Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 15: Cybersecurity management

Published byAlisha McKenzie Modified over 5 years ago

Similar presentations

Presentation on theme: "Lecture 15: Cybersecurity management"— Presentation transcript:

1 Lecture 15: Cybersecurity management
Business Intelligence Lecture 15: Cybersecurity management

2 Overview Understanding the personal, organisational, and legal/regulatory context in which these tools could be used, the risks of such use, and the constraints (such as time, finance, and people) that may affect how cybersecurity is implemented.

3 content Overview Cybersecurity
Using BI Tools For Effective Decision Making Personal Organisational Legal/Regulatory Risks Constraints

4 Using bi tools for effective decision making
Provide BI quickly and efficiently Access to real-time data helps make quicker business decisions e.g.: Oil & Gas industry – real-time data on crude oil price per barrel can help marketing team decide on when to push sales or when to pull back based on price Saves time on data entry and making reports BI tools help eliminate time spent on manual data entry and performing calculations Allows quick report generation and data visualisation Gain more customer insights BI tools help identify who are the customers, patterns in their behaviours, and which customers to prioritize for increase customer satisfaction and improve market reputation -Need to understand why companies are using BI tools to support them in making business decisions -There are many reasons why businesses adopt BI tools and amongst them are: its ability to provide BI quickly & efficiently, saving time on data entry and report generation, and gaining more customer insights

5 cybersecurity Definition Why is it important?
The utilisation of technologies, standard processes and practices to protect information systems including data, computers, software programs and network, from attack, unauthorized access and modification, destruction or theft. Why is it important? It protects the business and function of an organization and must be considered throughout the business life cycle -Before going further into cybersecurity management, it’s important to know what it is first -

6 personal Data Level Security
Determining which data from each data source that a particular user can see Limits the user to only seeing the dashboard that is shared to them Prevents new users from accessing data that is beyond their limitation until they are added to the right group -

7 organisational System Level Security Object Level Security
Controls over who has access and what a user can and can’t do in a system Data encryption, account credentials, and authorization profiles is essential Other security measures: firewalls, intrusion prevention systems Object Level Security Refers to tools that manages the access of different components within the platform e.g.: Admins have the authority to control which users/groups can access/edit which dashboard

8 Figure 1 – Sisense Dashboards – showing the privileges set for each role

9 Legal/regulatory Concerns with laws and regulation on data
Data should used in a manner that is compliant with regulatory laws e.g.: General Data Protection Regulation (GDPR) – law on data protection and privacy for all individuals in EU Adhering to GDPR, it requires organisations to: implement appropriate technical and organisational measures to protect personal data regularly review controls, detect, investigate and report breaches

10 risks Poor data quality BI tools does not live up to expectation
This can happen due to data architects incorrectly design the system or source system has data quality issues Can cause delivering meaningless and inaccurate reports BI tools does not live up to expectation This happens when the chosen BI tool does not solve the business problem Be sure the chosen BI tool best fit for the organization’s specific data types, customer and reporting needs Data Breach By using BI tools, it means to entrust data to third-party company Data breaching is a risk when vendors misuse or leak the data they are entrusted with e.g: vendors can sell a company’s data to competitors Scope Creep and Loss of Momentum More towards management than it is the tool itself Project managers need to know what data to import into the system and how to visualize the data in UI and reporting environments Wrong approach: dump all data into the system Impacts data modelling Lengthens building process – more items introduced than necessary

11 Constraints Time Finance People
Resistance to change – users prefer to use tools (spreadsheets, standard report) they are familiar with so it will take time to convince them the need to opt for a new BI tool Training for BI tool usage – takes time to learn and familiarize with how to use the tool Finance A secured and powerful BI tool will be expensive However securing your infrastructure is worth investing in As of 2017, the attack caused by WannaCry virus costed an estimated of $4 billion worldwide People Concerns over the honesty of employees and misuse of that trust e.g.: Facebook – Cambridge Analytica data scandal: Cambridge Analytica harvest personal data from million of Facebook users’ and use it for political purposes Cybersecurity is the responsibility of everyone in the organization The specific person in charge of cybersecurity is Chief Security Officer (CSO) or Chief Information System Officer (CISO) Works closely with General Counsel (GC) to meet legal requirements -CISO ensures: -demonstrates a strong management and board commitment to security -remains focused on creating a security culture -conducts honest assessments to measure and improve security -creates a roadmap for improving its security posture -monitors its network and other vulnerabilities -implements and maintains an incident response plan -reacts quickly to attacks -Before a breach occurs, GC needs to be involved with CISO/CSO and the board – to shape the cyber risk strategy in order to ensure it incorporates legal landscape around the obligations to protect against cyber risks -When breach occurs, it’s wise to have GC conduct the investigation of potentially significant security breach If a CSO/CISO investigates the breach, puts him/her in a position where they are unable to hold an opinion in the examination of his/her own department’s failure

12 End of chapter References
solution/ -

13

Download ppt "Lecture 15: Cybersecurity management"

Similar presentations

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.

WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.
Information Systems Controls for System Reliability -Information Security-

Information Systems Controls for System Reliability -Information Security-
Why Information Governance….instead of Records & Information Management? Angela Fares, RHIA, CRM, CISA, CGEIT, CRISC, CISM 817.352.4929 or

Why Information Governance….instead of Records & Information Management? Angela Fares, RHIA, CRM, CISA, CGEIT, CRISC, CISM or
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
LAW SEMINARS INTERNATIONAL New Developments in Internet Marketing & Selling November 13 & 14, 2006 San Francisco, California Moderator : Maureen A. Young.

LAW SEMINARS INTERNATIONAL New Developments in Internet Marketing & Selling November 13 & 14, 2006 San Francisco, California Moderator : Maureen A. Young.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
Software Project Management Lecture # 8. Outline Chapter 25 – Risk Management  What is Risk Management  Risk Management Strategies  Software Risks.

Software Project Management Lecture # 8. Outline Chapter 25 – Risk Management  What is Risk Management  Risk Management Strategies  Software Risks.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October 2012 1.

Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October
Software Project Management Lecture # 8. Outline Earned Value Analysis (Chapter 24) Topics from Chapter 25.

Software Project Management Lecture # 8. Outline Earned Value Analysis (Chapter 24) Topics from Chapter 25.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.

Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Develop your Legal Practice using “Cloud” applications, but … Make sure your data is safe! Tuesday 17 November 2015 The Law Society, London Allan Carton,

Develop your Legal Practice using “Cloud” applications, but … Make sure your data is safe! Tuesday 17 November 2015 The Law Society, London Allan Carton,
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.

Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.

Similar presentations

Ads by Google