterprise Risk Intelligence, 2017

6. FOCUS ON TEAMWORK

7. Smarter, Faster, Better The Transformative Power of REAL Productivity By Charles Duhigg

8. $396M Budget to Complete over 6 years $20M New Budget, Less than 2 years 20 People on Project Team Source: Ponemon Report The Imperative to Raise Enterprise Risk Intelligence, 2017

9. The Risk Intelligence Manager

10. 106,000+CVE Vulnerabilities in NIST National Vulnerability Database Source: https://nvd.nist.gov/general/nvd-dashboard MAY 2018

11. Relevant Resolver Tools ▪ Resolver Security Risk Management ▪ Incident Management ▪ Enterprise Risk Security Management ▪ Security Audit ▪ Information Security (RiskVision) ▪ Threat & Vulnerability Management ▪ Third Party Risk Management ▪ Business Resilience (Global AlertLink) ▪ Business Continuity ▪ Disaster Recovery ▪ Emergency Management

12. Resources to Check Out ▪ NIST National Vulnerability Database ▪ US-CERT – Computer Emergency Readiness Team ▪ SANS Institute ▪ Krebs on Security ▪ OWASP Top 10 – Vulnerabilities, Controls

13. Thanks! Any questions? @jeffsieben jeff.sieben@resolver.com