Threats & Challenges in the Digital World EY 2015 Global Information Security Survey.

Slides:



Advertisements
Similar presentations
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Advertisements

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
The U. S. National Strategy for Global Supply Chain Security Neema Khatri Office of International Affairs U.S. Department of Homeland Security.
THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.
Business Continuity and Disaster Recovery Chapter 8 Part 1 Pages 897 to 914.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
FFIEC Cyber Security Assessment Tool
Reducing data loss by threats detection. InfoWatch Traffic Monitor & Workplace Security. Andrey Sokurenko Business Development Director.
Foresight Planning & Strategy Dr. Sameh Aboul Enein.
By, CA K RAGHU, PAST PRESIDENT – INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA.
Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.
WHEN, NOT IF THE CYBER SECURITY CHALLENGES AMONG LOCAL GOVERNMENT UMBC Public Policy Forum Baltimore Maryland April 15, 2016 Gayle B. Guilford CISO Baltimore.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
Presented by: Mike Gerdes Director, Information Security Center of Expertise Cybersecurity State of the Union.
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
Securing Information Systems
Cybersecurity as a Business Differentiator
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
Physical Security Governance Model
Information Security Program
Cyber Security Zafar Sadik
Information Security – Current Challenges
Cybersecurity, competence and preparedness
Chris Lintern Co-operative Financial Services
Cybersecurity - What’s Next? June 2017
Comprehensive Security and Compliance at an Affordable Price.
Information Technology Sector
Cyber Security: State of the Nation
Leverage What’s Out There
Board Concerns About Cyber Security
Cybersecurity Policies & Procedures ICA
Current ‘Hot Topics’ in Information Security Governance Auditing
Gelişmiş Tehdit Korumasının İnkar Edilemez 4 Gerçeği
Securing Information Systems
Energy Risk Management Credit Rating Perspective
Managing Information Technology
Cyber defense management
Transforming IT Management
5G Security Training
I have many checklists: how do I get started with cyber security?
8 Building Blocks of National Cyber Strategies
Andy Hall – Cyber & Tech INSURANCE Specialist
Managing Change and Other Keys to Successful Implementation
Securing the Threats of Tomorrow, Today.
John Carlson Senior Director, BITS
Cyber Security Culture
Windows 10 Enterprise subscriptions in CSP – Messaging Summary
Cybersecurity ATD technical
The State of Cybersecurity in State Government NAST March 26, 2019
Strategic threat assessment
Managing IT Risk in a digital Transformation AGE
Cyber Security in a Risk Management Framework
Information Protection
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
KEY INITIATIVE Shared Services Function Management
Session 8: Innovative Uses of Captives: Cyber and Beyond
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
IT and Audit Building a Security Aware Culture
Figuring out CyberSecurity Return On Investment
Information Protection
SECURITY IN THE DIGITAL AGE
Protecting Knowledge Assets – Case & Method for New CISO Portfolio
Presentation transcript:

Threats & Challenges in the Digital World EY 2015 Global Information Security Survey

Page 2 Agenda EY 2015 Global Information Security Survey Agenda 1 Cybersecurity in Current Companies 2 New Challenges & Threats 3 Creating Trust in the Digital World

Page 3 1 Cybersecurity in Current Companies EY 2015 Global Information Security Survey Attacks in the News Car bank Operation Cost of Cybercrime (US)

Page 4 1 Cybersecurity in Current Companies EY 2015 Global Information Security Survey Attacks in the News Governmental Attack Ransonware

Page 5 1 Cybersecurity in Current Companies EY 2015 Global Information Security Survey Cybercrime in Latam (*) Source: Ciberseguridad ¿Estamos preparados en América Latina y el Caribe? – Observatorio de la Ciberseguridad (2016). BID & OEA Report 4th Largest Mobile Market in the World 1/2 Of the Population Uses Internet Protection Against Cybercrime USD 575M Average per Year USD 90M Average per Year

Page 6 1 Cybersecurity in Current Companies EY 2015 Global Information Security Survey Cybercrime in Latam (*) Source: Ciberseguridad ¿Estamos preparados en América Latina y el Caribe? – Observatorio de la Ciberseguridad (2016). The main attack targets in Latam by industry are: Attack Targets in Latam 1. Chemical/Manufacture/Mining 2. Financial Services 3. Power/Infrastructure 4. Government 5. Consumer Goods/Retailers 6. Hospitals/Pharmaceutical 7. Services/Consulting 8. Telecommunications 9. Aerospacial/Defense 10. Entertainment/Media/Hospitality Past Government Sector Future Consumer Goods Financial Services Power/ Infrastructure

Page 7 1 Cybersecurity in Current Companies EY 2015 Global Information Security Survey Cybercrime in Latam (*) Source: Ciberseguridad ¿Estamos preparados en América Latina y el Caribe? – Observatorio de la Ciberseguridad (2016). TOP Latam Cyberattacks In Latam, around 20 cyberattacks per second take place every day. The countries that receive the most attacks of the region are: The most common attacks are the following: Phishing, Social Engineering Malware DoS (Denial of Service) Web-Based Attacks Virus, Worms, Trojans Stolen Devices Malicious Code Botnets Ransomware 1.Brazil 2.Chile 3.Mexico 4.Peru 5.Argentina

Page 8 1 Cybersecurity in Current Companies EY 2015 Global Information Security Survey GISS 2015 (17 th Global Information Security Survey) Attack Sources … How to detect subtle signals Who’s going to attack us? (*) Source: Global Information Security Survey (GISS) EY – High Priority Prevention or Information Leakage Internal Threat Is Source of Risk & Threat to the Organization 56% internal employee 36% external employee or provider Indicators / Considerations: ► Unexpected price movements in shares and participations ► Similar products released by competitors ► Fusion & Acquisition (M&A) activities interruption ► Unusual behavior of the client, company or employees ► Operational interruption, without a clear root cause ► Rare behavior in payment or purchase processes ► Clients or users in DBs showing inconsistent information

Page 9 1 Cybersecurity in Current Companies EY 2015 Global Information Security Survey GISS 2015 (17 th Global Information Security Survey) Main Findings (*) Source: Global Information Security Survey (GISS) EY – says that it is necessary a 25% budget raise to protect the organization according to the risk tolerance defined by the board. of the surveyed people can’t estimate the financial damage related to cyber incidents within the last 12 months.

Page 10 1 Cybersecurity in Current Companies EY 2015 Global Information Security Survey GISS 2015 (17 th Global Information Security Survey) Banking and Capital Markets (*) Source: Global Information Security Survey (GISS) EY – Attack Sources 21% Seek to steal financial information 20% Malware 19% Fraud 67% 56% Identity and access management Business continuity /disaster recovery Data leakage/data loss prevention Priorities for Information Security

Page 11 New Challenges & Threats EY 2015 Global Information Security Survey

Page 12 2 New Challenges & Threats EY 2015 Global Information Security Survey Anticipation to cyber attacks requires adequacy of current strategies The starting point is to understand how the organization sees itself when being attacked ► How can you protect your organization if you don’t know the objective of the attacker? ► How could they get access and how could they harm you and your critical assets? ► Do you completely understand the ability to respond to your organization, contain an attack and recover from it? …aplied to cyber risk Key values of risk management Focus in what’s most important Must be aligned to your business and risk culture Integration with business planning Regulators are increasing evidence seeking Measure & Report Include qualitative statements and quantitative measurements Thorough by nature It should cover all types of risks, current and future Allocation of risk tolerance Tolerance allocation of business units and risk types Know your critical information assets Identify critical information assets vulnerable to cyber attacks Insert the risk tolerance in investment decisions Prioritize investments, empowering local business to make informed decisions Make cyber risk tangible Define clearly cyber risk and underlying metrics Align with existing risk framework Finance, Operations, Regulations, Clients, Reputation, etc. Make cyber risk relevant to the business Linking risks to BU operational level and their information assets

Page 13 Creating Trust in the Digital World EY 2015 Global Information Security Survey

Page 14 3 Creating Trust in the Digital World EY 2015 Global Information Security Survey Cybersecurity transformation occurs in multiple phases and can take years Build the foundations 1 Stabilize the environment 3 Implement change 2 Transition to the "new normal" 4 Continuous improvement 5 Cyber Security maturity in time Phase 2 Phase 1Phase 3Phase 4Phase 5 ► Establish the business case for transformation ► Communicate the vision of transformation and implementation plan ► Create an office transformation government ► Strengthen compliance with policies and standards ► Make adjustments to policies and standards ► Optimize existing capacities ► Preparation for strategic change and long-term ► Validate achievements ► Continuous monitoring and reporting on the "first wave" of the improvements to sustain results ► Transition to the new operating security model ► Implement strategic changes (eg. New technologies) ► Implement continuous improvements to the program

Page 15 3 Creating Trust in the Digital World EY 2015 Global Information Security Survey What does the organization require? ► To know what it is that can harm and disrupt the achievement of the strategy of the company ► To clearly identify your critical assets, or "Crown Jewels" ► To know the risk scenarios of cyber business describing an accurate picture of how an attack can develop ► That the board and senior executives can accurately determine the risk tolerance of the organization ► An assessment of the maturity of the current cybersecurity and compare the level of maturity that is required to meet predefined risk tolerance ► A Roadmap for long-term improvement ► A custom profile of threats and threat intelligence capabilities ► An advanced SOC: internal, shared or outsourced ► A proactive and multi-functional digital breach management strategy

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.