cyber security: what are the threats? · certificate level opportunity for icaz: icaew exam model...
TRANSCRIPT
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Kirstin Gillon, ICAEW IT Faculty
Presentation to ICAZ Winter School 2014
Cyber security: What are the threats?
How should business respond?
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
IT Faculty
Broadband
Cyber
Roadshows
Other ICAEW
Trust
IT Value
IT Security
Cloud
Thought leadership
Member service
Other
Policy
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Agenda
• The big picture
• 10 steps to cyber security
• The role of government
• Q&A
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Why has cyber security got more important?
Digitisation of economies
and governments
Economic impact of
security failures
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Cyber security
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
What’s new about cyber security?
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
4 Flags for Cyber Security
• Businesses should consider ‘cyber’ in all
their activities
• Businesses need to accept that their
security will be compromised
• Businesses should focus on their critical
information assets
• Most businesses don’t get the basics right
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
How can businesses protect themselves?
www.icaew.com/cyber
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
10 steps to cyber security for smaller firms
• Allocate responsibilities
– Identify key data and risks
– Ensure senior-level responsibility overall
• Protect your computers and network
– Implement firewalls
• Keep your computers up-to-date
– Ensure patches and updates are applied as soon as possible
• Control employee access to computers and documents
– Apply good password discipline – smart passwords and change
them regularly
• Protect against viruses
– Implement malware protection
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
10 steps to cyber security for smaller firms
• Extend security beyond the office
– Mobile risks
– Cloud risks
• Don’t forget disks and drives
– Risks of malware and loss
• Plan for the worst
– Know you have a problem
– Have a plan and clear responsibility
• Educate your team
– Training
• Keep records and test your security
– Ongoing processes
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Key barriers to good practices
• Time and priority
– Awareness
– Specific risks to business
• Skills and knowledge
– Specialists
– Across businesses
• Changing people’s behaviour
• Complex IT environment
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Role of governments - laws and regulation
• Old criminal offences
in new ways
• New criminal offences
– E.g. UK Computer
Misuse Act 1990
• Data protection
regulation
• Intellectual property
laws
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Role of governments – other actions
• Protecting Critical
National Infrastructure
• Helping business to
improve their security
– Awareness
– Standards
– Information sharing
• Building skills base
– Specialists
– Individuals
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Key messages
• Cyber security will be increasingly important to business
success
– Supply chains
– Customer relationships
– Deploying new technologies
• Getting the basics right goes a long way - it’s all about people
• Businesses can’t do it alone – need strong institutional
framework and co-operation across all sectors
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
ADVANCED
LEVEL
Case Study
Corporate ReportingStrategic Business
Management
PROFESSIONAL
LEVEL
Business Planning:
TaxationBusiness Strategy
Audit and Assurance
Financial
Accounting and
Reporting
Financial
ManagementTax Compliance
CERTIFICATE
LEVEL
OPPORTUNITY FOR ICAZ: ICAEW EXAM MODEL
Accounting AssuranceBusiness
and FinanceLaw
Management
Information
Principles of
Taxation
Exams in green can
be replaced with
ICAZ local variants*
*must meet ICAEW criteria for recognition towards ICAEW membership
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014
Questions
+44 (0)20 7920 8538
www.icaew.com/cyber
www.icaew.com/informationsystems
www.icaew.com/itfac
A world leader
of the accountancy
and finance profession
BUSINESS WITH CONFIDENCE icaew.com© ICAEW 2014