The Financial Impact of Cyber Risk 50 Questions Every CFO Should Ask - PowerPoint PPT Presentation

About This Presentation
Title:

The Financial Impact of Cyber Risk 50 Questions Every CFO Should Ask

Description:

Michael Castagna, Chief Information Security Officer, U.S. ... questions to ask to the major stakeholders in all corporate domains, including: General Counsel ... – PowerPoint PPT presentation

Number of Views:91
Avg rating:3.0/5.0
Slides: 15
Provided by: richard890
Category:

less

Transcript and Presenter's Notes

Title: The Financial Impact of Cyber Risk 50 Questions Every CFO Should Ask


1
The Financial Impact of Cyber Risk50 Questions
Every CFO Should Ask
  • ANSI Homeland Security Standards Panel
    (ANSI-HSSP)
  • October 2, 2008
  • 300 to 415 PM
  • U.S. Chamber of Commerce

2
Presenters
  • Moderator 
  • Ty R. Sagalow, President, American International
    Group (AIG) Product Development, and Workshop
    Leader
  • Panelists
  • Michael Castagna, Chief Information Security
    Officer, U.S. Department of Commerce
  • Larry Clinton, President, Internet Security
    Alliance (ISA)
  • Harrison Oellrich, Managing Director, Guy
    Carpenter Company, LLC
  • Regan Adams, Former Assistant Privacy Counsel,
    Goldman Sachs

3
Agenda
  • Background Setting the Scene
  • Development of an Action Guide to analyze,
    manage, and transfer financial risk for cyber
    security
  • Questions and Answers

4
BackgroundSetting the Scene
  • Cyber security is vital to the economic
    well-being of the U.S.
  • What does cyber security really mean?
  • No standard definition, but one interpretation is
    the protection of any computer system, software
    program, and data against unauthorized
    disclosure, transfer, modification, or
    destruction, whether accidental or intentional
  • Cyber security attacks can come from internal
    networks, the Internet, or other private or
    public systems

5
Background (continued)
  • Corporations use cyber systems for multiple
    purposes
  • Real-time tracking of supply chains
  • Inventory management
  • Improvement of employee efficiency
  • Generation of on-line commerce
  • Twenty-five percent of Americas economic value
    up to 3 trillion a day moves over network
    connections each day

6
Background
  • While corporations appreciate the benefits of the
    Internet, they have often failed to properly
    account for its financial risks
  • 50 of Senior Executives said they did not know
    how much money was lost due to an attack
  • Congressional Research Service estimates that the
    economic impact of cyber attacks on business has
    grown to over 226 billion annually
  • Total average cost of a data breach grew to
    approximately 200 per record compromised in 2007

7
Background
  • There is a substantial body of work dealing with
    the technical standards of cyber security
  • Plenty of attention paid to important technical
    issues, such as data encryption and best-in-class
    security technologies
  • BUT...to date, there has not been any
    comprehensive methodology for understanding and
    mitigating the financial losses associated with
    cyber risk

8
Net Financial Risk Formula
9
What Are Some of the Costs?
  • Failure of security can have costly consequences
  • Civil and criminal lawsuits
  • Lost trade secrets
  • Breach of contract, breach of privacy
  • Reputation damage
  • Business interruption, lost income

10
Development of Financial Risk Action Guide
  • To promote understanding of financial risk, the
    American National Standards Institutes (ANSI)
    Homeland Security Standards Panel (HSSP) and the
    Internet Security Alliance (ISA) launched a
    workshop

11
Development of Financial Risk Action Guide
  • The Goal
  • Create an Action Guide to analyze, manage, and
    transfer financial risk for Cyber Security
  • The Team
  • More than 30 industry leaders and governmental
    partners
  • The key to understanding the financial risks of
    cyber security is to fully embrace its
    multi-disciplinary nature, covering many areas of
    a company

12
Resolve Multidisciplinary Feed to CFO
  • A CFO needs to know the key questions to ask to
    the major stakeholders in all corporate domains,
    including
  • General Counsel
  • Chief Risk Officer
  • Chief Compliance Officer
  • Chief Technology Officer
  • Heads of Corporate Communications, Investor
    Relations, and Customer Service
  • Head of Human Resources

13
Time Table
  • The Timetable
  • First Workshop held in March 2008
  • Draft Action Guide prepared by teams representing
    the different disciplines
  • Subsequent Workshops held in May and July
  • Action Guide finalized in early August
  • Publication is being released this month,
    National Cyber Awareness Month

14
Action Guide How to get it
  • The Financial Impact of Cyber Risk50 Questions
    Every CFO Should Ask
  • Release date October 20, 2008
  • Register in advance for a free electronic copy of
    the document to be e-mailed to you early that
    morning webstore.ansi.org/cybersecurity
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "The Financial Impact of Cyber Risk 50 Questions Every CFO Should Ask" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!