Sam elkholy Director, systems engineering

Slides:

Advertisements

Similar presentations

HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.

Advertisements

Freshfields Bruckhaus Deringer LLP Global investigations What to advise your board Marius Berenbrok Edward Braham Matthew Herman Melissa Thomas 29 February.

HIPAA Regulations What do you need to know?.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.

Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.

Data Classification & Privacy Inventory Workshop

Incidence Response & Computer Forensics, Second Edition Chris Prosise Kevin Mandia.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Guidance for Managing Third-Party Risk Chicago Region Regulatory Conference Call December 8, 2010.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Investigating & Preserving Evidence in Data Security Incidents Robert J. Scott Scott & Scott, LLP

Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Identity Protection (Red Flag/PCI Compliance/SSN Remediation) SACUBO Fall Workshop Savannah, GA November 3, 2009.

Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.

The 2009 HIMSS Security Survey: Insights into the Status of Healthcare Security Implementation sponsored by Symantec Meeting of the HIT Standards Committee,

Privacy and Security Risks to Rural Hospitals John Hoyt, Partner December 6, 2013.

Protecting Your Organization Identity Theft and Data Breach.

Job Compliance 1.

Internet Security Breach & Its Impact on Business Operations Kim Nguyen Manish Shirke Wa Mo Saravanan Velrajan.

FACILITATOR Prof. Dr. Mohammad Majid Mahmood Art of Leadership & Motivation HRM – 760 Lecture - 25.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Incident Response November 2015 Navigating a Cybersecurity Incident.

1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.

Looked at a sampling of 140 claims Per Breach Costs –Average claim : $733K Large Co. = $2.9 Mil Healthcare = $1.3 Mil Per Record Costs –Average.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.

Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.

Legal framework Look at the legal compliance and framework a business is subject to.

2013 Cost of Data Breach Survey: Global Analysis Ponemon Institute (2013) 1.

Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)

External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.

Security – 2015’s Biggest Threat to Client Confidentiality A Panel Discussion Joseph Abrenio, VP of Cyber Advisory Services & General Counsel Delta Risk.

HOW TO AVOID COMMON DATA BREACH PITFALLS IAPP Privacy Academy 2014.

The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.

Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.

Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.

Cyber Insurance Risk Transfer Alternatives

Cybersecurity as a Business Differentiator

Data Protection Regulation

E&O Risk Management: Meeting the Challenge of Change

Comprehensive Security and Compliance at an Affordable Price.

Cloud Firewall.

Data Center Firewall.

Response to 3M Product Incidents

Current ‘Hot Topics’ in Information Security Governance Auditing

General Data Protection Regulation

What is an anonymous reporting hotline?

Chapter 3: IRS and FTC Data Security Rules

Information Security: Risk Management or Business Enablement?

Agenda Consumer ID theft issues Data breach trends Laws and regulations Assessing and mitigating your risk.

Cyber Issues Facing Medical Practice Managers

Collaborative Working & Best Practice

Cyber Trends and Market Update

By Joseph Carnevale, CIP Partner & Director of Sales

Structure of the Internal Audit Service

Forensic and Investigative Accounting

Collaborative Working & Best Practice

Upcoming PIPEDA Changes

Anthem Data Breach Group 2: Jing Jiang, Dongjie Wang, Haitao Huang, Binju Gaire, Parneet Toor.

CONVERCENT INCIDENT REPORTING Employee Training

General Data Protection Regulation “11 months in”

What is an anonymous reporting hotline?

Anatomy of a Common Cyber Attack

Presentation transcript:

Sam elkholy Director, systems engineering The cost of a breach Sam elkholy Director, systems engineering

Agenda Introductions Expense Categories Activity Based Costing (ABC) Average Cost of Breach Cost Calculation

Introductions Name Company What You’d Like to Get From Today

Detection, Escalation and Response Administration Costs Expense categories Detection, Escalation and Response Investigation Activities, Assessment, Auditing Administration Costs Email and Phone notifications, General and Legal Notices to Subjects Concerned

Expense categories Data Breach Aftermath Help Desk and Support Activities Credit Report Monitoring / Identity Theft Issuing New Account Legal Expenses Regulatory

Business Opportunity Cost Expense categories Business Opportunity Cost Cost of Business Disruption Opportunity Loss Intangible Costs IP Loss Reputation / Reduced Goodwill

Activity Based Costing (ABC) Conducting Incident Response Activities (Root Cause) Review Standard Operating Procedures Assemble Response Team Prepare and Conduct Public and Regulatory Outreach Prepare Required Disclosure to Victims and Regulators

Activity Based Costing (ABC) Aftermath Costs Auditing and Legal Compliance Legal Services Associated Costs for Victims of the Breach Identity Protection Services New Customer Acquisition Costs

Average Time to Discovery 279 days Average Cost of Breach Global Average United States Average $3.9M $8.9M Average Size Data Breach 25,575 Records Healthcare Average Time to Discovery 279 days IBM 2019 cost of data breach https://databreachcalculator.mybluemix.net