SlideShare a Scribd company logo

Security Incident Response Readiness Survey

Rahul Neel Mani
Rahul Neel Mani

Jaspreet Singh, Partner, Cybersecurity, Advisory Services, EY India

Technology
1 of 18
Download to read offline
Security Incident Response Readiness An insight into organization’s ability to Sense, Resist and React to a Security Incident
Page 2 Introduction 1970s - Mainframes • Ready for natural hazards • Physical response measures in place • Call for external assistance 1980s – Client / Server • Reliance on new technologies • Basic disaster recovery in response to system failures • Virus protection • Identity and access management 1990s - Internet • Enterprise- wide risk management introduced • Regulatory compliance commonplace • Business continuity in focus 2000 – E-commerce • Advances in information and cyber security • Switch to online • Third party outsourcing • Connectivity of devices Recent Times - Digital • Global shocks (terrorist, climate, political) • Business resilience • Internet of Things • Critical infrastructure • State sponsored cyber espionage and cyber attacks Times are changing and so are the risks and threats
Page 3 Understanding the challenges Recover Adapt & reshape Threats Sense Risk appetite Resist Three lines of defense Critical assets Intellectual property (IP) Revenue Reputation React Technology is increasing organization’s vulnerability to be attacked  Increased online presence, Broader use of social media, Mass adoption of BYOD (Bring Your Own Device), Increased usage of cloud services • Collection/analysis of big data • Inherent connectivity of people, device & organization has enhanced vulnerability Ref: Global Information Security Survey 2016 It is the ability of organizations to predict and detect cyber threats. Sense It starts with how much the risk an organization is prepared to take across its ecosystem. Resist If the sense fails and there is a breakdown in the resist, organizations need to be ready to deal with the disruptions and manage the crisis. React
Page 4 Survey Assessment – Leaderships' Role Cybersecurity a board level agenda. The success of any cybersecurity program depends on support from executive leadership and its alignment with business objectives Management is also realizing the risks to business, however this is just the start and lot of work needs to be completed before the management can be sure of gain enough confidence in their cybersecurity function. Over 70% organizations do not have their cybersecurity strategy aligned with business objectives. 58% of our respondents lack confidence in their organization’s cybersecurity program Over 33% of our respondents do not have a cyber security strategy which considers next 1-3 years. Business Alignment missing Low confidence Short sightedness
Page 5 Budget Is it enough? 75% of respondents have dedicated budget allocated for cybersecurity. Moreover, 20% of respondents have a budget of over USD $2mn. $$$ 49% of the organizations with a budget of $0.5m - $2m expect their budget to increase by 10-20% in the next 12 months. 36% 36% organizations having no budget allocation for cybersecurity have experienced cyberattacks in last 12 months.
Page 6 Identifying Crown- Jewels Over 39% ranked employee or customer or supplier personally identifiable information (PII) as the number 1 information most valuable to cyber criminals in the organization. Only 18% ranked senior executive / board member personal information as the number 1 information valuable to cyber criminals in the organization. 19 18 16 21 42 24 16 19 25 22 17 29 30 20 13 17 25 25 20 17 29 18 16 20 12 Senior executive/ Board member personal information Company financial information Corporate strategic plans Login credentials Employees or customers or suppliers or vendors personally identifiable… P 1 P 2 P 3 P 4 P 5 Contd..
Page 7 Identifying Crown- Jewels  Over 30% ranked Phishing / Spam as the number 1 or number 2 source of cyber attack, followed by Malware attacks which is further followed by external cyber attacks and Internal employees. 0 12 10 19 19 26 8 7 9 15 24 23 13 10 16 12 22 13 24 15 22 5 8 12 27 16 14 12 12 5 14 26 15 23 1 7 Espionage (e.g., by competitors) Zero-day attacks Internal attacks (e.g., by disgruntled employees) Cyber-attacks (e.g., to disrupt or deface the organization, to steal financial information, to… Malware (e.g., viruses, worms and Trojan horses) Phishing/ spam P 1 P 2 P 3 P 4 P 5 P 6
Page 8 Incident Response Framework Over 70% of our respondents have a defined cyber security incident management program. While 84% of organizations with a cyber security incident management program have a dedicated Incident response team set up within their organization. Organizations are taking steps to improve their incident management posture; have initiated cyber security incident programs and trying to include business teams to assist in cyber security incident management program. 84% 61% of organizations have an Incident response team (IRT) in place without a cyber security incident management program. 61%
Page 9 Where should organizations focus to better resist today’s attacks? The point noted also get further strengthened by the fact that: 36% of organizations believe that higher professional staffing and training would help in improved incident response, this is followed by development of an improved patch management process. 37% of the organizations that have a dedicated IRT believe that the staff is not adequate and require additional skills and trainings. Incident response team must deliver 14% 8% 18% 24% 36% Better incident response capabilities Threat intelligence Improved vulnerability audits and assessments Improved patch management process Higher professional staffing and training 87% organizations have a defined process for communication.
Page 10 Collaboration is vital 75 47 50 14 CERT- Computer Emergency Response Team Law enforcement and government entities Industry peers We neither receive or share any information 87% of organizations receive or share information with CERT, Law enforcement agencies and industry peers. Potential Collaboration within the ecosystem
Page 11 Effective measurement is critical 47% of the respondents who don’t have defined indicators have suffered a cyber attack in the last 12 months. 47% The indicators shall be evaluated to find out the status of effectiveness of current cybersecurity framework. 70% respondents have defined performance indicators to measure the effectiveness of the program. 16% 20% 21% 12% 31% No defined frequency/ adhoc basis On a monthly basis On a quarterly basis On an annual basis On an ongoing basis
Page 12 The board must become more involved in cybersecurity and understand cyber risk The board must understand: ► The suitability of the governance structure ► The appropriateness of the cyber risk management program ► The appropriateness of the cyber risk disclosures required by regulators ► How insider threats should be managed
Page 13 Just protecting your organisation isn’t enough anymore Guiding Principles ► Focus on impact ► Enhance cyber skills and capabilities ► Benchmark results Strategic Goals ► Protect Crown Jewels ► Determine risk appetite ► Set up Operating Model and Culture Detect GovernRespond Protect Recover Identify Based on Cybersecurity framework
“It is going to be a continual and likely never-ending battle to stay ahead of [cybercrime] - and, unfortunately, not every battle will be won.” Jamie Dimon, after JP Morgan Chase’s breach
Page 15 Jaspreet Singh Partner, Advisory Services Jaspreet.singh@in.ey.com Let’s Connect
Page 16 Thank you!
Page 17 Survey methodology 106 respondents 19 industry sectors 2.9% 18.6% 2.0% 1.0% 3.9% 6.9% 2.9% 7.8% 2.9% 9.8% 22.5% 3.9% 2.9% 2.0% 3.9% 2.0% 2.0% 1.0% 1.0% Automotive Banking Building Materials Business Services Consulting and advisory… Telecommunications Engineering Finance Healthcare Insurance IT Consulting and Services Manufacturing Retailing Media Energy and Infrastructure Law and Legal Outsourcing Processed Products Electric Utility Logistics and supply chain Respondents by industry sector
Page 18 Survey methodology 40% 16% 44% 1000 to 10000 Less than 1000 More than 10000 Respondents by number of employees 8% 35% 57% 1 Million USD 100 Million USD more than 100 Million USD Respondents by total annual company revenue

Recommended

The Board and Cyber Security
The Board and Cyber SecurityThe Board and Cyber Security
The Board and Cyber SecurityFireEye, Inc.
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapFireEye, Inc.
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019ImekDesign
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 

Recommended

The Board and Cyber Security
The Board and Cyber SecurityThe Board and Cyber Security
The Board and Cyber SecurityFireEye, Inc.
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapFireEye, Inc.
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019ImekDesign
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?PECB
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsFireEye, Inc.
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow2016 Scalar Security Study Roadshow
2016 Scalar Security Study RoadshowScalar Decisions
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing OCTF Industry Engagement
 
Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz Asia Pte Ltd
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...Scalar Decisions
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Proofpoint
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Ulf Mattsson
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?NetEnrich, Inc.
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016Ulf Mattsson
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains Aparajita Banerjee
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraKnowledge Group
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDPranav Shah
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Tracey Ong
 
Cyber Crime Management
Cyber Crime ManagementCyber Crime Management
Cyber Crime ManagementRahul Neel Mani
 
ABC of Infosec
ABC of InfosecABC of Infosec
ABC of InfosecRahul Neel Mani
 

More Related Content

What's hot

Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?PECB
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsFireEye, Inc.
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow2016 Scalar Security Study Roadshow
2016 Scalar Security Study RoadshowScalar Decisions
 
Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz Asia Pte Ltd
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...Scalar Decisions
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Proofpoint
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Ulf Mattsson
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?NetEnrich, Inc.
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016Ulf Mattsson
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraKnowledge Group
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDPranav Shah
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Tracey Ong
 

What's hot (20)

Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security Teams
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
 
Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
 
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoD
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
 

Viewers also liked

Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseRahul Neel Mani
 
Cybersecurity: Mock Cyberwar Game
Cybersecurity: Mock Cyberwar Game Cybersecurity: Mock Cyberwar Game
Cybersecurity: Mock Cyberwar Game Rahul Neel Mani
 
State of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of BotnetsState of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of BotnetsRahul Neel Mani
 
Is Cyber Security the Elephant in the Boardroom?
Is Cyber Security the Elephant in the Boardroom? Is Cyber Security the Elephant in the Boardroom?
Is Cyber Security the Elephant in the Boardroom? Rahul Neel Mani
 
Upgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricUpgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricRahul Neel Mani
 
Bản tin số 3 - Dự án DRM
Bản tin số 3 - Dự án DRMBản tin số 3 - Dự án DRM
Bản tin số 3 - Dự án DRMThành Nguyễn
 
2 definiciones clave que sustentan el perfil de egreso
2 definiciones clave que sustentan el perfil de egreso2 definiciones clave que sustentan el perfil de egreso
2 definiciones clave que sustentan el perfil de egresoELva María Sarmiento Pajaya
 
Búsqueda en base de datos paso a paso
Búsqueda en base de datos paso a pasoBúsqueda en base de datos paso a paso
Búsqueda en base de datos paso a pasomariaruizariza
 
eygptian natinal railway
eygptian natinal railwayeygptian natinal railway
eygptian natinal railwayArooba Ghani
 
History, economy,climate, religion and language in glasgow
History, economy,climate, religion and language in glasgowHistory, economy,climate, religion and language in glasgow
History, economy,climate, religion and language in glasgowRonnie0000
 

Viewers also liked (17)

Cyber Crime Management
Cyber Crime ManagementCyber Crime Management
Cyber Crime Management
 
ABC of Infosec
ABC of InfosecABC of Infosec
ABC of Infosec
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
 
Cybersecurity: Mock Cyberwar Game
Cybersecurity: Mock Cyberwar Game Cybersecurity: Mock Cyberwar Game
Cybersecurity: Mock Cyberwar Game
 
Get the Basics Right
Get the Basics RightGet the Basics Right
Get the Basics Right
 
State of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of BotnetsState of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of Botnets
 
Is Cyber Security the Elephant in the Boardroom?
Is Cyber Security the Elephant in the Boardroom? Is Cyber Security the Elephant in the Boardroom?
Is Cyber Security the Elephant in the Boardroom?
 
Upgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricUpgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security Fabric
 
Sumit dhar
Sumit dharSumit dhar
Sumit dhar
 
base de datos
base de datosbase de datos
base de datos
 
Bản tin số 3 - Dự án DRM
Bản tin số 3 - Dự án DRMBản tin số 3 - Dự án DRM
Bản tin số 3 - Dự án DRM
 
2 definiciones clave que sustentan el perfil de egreso
2 definiciones clave que sustentan el perfil de egreso2 definiciones clave que sustentan el perfil de egreso
2 definiciones clave que sustentan el perfil de egreso
 
Búsqueda en base de datos paso a paso
Búsqueda en base de datos paso a pasoBúsqueda en base de datos paso a paso
Búsqueda en base de datos paso a paso
 
El temps
El tempsEl temps
El temps
 
eygptian natinal railway
eygptian natinal railwayeygptian natinal railway
eygptian natinal railway
 
History, economy,climate, religion and language in glasgow
History, economy,climate, religion and language in glasgowHistory, economy,climate, religion and language in glasgow
History, economy,climate, religion and language in glasgow
 
Actividad henry
Actividad henryActividad henry
Actividad henry
 

Similar to Security Incident Response Readiness Survey

2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summarypatmisasi
 
2017 Scalar Security Study Summary
2017 Scalar Security Study Summary2017 Scalar Security Study Summary
2017 Scalar Security Study SummaryScalar Decisions
 
The State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016The State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016Accenture Operations
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeDejan Jeremic
 
2015 Scalar Security Study Executive Summary
2015 Scalar Security Study Executive Summary2015 Scalar Security Study Executive Summary
2015 Scalar Security Study Executive Summarypatmisasi
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
SVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSilicon Valley Bank
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for InsuranceAccenture Insurance
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseThe Economist Media Businesses
 
R if security_priorities_03.08.22
R if security_priorities_03.08.22R if security_priorities_03.08.22
R if security_priorities_03.08.22IDG
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeErnst & Young
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeNishantSisodiya
 
Healthcare Payers: 2018 State of Cyber Resilience
Healthcare Payers: 2018 State of Cyber ResilienceHealthcare Payers: 2018 State of Cyber Resilience
Healthcare Payers: 2018 State of Cyber Resilienceaccenture
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...TraintechTde
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSilicon Valley Bank
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 

Similar to Security Incident Response Readiness Survey (20)

2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
2017 Scalar Security Study Summary
2017 Scalar Security Study Summary2017 Scalar Security Study Summary
2017 Scalar Security Study Summary
 
The State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016The State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrime
 
2015 Scalar Security Study Executive Summary
2015 Scalar Security Study Executive Summary2015 Scalar Security Study Executive Summary
2015 Scalar Security Study Executive Summary
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
SVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - Overview
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
 
R if security_priorities_03.08.22
R if security_priorities_03.08.22R if security_priorities_03.08.22
R if security_priorities_03.08.22
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Healthcare Payers: 2018 State of Cyber Resilience
Healthcare Payers: 2018 State of Cyber ResilienceHealthcare Payers: 2018 State of Cyber Resilience
Healthcare Payers: 2018 State of Cyber Resilience
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation Report
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 

More from Rahul Neel Mani

7th Annual DynamicCISO Summit & Excellence Awards 2020 Report
7th Annual DynamicCISO Summit & Excellence Awards 2020 Report7th Annual DynamicCISO Summit & Excellence Awards 2020 Report
7th Annual DynamicCISO Summit & Excellence Awards 2020 ReportRahul Neel Mani
 
TweetChat - A Grey Head Digital Initiative
TweetChat - A Grey Head Digital InitiativeTweetChat - A Grey Head Digital Initiative
TweetChat - A Grey Head Digital InitiativeRahul Neel Mani
 
Cybersecurity: Glimpses from the 2017
Cybersecurity: Glimpses from the 2017Cybersecurity: Glimpses from the 2017
Cybersecurity: Glimpses from the 2017Rahul Neel Mani
 
5th Annual DynamicCISO Summit 9-10 March 2018, Mumbai
5th Annual DynamicCISO Summit 9-10 March 2018, Mumbai5th Annual DynamicCISO Summit 9-10 March 2018, Mumbai
5th Annual DynamicCISO Summit 9-10 March 2018, MumbaiRahul Neel Mani
 
CIO Productivity Conclave 2017
CIO Productivity Conclave 2017 CIO Productivity Conclave 2017
CIO Productivity Conclave 2017 Rahul Neel Mani
 
Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...
Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...
Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...Rahul Neel Mani
 
Key Imperatives for the CIO in Digital Age By Lalatendu Das Digital VP, Assoc...
Key Imperatives for the CIO in Digital Age By Lalatendu Das Digital VP, Assoc...Key Imperatives for the CIO in Digital Age By Lalatendu Das Digital VP, Assoc...
Key Imperatives for the CIO in Digital Age By Lalatendu Das Digital VP, Assoc...Rahul Neel Mani
 
Traversing the Digital Vortex, Lux Rao, Director & Leader, Digital Transforma...
Traversing the Digital Vortex, Lux Rao, Director & Leader, Digital Transforma...Traversing the Digital Vortex, Lux Rao, Director & Leader, Digital Transforma...
Traversing the Digital Vortex, Lux Rao, Director & Leader, Digital Transforma...Rahul Neel Mani
 
CIO Productivity Conclave 2016
CIO Productivity Conclave 2016CIO Productivity Conclave 2016
CIO Productivity Conclave 2016Rahul Neel Mani
 
Take Control of Your Imaging and Printing: Siva Kumar
Take Control of Your Imaging and Printing: Siva KumarTake Control of Your Imaging and Printing: Siva Kumar
Take Control of Your Imaging and Printing: Siva KumarRahul Neel Mani
 
SMAC in Healthcare: Arvind Sivaramakrishnan, CIO Apollo Hospitals
SMAC in Healthcare: Arvind Sivaramakrishnan, CIO Apollo HospitalsSMAC in Healthcare: Arvind Sivaramakrishnan, CIO Apollo Hospitals
SMAC in Healthcare: Arvind Sivaramakrishnan, CIO Apollo HospitalsRahul Neel Mani
 
Preparing for the Future Innovation in Digital Healthcare: Manas Tripathi
Preparing for the Future Innovation in Digital Healthcare: Manas TripathiPreparing for the Future Innovation in Digital Healthcare: Manas Tripathi
Preparing for the Future Innovation in Digital Healthcare: Manas TripathiRahul Neel Mani
 
Mobile First Healthcare: Chris Kozup Aruba (HPE)
Mobile First Healthcare: Chris Kozup Aruba (HPE)Mobile First Healthcare: Chris Kozup Aruba (HPE)
Mobile First Healthcare: Chris Kozup Aruba (HPE)Rahul Neel Mani
 
IT to IoT: The Journey to Nextgen - By Rajesh Batra
IT to IoT: The Journey to Nextgen - By Rajesh BatraIT to IoT: The Journey to Nextgen - By Rajesh Batra
IT to IoT: The Journey to Nextgen - By Rajesh BatraRahul Neel Mani
 
Enabling the Future of Healthcare Through Integration and Interoperability: V...
Enabling the Future of Healthcare Through Integration and Interoperability: V...Enabling the Future of Healthcare Through Integration and Interoperability: V...
Enabling the Future of Healthcare Through Integration and Interoperability: V...Rahul Neel Mani
 
Can India Really Achieve the Stiff Target of Digital Healthcare?
Can India Really Achieve the Stiff Target of Digital Healthcare?Can India Really Achieve the Stiff Target of Digital Healthcare?
Can India Really Achieve the Stiff Target of Digital Healthcare?Rahul Neel Mani
 
Becoming Future Ready: Building New Capabilities to Thrive
Becoming Future Ready: Building New Capabilities to ThriveBecoming Future Ready: Building New Capabilities to Thrive
Becoming Future Ready: Building New Capabilities to ThriveRahul Neel Mani
 
Who Will Manage the Growing Web: Growing Internet and Shortfall of Cybersecur...
Who Will Manage the Growing Web: Growing Internet and Shortfall of Cybersecur...Who Will Manage the Growing Web: Growing Internet and Shortfall of Cybersecur...
Who Will Manage the Growing Web: Growing Internet and Shortfall of Cybersecur...Rahul Neel Mani
 
Preventing Social Engineering Attacks: The Critical Elements
Preventing Social Engineering Attacks: The Critical ElementsPreventing Social Engineering Attacks: The Critical Elements
Preventing Social Engineering Attacks: The Critical ElementsRahul Neel Mani
 
Threat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a BreachThreat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a BreachRahul Neel Mani
 

More from Rahul Neel Mani (20)

7th Annual DynamicCISO Summit & Excellence Awards 2020 Report
7th Annual DynamicCISO Summit & Excellence Awards 2020 Report7th Annual DynamicCISO Summit & Excellence Awards 2020 Report
7th Annual DynamicCISO Summit & Excellence Awards 2020 Report
 
TweetChat - A Grey Head Digital Initiative
TweetChat - A Grey Head Digital InitiativeTweetChat - A Grey Head Digital Initiative
TweetChat - A Grey Head Digital Initiative
 
Cybersecurity: Glimpses from the 2017
Cybersecurity: Glimpses from the 2017Cybersecurity: Glimpses from the 2017
Cybersecurity: Glimpses from the 2017
 
5th Annual DynamicCISO Summit 9-10 March 2018, Mumbai
5th Annual DynamicCISO Summit 9-10 March 2018, Mumbai5th Annual DynamicCISO Summit 9-10 March 2018, Mumbai
5th Annual DynamicCISO Summit 9-10 March 2018, Mumbai
 
CIO Productivity Conclave 2017
CIO Productivity Conclave 2017 CIO Productivity Conclave 2017
CIO Productivity Conclave 2017
 
Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...
Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...
Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...
 
Key Imperatives for the CIO in Digital Age By Lalatendu Das Digital VP, Assoc...
Key Imperatives for the CIO in Digital Age By Lalatendu Das Digital VP, Assoc...Key Imperatives for the CIO in Digital Age By Lalatendu Das Digital VP, Assoc...
Key Imperatives for the CIO in Digital Age By Lalatendu Das Digital VP, Assoc...
 
Traversing the Digital Vortex, Lux Rao, Director & Leader, Digital Transforma...
Traversing the Digital Vortex, Lux Rao, Director & Leader, Digital Transforma...Traversing the Digital Vortex, Lux Rao, Director & Leader, Digital Transforma...
Traversing the Digital Vortex, Lux Rao, Director & Leader, Digital Transforma...
 
CIO Productivity Conclave 2016
CIO Productivity Conclave 2016CIO Productivity Conclave 2016
CIO Productivity Conclave 2016
 
Take Control of Your Imaging and Printing: Siva Kumar
Take Control of Your Imaging and Printing: Siva KumarTake Control of Your Imaging and Printing: Siva Kumar
Take Control of Your Imaging and Printing: Siva Kumar
 
SMAC in Healthcare: Arvind Sivaramakrishnan, CIO Apollo Hospitals
SMAC in Healthcare: Arvind Sivaramakrishnan, CIO Apollo HospitalsSMAC in Healthcare: Arvind Sivaramakrishnan, CIO Apollo Hospitals
SMAC in Healthcare: Arvind Sivaramakrishnan, CIO Apollo Hospitals
 
Preparing for the Future Innovation in Digital Healthcare: Manas Tripathi
Preparing for the Future Innovation in Digital Healthcare: Manas TripathiPreparing for the Future Innovation in Digital Healthcare: Manas Tripathi
Preparing for the Future Innovation in Digital Healthcare: Manas Tripathi
 
Mobile First Healthcare: Chris Kozup Aruba (HPE)
Mobile First Healthcare: Chris Kozup Aruba (HPE)Mobile First Healthcare: Chris Kozup Aruba (HPE)
Mobile First Healthcare: Chris Kozup Aruba (HPE)
 
IT to IoT: The Journey to Nextgen - By Rajesh Batra
IT to IoT: The Journey to Nextgen - By Rajesh BatraIT to IoT: The Journey to Nextgen - By Rajesh Batra
IT to IoT: The Journey to Nextgen - By Rajesh Batra
 
Enabling the Future of Healthcare Through Integration and Interoperability: V...
Enabling the Future of Healthcare Through Integration and Interoperability: V...Enabling the Future of Healthcare Through Integration and Interoperability: V...
Enabling the Future of Healthcare Through Integration and Interoperability: V...
 
Can India Really Achieve the Stiff Target of Digital Healthcare?
Can India Really Achieve the Stiff Target of Digital Healthcare?Can India Really Achieve the Stiff Target of Digital Healthcare?
Can India Really Achieve the Stiff Target of Digital Healthcare?
 
Becoming Future Ready: Building New Capabilities to Thrive
Becoming Future Ready: Building New Capabilities to ThriveBecoming Future Ready: Building New Capabilities to Thrive
Becoming Future Ready: Building New Capabilities to Thrive
 
Who Will Manage the Growing Web: Growing Internet and Shortfall of Cybersecur...
Who Will Manage the Growing Web: Growing Internet and Shortfall of Cybersecur...Who Will Manage the Growing Web: Growing Internet and Shortfall of Cybersecur...
Who Will Manage the Growing Web: Growing Internet and Shortfall of Cybersecur...
 
Preventing Social Engineering Attacks: The Critical Elements
Preventing Social Engineering Attacks: The Critical ElementsPreventing Social Engineering Attacks: The Critical Elements
Preventing Social Engineering Attacks: The Critical Elements
 
Threat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a BreachThreat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a Breach
 

Recently uploaded

Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Recently uploaded (20)

Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Security Incident Response Readiness Survey

  • 1. Security Incident Response Readiness An insight into organization’s ability to Sense, Resist and React to a Security Incident
  • 2. Page 2 Introduction 1970s - Mainframes • Ready for natural hazards • Physical response measures in place • Call for external assistance 1980s – Client / Server • Reliance on new technologies • Basic disaster recovery in response to system failures • Virus protection • Identity and access management 1990s - Internet • Enterprise- wide risk management introduced • Regulatory compliance commonplace • Business continuity in focus 2000 – E-commerce • Advances in information and cyber security • Switch to online • Third party outsourcing • Connectivity of devices Recent Times - Digital • Global shocks (terrorist, climate, political) • Business resilience • Internet of Things • Critical infrastructure • State sponsored cyber espionage and cyber attacks Times are changing and so are the risks and threats
  • 3. Page 3 Understanding the challenges Recover Adapt & reshape Threats Sense Risk appetite Resist Three lines of defense Critical assets Intellectual property (IP) Revenue Reputation React Technology is increasing organization’s vulnerability to be attacked  Increased online presence, Broader use of social media, Mass adoption of BYOD (Bring Your Own Device), Increased usage of cloud services • Collection/analysis of big data • Inherent connectivity of people, device & organization has enhanced vulnerability Ref: Global Information Security Survey 2016 It is the ability of organizations to predict and detect cyber threats. Sense It starts with how much the risk an organization is prepared to take across its ecosystem. Resist If the sense fails and there is a breakdown in the resist, organizations need to be ready to deal with the disruptions and manage the crisis. React
  • 4. Page 4 Survey Assessment – Leaderships' Role Cybersecurity a board level agenda. The success of any cybersecurity program depends on support from executive leadership and its alignment with business objectives Management is also realizing the risks to business, however this is just the start and lot of work needs to be completed before the management can be sure of gain enough confidence in their cybersecurity function. Over 70% organizations do not have their cybersecurity strategy aligned with business objectives. 58% of our respondents lack confidence in their organization’s cybersecurity program Over 33% of our respondents do not have a cyber security strategy which considers next 1-3 years. Business Alignment missing Low confidence Short sightedness
  • 5. Page 5 Budget Is it enough? 75% of respondents have dedicated budget allocated for cybersecurity. Moreover, 20% of respondents have a budget of over USD $2mn. $$$ 49% of the organizations with a budget of $0.5m - $2m expect their budget to increase by 10-20% in the next 12 months. 36% 36% organizations having no budget allocation for cybersecurity have experienced cyberattacks in last 12 months.
  • 6. Page 6 Identifying Crown- Jewels Over 39% ranked employee or customer or supplier personally identifiable information (PII) as the number 1 information most valuable to cyber criminals in the organization. Only 18% ranked senior executive / board member personal information as the number 1 information valuable to cyber criminals in the organization. 19 18 16 21 42 24 16 19 25 22 17 29 30 20 13 17 25 25 20 17 29 18 16 20 12 Senior executive/ Board member personal information Company financial information Corporate strategic plans Login credentials Employees or customers or suppliers or vendors personally identifiable… P 1 P 2 P 3 P 4 P 5 Contd..
  • 7. Page 7 Identifying Crown- Jewels  Over 30% ranked Phishing / Spam as the number 1 or number 2 source of cyber attack, followed by Malware attacks which is further followed by external cyber attacks and Internal employees. 0 12 10 19 19 26 8 7 9 15 24 23 13 10 16 12 22 13 24 15 22 5 8 12 27 16 14 12 12 5 14 26 15 23 1 7 Espionage (e.g., by competitors) Zero-day attacks Internal attacks (e.g., by disgruntled employees) Cyber-attacks (e.g., to disrupt or deface the organization, to steal financial information, to… Malware (e.g., viruses, worms and Trojan horses) Phishing/ spam P 1 P 2 P 3 P 4 P 5 P 6
  • 8. Page 8 Incident Response Framework Over 70% of our respondents have a defined cyber security incident management program. While 84% of organizations with a cyber security incident management program have a dedicated Incident response team set up within their organization. Organizations are taking steps to improve their incident management posture; have initiated cyber security incident programs and trying to include business teams to assist in cyber security incident management program. 84% 61% of organizations have an Incident response team (IRT) in place without a cyber security incident management program. 61%
  • 9. Page 9 Where should organizations focus to better resist today’s attacks? The point noted also get further strengthened by the fact that: 36% of organizations believe that higher professional staffing and training would help in improved incident response, this is followed by development of an improved patch management process. 37% of the organizations that have a dedicated IRT believe that the staff is not adequate and require additional skills and trainings. Incident response team must deliver 14% 8% 18% 24% 36% Better incident response capabilities Threat intelligence Improved vulnerability audits and assessments Improved patch management process Higher professional staffing and training 87% organizations have a defined process for communication.
  • 10. Page 10 Collaboration is vital 75 47 50 14 CERT- Computer Emergency Response Team Law enforcement and government entities Industry peers We neither receive or share any information 87% of organizations receive or share information with CERT, Law enforcement agencies and industry peers. Potential Collaboration within the ecosystem
  • 11. Page 11 Effective measurement is critical 47% of the respondents who don’t have defined indicators have suffered a cyber attack in the last 12 months. 47% The indicators shall be evaluated to find out the status of effectiveness of current cybersecurity framework. 70% respondents have defined performance indicators to measure the effectiveness of the program. 16% 20% 21% 12% 31% No defined frequency/ adhoc basis On a monthly basis On a quarterly basis On an annual basis On an ongoing basis
  • 12. Page 12 The board must become more involved in cybersecurity and understand cyber risk The board must understand: ► The suitability of the governance structure ► The appropriateness of the cyber risk management program ► The appropriateness of the cyber risk disclosures required by regulators ► How insider threats should be managed
  • 13. Page 13 Just protecting your organisation isn’t enough anymore Guiding Principles ► Focus on impact ► Enhance cyber skills and capabilities ► Benchmark results Strategic Goals ► Protect Crown Jewels ► Determine risk appetite ► Set up Operating Model and Culture Detect GovernRespond Protect Recover Identify Based on Cybersecurity framework
  • 14. “It is going to be a continual and likely never-ending battle to stay ahead of [cybercrime] - and, unfortunately, not every battle will be won.” Jamie Dimon, after JP Morgan Chase’s breach
  • 15. Page 15 Jaspreet Singh Partner, Advisory Services Jaspreet.singh@in.ey.com Let’s Connect
  • 17. Page 17 Survey methodology 106 respondents 19 industry sectors 2.9% 18.6% 2.0% 1.0% 3.9% 6.9% 2.9% 7.8% 2.9% 9.8% 22.5% 3.9% 2.9% 2.0% 3.9% 2.0% 2.0% 1.0% 1.0% Automotive Banking Building Materials Business Services Consulting and advisory… Telecommunications Engineering Finance Healthcare Insurance IT Consulting and Services Manufacturing Retailing Media Energy and Infrastructure Law and Legal Outsourcing Processed Products Electric Utility Logistics and supply chain Respondents by industry sector
  • 18. Page 18 Survey methodology 40% 16% 44% 1000 to 10000 Less than 1000 More than 10000 Respondents by number of employees 8% 35% 57% 1 Million USD 100 Million USD more than 100 Million USD Respondents by total annual company revenue