the impact of threats
DESCRIPTION
It takes years to build trust but a few seconds to destroy it. Manage threats while you can because the biggest risk is the risk you don't see.TRANSCRIPT
![Page 1: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/1.jpg)
Security & Risk Management
![Page 2: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/2.jpg)
Firewalls, An--‐virus, An--‐spam
Security guards, Locks,
Nuts & bolts
It’s all about…
Security is not about…
![Page 3: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/3.jpg)
Protec7ng the business against discon7nuity as a result of danger and risk
![Page 4: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/4.jpg)
1. Damage to reputa-on 2. Business interrup-on 3. Third party liability 4. Distribu-on or supply chain failure 5. Market environment
Global Risk Management Survey AON, april 2007
Your concerns
![Page 5: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/5.jpg)
6. Regulatory/legisla-ve changes 7. Failure to aUract or retain staff 8. Market risk (financial)
9. Physical damage
10. Merger/acquisi-on/restruc-ng
11. Failure of disaster recovery plan
Global Risk Management Survey AON, april 2007
More concerns
![Page 6: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/6.jpg)
Shareholders' trust: Customers' trust:
Corporate viability Business integrity
Compe--ve advantage Service availability
Brand name value preserva-on Protec-on of customers' sensi-ve informa-on
Legal and regulatory compliance
CHRISTOS K. DIMITRIADIS in Soa & Woa: Informa-on Security from a Business Perspec-ve
Reputa7on = Trust
![Page 7: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/7.jpg)
It takes years to build trust but a few seconds to destroy it
![Page 8: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/8.jpg)
Opera-onal risk
Insurance risk
Liquidity risk Market risk
Credit risk
Enterprise risk
Types of risk
![Page 9: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/9.jpg)
The risk of loss resul-ng from inadequate or failed internal processes, people and systems, or from external events.
Basel II
Opera7onal Risk
![Page 10: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/10.jpg)
Define
Measure
Analyze Improve
Control
Managing Risk
![Page 11: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/11.jpg)
Threats of natural origin;
Threats due to (consciously or unconscious) human ac-on;
Threats caused by technology.
Types of Threats
![Page 12: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/12.jpg)
Start thinking in risks, stop thinking in security measures
To much
Mismatch
The challenge
![Page 13: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/13.jpg)
• Business • Processes • Informa-on • Assets • Staff
What could hit (y)our…
![Page 14: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/14.jpg)
Low High
Low
High
Probability
Impact
Risk = Impact of Risk x Probability of Occurrence
Risk
![Page 15: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/15.jpg)
Risk taking
Risk neutral
Risk averse
Low High
Low
High
Probability
Impact
Risk appe7te
![Page 16: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/16.jpg)
Share (transfer)
Avoidance (eliminate)
Reten-on (accept)
Reduc-on (mi-gate)
Low High
Low
High
Probability
Impact
Poten7al risk treatments
![Page 17: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/17.jpg)
The biggest risk is the risk you don’t see
![Page 18: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/18.jpg)
Arson
Fire
Loss of loca-on
Loss of produc-on
Loss of turnover
Cause and effect
![Page 19: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/19.jpg)
DON’T AIM AT THE EFFECT, TRY TO PREVENT THE CAUSE
![Page 20: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/20.jpg)
Think outside the circle…
![Page 21: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/21.jpg)
‘Everything should be made as simple as possible, but not simpler’!Albert Einstein
Assess Risks
Manage Risks
Manage Incidents
…and keep it simple
![Page 22: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/22.jpg)
Reputa-on damage is not the threat, it’s a consequence of something else.
Just like: • Loss of turnover • Loss of customers • Bad publicity • Regulators sanc-ons
Reputa7on
![Page 23: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/23.jpg)
Do you want them to be compliant…
…or ‘in control’?
Compliance versus “in control”
![Page 24: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/24.jpg)
Reading a book about skiing does not mean you know how to ski
(and even the best skiers can break a leg)
It’s just like skiing
![Page 25: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/25.jpg)
Risk is percep7on
Whats your defini7on of skiing?
![Page 26: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/26.jpg)
Fire
Reputa-on damage
Data leakage
Burglary
Virus
Customer loss Regulators
sanc-ons
SPAM
Flooding
Power failure
Fraud
Thel
Sabotage
Spionage
Errors
Bad publicity
System failure
Terrorism
Storm Strikes Incompetent
personnel
Effect: discon-nuity lost sales
increased costs
…and?
![Page 27: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/27.jpg)
And if all goes wrong
![Page 28: The impact of threats](https://reader034.vdocuments.mx/reader034/viewer/2022042815/5577cf92d8b42ae0418b4cff/html5/thumbnails/28.jpg)
Continuity!(based on risk assessment)
The holy grail
www.B-‐Mature.com of direct contact via info@b-‐mature.com …most organisa7ons never fully mature, they simply grow taller