Agenda

Data has become one of the world’s most valuable assets – so, unsurprisingly, protecting it from a multitude of risks remains a continual challenge.

Over the last five years, headline-grabbing incidents have demonstrated the potential implications of a data breach – from damaged business reputation, to loss of revenue and even company devaluation. According to the 2018 Cost of a Data Breach survey conducted by the Ponemon Institute, on average data breaches cost a company $3.86m, up 6.4% from 2017.

As the impacts of data breaches increase, so do the opportunities for employees to leak sensitive data – either accidentally or maliciously.

The presenter will be discussing how our recently launched Insider Data Breach survey shows just how prolific insider data breaches are and who is behind them.

In the event of a breach, privacy and security professionals often approach incident response from two different outlooks. Whereas security teams are focused on threat vectors, privacy teams are concerned with personal data leaks and adhering to various global privacy laws. While the two come from different perspectives, it is possible to build an incident and breach response plan that addresses the needs of both teams. In this session, the presenter will discuss how to build a harmonized response plan that addresses both the security team’s technical needs and privacy team’s regulatory requirements across the patchwork of US privacy laws, the GDPR and other global privacy regulations. They will also provide tips to help you map out a 72-hour personal data breach action plan and share practical advice to improve your privacy program.

• Learn how to build an incident and breach response plan that fits the needs of security teams and privacy teams
• Breakdown what stakeholders, teams, tools and processes should come together in the event of an incident or breach
• Understand how to maintain a consistent approach to incident response while complying with privacy regulations across the globe

• What are the key governance and compliance challenges for all types of financial institutions going forward?
• To what extent are CEOs, board members and senior executives held accountable for cyber security and how can they protect themselves and their organisations?
• How can regulators and financial organisations work together to maximize the effectiveness of cyber crime detection, reporting and prevention?
• How can CyberTech solutions help organisations meet regulatory obligations and enhance their cyber crime compliance processes?

Regardless of their motives, cybercriminals continue to breach perimeter defences of financial services organisations, usually remaining undetected for months. Increased perimeter security appears to have bred better attackers, more adept at finding ways behind organisational lines. A pragmatic ‘assumed breach’ mentality breeds innovative thinking in cyber security. By turning our attention to finding attackers already on the network, we can reduce the extent and severity of consequential damage and facilitate faster recovery. Deception, an age old discipline in every adversary based discipline, offers cyber teams the means to identify and detect advanced attackers on the network and effect the correct remediations.

• How do you realistically assess the cyber loss curve for your organisation?
• How do you ensure that cyber risk planning addresses first and third-party scenarios?
• How can digital resilience be benchmarked against best-practice for the banking, insurance and asset management industries?
• Which technology solutions are most effective for cyber risk management?
• What are your thoughts about cyber insurance and cyber assurance ?