Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards SME Digital Resilience Unpacking the APEC Guidebook

Published byAvice Martin Modified over 6 years ago

Similar presentations

Presentation on theme: "Towards SME Digital Resilience Unpacking the APEC Guidebook"— Presentation transcript:

1 Towards SME Digital Resilience Unpacking the APEC Guidebook
Aslam Perwaiz, Head, Disaster Risk Management Systems & Team Leader, iPrepare Business Facility of ADPC

2 The term “digital resilience”, therefore, refers to the capabilities of SMEs to respond to and recover from digital crises such as Internet security threats and cyber-attacks.

3 SMEs, cyber risk and resilience – to invest or not to invest?
How much do Small and Medium Sized Enterprises (SMEs)  have to fear from cyber-attack? 74% of small businesses have suffered a cyber security breach, according to the PricewaterhouseCoopers 2015 Information Security Breaches survey . Of those affected, 38% suffered from viruses or malicious software while a further 16% were hit by a denial of service attack

4 Let us unzip it !

5

6 Key Steps Step 1: Understanding your ISMS requirements and
forming an ISMS team Step 7: Selecting ISMS controls Step 8: Establishing a business continuity plan Step 2: Determining ISMS policies and objectives Step 9: Responding to and reporting information security incidents Step 3: Listing and categorizing information assets Step 4: Identifying and evaluating information asset risk Step 10: How to determine the effectiveness of your ISMS Step 5: Assessing information asset risk Step 11: Continuous ISMS improvement and problem follow-up Step 6: Producing a risk treatment plan

7 PDCA Cycle 3. Listing and categorizing information assets
4. Identifying and evaluating information asset risk 5. Assessing information asset risk 7. Selecting ISMS controls 8. Establishing a business continuity plan 9. Responding to and reporting information security incidents 1. Understanding your ISMS requirements and forming an ISMS team 2. Determining ISMS policies and objectives 10. How to determine the effective ness of your ISMS 6. Producing a risk treatment plan 11. Continuous ISMS improvement and problem follow-up

8 Key Words ISMS requirements ISMS team ISMS policies and objectives
Information assets Information asset risk Risk treatment plan ISMS controls Business continuity plan Information security incidents ISMS effectiveness ISMS Improvement

9 Questions Aslam Perwaiz Team Leader iPrepare Business Facility of ADPC

Download ppt "Towards SME Digital Resilience Unpacking the APEC Guidebook"

Similar presentations

Dr Lami Kaya LamiKaya@gmail.com ISO 27001 Information Security Management System (ISMS) Certification Overview Dr Lami Kaya LamiKaya@gmail.com.

Dr Lami Kaya ISO Information Security Management System (ISMS) Certification Overview Dr Lami Kaya
PhoenixPro Procurement. technology. contracts. projects.

PhoenixPro Procurement. technology. contracts. projects.
P1-P2-M1-D1-D2.

P1-P2-M1-D1-D2.
Agenda COBIT 5 Product Family Information Security COBIT 5 content

Agenda COBIT 5 Product Family Information Security COBIT 5 content
3rd Party Risk Categorization Process

3rd Party Risk Categorization Process
Fraud Prevention and Risk Management

Fraud Prevention and Risk Management
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Unit 4 – Impact of the use of IT on Business Systems.

Unit 4 – Impact of the use of IT on Business Systems.
1 Oppliger: Ch. 15 Risk Management. 2 Outline Introduction Formal risk analysis Alternative risk analysis approaches/technologies –Security scanning –Intrusion.

1 Oppliger: Ch. 15 Risk Management. 2 Outline Introduction Formal risk analysis Alternative risk analysis approaches/technologies –Security scanning –Intrusion.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.
Can your team outwit, outplay and outlast your opponents to be the ultimate CyberSurvivor?

Can your team outwit, outplay and outlast your opponents to be the ultimate CyberSurvivor?
Cyber Security & Fraud – The impact on small businesses.

Cyber Security & Fraud – The impact on small businesses.
Mid-West Electric Consumers Association Board Meeting Mark A. Gabriel Administrator.

Mid-West Electric Consumers Association Board Meeting Mark A. Gabriel Administrator.
Institutional affiliation Date.  Security is very important as it keeps your secret from other know.  An insecure network exposes a business to various.

Institutional affiliation Date.  Security is very important as it keeps your secret from other know.  An insecure network exposes a business to various.
Ewan Donald Cyber Security FEEL FREE A NEW APPROACH TO CYBER SECURITY.

Ewan Donald Cyber Security FEEL FREE A NEW APPROACH TO CYBER SECURITY.
ISMS Implementation Workshop Adaptive Processes Consulting Pvt. Ltd.

ISMS Implementation Workshop Adaptive Processes Consulting Pvt. Ltd.
Alex Adamec.  Any physical or virtual information system that controls, processes, transmits, receives, or stores electronic information in any form.

Alex Adamec.  Any physical or virtual information system that controls, processes, transmits, receives, or stores electronic information in any form.
MIS323 – Business Telecommunications Chapter 10 Security.

MIS323 – Business Telecommunications Chapter 10 Security.

Similar presentations

Ads by Google