Documente Academic
Documente Profesional
Documente Cultură
Strictly Private
and Confidential
June 2015
Table of Contents
January 2015
PwC
3
Section 1
Cyber – Opportunities and Threats
PwC
The New Dynamic- New Opportunities
The digital age provides many opportunities for growth
• Interconnected, integrated,
and interdependent
environments
• Years of underinvestment
Resource Prioritization
Notification Process and
Product & Service Threat
and Technology
Security Intelligence
Disclosure Fundamentals
Threat
Critical Asset Public/Private Technology
User Modeling Privileged Access
Identification and Information Debt
Administration & Scenario Management
Protection Sharing Management
Planning
Technology Global Incident Security
Adoption and Security and Crisis Technology
Enablement Operations Management Rationalization
PwC 5
Section 2
Cyber Threats – Who, What and How?
PwC 8
Who are we protecting against
Nation
Hacktivism
State
INSIDER
Cyber Organised
Terrorists Crime
PwC 7
The Actors and The Information They Target
Adversary What’s most at risk?
Military
R&D and / or product
technologies
design data
Organized Crime
Healthcare,
pharmaceuticals, and Business
related technologies deals
information
PwC 8
Cyber Attacks – Significant business impacts
Financial losses
Share price
Regulatory
PwC 9
Profiles of Threat Actors
PwC 10
Section 3
Putting Cyber Threats in Perspective
PwC
Putting cybersecurity into perspective
• Broader than just information technology and not limited to just the enterprise
PwC 12
Evolving perspectives
Considerations for businesses adapting to the new reality
PwC 13
Key success factors
Identify and
Protect
People Process
People
Governance
Security
Process
Management
Emerging Security
Technologies Architecture
Third-
Threat &
Recover party
Incident Vulnerability Detect
Vendor Management
& Crisis
Manage
Manage
ment
ment Identity
Regulations &
Policy Management
Awareness &
Technology Education
Governance Technology
Response
PwC 14
Process…
Questions to consider when evaluating your ability to respond to the
new challenges.
Understand the threats to your industry and Evaluate and improve effectiveness of existing
your business processes and technologies
Secure Mobile Patch &
Physical Operational
Insider and Cloud Configuration
Identify, prioritize,
Threatand protect the assets Security
Technology
Risk and Impact Evaluation
Resource Prioritization
Notification Process and
Product & Service Threat
and Technology
Security Intelligence
Disclosure Fundamentals
Threat
Critical Asset Public/Private Technology
User Modeling Privileged Access
Identification and Information Debt
Administration & Scenario Management
Protection Sharing Management
Planning
Technology Global Incident Security
Adoption and Security and Crisis Technology
Enablement Operations Management Rationalization
PwC 15
Cyber Security Framework
PwC 16
Cyber Risk
Challenges
17
Questions
PwC
Thank you.
Contacts Us:
This publication has been prepared for general guidance on matters of interest only, and does not
constitute professional advice. You should not act upon the information contained in this publication
without obtaining specific professional advice. No representation or warranty (express or implied) is
given as to the accuracy or completeness of the information contained in this publication, and, to the
extent permitted by law, [insert legal name of the PwC firm], its members, employees and agents do
not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone
else acting, or refraining to act, in reliance on the information contained in this publication or for any
decision based on it.
© 2015 PwC Singapore. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers
LLP which is a member firm of PricewaterhouseCoopers International Limited, each member firm of
which is a separate legal entity.