Cyber Resilience best Practice - The Institute of Risk Management
Download
Report
Transcript Cyber Resilience best Practice - The Institute of Risk Management
CYBER RESILIENCE BEST PRACTICE
To Discuss
• Why cyber risk management is increasingly challenging
• How everyone has a role to play in your cyber risk management
• Insight from the Board on cyber risks and its impact on cyber risk
management
• Insight and ideas for managing your cyber risks
Balancing opportunity and risk
The risks
The opportunities
$445 billion
13.5% to 23%
$4.2 trillion
estimated value of the
internet economy in G20
economies by 2016
4.1%
of GDP contributed
by internet
94%
of businesses with 10+
employees are online
cost of cyber-crime to
the global economy per
year
projected rise in consumer
purchases via the internet
from 2010-2016
936 exabytes
growth in global internet
traffic from 2005-2015
90%
44%
increase in cyber
incidents - 1.4 per
organization per week
$145
of cyber attacks
succeed because of
the unwitting
actions of a
member of staff
average cost paid for each lost
or stolen file containing
sensitive or confidential
information
The Challenges….
“253 days is the average number
of days it takes an organisation to
realise that they have been
successfully attacked.”
“69% of all large organisations
were attacked by an unauthorised
outsider in 2014 (an increase of
55% from the previous year)”
“90% of large UK organisations
had a security breach in 2014 (an
increase of 81% from 2013)”
“90% of all successful cyberattacks rely on human vulnerability
to succeed.”
“59% of UK businesses expect
attacks to increase next year”
1 person can enable an attacker
to compromise your systems and
access your most valuable
information.
The Challenges - common client statements
“Why would anyone want to
attack our organization?”
“We do not know what our
most critical information
assets are in our
organization.”
“We have our networks well
protected by good
technology”
“Our current
information/cyber security
training is ineffective in
driving new behaviour's
across the organization.”
“We know we have already
been attacked but do not
know how best to respond
and recover effectively.”
“We do not know what good
cyber resilience looks like for
our organization”
The Challenges – the hacking process
Process
Tools
Reconnaissance
Whois, NSLookup, Spyfu, EDGAR, Sam Spade,
Google, DNS Lookup, ARIN, Wget, Dig, Traceroute
Scanning
Ping, Nmap, Angry IP Scanner, Netcraft, Nikto, Nessus,
ike-scan, RPCDump
Develop
/select/deliver
exploit
Metasploit, Rootkit (Hacker Defender, FU, Vanquish,
HE4Hook)
Cover tracks
Log eraser, Demon
The Challenges... the Cyber Crime toolbox……
The Challenges
Everyone has a role to play….
The Human Factor
90%
The challenge
NEED TO INFLUENCE
AND ENABLE
POSITIVE CHANGE IN
USER BEHAVIOURS
Insight from the Board.
We need to develop a coherent
cyber resilience strategy
We need to know what our critical
information assets are
We need a cyber smart workforce
and partner network
We need to embed good
practices across our
organization
We need to communicate and
understand more effectively
across the organization
We need to understand how we
will respond and recover from
attack more effectively
Cyber Risk Management
Cyber Resilience is the ability for an organisation to resist,
respond and recover from incidents that will impact the
information they require to do business.
Cyber Risk Management
What does good look like?
Cyber Risk Management
INFORMATION SECURITY
Confidentiality
Integrity
Availability
Authenticity
Security Policy
People
Regulatory Compliance
Staff Awareness Program
Process
Access Control
Security Audit
Incident Response
Technology
Encryption, PKI
Firewall, IPS/IDS
Antivirus
You need staff who are ‘risk aware’ of.:
Phishing
Social
engineering
Online
safety
Social
media
BYOD
Removable
data
Password
safety
Personal
information
Information
handling
Remote
and mobile
working
Summary of business challenges
KEEP VALUE OF YOUR BUSINESS, IN YOUR BUSINESS
MAINTAIN REPUTATION
BALANCE OPPORTUNITIES AND RISKS
Need to communicate
effectively during business
as usual and during crisis
Need to identify and
manage what good cyber
resilience looks like
Need to influence and
enable positive change
in user behaviours
QUESTIONS
AND ANSWERS?