Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing the Digital Environment Technology Risk Management - A Caribbean Perspective Monday November 10 th 2014 Roshan Mohammed.

Published byErika Horton Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing the Digital Environment Technology Risk Management - A Caribbean Perspective Monday November 10 th 2014 Roshan Mohammed."— Presentation transcript:

1 Securing the Digital Environment Technology Risk Management - A Caribbean Perspective Monday November 10 th 2014 Roshan Mohammed

2 Current State Low business priority on securing digital assets Reactive Management - After the web site is hacked After the data has been taken After employees take intellectual property We perceive information security to be simple – Can be done in-house by IT Department Firewall + Anti Virus = Secure Network Caribbean Incidents Mar 20 Barbados … Bank Records hacked Mar 11 BahamasHackers spark credit card chaos Feb 6JamaicaHackers said to be found with DPP files Feb 6BarbadosBarbados police investigating missing data on oil industry Jan 26Jamaica… Hacked Quoted mainly from the Trinidad Guardian - http://m.guardian.co.tt/business- guardian/2013-03-11/caribbean-cyberattacks-rise

3 Imminent Landscape Legislation -Local -and International (SOX, PCI DSS, ISO) Board Due Diligence Requirements – Pro Active Management of Risk - Managing Risk within the local technology ecosystem Internet Operational Risk -Cybercrime Technology Adoption - Stay-in-Business

4 Planning for Risk Management For my business, in my country, in my industry, in my region – what are the most critical technology risks? What strategic options do I have in approaching the mitigation of these risks? How do I future proof my investment in risk mitigation? DO NOT Invest in risk management technology without understanding your business risks. Underestimate the technology risk in business activities. - JP Morgan - Dropbox - Target

5 What can help If you do not already have a risk management strategy, invest in getting one -Have a technology risk assessment done for your business -Make sure the strategy fits our Caribbean business model Use the right tools -Best practice standards (ISO 27000, ISO 25999 etc) -You cannot manage what you do not measure Use the right resources -Proven work history -Grow with the company over time.

6 The Results Some of the questions that will be answered at the end of the strategic risk assessment. Policy and Procedures – If these are in place, do they meet best practice guidelines? Do they cover my greatest business risk areas? Technology Is technology design and configuration sufficient to protect my business? Will my technology defenses grow with my business? People Does my corporate culture embrace risk management, and if not how can I achieve this? Are my superusers actions being monitored?

7 Questions

Download ppt "Securing the Digital Environment Technology Risk Management - A Caribbean Perspective Monday November 10 th 2014 Roshan Mohammed."

Similar presentations

ISACA January 8, 2013. IT Auditor at Cintas Corporation Internal Audit Department Internal Security Assessor (ISA) Certification September 2010 Annual.

ISACA January 8, IT Auditor at Cintas Corporation Internal Audit Department Internal Security Assessor (ISA) Certification September 2010 Annual.
Dr Lami Kaya LamiKaya@gmail.com ISO 27001 Information Security Management System (ISMS) Certification Overview Dr Lami Kaya LamiKaya@gmail.com.

Dr Lami Kaya ISO Information Security Management System (ISMS) Certification Overview Dr Lami Kaya
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.

PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
Improving Technology Decision Making for the Multichannel Retailer.

Improving Technology Decision Making for the Multichannel Retailer.
BalaBit Shell Control Box

BalaBit Shell Control Box
Understanding and Building Basic Networks Chapter 4 Protecting Yourself Online.

Understanding and Building Basic Networks Chapter 4 Protecting Yourself Online.
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.

STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
Information & Communication Technologies 08 2014 NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.

Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
Peter Brudenall & Caroline Evans- Simmons & Simmons Marsh Technology Conference 2005 Zurich, Switzerland. Managing the Security Landscape – Legal and Risk.

Peter Brudenall & Caroline Evans- Simmons & Simmons Marsh Technology Conference 2005 Zurich, Switzerland. Managing the Security Landscape – Legal and Risk.
Information Security Policies Larry Conrad September 29, 2009.

Information Security Policies Larry Conrad September 29, 2009.
Global Cyber Security Capacity Maturity Model - CMM WSIS Forum 2015 – Geneva Dr Maria Bada 25/05/2015.

Global Cyber Security Capacity Maturity Model - CMM WSIS Forum 2015 – Geneva Dr Maria Bada 25/05/2015.
Safe Information By Eli Salazar. The Government The Internet A strategic way to communicate top secret plans. The government used Internet for its safety.

Safe Information By Eli Salazar. The Government The Internet A strategic way to communicate top secret plans. The government used Internet for its safety.
University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.

University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.
Business Plug-In B7 Ethics.

Business Plug-In B7 Ethics.
Brian Markham Director, DIT Compliance and Risk Services May 1, 2014

Brian Markham Director, DIT Compliance and Risk Services May 1, 2014
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
SOX Compliance Don’t fight what can help you. Skye L. Rogers  9 Years experience working in Systems & Operations in various roles.  4 years focusing.

SOX Compliance Don’t fight what can help you. Skye L. Rogers  9 Years experience working in Systems & Operations in various roles.  4 years focusing.
Chapter 2 Modern Private Security

Chapter 2 Modern Private Security
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Similar presentations

Ads by Google