SlideShare a Scribd company logo

Cyber Security for the Employee - AFP Annual Conference 2016

Brad Deflin
Brad Deflin

This document outlines a proposed employee-based cyber security training and education program. It begins by establishing the need for such a program, noting that cyber risk is increasing and now poses an existential threat. It argues that the human element remains the weakest link for enterprises. The goals of the program are to instill long-term cultural and behavioral changes across the enterprise to better manage cyber risk. The program aims to inform employees about cyber threats, educate them on security frameworks, and empower them with skills for life-long cyber security. It would involve interactive workshops, online awareness training, testing, and attack simulations to train and assess employees.

Internet
1 of 28
Cyber Security for the Employee - A fresh approach to managing and mitigating cyber risk at the enterprise. October 25th, 2016 Laura Harkins and Brad Deflin
① Do you believe cyber risk is a big deal today? ② Do you think it will get better or worse? ① Do you feel ready for it? Pop Quiz
Why We’re Here • The Risk is Real – Director of U.S. National Intelligence warns of widespread vulnerabilities in the civilian infrastructure and calls it one or our two greatest risks as a nation. March 2nd. • The Risk is Increasing – the FBI reported a 270% increase in cybercrime over the last year – April 4th. • The Risk has Become Existential – the UK’s National Crime Agency declared cybercrime surpassed traditional crime and is now greater than all other crimes combined - July 7th.
Cyber Threat VAR • It’s a very big deal. • It’s getting worse, maybe a lot worse. • Most need to do more.
Speaker Introduction “The New Face of Risk” “The Democratization of Cyber Risk”
Today… • WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
Today… • WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
Why ....? • WHY? Why an employee-based cyber security training and education program? “Its become easier to hack a human than a company’s technology. “ Deloitte – Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
Why …
Watch the Delta “It’s become easier to hack a human than a company’s technology.” You are here X “Life” is here Y • Apathy • Fear • Confusion • Denial The rate of change in our every day lives is accelerating.
Why … • HBR – Cyber Security’s Human Factor • TrustWave Global Security Report • Cisco Midyear 2016 Cybersecurity Report Another day at the office.
Why … The arbitrage trade of the millennium. Misevaluation of our personal information has created an arbitrage trade that is minting history’s greatest fortunes over the shortest periods of time. Isn’t it great that we have to pay nothing for the barn? Yes! And even the food is free. Etc…
Why … Why an employee-based program? • The human element is still the weakest link. • The Democratization of Cyber Risk • Profit Motives and Trends in Cyber Crime “It’s become easier to hack a human than a company’s technology.”
The Democratization of Cyber Risk.
The Profit Motive in Cyber Crime. “In our research into underground markets, we’ve estimated that cybercriminals today enjoy an ROI of 1,425 percent.” Trustwave – 2015 Global Security Report
The Profit Motive in Cyber Crime. “Cisco engineers determined a typical hacker can make $34 million a year using today’s ransomware software tools. Tools available to anyone. For rent.” Cisco, May 18th, 2016
Conclusion –  Great risk increasingly resides at the intersection of people and the technology they use every day.  Individuals at all levels of the enterprise must adjust and adapt to participate and contribute to its management and mitigation. Why? Protecting Your Family in the Digital Age.
Today… WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
What? What are the goals of the program? • Enterprise-wide cultural adjustment and adaptation. • Heightened and sustained levels of awareness. • Behavioral change, personally and professionally. • Benchmarked and managed compliance. • Long-term program ROI.
What? Goal –  To increase and instill long-term and sustained changes that manage and mitigate cyber risk across the enterprise with optimal program efficacy, and cost efficiency.
Today… WHY? Why an employee-based cyber security training and education program? WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
How? The Big Idea - Informing, educating, and empowering individuals for survival and success in their personal and professional lives is an effective and efficient approach to cyber risk mitigation at the enterprise.
How? Inform through Context. Educate for Framework. Empower for: “Cyber Security for Life.”
How? • Inform through Context Internalizes the risk. The Democratization of Cyber Risk. • How did this happen? • What does the future hold? • Mobile • Clouds • Big Data • “Free” • Ransomware • Phishing and Social Engineering • End-user Threats Protecting Home and Family in the Digital Age.
How? • Educate for Framework Personalizes the issues. • The nature of technology and cybercrime. • Precepts for the future. Managing Change for Survival and Success in the Digital Age. Protecting Home and Family in the Digital Age. • Exponentials • Moore’s Law & the Digital Age • Digital Currencies • Internet of Things • Crime-as-a-Service • Phone and WiFi Hacks • Hackers-for Hire
How? • Empower for Cyber Security for Life. Empowers the Individual. • The Four Fundamentals. • The Art and Science of Passwords. • Encryption. • Trends in Security Technology. • Best Practices. • Protecting Home and Family. Cyber Security for Life.
How? Logistics - Training • Interactive Workshop Sessions: o Max 50 attendees – 90 - minute session with Q&A. o 2 times per year. • Online Awareness Training: o On demand by employee, 2 times per year. Testing • Online Testing: o On demand by employee, 2 times per year. • Attack Simulations: o Monthly Phishing and Ransomware attack simulations. • Data Analysis o Attribution reporting. o Program optimization
Questions????

Recommended

BSides Manchester
BSides ManchesterBSides Manchester
BSides ManchesterJane Frankland
 
Foresight: Your Hidden Superpower
Foresight: Your Hidden SuperpowerForesight: Your Hidden Superpower
Foresight: Your Hidden SuperpowerJohn Smart
 
Learning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicLearning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicTyrone Grandison
 
The Big Think
The Big ThinkThe Big Think
The Big ThinkTyrone Grandison
 
Systemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessSystemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessTyrone Grandison
 
Information Management In The 21st Century
Information Management In The 21st CenturyInformation Management In The 21st Century
Information Management In The 21st CenturySteve Weissman
 
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
5 Keys to Managing Information as an Asset: The Ultimate Governance ChallengeSteve Weissman
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 

Recommended

BSides Manchester
BSides ManchesterBSides Manchester
BSides ManchesterJane Frankland
 
Foresight: Your Hidden Superpower
Foresight: Your Hidden SuperpowerForesight: Your Hidden Superpower
Foresight: Your Hidden SuperpowerJohn Smart
 
Learning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicLearning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicTyrone Grandison
 
The Big Think
The Big ThinkThe Big Think
The Big ThinkTyrone Grandison
 
Systemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessSystemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessTyrone Grandison
 
Information Management In The 21st Century
Information Management In The 21st CenturyInformation Management In The 21st Century
Information Management In The 21st CenturySteve Weissman
 
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge5 Keys to Managing Information as an Asset: The Ultimate Governance Challenge
5 Keys to Managing Information as an Asset: The Ultimate Governance ChallengeSteve Weissman
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way ForwardBlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way ForwardBlackBerry
 
Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...Damien ARNAUD
 
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...Clive Bates
 
Eyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The FactsEyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The FactsHBT Media Management Ltd
 
Progamme unum 2017
Progamme unum 2017Progamme unum 2017
Progamme unum 2017Adm Medef
 
Plentiful energy
Plentiful energyPlentiful energy
Plentiful energywww.thiiink.com
 
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...Localogy
 
Alimentation comme bien commun
Alimentation comme bien communAlimentation comme bien commun
Alimentation comme bien communUniversite Catholique de Louvain
 
Design in Tech Report 2017
Design in Tech Report 2017Design in Tech Report 2017
Design in Tech Report 2017John Maeda
 
INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012Instituto Nacional de Evaluación Educativa
 
Great B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using LinkedinGreat B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using LinkedinBryan K. O'Rourke
 
Redundancy and Interchangeability
Redundancy and InterchangeabilityRedundancy and Interchangeability
Redundancy and InterchangeabilityLOESCHE
 
Investments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise FoskorInvestments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise FoskorLOESCHE
 
Pecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile EducationPecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile EducationRody Middelkoop
 
Design Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAllDesign Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAllEnjoyDigitAll by BNP Paribas
 
Foot care for people with diabetes mellitus
Foot care for people with diabetes mellitusFoot care for people with diabetes mellitus
Foot care for people with diabetes mellitusCustom Orthotic Design Group Ltd.
 
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its CapabilitiesWhen to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its CapabilitiesOlympus IMS
 
2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class OneFRSecure
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1FRSecure
 
BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"ChristiAKannapel
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017Ray Bugg
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementWilliam McBorrough
 

More Related Content

Viewers also liked

BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way ForwardBlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way ForwardBlackBerry
 
Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...Damien ARNAUD
 
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...Clive Bates
 
Eyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The FactsEyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The FactsHBT Media Management Ltd
 
Progamme unum 2017
Progamme unum 2017Progamme unum 2017
Progamme unum 2017Adm Medef
 
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...Localogy
 
Design in Tech Report 2017
Design in Tech Report 2017Design in Tech Report 2017
Design in Tech Report 2017John Maeda
 
Great B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using LinkedinGreat B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using LinkedinBryan K. O'Rourke
 
Redundancy and Interchangeability
Redundancy and InterchangeabilityRedundancy and Interchangeability
Redundancy and InterchangeabilityLOESCHE
 
Investments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise FoskorInvestments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise FoskorLOESCHE
 
Pecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile EducationPecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile EducationRody Middelkoop
 
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its CapabilitiesWhen to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its CapabilitiesOlympus IMS
 

Viewers also liked (17)

BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way ForwardBlackBerry Is Back: Strategy and Product Updates Point the Way Forward
BlackBerry Is Back: Strategy and Product Updates Point the Way Forward
 
Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...Nouveaux outils et dérives de la communication politique : interview exclusiv...
Nouveaux outils et dérives de la communication politique : interview exclusiv...
 
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
Is nicotine reduction a viable policy for tobacco control? No, Definitely not...
 
Eyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The FactsEyes Health Diseases And Problems- Know The Facts
Eyes Health Diseases And Problems- Know The Facts
 
Progamme unum 2017
Progamme unum 2017Progamme unum 2017
Progamme unum 2017
 
Plentiful energy
Plentiful energyPlentiful energy
Plentiful energy
 
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
LSA17: Best Practices for Local Advertiser Retention (Green Banana, Boostabil...
 
Alimentation comme bien commun
Alimentation comme bien communAlimentation comme bien commun
Alimentation comme bien commun
 
Design in Tech Report 2017
Design in Tech Report 2017Design in Tech Report 2017
Design in Tech Report 2017
 
INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012INEE. Estudio Europeo de Competencia Lingüística 2012
INEE. Estudio Europeo de Competencia Lingüística 2012
 
Great B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using LinkedinGreat B2B Sales Tips For Using Linkedin
Great B2B Sales Tips For Using Linkedin
 
Redundancy and Interchangeability
Redundancy and InterchangeabilityRedundancy and Interchangeability
Redundancy and Interchangeability
 
Investments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise FoskorInvestments Into New Plant Set to Stabilise Foskor
Investments Into New Plant Set to Stabilise Foskor
 
Pecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile EducationPecha Kucha eduScrum Agile Education
Pecha Kucha eduScrum Agile Education
 
Design Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAllDesign Thinking infographic - #EnjoyDigitAll
Design Thinking infographic - #EnjoyDigitAll
 
Foot care for people with diabetes mellitus
Foot care for people with diabetes mellitusFoot care for people with diabetes mellitus
Foot care for people with diabetes mellitus
 
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its CapabilitiesWhen to Use a Measuring Microscope: And How to Further Enhance its Capabilities
When to Use a Measuring Microscope: And How to Further Enhance its Capabilities
 

Similar to Cyber Security for the Employee - AFP Annual Conference 2016

2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class OneFRSecure
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1FRSecure
 
BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"ChristiAKannapel
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017Ray Bugg
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementWilliam McBorrough
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementWilliam McBorrough
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramTyrone Grandison
 
HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018hdicapitalarea
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin OCTF Industry Engagement
 
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec
 
The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
The Works 2018 - Industry Track - Cybersecurity for Staffing AgenciesThe Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
The Works 2018 - Industry Track - Cybersecurity for Staffing AgenciesDavid Dourgarian
 
Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksPhil Huggins FBCS CITP
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber securityzapp0
 
Opening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureOpening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureSecurity Innovation
 
Business Intelligence & Predictive Analytic by Prof. Lili Saghafi
Business Intelligence & Predictive Analytic by Prof. Lili SaghafiBusiness Intelligence & Predictive Analytic by Prof. Lili Saghafi
Business Intelligence & Predictive Analytic by Prof. Lili SaghafiProfessor Lili Saghafi
 
20101012 isa larry_clinton
20101012 isa larry_clinton20101012 isa larry_clinton
20101012 isa larry_clintonCIONET
 
BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016Whitbags
 
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...hdicapitalarea
 
National Conference on Youth Cyber Safety
National Conference on Youth Cyber SafetyNational Conference on Youth Cyber Safety
National Conference on Youth Cyber Safetyemilyensign
 

Similar to Cyber Security for the Employee - AFP Annual Conference 2016 (20)

2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One2019 FRSecure CISSP Mentor Program: Class One
2019 FRSecure CISSP Mentor Program: Class One
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1
 
BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"BIS "Is Your Company at Risk for a Security Breach?"
BIS "Is Your Company at Risk for a Security Breach?"
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
 
MCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk ManagementMCG Cybersecurity Webinar Series - Risk Management
MCG Cybersecurity Webinar Series - Risk Management
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity Program
 
HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
 
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
 
The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
The Works 2018 - Industry Track - Cybersecurity for Staffing AgenciesThe Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies
 
Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber Shocks
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber security
 
Opening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureOpening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital Future
 
Business Intelligence & Predictive Analytic by Prof. Lili Saghafi
Business Intelligence & Predictive Analytic by Prof. Lili SaghafiBusiness Intelligence & Predictive Analytic by Prof. Lili Saghafi
Business Intelligence & Predictive Analytic by Prof. Lili Saghafi
 
20101012 isa larry_clinton
20101012 isa larry_clinton20101012 isa larry_clinton
20101012 isa larry_clinton
 
BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016
 
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
 
National Conference on Youth Cyber Safety
National Conference on Youth Cyber SafetyNational Conference on Youth Cyber Safety
National Conference on Youth Cyber Safety
 

Recently uploaded

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 

Recently uploaded (20)

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 

Cyber Security for the Employee - AFP Annual Conference 2016

  • 1. Cyber Security for the Employee - A fresh approach to managing and mitigating cyber risk at the enterprise. October 25th, 2016 Laura Harkins and Brad Deflin
  • 2. ① Do you believe cyber risk is a big deal today? ② Do you think it will get better or worse? ① Do you feel ready for it? Pop Quiz
  • 3. Why We’re Here • The Risk is Real – Director of U.S. National Intelligence warns of widespread vulnerabilities in the civilian infrastructure and calls it one or our two greatest risks as a nation. March 2nd. • The Risk is Increasing – the FBI reported a 270% increase in cybercrime over the last year – April 4th. • The Risk has Become Existential – the UK’s National Crime Agency declared cybercrime surpassed traditional crime and is now greater than all other crimes combined - July 7th.
  • 4. Cyber Threat VAR • It’s a very big deal. • It’s getting worse, maybe a lot worse. • Most need to do more.
  • 5. Speaker Introduction “The New Face of Risk” “The Democratization of Cyber Risk”
  • 6. Today… • WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
  • 7. Today… • WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
  • 8. Why ....? • WHY? Why an employee-based cyber security training and education program? “Its become easier to hack a human than a company’s technology. “ Deloitte – Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  • 10. Watch the Delta “It’s become easier to hack a human than a company’s technology.” You are here X “Life” is here Y • Apathy • Fear • Confusion • Denial The rate of change in our every day lives is accelerating.
  • 11. Why … • HBR – Cyber Security’s Human Factor • TrustWave Global Security Report • Cisco Midyear 2016 Cybersecurity Report Another day at the office.
  • 12. Why … The arbitrage trade of the millennium. Misevaluation of our personal information has created an arbitrage trade that is minting history’s greatest fortunes over the shortest periods of time. Isn’t it great that we have to pay nothing for the barn? Yes! And even the food is free. Etc…
  • 13. Why … Why an employee-based program? • The human element is still the weakest link. • The Democratization of Cyber Risk • Profit Motives and Trends in Cyber Crime “It’s become easier to hack a human than a company’s technology.”
  • 14. The Democratization of Cyber Risk.
  • 15. The Profit Motive in Cyber Crime. “In our research into underground markets, we’ve estimated that cybercriminals today enjoy an ROI of 1,425 percent.” Trustwave – 2015 Global Security Report
  • 16. The Profit Motive in Cyber Crime. “Cisco engineers determined a typical hacker can make $34 million a year using today’s ransomware software tools. Tools available to anyone. For rent.” Cisco, May 18th, 2016
  • 17. Conclusion –  Great risk increasingly resides at the intersection of people and the technology they use every day.  Individuals at all levels of the enterprise must adjust and adapt to participate and contribute to its management and mitigation. Why? Protecting Your Family in the Digital Age.
  • 18. Today… WHY? Why an employee-based cyber security training and education program? • WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
  • 19. What? What are the goals of the program? • Enterprise-wide cultural adjustment and adaptation. • Heightened and sustained levels of awareness. • Behavioral change, personally and professionally. • Benchmarked and managed compliance. • Long-term program ROI.
  • 20. What? Goal –  To increase and instill long-term and sustained changes that manage and mitigate cyber risk across the enterprise with optimal program efficacy, and cost efficiency.
  • 21. Today… WHY? Why an employee-based cyber security training and education program? WHAT? What are the goals of the program? • HOW? How do you achieve the goals and sustain high program efficacy and efficiency?
  • 22. How? The Big Idea - Informing, educating, and empowering individuals for survival and success in their personal and professional lives is an effective and efficient approach to cyber risk mitigation at the enterprise.
  • 23. How? Inform through Context. Educate for Framework. Empower for: “Cyber Security for Life.”
  • 24. How? • Inform through Context Internalizes the risk. The Democratization of Cyber Risk. • How did this happen? • What does the future hold? • Mobile • Clouds • Big Data • “Free” • Ransomware • Phishing and Social Engineering • End-user Threats Protecting Home and Family in the Digital Age.
  • 25. How? • Educate for Framework Personalizes the issues. • The nature of technology and cybercrime. • Precepts for the future. Managing Change for Survival and Success in the Digital Age. Protecting Home and Family in the Digital Age. • Exponentials • Moore’s Law & the Digital Age • Digital Currencies • Internet of Things • Crime-as-a-Service • Phone and WiFi Hacks • Hackers-for Hire
  • 26. How? • Empower for Cyber Security for Life. Empowers the Individual. • The Four Fundamentals. • The Art and Science of Passwords. • Encryption. • Trends in Security Technology. • Best Practices. • Protecting Home and Family. Cyber Security for Life.
  • 27. How? Logistics - Training • Interactive Workshop Sessions: o Max 50 attendees – 90 - minute session with Q&A. o 2 times per year. • Online Awareness Training: o On demand by employee, 2 times per year. Testing • Online Testing: o On demand by employee, 2 times per year. • Attack Simulations: o Monthly Phishing and Ransomware attack simulations. • Data Analysis o Attribution reporting. o Program optimization

Editor's Notes

  1. Title Introduction – new-school of thought with an organic genesis – didn’t happen by design, but through “in the field” experience, data, and lots of time spent at the intersection of people, the tech they use every day, and the the rapidly escalating risks at hand. But before we get ahead of ourselves – a quick pop quiz.... NEXT SLIDE
  2. lets start with 3 questions - ............... 1, 2, 3 ..... Also some data baked in here – consistently the response we get – c-suites, exec assistants, professional advisors, all the way down the food chain. Next slide 0 This is why we’re here.
  3. This is why we’re here today; it’s a big deal, it’s going to get worse, potentially a lot worse, before it starts to get any better. And, many need to do more to be ready. Etc Etc Etc You don’t need me to tell you -
  4. Not to belabor the point - ..... Mention figures…. WSJ $100b, .... Lloyds $400b ... $3-$6 trillion MSFT No element of the ledger- balance sheet or p/l is not potentially at risk in some form or another - of course IP, and then HR Data and financial risk, infrastructure, real and virtual, the supply-chain, and the partner network. So the assumption is we don’t need to spend any more time on the “Why cyber security”.
  5. PAUSE - So let’s pause a moment – at the start – I said the preso developed organically and thru years of actual experience in the field and data analysis. Started with my position in the financial services industry and 25 yrs, exec leadership most recently at JPM “The New Face of Risk...” The question becomes “Why an employee-based program?”
  6. So, here is what we talk about today .... Why? What - are the goals - SPOILER ALERT – includes words like; SUSTAINED, LONG-TERM, BEHAVIORAL CHANGE, ADAPTATION, CULTURAL,... And the reason we’re really here - HOW do you do this to successfully achieve these goals?
  7. The question becomes “Why an employee-based program?”
  8. WE know this ... BUT WHY?
  9. Coinciding trends fueling the activity. Its become easier to hack a human than a company’s technology. Deloitte - Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  10. Coinciding trends fueling the activity. Its become easier to hack a human than a company’s technology. Deloitte - Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  11. Coinciding trends fueling the activity. Its become easier to hack a human than a company’s technology. Deloitte - Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  12. Coinciding trends fueling the activity. Its become easier to hack a human than a company’s technology. Deloitte - Cyber Attacks Take Aim at Individuals, Roles Inside Organizations “Cybercrime is not an IT problem. If there is one lesson companies should take away from this study, it is this one.” PWC – Global Economic Crime Survey 2016.
  13. What it looks like where the rubber hits the road.
  14. What it looks like where the rubber hits the road.
  15. What it looks like where the rubber hits the road.
  16. PBIG – where we come from, the most personal intersection of people, technology, and risk.
  17. The question becomes “Why an employee-based program?” Our approach transcends the employees previous experience with the matter: training from the IT department, a visit from the FBI – and informs, educates, and empowers them for their individual survival and success – personally and professionally. This is the aim of the program because we believe and it is our experience in the field that this individual-oriented approach creates significant results in just the areas you want to see them … see “Goals of the Program” – but sound like heightened, sustained, cultural, behavioral, benchmarked, measurable, and ROI - but first, WHY
  18. Now, the meat of it. HOW?
  19. So, The Big Idea -
  20. This is what we found to increase understanding, awareness, adaptation, and long-term behavioral change -
  21. We’ve lived the movie ….” The Personalization of Cyber Risk.”
  22. Motivated compliance.
  23. Record investment capital inflows to the IT Security space - they are innovating and disrupting the world of hardware and traditional IT departments.
  24. Q&A