SlideShare a Scribd company logo

Improving Cyber Security Literacy in Boards & Executives

Tripwire
Tripwire

In response to the rapidly evolving threat landscape, Boards of Directors (BoDs) and executives are now more aware of today’s cyber threats and how they might adversely affect their business. However, most executives are nonetheless limited in their knowledge of security and do not know what to ask their security teams. It is therefore up to security professionals to help their executives become more cyber security literate and thereby assist in framing security considerations as an integral part of any risk/opportunity discussion, as well as a wider enterprise risk management strategy. Acknowledging this responsibility on the part of information security personnel, Tripwire has asked a number of prominent experts in the field how security teams can improve their executives’ cyber security literacy.

Technology
1 of 28
Download to read offline
CYBER SECURITYIN BOARDS & EXECUTIVES IMPROVING LITERACY
BOARDS & EXECUTIVES HOW CAN SECURITY PROFESSIONALS HELP BECOME MORECYBER LITERATE?
“Rather than thinking of cyber as something discussed in case of a breach, we need to locate the cyber security issues within the business decisions boards make—mergers acquisitions, product launches etc. Cyber should intrinsic to business decisions just as legal and financial issues are.” LARRY CLINTONPRESIDENT, CEO, INTERNET SECURITY ALLIANCE @ISALLIANCE
“If you can tie it back to that breach they already know about, give them a little bit of the inside scoop, and say ‘yes, we know how that happened, and that incident points out just how important this one security control is.’” DAVID MELTZERCHIEF RESEARCH OFFICER, TRIPWIRE @DAVIDJMELTZER
“Getting senior level representation from the information security function into the board and executive level of an organisation itself is a more effective way for them to understand cyber security much as they understand the other functions of the business.” THOM LANGFORDDIRECTOR, GLOBAL SECURITY, SAPIENT @THOMLANGFORD
“Seek out peer comparison, maturity assessments and real world examples to answer this question in as pragmatic a manner as possible; tie your answers to established business metrics and show how your function not only protects their investment but builds value, too.” ANDREW ROSECISO, UK AIR TRAFFIC @ANDYROSECISO
“A shake up is overdue. Shrug off the trivial or tick box image of awareness. I suggest a new role: Security Communications Manager. Tasked with improving stakeholder interactions from shop floor to boardroom. Using proven marketing and psychology tools to get it right.” SARAH CLARKESECURITY GOVERNANCE, RISK & COMPLIANCE SPECIALIST @S_CLARKE22
IMPACT HOW CAN BOARDS & EXECUTIVES BEST ASSESS THE SECURITY INCIDENT? OF A
“The impact of a serious incident depends not just on how a company handles it, but on how the media, customers and investors react to it, as well.” ADRIAN SANABRIASECURITY ANALYST, 451 RESEARCH @SAWABA
“Start with focus groups or surveys with your customers. Your customers will tell you their pain points and that can help the Board and Executives best assess where to start first.” THERESA PAYTONCEO, FORTALICE @FORTALICELLC
“Breaches come in all sorts of shapes and sizes, but individual breaches usually aren't catastrophic based on immediate cash losses. Where breaches are catastrophic, it is because of reputation damage.” ALEX HUTTONVP INFORMATION SECURITY, FINANCIAL INSTITUTION @ALEXHUTTON
“Ask the Corporate CIRT Director for the annual security incident impact statement. The statement details the security incidents, their costs and impact to the organization.” BEN ROTHKEMANGER, IT SECURITY, WYNDHAM WORLDWIDE @BENROTHKE
“The effective assessment of a security incident begins long before any such event ever occurs. Empowered to make an initial assessment, the team will be able to work through a pre-prepared incident response plan that the board and executives will have been key in shaping.” LEE MUNSONCONTRIBUTING WRITER, NAKED SECURITY @SECURITY_FAQS
FRAMEWORKSWHAT ARE MOST EFFECTIVE SECURITY? IN ASSESSSING WHETHER AN ORGANIZATION IS ACTING PRUDENTLY OVER
“Over the years I’ve found that you cannot depend upon using just one framework, but a variety of frameworks that will help to fill the gaps that each has. I like to use the following in combination: ISO/IEC 27001 & ISO/IEC 27002; OECD Privacy Principles; COBIT5.” REBECCA HEROLDCEO, PRIVACY PROFESSOR @PRIVACYPROF
“In the same way that organizations build their own frameworks of controls to protect other assets, the information asset deserves a level of effort beyond a cookie cutter approach.” JAMES ARLENDIRECTOR, RISK AND ADVISORY SERVICES, LEVIATHAN SECURITY GROUP @MYRCURIAL
“A framework is only as valuable as honest adoption, and is the principal requirement here for senior leadership. Given this truth, the most effective in assessing security is ISO 27001:2013. “ JAMES J. DELUCCIASECURITY & COMPLIANCE PRACTITIONER, EY @JDELUCCIA
“An effective framework should pool the knowledge of a large community to identify specific, highest priority actions based on real data about threats. It must allow for multiple implementation paths and ‘tailoring.’” TONY SAGERCTO, COUNCIL ON CYBERSECURITY @COUNCILONCYBER
“Any approach that makes the Board of Directors take it seriously, spend an adequate amount of time debating, and weighing options and risk.” CLAUS C. HOUMANNHEAD OF IT, BANK OHMAN @CLAUSHOUMANN
FUTURE THREAT HOW SHOULD HEADS OF SECURITY PREPARE LANDSCAPE? FOR THE
“As an executive, you should know that managing cyber threats is no different from managing other business risks. Second, while you can skip the technical details, you absolutely can’t skip understanding how different threats would affect your business.” TIM ERLINDIRECTOR, PRODUCT MANAGEMENT, TRIPWIRE @TERLIN
“The big change will be the technical savvy user who will look to use various devices, apps, and services. . . As such, CSOs will need to better communicate and engage with users to make them aware of the risks and provide secure alternatives.” BRIAN HONANCEO, BH CONSULTING @BRIANHONAN
“IT and security managers need to shift from the belief that the threat is ‘out there’, and understand that no matter where the threat originates, the net result will be suspicious activity inside the network. TONY BRADLEYEDITOR-IN-CHIEF, TECHSPECTIVE @TONYBRADLEYBSG
“Securing legacy equipment and tomorrow’s leading edge will push your limits. Regulation can’t keep up. Your data will be your most important asset. You will need to innovate your business approach and risk profile to embrace this or you will be consumed by this new technology-centric world.” PATRICK MILLERMANAGING PARTNER, ARCHER ENERGY SOLUTIONS @PATRICKCMILLER
“It’s quite clear that threat actors are always looking for the shortest path to the most reward. Security professionals need to be innovative thought leaders who share a common vernacular with Boards and Executives to advise them on these risks.” NIKK GILBERTMANAGING DIRECTOR, PRIVACY & RISK PARTNERS @ARCHANGELNIKK
“The threat landscapes are stratified and each one requires different perspective and response. We have to evaluate our specific risk from each layer and act (and spend) wisely.” MARTIN FISHERCISO, NORTHSIDE HOSPITAL @ARMORGUY
“The future threat landscape is now dictating the need for a new breed of Security Professional. . .this new breed requires enhanced development of honed skill which understands and appreciates the technical nut's-and-bolts of new age threat, such as APT.” JOHN WALKERCTO, CYTELLIGENCE @SBLTD
HTTP://TRIPWIRE.ME/CYBERLIT IMAGES COURTESY OF SHUTTERSTOCK.COM READ MORE AT:

Recommended

Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
Leveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityLeveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityShareDocView.com
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The BoardPaul Melson
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the BoardroomMarko Suswanto
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsAbdul-Hakeem Ajijola
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 

Recommended

Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
Leveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityLeveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityShareDocView.com
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The BoardPaul Melson
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the BoardroomMarko Suswanto
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsAbdul-Hakeem Ajijola
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Dawn Yankeelov
 
Websense
WebsenseWebsense
WebsenseCMR WORLD TECH
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsColleen Beck-Domanico
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Dawn Yankeelov
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber SecurityPhil Agcaoili
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial InstitutionsKhawar Nehal khawar.nehal@atrc.net.pk
 
Cyber security
Cyber securityCyber security
Cyber securityVaibhav Jain
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityPhil Agcaoili
 
Information security governance
Information security governanceInformation security governance
Information security governanceKoen Maris
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2Semir Ibrahimovic
 
Cyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCheffley White
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
 
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Phil Agcaoili
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015ITSM Academy, Inc.
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Metrics & Reporting - A Failure in Communication
Metrics & Reporting - A Failure in CommunicationMetrics & Reporting - A Failure in Communication
Metrics & Reporting - A Failure in CommunicationChris Ross
 

More Related Content

What's hot

Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Dawn Yankeelov
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsColleen Beck-Domanico
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Dawn Yankeelov
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber SecurityPhil Agcaoili
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityPhil Agcaoili
 
Information security governance
Information security governanceInformation security governance
Information security governanceKoen Maris
 
Cyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCheffley White
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
 
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Phil Agcaoili
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015ITSM Academy, Inc.
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 

What's hot (20)

Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
 
Websense
WebsenseWebsense
Websense
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
 
Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial Institutions
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial Institutions
 
Cyber security
Cyber securityCyber security
Cyber security
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber Security
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
 
Information security governance
Information security governanceInformation security governance
Information security governance
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Cyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate Boards
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
 
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
 

Viewers also liked

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Metrics & Reporting - A Failure in Communication
Metrics & Reporting - A Failure in CommunicationMetrics & Reporting - A Failure in Communication
Metrics & Reporting - A Failure in CommunicationChris Ross
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentations27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentationsDefence and Security Accelerator
 
Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...
Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...
Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...Kevin Duffey
 
Why use social media for business
Why use social media for businessWhy use social media for business
Why use social media for businessMatthew Hand
 
Social Media and Media Abuse for Parents
Social Media and Media Abuse for ParentsSocial Media and Media Abuse for Parents
Social Media and Media Abuse for ParentsDave Tinker, CFRE
 
Social Media Abuse: A Mental Disorder?
Social Media Abuse: A Mental Disorder?Social Media Abuse: A Mental Disorder?
Social Media Abuse: A Mental Disorder?CeciliaMa1
 
Ipma2010 Presentation Omer Ertekin
Ipma2010 Presentation Omer ErtekinIpma2010 Presentation Omer Ertekin
Ipma2010 Presentation Omer ErtekinÖmer Ertekin
 
Cybersecurity Issues All Lawyers Should Know -- Especially Litigators
Cybersecurity Issues All Lawyers Should Know -- Especially LitigatorsCybersecurity Issues All Lawyers Should Know -- Especially Litigators
Cybersecurity Issues All Lawyers Should Know -- Especially LitigatorsShawn Tuma
 
Bank Director List of Worries
Bank Director List of WorriesBank Director List of Worries
Bank Director List of WorriesBank Director
 
Sans 20 CSC: Connecting Security to the Business Mission
Sans 20 CSC: Connecting Security to the Business MissionSans 20 CSC: Connecting Security to the Business Mission
Sans 20 CSC: Connecting Security to the Business MissionTripwire
 
Hilary weir sqa
Hilary weir sqaHilary weir sqa
Hilary weir sqaSLICINFO
 
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data LossLeadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data LossShawn Tuma
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsWynyard Group
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directorscentralohioissa
 

Viewers also liked (20)

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Metrics & Reporting - A Failure in Communication
Metrics & Reporting - A Failure in CommunicationMetrics & Reporting - A Failure in Communication
Metrics & Reporting - A Failure in Communication
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to Measurement
 
27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentations27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentations
 
Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...
Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...
Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...
 
Why use social media for business
Why use social media for businessWhy use social media for business
Why use social media for business
 
Social Media and Media Abuse for Parents
Social Media and Media Abuse for ParentsSocial Media and Media Abuse for Parents
Social Media and Media Abuse for Parents
 
abuse
abuseabuse
abuse
 
Social Media Abuse: A Mental Disorder?
Social Media Abuse: A Mental Disorder?Social Media Abuse: A Mental Disorder?
Social Media Abuse: A Mental Disorder?
 
Ipma2010 Presentation Omer Ertekin
Ipma2010 Presentation Omer ErtekinIpma2010 Presentation Omer Ertekin
Ipma2010 Presentation Omer Ertekin
 
Cybersecurity Issues All Lawyers Should Know -- Especially Litigators
Cybersecurity Issues All Lawyers Should Know -- Especially LitigatorsCybersecurity Issues All Lawyers Should Know -- Especially Litigators
Cybersecurity Issues All Lawyers Should Know -- Especially Litigators
 
Bank Director List of Worries
Bank Director List of WorriesBank Director List of Worries
Bank Director List of Worries
 
Sans 20 CSC: Connecting Security to the Business Mission
Sans 20 CSC: Connecting Security to the Business MissionSans 20 CSC: Connecting Security to the Business Mission
Sans 20 CSC: Connecting Security to the Business Mission
 
10 Rules for Vendors - an Overview
10 Rules for Vendors - an Overview10 Rules for Vendors - an Overview
10 Rules for Vendors - an Overview
 
Hilary weir sqa
Hilary weir sqaHilary weir sqa
Hilary weir sqa
 
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data LossLeadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
 
RSA 2017 - CISO's 5 steps to Success
RSA 2017 - CISO's 5 steps to SuccessRSA 2017 - CISO's 5 steps to Success
RSA 2017 - CISO's 5 steps to Success
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
 

Similar to Improving Cyber Security Literacy in Boards & Executives

The 10 Secret Codes of Security
The 10 Secret Codes of SecurityThe 10 Secret Codes of Security
The 10 Secret Codes of SecurityKarina Elise
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementMighty Guides, Inc.
 
EMEA: Using Security Metrics to Drive Action - 22 Experts Share How to Commun...
EMEA: Using Security Metrics to Drive Action - 22 Experts Share How to Commun...EMEA: Using Security Metrics to Drive Action - 22 Experts Share How to Commun...
EMEA: Using Security Metrics to Drive Action - 22 Experts Share How to Commun...Mighty Guides, Inc.
 
Ask the Experts final
Ask the Experts finalAsk the Experts final
Ask the Experts finalDaren Dunkel
 
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected WorldRSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected WorldEMC
 
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Mighty Guides, Inc.
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Matthew Rosenquist
 
The Black Report - Hackers
The Black Report - HackersThe Black Report - Hackers
The Black Report - HackersDendreon
 
cybersecurity-in-the-c-suite-a-matt
cybersecurity-in-the-c-suite-a-mattcybersecurity-in-the-c-suite-a-matt
cybersecurity-in-the-c-suite-a-mattYigal Behar
 
iStart - Cybercrime scene investigation
iStart - Cybercrime scene investigationiStart - Cybercrime scene investigation
iStart - Cybercrime scene investigationHayden McCall
 
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_SurveyTripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_SurveyMelloney Jewell
 
Our Previous Edition Post event synopsis
Our Previous Edition Post event synopsisOur Previous Edition Post event synopsis
Our Previous Edition Post event synopsisVasuki Kashyap
 
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...Mighty Guides, Inc.
 
Carbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint SecurityCarbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint SecurityMighty Guides, Inc.
 
Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Armor
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementMighty Guides, Inc.
 
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating ProvidersBlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating ProvidersMighty Guides, Inc.
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Booz Allen Hamilton
 

Similar to Improving Cyber Security Literacy in Boards & Executives (20)

The 10 Secret Codes of Security
The 10 Secret Codes of SecurityThe 10 Secret Codes of Security
The 10 Secret Codes of Security
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability Management
 
EMEA: Using Security Metrics to Drive Action - 22 Experts Share How to Commun...
EMEA: Using Security Metrics to Drive Action - 22 Experts Share How to Commun...EMEA: Using Security Metrics to Drive Action - 22 Experts Share How to Commun...
EMEA: Using Security Metrics to Drive Action - 22 Experts Share How to Commun...
 
Cybersecurity report-vol-8
Cybersecurity report-vol-8Cybersecurity report-vol-8
Cybersecurity report-vol-8
 
Ask the Experts final
Ask the Experts finalAsk the Experts final
Ask the Experts final
 
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected WorldRSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
 
csxnewsletter
csxnewslettercsxnewsletter
csxnewsletter
 
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022
 
The Black Report - Hackers
The Black Report - HackersThe Black Report - Hackers
The Black Report - Hackers
 
cybersecurity-in-the-c-suite-a-matt
cybersecurity-in-the-c-suite-a-mattcybersecurity-in-the-c-suite-a-matt
cybersecurity-in-the-c-suite-a-matt
 
iStart - Cybercrime scene investigation
iStart - Cybercrime scene investigationiStart - Cybercrime scene investigation
iStart - Cybercrime scene investigation
 
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_SurveyTripwire_UK_Executive_Cybersecurity_Literacy_Survey
Tripwire_UK_Executive_Cybersecurity_Literacy_Survey
 
Our Previous Edition Post event synopsis
Our Previous Edition Post event synopsisOur Previous Edition Post event synopsis
Our Previous Edition Post event synopsis
 
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
 
Carbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint SecurityCarbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint Security
 
Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat Management
 
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating ProvidersBlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
 

More from Tripwire

Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughTripwire
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyTripwire
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationTripwire
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportTripwire
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!Tripwire
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationTripwire
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...Tripwire
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsTripwire
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksTripwire
 

More from Tripwire (20)

Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't Enough
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data Privacy
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The Experts
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase Cole
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest Celebration
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key Findings
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key Findings
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber Moments
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK Framework
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 

Recently uploaded

(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 

Recently uploaded (20)

(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 

Improving Cyber Security Literacy in Boards & Executives

  • 1. CYBER SECURITYIN BOARDS & EXECUTIVES IMPROVING LITERACY
  • 2. BOARDS & EXECUTIVES HOW CAN SECURITY PROFESSIONALS HELP BECOME MORECYBER LITERATE?
  • 3. “Rather than thinking of cyber as something discussed in case of a breach, we need to locate the cyber security issues within the business decisions boards make—mergers acquisitions, product launches etc. Cyber should intrinsic to business decisions just as legal and financial issues are.” LARRY CLINTONPRESIDENT, CEO, INTERNET SECURITY ALLIANCE @ISALLIANCE
  • 4. “If you can tie it back to that breach they already know about, give them a little bit of the inside scoop, and say ‘yes, we know how that happened, and that incident points out just how important this one security control is.’” DAVID MELTZERCHIEF RESEARCH OFFICER, TRIPWIRE @DAVIDJMELTZER
  • 5. “Getting senior level representation from the information security function into the board and executive level of an organisation itself is a more effective way for them to understand cyber security much as they understand the other functions of the business.” THOM LANGFORDDIRECTOR, GLOBAL SECURITY, SAPIENT @THOMLANGFORD
  • 6. “Seek out peer comparison, maturity assessments and real world examples to answer this question in as pragmatic a manner as possible; tie your answers to established business metrics and show how your function not only protects their investment but builds value, too.” ANDREW ROSECISO, UK AIR TRAFFIC @ANDYROSECISO
  • 7. “A shake up is overdue. Shrug off the trivial or tick box image of awareness. I suggest a new role: Security Communications Manager. Tasked with improving stakeholder interactions from shop floor to boardroom. Using proven marketing and psychology tools to get it right.” SARAH CLARKESECURITY GOVERNANCE, RISK & COMPLIANCE SPECIALIST @S_CLARKE22
  • 8. IMPACT HOW CAN BOARDS & EXECUTIVES BEST ASSESS THE SECURITY INCIDENT? OF A
  • 9. “The impact of a serious incident depends not just on how a company handles it, but on how the media, customers and investors react to it, as well.” ADRIAN SANABRIASECURITY ANALYST, 451 RESEARCH @SAWABA
  • 10. “Start with focus groups or surveys with your customers. Your customers will tell you their pain points and that can help the Board and Executives best assess where to start first.” THERESA PAYTONCEO, FORTALICE @FORTALICELLC
  • 11. “Breaches come in all sorts of shapes and sizes, but individual breaches usually aren't catastrophic based on immediate cash losses. Where breaches are catastrophic, it is because of reputation damage.” ALEX HUTTONVP INFORMATION SECURITY, FINANCIAL INSTITUTION @ALEXHUTTON
  • 12. “Ask the Corporate CIRT Director for the annual security incident impact statement. The statement details the security incidents, their costs and impact to the organization.” BEN ROTHKEMANGER, IT SECURITY, WYNDHAM WORLDWIDE @BENROTHKE
  • 13. “The effective assessment of a security incident begins long before any such event ever occurs. Empowered to make an initial assessment, the team will be able to work through a pre-prepared incident response plan that the board and executives will have been key in shaping.” LEE MUNSONCONTRIBUTING WRITER, NAKED SECURITY @SECURITY_FAQS
  • 14. FRAMEWORKSWHAT ARE MOST EFFECTIVE SECURITY? IN ASSESSSING WHETHER AN ORGANIZATION IS ACTING PRUDENTLY OVER
  • 15. “Over the years I’ve found that you cannot depend upon using just one framework, but a variety of frameworks that will help to fill the gaps that each has. I like to use the following in combination: ISO/IEC 27001 & ISO/IEC 27002; OECD Privacy Principles; COBIT5.” REBECCA HEROLDCEO, PRIVACY PROFESSOR @PRIVACYPROF
  • 16. “In the same way that organizations build their own frameworks of controls to protect other assets, the information asset deserves a level of effort beyond a cookie cutter approach.” JAMES ARLENDIRECTOR, RISK AND ADVISORY SERVICES, LEVIATHAN SECURITY GROUP @MYRCURIAL
  • 17. “A framework is only as valuable as honest adoption, and is the principal requirement here for senior leadership. Given this truth, the most effective in assessing security is ISO 27001:2013. “ JAMES J. DELUCCIASECURITY & COMPLIANCE PRACTITIONER, EY @JDELUCCIA
  • 18. “An effective framework should pool the knowledge of a large community to identify specific, highest priority actions based on real data about threats. It must allow for multiple implementation paths and ‘tailoring.’” TONY SAGERCTO, COUNCIL ON CYBERSECURITY @COUNCILONCYBER
  • 19. “Any approach that makes the Board of Directors take it seriously, spend an adequate amount of time debating, and weighing options and risk.” CLAUS C. HOUMANNHEAD OF IT, BANK OHMAN @CLAUSHOUMANN
  • 20. FUTURE THREAT HOW SHOULD HEADS OF SECURITY PREPARE LANDSCAPE? FOR THE
  • 21. “As an executive, you should know that managing cyber threats is no different from managing other business risks. Second, while you can skip the technical details, you absolutely can’t skip understanding how different threats would affect your business.” TIM ERLINDIRECTOR, PRODUCT MANAGEMENT, TRIPWIRE @TERLIN
  • 22. “The big change will be the technical savvy user who will look to use various devices, apps, and services. . . As such, CSOs will need to better communicate and engage with users to make them aware of the risks and provide secure alternatives.” BRIAN HONANCEO, BH CONSULTING @BRIANHONAN
  • 23. “IT and security managers need to shift from the belief that the threat is ‘out there’, and understand that no matter where the threat originates, the net result will be suspicious activity inside the network. TONY BRADLEYEDITOR-IN-CHIEF, TECHSPECTIVE @TONYBRADLEYBSG
  • 24. “Securing legacy equipment and tomorrow’s leading edge will push your limits. Regulation can’t keep up. Your data will be your most important asset. You will need to innovate your business approach and risk profile to embrace this or you will be consumed by this new technology-centric world.” PATRICK MILLERMANAGING PARTNER, ARCHER ENERGY SOLUTIONS @PATRICKCMILLER
  • 25. “It’s quite clear that threat actors are always looking for the shortest path to the most reward. Security professionals need to be innovative thought leaders who share a common vernacular with Boards and Executives to advise them on these risks.” NIKK GILBERTMANAGING DIRECTOR, PRIVACY & RISK PARTNERS @ARCHANGELNIKK
  • 26. “The threat landscapes are stratified and each one requires different perspective and response. We have to evaluate our specific risk from each layer and act (and spend) wisely.” MARTIN FISHERCISO, NORTHSIDE HOSPITAL @ARMORGUY
  • 27. “The future threat landscape is now dictating the need for a new breed of Security Professional. . .this new breed requires enhanced development of honed skill which understands and appreciates the technical nut's-and-bolts of new age threat, such as APT.” JOHN WALKERCTO, CYTELLIGENCE @SBLTD
  • 28. HTTP://TRIPWIRE.ME/CYBERLIT IMAGES COURTESY OF SHUTTERSTOCK.COM READ MORE AT: