1 / 7

Securing the Digital Environment Technology Risk Management - A Caribbean Perspective

Securing the Digital Environment Technology Risk Management - A Caribbean Perspective. Monday November 10 th 2014 Roshan Mohammed. Current State. Low business priority on securing digital assets Reactive Management - After the web site is hacked After the data has been taken

dennis-leach
Télécharger la présentation

Securing the Digital Environment Technology Risk Management - A Caribbean Perspective

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing the Digital EnvironmentTechnology Risk Management - A Caribbean Perspective Monday November 10th 2014 Roshan Mohammed

  2. Current State • Low business priority on securing digital assets • Reactive Management - • After the web site is hacked • After the data has been taken • After employees take intellectual property • We perceive information security to be simple – • Can be done in-house by IT Department • Firewall + Anti Virus = Secure Network

  3. Imminent Landscape • Legislation • Local • and International (SOX, PCI DSS, ISO) • Board Due Diligence Requirements • – Pro Active Management of Risk • - Managing Risk within the local technology ecosystem • Internet Operational Risk • Cybercrime • Technology Adoption • - Stay-in-Business

  4. Planning for Risk Management • DO NOT • Invest in risk management technology without understanding your business risks. • Underestimate the technology risk in business activities. • - JP Morgan • - Dropbox • - Target • For my business, in my country, in my industry, in my region – what are the most critical technology risks? • What strategic options do I have in approaching the mitigation of these risks? • How do I future proof my investment in risk mitigation?

  5. What can help • If you do not already have a risk management strategy, invest in getting one • Have a technology risk assessment done for your business • Make sure the strategy fits our Caribbean business model • Use the right tools • Best practice standards (ISO 27000, ISO 25999 etc) • You cannot manage what you do not measure • Use the right resources • Proven work history • Grow with the company over time.

  6. The Results • Some of the questions that will be answered at the end of the strategic risk assessment. • Policy and Procedures – • If these are in place, do they meet best practice guidelines? • Do they cover my greatest business risk areas? • Technology • Is technology design and configuration sufficient to protect my business? • Will my technology defenses grow with my business? • People • Does my corporate culture embrace risk management, and if not how can I achieve this? • Are my superusers actions being monitored?

  7. Questions

More Related