SlideShare ist ein Scribd-Unternehmen logo

Private Equity at the Eye of a Perfect Storm: Why Cyber Risk and Regulation Matter

Iryna Chekanava
Iryna Chekanava

An overview of a changing landscape of cyber security and compliance and key challenges it presents for Private Equity and Venture Capital Organisations. It also provides handy advice on what cyber risks should be considered on each stage of an investment life cycle and how to prevent them.

Business
1 von 17
Private Equity at the eye of a perfect storm: Why cyber risk and regulation matters February 1st, 2017
Agenda 2 •  PE at the eye of a perfect storm: Setting the cyber risk scene •  How cyber risk is affecting the PE investment lifecycle – challenges and available solutions •  Panel discussion and Q&A 1 2 3
A new digital world 3 1
New cyber risks 4 1
Cyber exacerbates business risks 5 1 Source: Ponemon Institute: The True Cost of Compliance
Data protection in the 20th century 6 1 The value of private information •  1.09 bn daily active users •  15% of global population •  34% of global internet users •  85% of daily active users are outside US/Canada Value of Facebook = $370,000,000,000
The EU General Data Protection Regulation 7 1 Wider Scope Data Processors, not just Controllers. Catches companies outside of EU in certain circumstances Data Subject Rights Portability, erasure and objections to profiling. Enforcement Fines of up to 4% of worldwide turnover or EUR20,000,000, whichever is higher. Security Breaches Notify regulator within 72 hours and affected data subjects without undue delay. Data Protection Officers Required in certain circumstances. Compensation Compensation for non- material damage. Non-profit organisations to pursue claims on data subjects’ behalf (group litigation).
The EU General Data Protection Regulation 8 1 “We thought data was the new oil….. ….it turns out it is the new asbestos”
Setting the cyber risk scene: From risk identification to incident management 9 1 Risk identification Risk quantification Risk management and transfer Incident management
The investment life cycle from a cyber risk perspective 10 2 Fund raising Buy HoldExit Fund closure Enable Identify ProtectSustain Enable
Fundraising: Challenges and solutions 11 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Data security §  Secure communications §  Systems set-up and security §  LP requirements §  FCA requirements Solutions: §  Set scope of Compliance Officer §  Appoint Data Officer §  Security by design §  Training and awareness §  Early-stage security measures §  Cyber insurance at formation
Buy: Challenges and solutions 12 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Solutions: §  Include cyber security and compliance in DD process: §  vulnerability assessment §  cyber health check §  Secure communications §  CyberQuantified §  Insurance gap analysis §  Incorporate cyber security and data protection action plan onto 100-day plan Challenges: §  Maintaining confidentiality §  Managing multiple parties during DD and closure §  Correctly assessing/valuing cyber security within the target §  Visibility of compliance and cyber security posture (including 3rd parties)
Hold: Challenges and solutions 13 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Minimise cyber security and compliance risk to maximize ROI and exit price Solutions: §  Implement state-of-the-art cyber security and compliance solutions at GP, fund and portfolio company level §  On-going monitoring and reporting §  Training and awareness §  Design of risk transfer strategy and insurance placement §  Cyber crisis planning and response
Exit: Challenges and solutions 14 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Maximizing transaction value by demonstrating good cyber security practice and compliance §  Avoiding post-exit law suits over insufficient cyber risk disclosure Solutions: §  Evidence produced during Hold phase §  VDD: §  Cyber-Quantified §  Insurance gap analysis
Fund closure: Challenges and solutions 15 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Avoiding post-exit law suits over insufficient cyber risk disclosure §  Data security §  Secure communications Solutions: §  Introduce cyber security module along with internal audit each year
Panel discussion and Q&A 16 3 §  Chair: Steve Berry, Chairman, Cynation §  CyNation: Shadi A. Razak, Head of Cyber & Compliance Services §  DAC Beachcroft: Hans Allnutt, Partner §  WTW: Jamie Monck-Mason, Executive Director, Cyber & TMT
Finally… 17 Private Equity Venture Capital Digitalization Cyber crime Data legislation

Empfohlen

NCC Group C Suite Cyber Security Advisory Services
NCC Group C Suite Cyber Security Advisory ServicesNCC Group C Suite Cyber Security Advisory Services
NCC Group C Suite Cyber Security Advisory ServicesOllie Whitehouse
 
"How are SMEs addressing privacy and trust today and what do they need to kno...
"How are SMEs addressing privacy and trust today and what do they need to kno..."How are SMEs addressing privacy and trust today and what do they need to kno...
"How are SMEs addressing privacy and trust today and what do they need to kno...Cyber Watching
 
NCC Group Pro-active Breach Discovery: Network Threat Assessment
NCC Group Pro-active Breach Discovery: Network Threat AssessmentNCC Group Pro-active Breach Discovery: Network Threat Assessment
NCC Group Pro-active Breach Discovery: Network Threat AssessmentOllie Whitehouse
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentationKenneth Dorado, CISA, HCISPP
 
Cyber security incidents implications in business continuity planning
Cyber security incidents implications in business continuity planningCyber security incidents implications in business continuity planning
Cyber security incidents implications in business continuity planningPECB
 
Is Your Use of Windows Backup Opening the Door to Hackers?
Is Your Use of Windows Backup Opening the Door to Hackers?Is Your Use of Windows Backup Opening the Door to Hackers?
Is Your Use of Windows Backup Opening the Door to Hackers?marketingunitrends
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber ResiliencePhil Huggins FBCS CITP
 
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...Citrin Cooperman
 

Empfohlen

NCC Group C Suite Cyber Security Advisory Services
NCC Group C Suite Cyber Security Advisory ServicesNCC Group C Suite Cyber Security Advisory Services
NCC Group C Suite Cyber Security Advisory ServicesOllie Whitehouse
 
"How are SMEs addressing privacy and trust today and what do they need to kno...
"How are SMEs addressing privacy and trust today and what do they need to kno..."How are SMEs addressing privacy and trust today and what do they need to kno...
"How are SMEs addressing privacy and trust today and what do they need to kno...Cyber Watching
 
NCC Group Pro-active Breach Discovery: Network Threat Assessment
NCC Group Pro-active Breach Discovery: Network Threat AssessmentNCC Group Pro-active Breach Discovery: Network Threat Assessment
NCC Group Pro-active Breach Discovery: Network Threat AssessmentOllie Whitehouse
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentationKenneth Dorado, CISA, HCISPP
 
Cyber security incidents implications in business continuity planning
Cyber security incidents implications in business continuity planningCyber security incidents implications in business continuity planning
Cyber security incidents implications in business continuity planningPECB
 
Is Your Use of Windows Backup Opening the Door to Hackers?
Is Your Use of Windows Backup Opening the Door to Hackers?Is Your Use of Windows Backup Opening the Door to Hackers?
Is Your Use of Windows Backup Opening the Door to Hackers?marketingunitrends
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber ResiliencePhil Huggins FBCS CITP
 
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...Citrin Cooperman
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber ThreatsPhil Huggins FBCS CITP
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceSami Benafia
 
Communicating cybersecurity
Communicating cybersecurityCommunicating cybersecurity
Communicating cybersecurityJisc
 
Cyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateCyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateAlbert Hui
 
9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model 9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model Defence and Security Accelerator
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...Citrin Cooperman
 
GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018Richard Marti - Principal
 
Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008aThompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008aMatrixDesign
 
Equity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsEquity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsMike Britt
 
Cloud Compliance Use Case Demo
Cloud Compliance Use Case DemoCloud Compliance Use Case Demo
Cloud Compliance Use Case Demoforkish
 
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...EagleCompliance
 
Corporate presentation october_2011
Corporate presentation october_2011Corporate presentation october_2011
Corporate presentation october_2011Robin Schaffer
 
Trends in AML Compliance
Trends in AML ComplianceTrends in AML Compliance
Trends in AML ComplianceAmazon Web Services
 
CohnReznick Private Equity Services
CohnReznick Private Equity ServicesCohnReznick Private Equity Services
CohnReznick Private Equity ServicesJohn A. Bova
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Training Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdfTraining Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdfdotco
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationEthos Media S.A.
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFERMA
 
GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017isc2-hellenic
 
David doughty presentation 181119
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119David Doughty
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Citrin Cooperman
 

Weitere ähnliche Inhalte

Was ist angesagt?

Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceSami Benafia
 
Communicating cybersecurity
Communicating cybersecurityCommunicating cybersecurity
Communicating cybersecurityJisc
 
Cyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateCyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateAlbert Hui
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...Citrin Cooperman
 

Was ist angesagt? (7)

Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
 
Ingenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM complianceIngenia consultants-9 basic steps towards TRM compliance
Ingenia consultants-9 basic steps towards TRM compliance
 
Communicating cybersecurity
Communicating cybersecurityCommunicating cybersecurity
Communicating cybersecurity
 
Cyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the CorporateCyber Security: Challenges and Solutions for the Corporate
Cyber Security: Challenges and Solutions for the Corporate
 
9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model 9 September 2014: Cyber Security Model
9 September 2014: Cyber Security Model
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
 
GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018
 

Andere mochten auch

Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008aThompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008aMatrixDesign
 
Equity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsEquity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsMike Britt
 
Cloud Compliance Use Case Demo
Cloud Compliance Use Case DemoCloud Compliance Use Case Demo
Cloud Compliance Use Case Demoforkish
 
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...EagleCompliance
 
Corporate presentation october_2011
Corporate presentation october_2011Corporate presentation october_2011
Corporate presentation october_2011Robin Schaffer
 
CohnReznick Private Equity Services
CohnReznick Private Equity ServicesCohnReznick Private Equity Services
CohnReznick Private Equity ServicesJohn A. Bova
 

Andere mochten auch (7)

Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008aThompson Ahern-CSCB Trade Compliance Integrity July 2008a
Thompson Ahern-CSCB Trade Compliance Integrity July 2008a
 
Equity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process FlowsEquity Exercise Management & Taxing Compliance Project Process Flows
Equity Exercise Management & Taxing Compliance Project Process Flows
 
Cloud Compliance Use Case Demo
Cloud Compliance Use Case DemoCloud Compliance Use Case Demo
Cloud Compliance Use Case Demo
 
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
Export Compliance Management Seminar 29 May 2012: Automated Trade Compliance ...
 
Corporate presentation october_2011
Corporate presentation october_2011Corporate presentation october_2011
Corporate presentation october_2011
 
Trends in AML Compliance
Trends in AML ComplianceTrends in AML Compliance
Trends in AML Compliance
 
CohnReznick Private Equity Services
CohnReznick Private Equity ServicesCohnReznick Private Equity Services
CohnReznick Private Equity Services
 

Ähnlich wie Private Equity at the Eye of a Perfect Storm: Why Cyber Risk and Regulation Matter

Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Training Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdfTraining Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdfdotco
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationEthos Media S.A.
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFERMA
 
GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017isc2-hellenic
 
David doughty presentation 181119
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119David Doughty
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Citrin Cooperman
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...Judith Beckhard Cardoso
 
Legal update 21 september 2012
Legal update 21 september 2012Legal update 21 september 2012
Legal update 21 september 2012Rachel Aldighieri
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...IT Governance Ltd
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsLionel Briand
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challengeFERMA
 
How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRCharlie Pownall
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Citrin Cooperman
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Mourad Khalil
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksThis account is closed
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
 

Ähnlich wie Private Equity at the Eye of a Perfect Storm: Why Cyber Risk and Regulation Matter (20)

Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Training Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdfTraining Catalogue - CyberSec_Technocracy.pdf
Training Catalogue - CyberSec_Technocracy.pdf
 
Infocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar PresentationInfocom security 2016 - Cromar Presentation
Infocom security 2016 - Cromar Presentation
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for IT
 
GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017GDPR Cyber Insurance 11/1/2017
GDPR Cyber Insurance 11/1/2017
 
David doughty presentation 181119
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
Legal update 21 september 2012
Legal update 21 september 2012Legal update 21 september 2012
Legal update 21 september 2012
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech Applications
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPR
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 

Kürzlich hochgeladen

EUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersEUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersPeter Horsten
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Pitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckPitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckHajeJanKamps
 
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdfChris Skinner
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesDoe Paoro
 
Onemonitar Android Spy App Features: Explore Advanced Monitoring Capabilities
Onemonitar Android Spy App Features: Explore Advanced Monitoring CapabilitiesOnemonitar Android Spy App Features: Explore Advanced Monitoring Capabilities
Onemonitar Android Spy App Features: Explore Advanced Monitoring CapabilitiesOne Monitar
 
20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdfChris Skinner
 
Excvation Safety for safety officers reference
Excvation Safety for safety officers referenceExcvation Safety for safety officers reference
Excvation Safety for safety officers referencessuser2c065e
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...Operational Excellence Consulting
 
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxGo for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxRakhi Bazaar
 
Lucia Ferretti, Lead Business Designer; Matteo Meschini, Business Designer @T...
Lucia Ferretti, Lead Business Designer; Matteo Meschini, Business Designer @T...Lucia Ferretti, Lead Business Designer; Matteo Meschini, Business Designer @T...
Lucia Ferretti, Lead Business Designer; Matteo Meschini, Business Designer @T...Associazione Digital Days
 
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfGUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfDanny Diep To
 
Send Files | Sendbig.comSend Files | Sendbig.com
Send Files | Sendbig.comSend Files | Sendbig.comSend Files | Sendbig.comSend Files | Sendbig.com
Send Files | Sendbig.comSend Files | Sendbig.comSendBig4
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfShashank Mehta
 
BAILMENT & PLEDGE business law notes.pptx
BAILMENT & PLEDGE business law notes.pptxBAILMENT & PLEDGE business law notes.pptx
BAILMENT & PLEDGE business law notes.pptxran17april2001
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024Adnet Communications
 
Horngren’s Financial & Managerial Accounting, 7th edition by Miller-Nobles so...
Horngren’s Financial & Managerial Accounting, 7th edition by Miller-Nobles so...Horngren’s Financial & Managerial Accounting, 7th edition by Miller-Nobles so...
Horngren’s Financial & Managerial Accounting, 7th edition by Miller-Nobles so...ssuserf63bd7
 

Kürzlich hochgeladen (20)

EUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersEUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exporters
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Pitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckPitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deck
 
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic Experiences
 
Onemonitar Android Spy App Features: Explore Advanced Monitoring Capabilities
Onemonitar Android Spy App Features: Explore Advanced Monitoring CapabilitiesOnemonitar Android Spy App Features: Explore Advanced Monitoring Capabilities
Onemonitar Android Spy App Features: Explore Advanced Monitoring Capabilities
 
20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf
 
Excvation Safety for safety officers reference
Excvation Safety for safety officers referenceExcvation Safety for safety officers reference
Excvation Safety for safety officers reference
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
 
The Bizz Quiz-E-Summit-E-Cell-IITPatna.pptx
The Bizz Quiz-E-Summit-E-Cell-IITPatna.pptxThe Bizz Quiz-E-Summit-E-Cell-IITPatna.pptx
The Bizz Quiz-E-Summit-E-Cell-IITPatna.pptx
 
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxGo for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
 
Lucia Ferretti, Lead Business Designer; Matteo Meschini, Business Designer @T...
Lucia Ferretti, Lead Business Designer; Matteo Meschini, Business Designer @T...Lucia Ferretti, Lead Business Designer; Matteo Meschini, Business Designer @T...
Lucia Ferretti, Lead Business Designer; Matteo Meschini, Business Designer @T...
 
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfGUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
 
Send Files | Sendbig.comSend Files | Sendbig.com
Send Files | Sendbig.comSend Files | Sendbig.comSend Files | Sendbig.comSend Files | Sendbig.com
Send Files | Sendbig.comSend Files | Sendbig.com
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdf
 
BAILMENT & PLEDGE business law notes.pptx
BAILMENT & PLEDGE business law notes.pptxBAILMENT & PLEDGE business law notes.pptx
BAILMENT & PLEDGE business law notes.pptx
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024
 
Horngren’s Financial & Managerial Accounting, 7th edition by Miller-Nobles so...
Horngren’s Financial & Managerial Accounting, 7th edition by Miller-Nobles so...Horngren’s Financial & Managerial Accounting, 7th edition by Miller-Nobles so...
Horngren’s Financial & Managerial Accounting, 7th edition by Miller-Nobles so...
 

Private Equity at the Eye of a Perfect Storm: Why Cyber Risk and Regulation Matter

  • 1. Private Equity at the eye of a perfect storm: Why cyber risk and regulation matters February 1st, 2017
  • 2. Agenda 2 •  PE at the eye of a perfect storm: Setting the cyber risk scene •  How cyber risk is affecting the PE investment lifecycle – challenges and available solutions •  Panel discussion and Q&A 1 2 3
  • 3. A new digital world 3 1
  • 5. Cyber exacerbates business risks 5 1 Source: Ponemon Institute: The True Cost of Compliance
  • 6. Data protection in the 20th century 6 1 The value of private information •  1.09 bn daily active users •  15% of global population •  34% of global internet users •  85% of daily active users are outside US/Canada Value of Facebook = $370,000,000,000
  • 7. The EU General Data Protection Regulation 7 1 Wider Scope Data Processors, not just Controllers. Catches companies outside of EU in certain circumstances Data Subject Rights Portability, erasure and objections to profiling. Enforcement Fines of up to 4% of worldwide turnover or EUR20,000,000, whichever is higher. Security Breaches Notify regulator within 72 hours and affected data subjects without undue delay. Data Protection Officers Required in certain circumstances. Compensation Compensation for non- material damage. Non-profit organisations to pursue claims on data subjects’ behalf (group litigation).
  • 8. The EU General Data Protection Regulation 8 1 “We thought data was the new oil….. ….it turns out it is the new asbestos”
  • 9. Setting the cyber risk scene: From risk identification to incident management 9 1 Risk identification Risk quantification Risk management and transfer Incident management
  • 10. The investment life cycle from a cyber risk perspective 10 2 Fund raising Buy HoldExit Fund closure Enable Identify ProtectSustain Enable
  • 11. Fundraising: Challenges and solutions 11 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Data security §  Secure communications §  Systems set-up and security §  LP requirements §  FCA requirements Solutions: §  Set scope of Compliance Officer §  Appoint Data Officer §  Security by design §  Training and awareness §  Early-stage security measures §  Cyber insurance at formation
  • 12. Buy: Challenges and solutions 12 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Solutions: §  Include cyber security and compliance in DD process: §  vulnerability assessment §  cyber health check §  Secure communications §  CyberQuantified §  Insurance gap analysis §  Incorporate cyber security and data protection action plan onto 100-day plan Challenges: §  Maintaining confidentiality §  Managing multiple parties during DD and closure §  Correctly assessing/valuing cyber security within the target §  Visibility of compliance and cyber security posture (including 3rd parties)
  • 13. Hold: Challenges and solutions 13 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Minimise cyber security and compliance risk to maximize ROI and exit price Solutions: §  Implement state-of-the-art cyber security and compliance solutions at GP, fund and portfolio company level §  On-going monitoring and reporting §  Training and awareness §  Design of risk transfer strategy and insurance placement §  Cyber crisis planning and response
  • 14. Exit: Challenges and solutions 14 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Maximizing transaction value by demonstrating good cyber security practice and compliance §  Avoiding post-exit law suits over insufficient cyber risk disclosure Solutions: §  Evidence produced during Hold phase §  VDD: §  Cyber-Quantified §  Insurance gap analysis
  • 15. Fund closure: Challenges and solutions 15 2 Fund raising Buy HoldExit Fund closure Enable Identify Protect Enable Sustain Challenges: §  Avoiding post-exit law suits over insufficient cyber risk disclosure §  Data security §  Secure communications Solutions: §  Introduce cyber security module along with internal audit each year
  • 16. Panel discussion and Q&A 16 3 §  Chair: Steve Berry, Chairman, Cynation §  CyNation: Shadi A. Razak, Head of Cyber & Compliance Services §  DAC Beachcroft: Hans Allnutt, Partner §  WTW: Jamie Monck-Mason, Executive Director, Cyber & TMT