systemic cyber risk the problem although not the answers
play

Systemic Cyber Risk the problemalthough not the answers Phil - PowerPoint PPT Presentation

Apr 21, 2023 •114 likes •237 views

Introduction YOU are our first line of defence Systemic Cyber Risk the problemalthough not the answers Phil Warren Deputy Chief Information Security Officer Bank of England The Future Introduction YOU are our first line of

  1. Introduction – YOU are our first line of defence Systemic Cyber Risk – the problem…although not the answers… Phil Warren Deputy Chief Information Security Officer Bank of England

  2. The Future Introduction – YOU are our first line of defence • Annual global IP traffic will reach 3.3 by 2021. In 2016, global IP traffic was 1.2 ZB per year • Global IP traffic will have increased 127-fold from 2005 to2021. • Smartphone traffic will exceed PC traffic by 2021. In 2016, PCs accounted for 46 percent of total IP traffic,but by 2021 PCs will account for only 25 percent of traffic. • The number of devices connected to IP networks will be three times as high as the global population in 2021. • Broadband speeds will nearly double by 2021. (CISCO)

  3. Current Definitions of Systemic Risk Introduction – YOU are our first line of defence “the disruption to the flow of financial services that is (i) caused by an impairment of all or parts of the financial system; and (ii) has the potential to have serious negative consequences for the real economy.” (IMF, BIS and FSB (2009) “Systemic cyber risk is the risk that a cyber event (attack(s) or other adverse event(s)) at an individual component of a critical infrastructure ecosystem will cause significant delay, denial, breakdown, disruption or loss, such that services are impacted not only in the originating component but consequences also cascade into related (logically and/or geographically) ecosystem components, resulting in significant adverse effects to public health or safety, economic security or nationalsecurity. The adverse real economic, safety and security effects from realized systemic risk are generally seen as arising from significant disruptions to the trust in or certainty about services and/or critical data (i.e. the integrity of data), the disruption of operations and, potentially, the incapacitation or destruction of physical assets.” White Paper ‘Understanding Systemic Cyber Risk’ (WEF, 2016) “A systemic risk is a risk that an event will trigger a loss of confidence in a substantial portion of the financial system that is serious enough to have adverse consequences for the real economy” G-10(2001) “Systemic risk is generally seen as the potential for a major financial crisis adversely affecting the real economy” (IMF-BIS-FSB, 20

  4. Narrow aperture of definition Introduction – YOU are our first line of defence Focussed too narrowly – largely on ‘availability’ and immediateimpact “We do not see how cyber risk could be the root cause of a systemic crisis because there is no direct connection between the failure of computer systems, no matter how severe, and the behaviour of those economic agents which ultimately culminates in a systemic crisis.” (Jon Danielsson, Morgane Fouché, Robert Macrae, 2016) Blockchain Internet of Things Mega breaches – by nation states 3 rd Party Artificial Intelligence Quantum Computing GPS spoofing

  5. ‘Traditional’ Measurement Fails Introduction – YOU are our first line of defence

  6. Measuring the Unmeasurable Introduction – YOU are our first line of defence CEO: I’ve heard there’s a cyber attack happening in the press - do I need to care? CISO: “well it depends what you mean by attack…and if it was successful…and it depends who the attacker was…and if they intended to impact the people they did…and it depends what defences the victim had…and if we’ve got the same ones…and if our ones are also vulnerable…or if our controls are stronger…and it depends on whether we would care about this type of impact on us”

  7. “in a time of deceit telling the truth is a revolutionary act” (Orwell) Introduction – YOU are our first line of defence

  8. The known… Introduction – YOU are our first line of defence

  9. The known unknown… - implications of systemic cyber risk are not yet fully realised or understood. - digital interdependencies, aggregated dependencies and single points of failure - a convergence of technologies that is blurring the lines between the physical, digital and social worlds - machine learning and automated decision-making - more to come…

  10. The unknown unknown…

  11. Some thoughts…but not the answers - Accept compromise or build things in a different way - Prepare for response and recovery and don’t punitively punish the victim - Tell a story rather than trying to measure everything - Admit what you don’t know - Think rather than fire-fight - Basics aren’t basic - Leadership

  12. Questions?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber Risk as Systemic Risk Jon Danielsson Systemic Risk Centre London School of Economics

Cyber Risk as Systemic Risk Jon Danielsson Systemic Risk Centre London School of Economics

Introduction Systemic Risk Cyber as systemic Conclusion Cyber Risk as Systemic Risk Jon Danielsson Systemic Risk Centre London School of Economics www.systemicrisk.ac.uk June 10 th 2016 Introduction Systemic Risk Cyber as systemic

351 views • 24 slides
Coupled Diffusions and Systemic Risk Systemic Risk Illustrated Jean-Pierre Fouque

Coupled Diffusions and Systemic Risk Systemic Risk Illustrated Jean-Pierre Fouque

Coupled Diffusions and Systemic Risk Systemic Risk Illustrated Jean-Pierre Fouque University of California Santa Barbara Joint work with Li-Hsien Sun Meeting on Financial Risks RiskLab Madrid, May 24th, 2012 HANDBOOK ON SYSTEMIC RISK

722 views • 39 slides
Cyber Risks, Systemic Risks, and Cyber Insurance James E. Scheuermann* A BSTRACT The literature

Cyber Risks, Systemic Risks, and Cyber Insurance James E. Scheuermann* A BSTRACT The literature

Cyber Risks, Systemic Risks, and Cyber Insurance James E. Scheuermann* A BSTRACT The literature on cyber insurance is replete with statements to the effect that cyber risks are systemic risks. Through an analysis of the concept of

350 views • 32 slides
Systemic risk and financial regulations J on Dan elsson Systemic Risk Centre London

Systemic risk and financial regulations J on Dan elsson Systemic Risk Centre London

Case study Empirics of risk Nature of risk Conclusion Systemic risk and financial regulations J on Dan elsson Systemic Risk Centre London School of Economics www.SystemicRisk.ac.uk March 18, 2016 Case study Empirics of risk

1.09k views • 49 slides
Measuring Systemic Risk and Assessing Systemic Importance in Global and Regional Financial Markets

Measuring Systemic Risk and Assessing Systemic Importance in Global and Regional Financial Markets

Technische Universitt Mnchen Measuring Systemic Risk and Assessing Systemic Importance in Global and Regional Financial Markets Using the Expected Systemic Shortfall (ESS) Indicator Lahmann / Kaserer (2011) 11 th Annual Bank Research

207 views • 20 slides
Size, Interconnectedness and the Regulation of Systemic Risk Ashkan Nikeghbali and Thierry

Size, Interconnectedness and the Regulation of Systemic Risk Ashkan Nikeghbali and Thierry

Some topics Systemic risk modeling Network risk modeling Conclusion Size, Interconnectedness and the Regulation of Systemic Risk Ashkan Nikeghbali and Thierry Roncalli Institute of Mathematics, University of Zurich, Switzerland

448 views • 28 slides
Assessing the Systemic Risk of a Portfolio of Heterogeneous Banks During the Recent Financial

Assessing the Systemic Risk of a Portfolio of Heterogeneous Banks During the Recent Financial

Assessing the Systemic Risk of a Portfolio of Heterogeneous Banks During the Recent Financial Crisis Xin Huang 1 Hao Zhou 2 Haibin Zhu 3 1 University of Oklahoma 2 Federal Reserve Board 3 J.P . Morgan Chase Bank, N.A. Global Systemic Risk

974 views • 63 slides
THE BIG PROBLEM Getting to know your team, the Big Problem and its Systemic Root Causes Dorica

THE BIG PROBLEM Getting to know your team, the Big Problem and its Systemic Root Causes Dorica

PHASE 1: SYSTEM CHANGE JOURNEY THE BIG PROBLEM Getting to know your team, the Big Problem and its Systemic Root Causes Dorica Dans team working for rare diseases CLARIFYING THE BIG PROBLEM 2. Consequences if problem is not solved (relevance)

179 views • 7 slides
Endogenous Risk-Exposure and Systemic Instability Chong Shu University of Southern California

Endogenous Risk-Exposure and Systemic Instability Chong Shu University of Southern California

Endogenous Risk-Exposure and Systemic Instability Chong Shu University of Southern California FDIC-JFSR Annual Bank Conference September 13, 2019 Do highly connected financial networks contribute to systemic stability or systemic fragility?

1.14k views • 16 slides
Financial Financial Systemic Risk Management Systemic Risk Management Koreas Experiences

Financial Financial Systemic Risk Management Systemic Risk Management Koreas Experiences

G20 Conference on Financial Systemic Risk (September 27-28, 2012, Istanbul, Turkey) Financial Financial Systemic Risk Management Systemic Risk Management Koreas Experiences Koreas Experiences Koreas Experiences Koreas

295 views • 25 slides
Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT ITY How cyber is becoming a key aspect of the ubiquity generation. CYBER SUMMIT More to come 3 2018 Deloitte Cyber Risk Services 4 2018

514 views • 19 slides
Introduction to Cyber Risk & Insurance Prepared for the Construction Financial Management

Introduction to Cyber Risk & Insurance Prepared for the Construction Financial Management

Introduction to Cyber Risk & Insurance Prepared for the Construction Financial Management Association Date: August 18, 2016 Agenda An Overview of Cyber Risk Exposures 1. Legal & Regulatory Trends 2. Marshs Cyber Risk Management

649 views • 31 slides
Is early warning against systemic risk feasible? The ECBs newly developed analytical support

Is early warning against systemic risk feasible? The ECBs newly developed analytical support

Is early warning against systemic risk feasible? The ECBs newly developed analytical support to the European Systemic Risk Board Latsis Symposium 2012 Economics on the Move Carsten Detken Head, Financial Stability Surveillance Division

1.01k views • 43 slides
Data Driven Assessment of Cyber Risk: Challenges in Assessing and Mitigating Cyber Risk

Data Driven Assessment of Cyber Risk: Challenges in Assessing and Mitigating Cyber Risk

Data Driven Assessment of Cyber Risk: Challenges in Assessing and Mitigating Cyber Risk Challenges in Assessing and Mitigating Cyber Risk Mustaque Ahamad, Saby Mitra and Paul Royal Georgia Tech Information Security Center Georgia Tech

763 views • 16 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
Technology and Cyber Wrap up Navigating the changing and challenging risk landscape How to

Technology and Cyber Wrap up Navigating the changing and challenging risk landscape How to

Technology and Cyber Wrap up Navigating the changing and challenging risk landscape How to prepare for Cyber Risk: 3 2 1 Understand the tech & Cyber insurance Focus on company interconnected risks culture 2 Policy: Protection &

774 views • 18 slides
Dealing With Climate Risk By Robert Guttmann Hofstra University (New York) CEPN (UP13,

Dealing With Climate Risk By Robert Guttmann Hofstra University (New York) CEPN (UP13,

Seminaire Chaire Energie et Prosperit 24 Janvier 2017 Dealing With Climate Risk By Robert Guttmann Hofstra University (New York) CEPN (UP13, Villetaneuse) The F e FSBs T TCFD Rep eport 1) The FSB, upgraded in the wake of the

576 views • 8 slides
Improving Android Reliability and Security Iulian Neamtiu, Assoc. Prof. CS Chairs Meeting June

Improving Android Reliability and Security Iulian Neamtiu, Assoc. Prof. CS Chairs Meeting June

Improving Android Reliability and Security Iulian Neamtiu, Assoc. Prof. CS Chairs Meeting June 14, 2018 Mobile OSes rapidly expanding their device range and user base. Android: 2 billion monthly active users but

403 views • 15 slides
Bungaloo-1, Otway Basin This investor presentation (Presentation) is issued by Cooper Energy

Bungaloo-1, Otway Basin This investor presentation (Presentation) is issued by Cooper Energy

Bungaloo-1, Otway Basin This investor presentation (Presentation) is issued by Cooper Energy Limited ABN 93 096 170 295 (Cooper Energy or COE). Summary information: This Presentation contains summary information about Cooper Energy

842 views • 30 slides
TRANSBAY DISTRICT: OSCAR PARK CONCEPT DESIGN 11 SEPTEMBER 2012 NORTH NORTH SBCA OSCAR PARK

TRANSBAY DISTRICT: OSCAR PARK CONCEPT DESIGN 11 SEPTEMBER 2012 NORTH NORTH SBCA OSCAR PARK

SUCCESSOR AGENCY TO THE SAN FRANCISCO REDEVELOPMENT AGENCY OSCAR PARK DRAFT CONCEPT DESIGN SEPTEMBER 11, 2012 D D D D G G E E A A A Y B B R R I I Transit District Site Context Oscar Park and Essex Street Improvements - 75%

696 views • 28 slides
Dynamic Interpretation of Emerging Risks in the Financial Sector, by Kathleen Weiss Hanley

Dynamic Interpretation of Emerging Risks in the Financial Sector, by Kathleen Weiss Hanley

Discussion of Dynamic Interpretation of Emerging Risks in the Financial Sector, by Kathleen Weiss Hanley and Gerard Hoberg PRESENTER Paul Glasserman, Columbia Business School Key Finding Commonality in the risks disclosed by banks

386 views • 10 slides
Dominic Eye and Heart Exams

Dominic Eye and Heart Exams

Talisman De La Fortuna Dominic Eye and Heart Exams

425 views • 4 slides
Dominic Eye and Heart Exams DM-SOD1-A Clear - not carrying the mutation

Dominic Eye and Heart Exams DM-SOD1-A Clear - not carrying the mutation

Talisman De La Fortuna Dominic Eye and Heart Exams DM-SOD1-A Clear - not carrying the mutation

320 views • 6 slides
Talisman Asia-Pacific DROPS Grant Vidrine Asia-Pacific VP HSE and Operational Assurance 22 nd

Talisman Asia-Pacific DROPS Grant Vidrine Asia-Pacific VP HSE and Operational Assurance 22 nd

Talisman Asia-Pacific DROPS Grant Vidrine Asia-Pacific VP HSE and Operational Assurance 22 nd May 2014 DROPS Accountability Lifecycle NYSE : TLM | TSX : TLM 2 www.talisman-energy.com Thank you NYSE : TLM | TSX : TLM 3 www.talisman-energy.com

475 views • 3 slides

More recommend