Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security Culture

Published bySteven Lucas Modified over 5 years ago

Similar presentations

Presentation on theme: "Cyber Security Culture"— Presentation transcript:

1 Cyber Security Culture
Importance In The Financial Sector Stephen Robinson Founder Xyone Cyber Security

2 UAE accounted for 2.4 million of the 1.7 billion
23/10/2014 UAE accounted for 2.4 million of the 1.7 billion ransomware attacks detected globally in Q1 of 2018 Malware Threats Source Trend Micro 2018

3 Threat Mitigation Strategy
Encompass people, culture, processes and the physical environment to make the Financial Sector as resilient as possible against dangerous and growing threats of cyber attack by helping to create and implement a Threat Mitigation Strategy. External Physical Threat Mitigation Internal Threat Mitigation Information Security Compliance 2013 90% 2014 81% 81% 86% 86% 2013

4 Research with Lancaster University
2016 / UK Based Financial and Legal Companies Research Findings: 45% - No Cyber Security Policies signed by employees. 73% - No Cyber Security Awareness Training for employees 100% - The Training was not relevant to the policy. The generic rules from the policy were not embedded within the training.

5 National Cyber Security Strategy for the state of Kuwait 2017- 2020
The Objective 1 Promote a culture of cyber security that supports safe and proper usage for cyberspace

6 Create An Internal Security Culture
Threat intelligence and Communication Scenario Based Learning and Testing Actionable Awareness Building Internal Resilience Achieve a company wide Security Culture

7 Threat Intelligence and Communication
Cybersecurity and fraud have now shifted from a walled-garden approach to a holistic one. Better communication and intelligence sharing, not only internally but to consumers. It is not just about technology, but People and Process. The shift from the old cybersecurity analyst that is very much focused on technology and cyber controls. To the new analyst that understands the business and can have a conversation with the customer in the payments space.

8 Create An Internal Security Culture
Threat intelligence and Communication Scenario Based Learning and Testing Actionable Awareness Building Internal Resilience Achieve a company wide Security Culture

9 Scenario-based Training and Testing
Structure exercises and scenario testing are also one of the best ways for the banking and financial industry to protect from cyber threats, specifically when they are conducted across the industry. Recreate different breach scenarios to understand where your gaps are and what you do well, it also gives an understanding about what needs to be built into your cyber process and resiliency process. It is essential to do this with everyone within the organisation accounts, compliance, sales, operations and technical staff.

10 Create An Internal Security Culture
Threat intelligence and Communication Scenario Based Learning and Testing Actionable Awareness Building Internal Resilience Achieve a company wide Security Culture

11 Actionable Awareness Financial and banking Industry is seeking to get more actionable insights not just for their security analysts but also for the people within the business departments. It allows intelligence to quickly turn into a response by the most relevant people, especially important in a landscape where breaches happen in a heartbeat. It is important in the payments system, to create intelligence inside the financial tech company and publish it out and circulate that fast and someone needs to receive it and do something with it, so actionable intelligence.

12 Create An Internal Security Culture
Threat intelligence and Communication Scenario Based Learning and Testing Actionable Awareness Building Internal Resilience Achieve a company wide Security Culture

13 “Bad things will sometimes happen that’s just a fact of life”.
Build Resilience “Bad things will sometimes happen that’s just a fact of life”. Empower your employees with the knowledge - Security awareness is the process of teaching your entire team Test your employees with randomised assessments Info Sec compliance certifications helps them adhere to Information Security Protocol Rapidly disseminate urgent threat alerts. Reward and recognise those people that do the right thing for security

14 Create An Internal Security Culture
Threat intelligence and Communication Scenario Based Learning and Testing Actionable Awareness Building Internal Resilience Achieve a company wide Security Culture

15 Cyber Security Culture
“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.” Stephane Nappo Global Chief Information Security Officer Société Générale International Banking. 2018 Global CISO of the year

16 Thank you for listening!

Download ppt "Cyber Security Culture"

Similar presentations

Innovation or Necessity? ISM 158 By: Sepehr Saeb.

Innovation or Necessity? ISM 158 By: Sepehr Saeb.
Security awareness and cultural change “…from bad apples to good eggs…” Martin Smith MBE FSyI Chairman and Founder The Security Company (International)

Security awareness and cultural change “…from bad apples to good eggs…” Martin Smith MBE FSyI Chairman and Founder The Security Company (International)
Global Cyber Security Capacity Maturity Model - CMM WSIS Forum 2015 – Geneva Dr Maria Bada 25/05/2015.

Global Cyber Security Capacity Maturity Model - CMM WSIS Forum 2015 – Geneva Dr Maria Bada 25/05/2015.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.

IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.

Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.

2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.
Recent Cyber Attacks and Countermeasures September 2006.

Recent Cyber Attacks and Countermeasures September 2006.
Cyber Security in Local Government. One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1.

Cyber Security in Local Government. One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1.
Nuclear Security Culture William Tobey Workshop on Strengthening the Culture of Nuclear Safety and Security, Sao Paulo, Brazil August 25-26, 2014.

Nuclear Security Culture William Tobey Workshop on Strengthening the Culture of Nuclear Safety and Security, Sao Paulo, Brazil August 25-26, 2014.
DRAFT 1 Belfast 2015 5 th World Cyber Security Technology Research Summit Suren Gupta Allstate Corporation Executive Vice President Allstate Technology.

DRAFT 1 Belfast th World Cyber Security Technology Research Summit Suren Gupta Allstate Corporation Executive Vice President Allstate Technology.
Reducing data loss by threats detection. InfoWatch Traffic Monitor & Workplace Security. Andrey Sokurenko Business Development Director.

Reducing data loss by threats detection. InfoWatch Traffic Monitor & Workplace Security. Andrey Sokurenko Business Development Director.
Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.

Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.
Friday 22nd April 2016 DS Chris Greatorex SEROCU

Friday 22nd April 2016 DS Chris Greatorex SEROCU
DHS Publishes Report Saying Low but Persistent Risk of Cyber Attack on Energy Sector DHS REPORT ON ENERGY CYBERSECURITY April 6, 2016 | Ben Booker Source:

DHS Publishes Report Saying Low but Persistent Risk of Cyber Attack on Energy Sector DHS REPORT ON ENERGY CYBERSECURITY April 6, 2016 | Ben Booker Source:
Www.ovum.com © Copyright Ovum. All rights reserved. Ovum is part of Informa Group. Payment fraud: The customer view and business landscape in 2016 Kieran.

© Copyright Ovum. All rights reserved. Ovum is part of Informa Group. Payment fraud: The customer view and business landscape in 2016 Kieran.
Conducting business the right way Nobody should get hurt or made unwell by what we do GROUP HEALTH, SAFETY & WELLBEING POLICY Version 1 [August 2016]

Conducting business the right way Nobody should get hurt or made unwell by what we do GROUP HEALTH, SAFETY & WELLBEING POLICY Version 1 [August 2016]
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.

Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
Security and resilience for Smart Hospitals Key findings

Security and resilience for Smart Hospitals Key findings

Similar presentations

Ads by Google