Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020
•Télécharger en tant que PPTX, PDF•
1 j'aime•1,702 vues
Chief Risk Officers and CISOs from 25 of our customers & friends debated their SMART objectives for 2020. Here's the results, showing who to involve and how to report progress on cyber risk across 3rd parties during 2020.
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (20)
Similaire à Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020
Similaire à Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020 (20)
Plus de Kevin Duffey
Plus de Kevin Duffey (20)
Dernier
Dernier (20)
Cyber Risk Measurement: what 25 CISOs & CROs plan for 2020
- 1. Cyber Risk Monitoring for Chief Risk Officers Decisions made in Mizuho’s Boardroom by 25 CROs & CISOs about how to drive Operational Resilience in 2020 through better 3rd Party Risk Management
- 2. We brought together 25 CROs and CISOs 2 To debate how to monitor cyber risk at suppliers in 2020 Bank of China Bank of England PRA FSCS ILAG Raphaels Bank Deutsche Bank JP Morgan Reassure Brit Bus. Bank LendInvest Rothesay Life Citibank Facebook Rothschild Bank CAF Bank Oak North Shawbrook Bank Bottomline Pay.UK Turkey Bank Met Friendly QBE Insurance Westpac Group Leaders from these firms debated their plans for 2020, in anticipation of the PRA consultation on Outsourcing & 3rd Party Risk Management.
- 3. We held a Structured Debate via a Simulation 3 Our 25 CROs & CISOs were appointed to a hypothetical organisation Congratulations! You’re now in charge of monitoring cyber risk across the extended enterprise at “ACME Financial”
- 4. Decisions to be made by 25 CROs and CISOs 4 Our 25 experts broke into 5 groups to address these 4 questions 1) WHAT to call their project, to monitor & mitigate cyber risk across their Outsourcing & 3rd Party suppliers during 2020 2) WHO to include in the project team that will monitor cyber risk (job titles) 3) WHEN to achieve key milestones (SMART objectives) in the project 4) HOW to report the live cyber risk today, on each supplier For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 5. Sample suppliers used for the Simulation 5 Our CROs and CISOs pretended that these 10 companies supply ACME Financial Adecco Concur Dentons G4S Gemalto Recruitment Expense Management Legal Security Information Services Metsi Pega Skanska Sungard Workday IT Services Customer Relationship Management Construction Business Continuity ERP
- 6. Expert Insight 1: WHAT to call your Project 6 “To measure, monitor & mitigate 3rd party risk in 2020” VENDOR
- 7. Outsourcing & 3rd Party Risk Management 7 Context: draft Supervisory Statement published on 5th December 2019 For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk “Banks should gradually build an Outsourcing Register which should be complete by 31 Dec 2021.” “Online, real-time reporting tools are strongly encouraged.” Outsourcing & 3rd Party Risk Management 7 Context: draft Supervisory Statement published on 5th December 2019 For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk “Banks should gradually build an Outsourcing Register which should be complete by 31 Dec 2021.” “Online, real-time reporting tools are strongly encouraged.”
- 8. 8 Expert Insight 2: WHO is in your team? “To measure, monitor & mitigate 3rd party risk in 2020” Our experts debated WHO should be in their team to measure, monitor & mitigate cyber risk across their 3rd Parties.
- 9. 9 Expert Insight 2: WHO is in your team? “To measure, monitor & mitigate 3rd party risk in 2020”
- 10. 10 Expert Insight 2: WHO is in your team? “To measure, monitor & mitigate 3rd party risk in 2020” CEO COO 3rd Party Oversight Provider Chair Risk Committee Product Commercial CFO CRO Compliance / Financial Crime Operational Resilience Contracts Procurement CIO CTO Business + Operations Operational Risk DPO Supplier Relationship CISO Auditor Communications Business Continuity Legal Project Manager
- 11. 11 Expert Insight 2: WHO is in your team? “To measure, monitor & mitigate 3rd party risk in 2020” CEO COO 3rd Party Oversight Provider Chair Risk Committee Product Commercial CFO CRO Compliance / Financial Crime Operational Resilience Contracts Procurement CIO CTO Business + Operations Operational Risk DPO Supplier Relationship CISO Auditor Communications Business Continuity Legal Project Manager Delegates named 24 JOB TITLES they wanted in their Project Team for 2020. But some titles received just 1-2 votes, eg “CEO” nominated only by Caleidoscope, “CFO” was nominated only by ScreamCastle.
- 12. 12 Expert Insight 2: WHO is in your team? “To measure, monitor & mitigate 3rd party risk in 2020” Delegates named 24 JOB TITLES they wanted in their Project Team for 2020. But some titles received just 1-2 votes, eg “CEO” nominated only by Caleidoscope, “CFO” was nominated only by ScreamCastle. 11 people should be in your team, said Caleidoscope, See2020 & ScreamCastle. Project Tango suggested 12 individuals, while Hawkeye said 8 individuals. The 11 job titles that most experts thought should be in the Project Team were: CRO; COO; CISO; CTO; DPO; Legal; Procurement/Contracts; Project Manager. Operational Resilience; 3rd Party Oversight Provider; Communications.
- 13. 13 Expert Insight 2: WHO is in your team? “To measure, monitor & mitigate 3rd party risk in 2020” The 11 job titles that most experts thought should be in the Project Team were: CRO; COO; CISO; CTO; DPO; Legal; Procurement/Contracts; Project Manager. Operational Resilience; 3rd Party Oversight Provider; Communications. One team grouped their project members into a hierarchy, with reports pushed up to the C-Level from project managers In operational resilience.
- 14. 14 Expert Insight 2: WHO is in your team? “To measure & mitigate cyber risk across 3rd parties” We are honoured to be the “3rd Party Oversight Provider” to some of you already. We recommend: have 1 person in your 2nd line “own” your Cyber Risk Dashboard, with monthly exception reports to C-Level. Then let suppliers view themselves on Dashboard.
- 15. Decisions to be made by 25 CROs and CISOs 15 Our 25 experts broke into 5 groups to address these 4 questions 1) WHAT to call their project, to monitor & mitigate cyber risk across their Outsourcing & 3rd Party suppliers during 2020 2) WHO to include in the project team that will monitor cyber risk (job titles) 3) WHEN to achieve key milestones (SMART objectives) in the project 4) HOW to report the live cyber risk today, on each supplier For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 16. 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” Our experts debated WHEN to achieve key milestones to measure, monitor & mitigate cyber risk across their 3rd parties, by setting SMART objectives. 16
- 17. 17 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” • Specific Goal is to Understand + Improve Critical 3rd Party Risk • Measured inline with Risk Appetite, with MI, Audits, Scorecard, TI • Achieved through monthly reviews of risk-based priorities • Relevant Scorecard reported to Exco on suppliers outside risk appetite • Timed to achieve goal in 12 months
- 18. 18 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” Q1: • Define Appetite • Identify & Prioritise key suppliers (risk based) Q2: • Assess Cyber Resilience of Key Suppliers • Manage / Remediate • Ongoing Monitoring & Reporting
- 19. 19 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” Q1: • Define Appetite • Identify & Prioritise key suppliers (risk based) Q2: • Assess Cyber Resilience of Key Suppliers • Manage / Remediate • Ongoing Monitoring & Reporting
- 20. 20 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 21. 21 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk Concur Metsi Skanska WorkDay Gemalto Dentons Adecco
- 22. Decisions to be made by 25 CROs and CISOs 22 Our 25 experts broke into 5 groups to address these 4 questions 1) WHAT to call their project, to monitor & mitigate cyber risk across their Outsourcing & 3rd Party suppliers during 2020 2) WHO to include in the project team that will monitor cyber risk (job titles) 3) WHEN to achieve key milestones (SMART objectives) in the project 4) HOW to report the live cyber risk today, on each 3rd Party and supplier For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 23. 23 4: HOW to report live risk by Supplier? “To monitor & mitigate cyber risk across suppliers in 2020” 23For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 24. 24 4: HOW to report live risk by Supplier? “To monitor & mitigate cyber risk across suppliers in 2020”
- 25. 25 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 26. 26 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” For your cyber dashboard, email Lewis.Varga@CyberRescue.co.ukFor your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 27. 27 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” For your cyber dashboard, email Lewis.Varga@CyberRescue.co.ukFor your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 28. 28 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” For your cyber dashboard, email Lewis.Varga@CyberRescue.co.ukFor your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 29. 29 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” For your cyber dashboard, email Lewis.Varga@CyberRescue.co.ukFor your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 30. 30 3: WHEN to achieve key milestones “To monitor & mitigate cyber risk across suppliers in 2020” For your cyber dashboard, email Lewis.Varga@CyberRescue.co.ukFor your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 31. Continuous Monitoring of our key suppliers Barrie Millett, Group Head of Operational Resilience, Wesleyan Group 31For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk Bank of England - CQUEST
- 32. Continuous Monitoring of our key suppliers Barrie Millett, Group Head of Operational Resilience, Wesleyan Group 32For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 33. Decisions to be made by 25 CROs and CISOs 33 Our 25 experts broke into 5 groups to address these 4 questions 1) WHAT to call their project, to monitor & mitigate cyber risk across their Outsourcing & 3rd Party suppliers during 2020 2) WHO to include in the project team that will monitor cyber risk (job titles) 3) WHEN to achieve key milestones (SMART objectives) in the project 4) HOW to report the live cyber risk today, on each supplier For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
- 34. And the Winning Team is… Hawkeye! “To measure, monitor & mitigate 3rd party risk in 2020”
- 35. Turn your Insights into Action 35 Kevin.Duffey@CyberRescue.co.uk Hold the date: 21st Jan at 2pm: Managing Cyber Risk at 3rd Parties by Implementing the PRA’s draft Supervisory Statement expectations on Outsourcing Registers, with “Online, real-time reporting tools” that are “strongly preferred”
- 36. Turn your Insights into Action 36 Kevin.Duffey@CyberRescue.co.uk For more insights like this, go to: www.linkedin.com/company/cyber-rescue-alliance/ For your cyber dashboard, email Lewis.Varga@CyberRescue.co.uk
Notes de l'éditeur
- Cyber Risk Monitoring for Chief Risk Officers - with UK Finance and 25 banks 22 Banks, 4 Insurers and 3 other financial institutions sent their CRO, CISO and Operational Resilience leads to participate in this review of how to measure & monitor cyber risk across the extended enterprise.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- Hello and welcome. I’m Ian Burgess, Head of Cyber Policy at UK Finance, the official trade body of Britain’s banks and financial services sector. I’m delighted to be hosting this event, with Kevin Duffey, CEO of the Cyber Rescue Alliance. Thank you for participating, under Chatham House rules. There are no fire drills planned for today. If the alarm goes off, please leave the building calmly, using the stairs that are clearly marked outside this boardroom. Cyber Attacks threaten operational resilience & reputation. So Chief Risk Officers need timely and objective insights, to drive evidence-based discussions in the Boardroom. Today is an opportunity to to share insights with our peers. Your votes and conclusions will be recorded anonymously, and made available so you can share with colleagues. Kevin will explain how we will encourage interaction.
- We’ve just started using the automated workflows that come with the dashboard, to - send our bespoke questionnaire - to all the key individuals - as frequently as we need - with automated reminders and scoring
- This is a preview of the new Bank of England, PRA/FCA questionnaire, CQUEST in the platform. For all of the 48 questions, we and our suppliers can just indicate on the left, the level of maturity we have against that particular control. A for a high maturity. D for a low maturity. But the fabulous thing is that the questionnaire provides external measurement to supplement the self-reported score. I won’t go into the detail now, but the point is that it’s possible to move to evidenced-based discussion, relying on objective measurement rather than just an honor system. We’re all on a journey to improve operational resilience, so let me hand back to Kevin Duffey, to drive our conversation forward.