Who's responsible for cybersecurity at your organization? The accountability for cybersecurity has shifted to the C-Suite, and it's needs to become part of the overall business strategy.

1. How to Raise
Cyber Risk Awareness and
Management to the C-Suite

2. Today’s Speakers
2
Jason Polancich
Founder & Chief
Architect
SurfWatch Labs

3. Today’s Speakers
Chris Broderick
President & CEO
TerraGo Technologies
Company Confidential 3

4. Cybersecurity Accountability
Has Shifted to the C-Suite
4
“… boards that choose to ignore,
or minimize, the importance of
cybersecurity oversight responsibility,
do so at their own peril.”
- Luis A. Aguilar, SEC Commissioner

5. Cybersecurity Needs to be Part
of the Overall Business Strategy
5
• What cyber events are
occurring in our industry?
• What Cyber Risk KPI’s
should we track?
• Are we spending in the
right areas?
• Have any suppliers been
breached recently?

6. Cyber Risks Lost in Translation
6
Antivirus
Firewalls
Citadel
Trojan
Zeus
Man-in-the-
Middle
IDS/IPS
Backoff
POS
Netflow
Analysis
Packet
Reflection
Packet
Inspection
Malware
Detection
What does this all mean to the business?

7. Cybersecurity Management is
Being Elevated in Organizations
7
From Facilities…
to Server Rooms…
to Board Rooms

8. Rising Costs of Insecurity
$5.9M
is the Average Cost
of a Data Breach
• Cost/compromised record increased from $188 to $201
• Customer turnover rate increased by 15%
8
Source: 2014 Cost of Data Breach Study: Global Analysis, Ponemon Institute

9. Aligning Cybersecurity Spend
with Your Cyber Risk Reality
9

10. Sound Cybersecurity is a
Competitive Advantage
10
69% of US executives are
worried that cyber threats
will impact growth.
— PwC, 17th Annual Global CEO Survey

11. 11

12. Address Cyber Risks Now,
Instead of Responding to Threats
12

13. Tracking Cyber Risks as Part of
Overall Risk Management
• Elevate cybersecurity
to higher level
discussion and strategy
through business
intelligence approach
• Measure cyber risks
through Key
Performance Indicators
(KPI’s)
13

14. Cybersecurity Requirements
Being Specified in RFPs
14
Request for Proposal
ACME Corp
Cybersecurity Practices
1.Describe the safeguards in place to protect
customer information.
2.Who has access (physical and/or remote)
to systems that house sensitive information?
3.Describe your network segmentation
architecture.
4.What policies and controls are in place with
regards to laptops and mobile devices?
5.How do you monitor and assess cyber
risks?
• Customers are concerned
about how their sensitive
information is safeguarded
• Cybersecurity is now an
important requirement for
winning a contract

15. C-Suite Dashboard App
Get Instant Visibility of Your
Cyber Risk KPI’s
•Real-time and trending views of cyber
risks and business impacts
•Provides easy-to-understand insights
for Executives and Boards to make
faster, more informed risk management
decisions
•SaaS-based app ─ easy to access
and use in Web Browser and Mobile
15

16. Cybersecurity Tips
1. Take a business intelligence approach
to understanding and analyzing
cybersecurity data
2. Common language among C-Suite
and cybersecurity professionals
3. Proactively mitigate cyber risks as
opposed to responding to threats
16

17. SurfWatch Labs Resources
17
• Download the Whitepaper: How Executives Can
Understand Cyber Risks and Ensure Governance
http://info.surfwatchlabs.com/cyber-risk-governance
• Read an Overview of SurfWatch C-Suite
https://www.surfwatchlabs.com/apps/c-suite
• Try SurfWatch C-Suite for Free
https://www.surfwatchlabs.com/apps/c-suite/new

18. Thank You!
www.surfwatchlabs.com
Follow us at: