Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybersecurity is not a new issue! Dr. Edgar Frank Codd, an IBM researcher, wrote a paper that described the fundamental model of the relational databases.

Published byJayson Willis Modified over 9 years ago

Similar presentations

Presentation on theme: "Cybersecurity is not a new issue! Dr. Edgar Frank Codd, an IBM researcher, wrote a paper that described the fundamental model of the relational databases."— Presentation transcript:

1 Cybersecurity is not a new issue! Dr. Edgar Frank Codd, an IBM researcher, wrote a paper that described the fundamental model of the relational databases that today underpin virtually every major company’s operations. The paper outlined the need for the ‘shared data banks’ to have the attributes of data consistency, integrity, security and privacy. This paper was published in 1970, but its goals are just as relevant today!

2 Cyber Stress Factors Media coverage (D)evolving workforce Hyper-connectivity People, people, people Cyber talent shortages Legislation, Regulation, Contracts These drivers vary by industry, region and corporate culture

3 Lessons (to be) Learned Access restrictions Authorization enforcement Segregation of duties Vendor management Root cause analysis Risk-based oversight Is this Déjà vu all over again?

4 Use of Frameworks is Expanding Source: http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf NIST Cybersecurity Framework 4 Extends the classic security life cycle functions to include Identify The model is more proactive - Business and Governance are key risk aspects The model includes analytics, supply chain risk management, continuous monitoring An emerging imperative is enhancing the role of Internal Audit in risk management ISACA has released an implementation guidance document as part of CSX Other frameworks include COBIT 5 and ISO/IEC 27000

5 Cybersecurity Roadmap Adopt a risk and control framework Assess your risk profile and appetite Inventory your capabilities and people Define a cyber security strategy Develop an integrated oversight plan Periodically report, review and revise Be pragmatic to create change that is evolutionary and less disruptive

6 Take on the Challenge for Change The journey begins with each of you: Take a fresh look at your role Become an active participant Be bold - challenge the status quo Increase IA/IS/IT transparency Make audits more meaningful Cybersecurity improvements often need to occur one person at a time

7 Closing Thoughts Cyber threats constantly change the game Data breaches will continue to focus on finding and exploiting the weak links Perfect security isn’t possible, so flexibility, agility and resilience must be the priority Audit should be playing a stronger role in evaluating the adequacy of risk management A strong partnership between IT, Security and Internal Audit can make a real difference Be prepared, individually and organizationally, instead of being paranoid!

8 Contact Info: Michael Gerdes Director, Information Security COE Experis 585.981.0042 Michael.Gerdes@experis.com

Download ppt "Cybersecurity is not a new issue! Dr. Edgar Frank Codd, an IBM researcher, wrote a paper that described the fundamental model of the relational databases."

Similar presentations

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Module N° 7 – Introduction to SMS

Module N° 7 – Introduction to SMS
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.

Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.
Strategy 2022: A Holistic View Tony Hayes International President ISACA 2013-2014 © 2012, ISACA. All rights reserved.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
1 The critical challenge facing banks and regulators under Basel II: improving risk management through implementation of Pillar 2 Simon Topping Hong Kong.

1 The critical challenge facing banks and regulators under Basel II: improving risk management through implementation of Pillar 2 Simon Topping Hong Kong.
It’s Time to Talk About Risk and Control

It’s Time to Talk About Risk and Control
“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
Meeting with IESBA CPAB Update Glenn Fagan and Kam Grewal April 7, 2014.

Meeting with IESBA CPAB Update Glenn Fagan and Kam Grewal April 7, 2014.
Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.

Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
1 Federal Communications Commission Public Safety and Homeland Security Bureau NARUC Summer Committee Meetings Dallas, Texas July 13, 2014 Clete D. Johnson.

1 Federal Communications Commission Public Safety and Homeland Security Bureau NARUC Summer Committee Meetings Dallas, Texas July 13, 2014 Clete D. Johnson.
Security Controls – What Works

Security Controls – What Works
ERIC R. FISCHER SENIOR FELLOW BOSTON UNIVERSITY CENTER FOR FINANCE, LAW & POLICY 1.

ERIC R. FISCHER SENIOR FELLOW BOSTON UNIVERSITY CENTER FOR FINANCE, LAW & POLICY 1.
Accounting Information Systems Chapter Outlines

Accounting Information Systems Chapter Outlines
PwC Role of Internal Audit in Corporate Governance September 2010 Tumin Gültekin, Partner.

PwC Role of Internal Audit in Corporate Governance September 2010 Tumin Gültekin, Partner.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
ISACA Research Update Robert Foster Research Director, ISACA Northern England Chapter.

ISACA Research Update Robert Foster Research Director, ISACA Northern England Chapter.
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.

“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order 13636 “Improving Critical Infrastructure Cybersecurity”

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”

Similar presentations

Ads by Google