The evolving nature of cyber threats makes security a strategic imperative, and a collective responsibility. Today’s business leaders have a duty to set the tone from the top, taking steps to ensure security extends beyond technology to become part of organisational culture. This talk explores why security is no longer a technology issue with technical solutions, but a board-level priority that needs to be factored into the highest levels of corporate strategy.

1. DigitalDialogue
Making best-in-class security ubiquitous
Why security is not an IT Issue
@Graemewpark
Global Head of Security Operations at a major Ecommerce Retailer

2. BioSecurity
IoT Massive Growth Coming
Enterprises embracing Big Data
and Cloud Computing rapidly
Smart Industries: Industrial 4.0
Transformation Impending
AI, ML and Robotics for
customer interactions
Top Industry
4.0 Trends
impacting Cyber
Security

3. Graeme
Cantu-Park
Author | Speaker | Advisor|
@Graemewpark
· Global Head of Security Operations
· Trusted security advisor FS & Public Sector
· Former UK Special Forces and Cyber Operations
· Head of IT Security for FinTech Startup
· 10+ years of industry experience & ClubCISO Member

4. The Rise of Cyber As
A Business Risk

5. The likelihood of cyber attacks has been growing and is
now a top concern for senior executives
Source: World Economic Forum 2009–2019, Global Risks Report

6. Data breaches
caused by weak
security and
cover-ups have
costed companies
over
$1.45
billion
and counting

7. Source: The Ponemon Institute Research, 2019
The average cost of a data breach
Global Averages
Average total cost of a data breach
Average size
of a data breach
Cost per lost record
Time to identify and contain a
breach
Highest country average cost of
$8.19 million
United States
Highest industry average cost of
$6.45 million
Healthcare
3.92M
25,575 records
279 days
United Kingdom Averages
Average total cost of a data breach
Average size
of a data breach
Cost per lost record
Time to identify and contain a
breach
Country rank for total cost
6
Highest industry average for cost
per record
Services
3.88M
23,636 records
243 days$150 $155

8. Breach costs can be felt
for years to come
Source: The Ponemon Institute Research, 2019

9. 85%of consumers will not do
business with a company if
they have concerns about
their security practices
Source: PwC US Protect.me survey 2017
The Business
Value of Trust
60%are willing to pay a premium
for better secured personal
data

10. The Cyber
“PR” problem

11. Source: (ISC)², Inc
Report to the CEO
Report to the CIO
43%
35%
14%
7% Report to others including the COO
and CFO
Report to the Board of Directors
86%
Have CISO
14%
No CISO
CISO Reporting
Structure
Successful
organizations
overwhelmingly
report that they
employ a CISO, and
in many cases that
person reports
directly to either the
ceo or the Board of
Directors
Source: ISC - https://blog.isc2.org/isc2_blog/2018/10/why-the-ciso-matters.html

12. BUSINESS
ENABLEMENT
SELLING
INFOSEC
(Internal)
PROJECT
DELIVERY
LIFECYCLE
SECURITY
ARCHITECTURE
SECURITY
OPERATIONS
IDENTITY
MANAGEMENT
RISK
MANAGEMENT
LEGAL &
HUMAN
RESOURCES
COMPLIANCE
AND AUDITS
GOVERNANCE
BUDGET
CISO
JOB
Source: http://rafeeqrehman.com/

13. Make it the new normal
deeply ingrained in the thinking

14. Leadership “4.0” needs a bold mindset shift as security is now an
organizational challenge!
PEOPLE REPUTATION FINANCIAL GROWTH

15. 1
Develop a security culture
driving change from the
top

16. 2
Adopt cyber security
as a board level
responsibility

17. 3
Codify the language in
non technical terms

18. 4
Engage with key stakeholders
beforehand and encourage
discussion

19. 5
Focus on your business-critical
activities, the risks to them and
to systems supporting
those activities

20. “Approaching cyber security as a business risk cannot
be done alone, it is a collaborative effort that requires
input of the entire organisation”
GRAEME CANTU-PARK

21. Graeme Cantu-Park
Global Head of Security Operations at a major Ecommerce Retailer
Thank you