corporate security culture
play

Corporate Security Culture View from the T op What do we mean by - PowerPoint PPT Presentation

Apr 05, 2023 •172 likes •329 views

Corporate Security Culture View from the T op What do we mean by Corporate Culture? Refers to the shared values, attitudes, standards, and beliefs that characterize members of an organization and define its nature Rooted in an

  1. Corporate Security Culture View from the T op

  2. What do we mean by Corporate Culture? ➢ Refers to the shared values, attitudes, standards, and beliefs that characterize members of an organization and define its nature ➢ Rooted in an organization's goals, strategies, structure, and approaches to labor, customers, investors, and the greater community. ➢ An essential component in any business's ultimate success or failure. https://www.inc.com/encyclopedia/corporate-culture.html

  3. Context

  4. Context (cont.) US Department of Energy: Idaho National Lab • Cyber-Physical Grid • US & International Security Protection Policy & Guidance • International Nuclear • Critical Infrastructure Cybersecurity Assessments

  5. Shortest History: Tech Evolution IT Infrastructure Operational T echnology (OT) Infrastructure Power Infrastructure Operational systems were analog and protected by isolation. They were not digital, not networked, and not automated. All of that has changed.

  6. Shortest History: Notable Attacks 200 2008 20 2020 20 Estonia Georgia Stuxnet Ukraine NotPetya Metcalf Ransomware Shodan Aurora Shamoon Ukraine Trisis

  7. Security Governance

  8. https://medium.com/cxo-magazine/the-missing-chief-security-officer-11979a54fbf9

  9. CSOs vs CISOs ➢ “It’s time for organizations to appoint CSOs with both technical and business leadership attributes. Most CISOs are far too pigeonholed to effectively deal with the material nature of attacks and help CEOs navigate these turbulent times. Yesterday’s governance models don’t live up to today’s business realities.” -- Michael Assante, (RIP), former director of critical infrastructure and ICS at SANS Institute and former CSO of American Electric Power. CSO = Chief Security Officer CISO = Chief Information Security Officer

  10. Problems When CISO Reports to CIO 1. Inevitable conflicts with their boss (the CIO), whose principal job is to deploy new technologies that drive profits and efficiencies 2. CISOs under CIOs aren’t in the position to align security priorities with the company’s other strategic business goals 3. CEOs and board members need constant and regular interaction with their company’s cybersecurity expert to build trust and rapport. They don’t get that from people far down the organizational chart

  11. Utility Org Chart for Cybersecurity Environment (1)

  12. Utility Org Chart for Cybersecurity Environment (1I)

  13. An Exemplar – How to Measure Success ➢ First year at previous utility, socialized security staff with OT operators and maintainers ➢ Now at Xcel – responsible for all aspects of security ➢ OT/IT ➢ Cyber/Physical ➢ Safety ➢ NERC CIPs

  14. Thanks for your attention. Happy to get your questions.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Building a Culture of Security Agenda What is a Culture of Security? Regulatory

Building a Culture of Security Agenda What is a Culture of Security? Regulatory

Building a Culture of Security Agenda What is a Culture of Security? Regulatory Requirements Cyber Hygiene How to Develop a Culture of Security What is a Culture of Security A set of values, shared by everyone in an

350 views • 11 slides
CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy

CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy

Jens Thonke, EVP, Cyber Security Services Jyrki Rosenberg, EVP, Corporate Cyber Security CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy Family Connected home 2 F-Secure Capital Markets Day 2017

736 views • 19 slides
INFOSECURITY TO ACCELERATE CORPORATE SECURITY GROWTH CORPORATE SECURITY REVENUE INCREASED BY 8%

INFOSECURITY TO ACCELERATE CORPORATE SECURITY GROWTH CORPORATE SECURITY REVENUE INCREASED BY 8%

Samu Konttinen, CEO Q2 / 2018 F-SECURE ACQUIRED MWR INFOSECURITY TO ACCELERATE CORPORATE SECURITY GROWTH CORPORATE SECURITY REVENUE INCREASED BY 8% IN Q2 1 AGENDA Key takeaways from Q2 Acquisition of MWR InfoSecurity Key figures Business

616 views • 34 slides
Security Culture Why You Need One and How to Create It Masha Sedova Co-Founder, Elevate Security

Security Culture Why You Need One and How to Create It Masha Sedova Co-Founder, Elevate Security

Security Culture Why You Need One and How to Create It Masha Sedova Co-Founder, Elevate Security About me Cyber Analyst for Co-Founder, building the defense community Behavioral Security Platform Built and ran Salesforce Passionate about

657 views • 36 slides
CORPORATE SECURITY REVENUE GREW 14% ORGANICALLY IN THIRD QUARTER Q3/2019 Samu Konttinen,

CORPORATE SECURITY REVENUE GREW 14% ORGANICALLY IN THIRD QUARTER Q3/2019 Samu Konttinen,

CORPORATE SECURITY REVENUE GREW 14% ORGANICALLY IN THIRD QUARTER Q3/2019 Samu Konttinen, President & CEO 1 KEY TAKEAWAYS FROM Q3 Corporate cyber security continued to grow Corporate security grew 14% from previous year Endpoint

195 views • 18 slides
The Right Culture Why culture matters Wh lt tt What a great culture looks like

The Right Culture Why culture matters Wh lt tt What a great culture looks like

4/30/2014 Building the Right Culture for Your Organization Barbara Schmidt Kemp North Star Consultants LLC Guiding organizations and leaders in the right direction 1 The Right Culture Why culture matters Wh lt tt What a

356 views • 17 slides
Combined Nuclear Security and Safety Culture Self-assessments in NPPS Practical experiences of

Combined Nuclear Security and Safety Culture Self-assessments in NPPS Practical experiences of

Combined Nuclear Security and Safety Culture Self-assessments in NPPS Practical experiences of combined nuclear security and safety culture self-assessment in Nuclear Power Plants in Hungary (2015, Paks) and Canada (2016, Bruce Power, Ontario)

508 views • 18 slides
People are our most important asset Why Organizational or Corporate Culture in FLOSS

People are our most important asset Why Organizational or Corporate Culture in FLOSS

People are our most important asset Why Organizational or Corporate Culture in FLOSS Organisations Matters! By Anne stergaard aoe@gnome.org Member of The GNOME Foundation Board. Presented at KDE - aKademy 2007 in Glasgow. Content 1.

573 views • 29 slides
U.S. NRC: Safety and Security Policy and Oversight Diane Sieracki Sr. Safety Culture Program

U.S. NRC: Safety and Security Policy and Oversight Diane Sieracki Sr. Safety Culture Program

U.S. NRC: Safety and Security Policy and Oversight Diane Sieracki Sr. Safety Culture Program Manager Office of Enforcement U.S. Nuclear Regulatory Commission November 14, 2017 1 Outline NRC s Safety Culture Policy Statement

415 views • 16 slides
Module 06: Ethical leadership, followership and organisational culture ACCT20080 Corporate

Module 06: Ethical leadership, followership and organisational culture ACCT20080 Corporate

Module 06: Ethical leadership, followership and organisational culture ACCT20080 Corporate Governance and Ethics 1 Created by Dr G. L. Ilott, CQUniversity Australia Learning Objectives After completing this chapter, you should be able to: 1.

475 views • 23 slides
Making the invisible visible Method Results A theory of security culture for secure and usable

Making the invisible visible Method Results A theory of security culture for secure and usable

Making the invisible visible S. Faily, I. Flchais Introduction Making the invisible visible Method Results A theory of security culture for secure and usable grids Cases What is Security Culture? Guidelines Future work S. Faily I.

692 views • 17 slides
Five Secrets to Building a Security Culture WWW.ISECOM.ORG Secret #1 You are NOT designed by

Five Secrets to Building a Security Culture WWW.ISECOM.ORG Secret #1 You are NOT designed by

Five Secrets to Building a Security Culture WWW.ISECOM.ORG Secret #1 You are NOT designed by default to be security aware. You are not aware or in control of your thoughts. You are a bag of hormones and disease making wants and needs.

259 views • 9 slides
impact of Security. I SPEAKER'S BIOGRAPHY The Speaker is the former Chairman, Technical Committee

impact of Security. I SPEAKER'S BIOGRAPHY The Speaker is the former Chairman, Technical Committee

GSX 1201s PRESENTATION TITLE: ORGANIZATIONAL SECURITY CULTURE:A NEW BUSINESS PARADIGM ABSTRACT "Security is everybody's Concern" is the most frequently expressed among the basic principles of Security; but how it's done is just as

223 views • 9 slides
McCombs Knowledge To Go July 13, 2010 Corporate Culture from the School of Hard Knocks

McCombs Knowledge To Go July 13, 2010 Corporate Culture from the School of Hard Knocks

McCombs Knowledge To Go July 13, 2010 Corporate Culture from the School of Hard Knocks by Marcie Zlotnik StarTexas Power Awards StarTex Power Awards StarTex Power Awards StarTex Power Awards Corporate Culture Starts at the TOP

743 views • 48 slides
Creating a Pro-Editing Culture in a Corporate Environment ACES 22 nd Annual National Conference

Creating a Pro-Editing Culture in a Corporate Environment ACES 22 nd Annual National Conference

Creating a Pro-Editing Culture in a Corporate Environment ACES 22 nd Annual National Conference Palmer House Hilton Chicago, Illinois Presented by Kristen Legg, Managing Editor Floyd|Snider April 28, 2018 #ACESCorporateEdit

470 views • 20 slides
Enhancing Openness and Transparency in NRC Security Inspection Programs Holly Springs Culture

Enhancing Openness and Transparency in NRC Security Inspection Programs Holly Springs Culture

Enhancing Openness and Transparency in NRC Security Inspection Programs Holly Springs Culture Center Holly Springs, NC July 30, 2008; 5 pm 9 pm 1 AGENDA Welcome Paul W. Harris, Senior Program Manager Division Reactor Security

172 views • 14 slides
Safety and Security Arkansas School Safety Commission Preliminary Report Issued July 10, 2018

Safety and Security Arkansas School Safety Commission Preliminary Report Issued July 10, 2018

Safety and Security Arkansas School Safety Commission Preliminary Report Issued July 10, 2018 Final to be issued on November 30, 2018 1. The Commission recommends that no campus should be without armed presence when staff and children are

249 views • 9 slides
County Court Assistants Training Conference Practical Appl pplication o n of Sen enate B Bill

County Court Assistants Training Conference Practical Appl pplication o n of Sen enate B Bill

County Court Assistants Training Conference Practical Appl pplication o n of Sen enate B Bill ill 42; 2; The I Impact and C nd Cha hallen enges s of Providing g Cou ourt rt S Secu curi rity y By: Thomas Kerss, Senior LE

418 views • 22 slides
Larry Clinton President & CEO Internet Security Alliance lclinton@ISAlliance.org

Larry Clinton President & CEO Internet Security Alliance lclinton@ISAlliance.org

Larry Clinton President & CEO Internet Security Alliance lclinton@ISAlliance.org 703-907-7028 202-236-0001 Overview Defining the cybersecurity problem What does this mean for public policy How does the ANSI-ISA Financial Risk

337 views • 19 slides
City of Markham Date: March 26, 2018 Public Presentation Agenda 1. Background and Landscape

City of Markham Date: March 26, 2018 Public Presentation Agenda 1. Background and Landscape

Cyber Security Audit City of Markham Date: March 26, 2018 Public Presentation Agenda 1. Background and Landscape 2. Approach 3. Overall Results 4. Industry Comparison 5. Auditor General Recommendation and Management Response 6. Questions

175 views • 17 slides
Defence Industry Security Program May 2019 2 Security Environment Corporate Espionage

Defence Industry Security Program May 2019 2 Security Environment Corporate Espionage

Defence Industry Security Program May 2019 2 Security Environment Corporate Espionage Foreign Espionage and Interference Foreign Ownership, Control and Influence Cyber threats Insider threats Variable security

432 views • 16 slides
DEPARTMENT OF SAFETY & SECURITY OVERVIEW Embracing A New Direction JANUARY 2013 March

DEPARTMENT OF SAFETY & SECURITY OVERVIEW Embracing A New Direction JANUARY 2013 March

DEPARTMENT OF SAFETY & SECURITY OVERVIEW Embracing A New Direction JANUARY 2013 March 25, 2010 DEPARTMENT OF SAFETY & SECURITY WORKFLOW Public Safety Technical Security Cooperative Partnerships Emergency Management 2

335 views • 15 slides
HIPAA Security Rule Overview Jennings Aske, JD, CISSP, CIPP/US VP Chief Information Security

HIPAA Security Rule Overview Jennings Aske, JD, CISSP, CIPP/US VP Chief Information Security

HIPAA Security Rule Overview Jennings Aske, JD, CISSP, CIPP/US VP Chief Information Security Officer NewYork-Presbyterian Hospital The Use of Electronic Technology in Healthcare Over the past decade the health care industry began to rely

256 views • 14 slides
RSCCD Update on Implementation Plan of Public Safety Task Force Security Recommendations Public

RSCCD Update on Implementation Plan of Public Safety Task Force Security Recommendations Public

RSCCD Update on Implementation Plan of Public Safety Task Force Security Recommendations Public Safety Task Force I n Se pte mb e r 2013 the Cha nc e llo r c re a te d a Pub lic Sa fe ty T a sk F o rc e (PST F ) T he purpo se

754 views • 25 slides

More recommend