Cybersecurity Incident Management Powerpoint Presentation Slides are designed for information technology experts. Our data security PowerPoint theme combines high-quality design with info accumulated by industry experts. Represent the present situation of the target organization’s information security management using our patterned PPT slideshow. The innovative data visualizations aid in compiling data such as the analysis of the current IT department with considerable convenience. Communicate the cybersecurity framework roadmap and kinds of cyber threats with the help of this PowerPoint layout. Demonstrate the cybersecurity risk management action plan through the tabular format included in this PPT presentation. Illustrate the cybersecurity contingency plan. Our information security management system PowerPoint templates deck helps you in defining risk handling responsibilities of your personnel. Elucidate the role of the management in successful information security governance. Our PPT deck also outlines the costs involved in cybersecurity management and staff training. Showcase an impact analysis with a dash of visual brilliance. Smash the download button and start designing. Our Cybersecurity Incident Management Powerpoint Presentation Slides are topically designed to provide an attractive backdrop to any subject. Use them to look like a presentation pro. https://bit.ly/3zWo1hb
2. o Determining roles and responsibilities of senior management
and executives who are responsible in risk management
o Presenting optimize cybersecurity risk framework to
senior management and executives
o Add text here
o Add text here
o Add text here
Agenda for
Cybersecurity
Management
2
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
3. o Business Impact Analysis
o Backup Maintenance
▪ Selecting Offsite Storage Facility Vendor
▪ Developing Alternate Sites
▪ Assessing Different Alternate Sites
▪ Recovery Budget Planning
o Essential Contingency Plan Strategies
o Critical Business Functions Recovery Priorities
o Vital Records Maintenance Register
o Business Impact Assessment
o Recovery Task List Maintenance
o Cybersecurity Maintenance Checklist
Cybersecurity Contingency Plan
04
o Determining Roles and Responsibilities for
Risk Handling
o Role of Management in Effective
Information Security Governance
Role of Personnel
05
o Budget for Effective Cybersecurity
Management
o Staff Training Schedule
with Cost
Cost Associated to Firm
06
Table of Contents
3
o Present Concerns Impeding Cybersecurity
o Amount Spent on Cyber Fraud Settlements
o Determining Firm Current Capabilities
o Analyzing IT Department on NIST Cybersecurity
Framework
Analyzing Current Scenario
01
o Effective Security Management
o Implementing Cybersecurity Framework
Impact Analysis
07
o How Firm will Handle Cybersecurity Risks?
▪ Optimizing Cybersecurity
Framework Roadmap
▪ Categorization of Cyber Risks
▪ Risk Assessment Matrix
▪ Cybersecurity Risk Management Worksheet
▪ Cybersecurity Risk Management Action Plan
Initiating Cyber Risk Management Program
02
o Incidents Tracking
o Cyber Risk Management
Dashboard
08
o Incident Reporting by Different Cyber
Departments
o Timeframe for Incident Management
o Selecting Security Incident Management Software
Incident Management
03
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
4. 4
o Present Concerns Impeding Cybersecurity
o Amount Spent on Cyber Fraud Settlements
o Determining Firm Current Capabilities
o Analyzing IT Department on NIST Cybersecurity Framework
Table
of Contents
01
Analyzing
Current Scenario
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
5. Present concerns impeding Cybersecurity
5
Key Takeaways
o There is increase in number of
cybercrime incidents and financial
losses from Q1 to Q4
o Cybercrimes incidents consists of IP
or sensitive data theft
o Add text here
Data Breaches and Records Exposed
Reported Financial Losses due to Increase In Cybercrimes
350 375
485
525
257
325
487
542
Q1 Q2 Q3 Q4
Financial Losses ('000$) Cybercrimes Incidents
This slide portrays information regarding the concerns that are currently existing in the organizations. It is essential for top level management to
keep check on existing concerns as they have severe impact on firm’s growth in terms of huge financial losses and bad public image.
Key Takeaways
o Firm is observing rise in data breach incidents
o Risk of records of millions get exposed containing
confidential and sensitive information has also been
increased with breach incidents
o No on time breach notification leads to breach
incidents
o Add text here
250
375
425
198 225
297
FY 2018 FY 2019 FY 2020
Data Breach Records Exposed (in Millions)
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
6. 2017 2018 2019 2020 Total
5 15 17 20 57
$750,000 $2,520,000 $18,540,000 $27,500,000 $49,310,000
$150,000 $168,000 $1,090,588 $1,375,000 $2,783,588
Focus
Areas
Settlements
Amount
Average (per
settlement)
This slide portrays information regarding the amount that is spend by firm in settling cases of cybersecurity failures
which not only consider as financial losses but hampered firm’s public image.
6
Amount Spent on
Cyber Fraud
Settlements
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
7. Description Key Enablers
Minimum
Standard
Evolving Strength Best in Class
Identify
Assessing cybersecurity risk & their impact on firm and
employees
Asset Management
Governance
Add text here
Protect Safeguarding critical infrastructure service delivery
Data Security
Access Control
Add text here
Detect Event occurrence identification
Threat Intelligence
Continuous Monitoring
Add text here
Response Appropriate action to detected cybersecurity event
Communication
Response Planning
Add text here
Recovery
Recovering capabilities impaired by
cybersecurity event
Incident recovery
Add text here
Add text here
Determining firm current Capabilities
7
This slide portrays information regarding assessment of current cybersecurity framework on certain standards.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
8. 8
Analyzing IT
Department on NIST
Cybersecurity
Framework 0% 20% 40% 60% 80% 100%
Recover
Respond
Detect
Protect
Identify
Performance
NIST
Core
Functions
Met Partially Met Not Yet Met
*NIST – National Institute of Standard and Technology
This slide portrays information regarding how firm will analyze
its current cybersecurity framework. It will assess the framework
on certain crucial parameters.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
9. 9
o How Firm will Handle Cybersecurity Risks?
▪ Optimizing Cybersecurity Framework Roadmap
▪ Categorization of Cyber Risks
▪ Risk Assessment Matrix
▪ Cybersecurity Risk Management Worksheet
▪ Cybersecurity Risk Management Action Plan
Table
of Contents
02
Initiating Cyber
Risk Management
Program
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
10. Optimizing Cybersecurity Framework Roadmap
10
o Governance strategy planning
o Skills development planning and training
o Add text here
Implement enterprise
security program
Implement control
environment
Implement security
processes
Incident response plan
Add text here
Add text here
Network upgradation
Logging & monitoring
Add text here
Handling threats
Add text here
Add text here
Immediate (0-6
Months)
Testing of incident
response plan
Add text here
Add text here
Record management
Add text here
Add text here
Patch management
Add text here
Add text here
Short Term (3-12
Months)
Risk management
Add text here
Add text here
Platform upgradation
Network upgradation
Add text here
Security assessment &
maintenance
Add text here
Add text here
Add text here
Long Term (12->
Months)
This slide portrays information regarding optimization of current cybersecurity framework. The IT department will require to fulfill crucial activities in specific timeframe.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
11. 01 Low Risk 02 Medium Risk 03 High Risk 04 Severe Risk 05 Extreme Risk
o Negligible financial impact
o No damage to business
image and business
operations
o No regulatory, contractual or
statutory requirement
violations
o Add text here
o Financial impact between -
$5K - $50K
o No damage to business
image and business
operations
o Hinderance in business
supporting and business
core functions
o Violation of contractual
requirement violations
o Add text here
o Impact on firm’s reputation
o Hinderance in business
essential systems and
operations
o Regulatory, contractual or
statutory requirement
violations
o Negative impact on firm’s
stock price
o Add text here
o Significant impact on
firm’s reputation
o Hinderance in mission
critical systems and
business operations
o Moderate impact on
firm’s stock price
o Add text here
o Huge damage to firm’s
reputation
o Negative impact on firm’s
long-term competitive
positioning
o Potential physical harm or
fatality
o Significant impact on firm’s
stock price
o Add text here
Categorization of Cyber Risks
11
This slide provides information reading the various cyber risks that firm might face. These risks are categorized into different categories such as low, medium, high, severe and
extreme. This categorization is based on certain parameters such as financial impact, damage extent.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
12. 12
The risk assessment matrix is an effective tool that helps in evaluating cyber risk by considering the probability of risk to happen against the severity
linked with potential risk available.
Extremely Unlikely
(1/30 years)
Unlikely (1/year)
50/50 chance
Likely (3/year)
Very Likely( 30/year)
Likelihood
Insignificant
(<$100,000)
Minor
($100,000 -
$500,000)
Significant
($100,000 -
$1MM)
Serious
($1MM -
$10MM)
Catastrophic
($10MM -
$10 MM)
Severity
Risk 4 Risk 1
Risk 3
Risk 2 Risk
Assessment
Matrix
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
13. Risk Priority
(1-5)
1 Security Breach Unlikely Serious
Cyber security
contingency plan
Transfer Add text here
2 Task errors Likely Serious Add text here Accept Add text here
3 Add text here Add text here Add text here Add text here Add text here Add text here
4 Add text here Add text here Add text here Add text here Add text here Add text here
5 Add text here Add text here Add text here Add text here Add text here Add text here
Cybersecurity Risk Management worksheet
13
Identified Risk Risk Severity Implement Controls Risk Treatment Responsible Person
Risk Likelihood
The risk management worksheet will help in keeping the track of various cybersecurity related issues(concerns) that are existing in the firm. The firm will make
effective measures to risks through control measures.
14. Potential Risk Risk Level
Reason for Risk
Rating
Action
Required
Resources
Responsible
Person
Duration Communication Risk Treated Review Date
Security Breach High
Confidential
information
security at risk
Cyber security
contingency plan
– root cause
analysis and
protective
measures
Data backup
team and plan
Emergency mode
operation plan
Cyber Security
Officer
Board – to
endorse and
approve
15 days (due for
completion in 4
Nov. 2020)
Cyber incident
recovery
coordination
through meetings
No 4 Nov 2020
Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here Add text here
Cybersecurity Risk Management Action Plan (1/2)
14
The risk management action plan will help in keeping the track of potential risks that are existing and what are their level, what are the resources required to handle
them. The person responsible in handling the risk will keep track of the risk resolve duration and will check whether the risk is treated or not.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
15. Event Action Plan Risk Owner Resolve Date
Failure in collecting receivables in
timely manner
Reduce
Implement receivables
tracking and follow up
process
Office Manager 21 Nov 2020
Failure to meet compliance obligations Avoid
Develop and implement
compliance monitoring
process
Add text here 12 Dec 2020
Add text here Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here Add text here
Cybersecurity Management Action Plan (2/2)
15
The risk management action plan will help in keeping the track of various potential risks that are existing in the firm. The person responsible in handling the risk will keep track
of the duration in which risk is resolved.
Risk Treatment
Risk Identification
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
16. 16
o Incident Reporting by Different Cyber Departments
o Timeframe for Incident Management
o Selecting Security Incident Management Software
Table
of Contents
03
Incident
Management
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
17. Incident Reporting by Different Cyber Departments
17
This slide will help in providing an overview of the various reported incidents, average cost per incident and number of people involved in the
various incidents across different cyber departments.
Description Department A Department B Department C Department D
Number of incidents 2 3 4 6
Person involved in
the incident
1 2 1 3
Average Cost per
Incident
$20000 $150000 $150000 $700000
Add text here XXXX XXXX XXXX XXXX
Add text here XXXX XXXX XXXX XXXX
Add text here XXXX XXXX XXXX XXXX
Description Department A Department B Department C Department D
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
18. Timeframe for Incident Management
18
Phase Description Working Hours
Incident logging Through – emails, phone calls, SMS, live chat messages 30 mins
Ticket creation
▪ Incident
▪ Service request
15 mins
Incident categorization
o High
o Medium
o Low
45 mins
Incident prioritization
o Critical
o High
o Medium
o Low
1 hour
Incident resolution Add text here 6 – 12 hours
Incident closure Add text here 2 hour
This slide provides information regarding entire duration of incident handling process which occur in various phases.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
19. Selecting Security Incident Management Software
19
Features
Software
Security Incident
Forms
Automated
workflows
Centralized
platform
Access Rights API integration
Information
security prevention
Cost
Description
Customized form for
relevant information
regarding issues
such as phishing
or attack
Notify customers or
employees during
breach
Compilation of
relevant information
to handle future
incidents
Customize
ownership to handle
sensitive information
Issues prioritizing
and tracking by
merging security
scans results
Aligning business
continuity plan to
industry standards
Software 1 ✔ ✔ ✔ ✔ ✔ ✔ $11,000
Software 2 X ✔ X X ✔ X $12,500
Software 3 ✔ ✔ ✔ X X ✔ $15,000
Software 4 ✔ ✔ ✔ ✔ X ✔ $18,000
Software 5 ✔ ✔ ✔ ✔ X ✔ $19,500
This slide will help firm in choosing the suitable automated incident management software which is to handle existing security and privacy issues and predict upcoming incidents. The
firm will choose effective software with features such as automated workflows, centralized platform, etc.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
20. 20
Table
of Contents
04
Cybersecurity
Contingency Plan
o Business Impact Analysis
o Backup Maintenance
▪ Selecting Offsite Storage Facility Vendor
▪ Developing Alternate Sites
▪ Assessing Different Alternate Sites
▪ Recovery Budget Planning
o Essential Contingency Plan Strategies
o Critical Business Functions Recovery Priorities
o Vital Records Maintenance Register
o Business Impact Assessment
o Recovery Task List Maintenance
o Cybersecurity Maintenance Checklist
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
21. Cybersecurity Contingency Plan – Business Impact Analysis
21
LAN servers 9 Hr
o Delay in payroll
process
o Not able to perform
regular payroll
operations
Database servers 6 Hr
o No access to
inventory system
WAN access XX Hr o Add text here
Mainframe access XX Hr o Add text here
Payroll process LAN servers
Attendance & time reporting Email servers
Add text here WAN access
Add text here Mainframe access
Add text here Add text here
Add text here Add text here
Business Processes
LAN servers High
Email servers Low
WAN access Medium
Mainframe access High
Add text here Add text here
Add text here Add text here
Vital Resources Recovery Priorities
Step 1 - Determining vital
IT resources
This slide portrays information about IT systems functions and required resources to perform them. It will also determine maximum allowable outage time and recovery priorities.
Vital Resources Vital Resources Max. allowable
outage time
Impact
Step 2 - Determining issues impacts and
acceptable outage time
Step 3 – Assign recovery priorities
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
22. Backup Maintenance – Selecting Offsite Storage Facility Vendor
22
This slide portrays information about how firm will maintain its backup. It will select appropriate vendor facility by assessing them various vendors on parameters such as
geographic location, accessibility, security, environment and cost.
Geographic location
o Distance from organization
o Add text here
o Add text here
Accessibility
o Time required for data retrieval from
storage facilities
o Add text here
o Add text here
Security
o Employee's confidentiality
o Security capabilities meeting data sensitivity &
security requirements
o Add text here
Cost
o Operational fees
o Disaster recovery services
o Add text here
Environment
o Structural conditions of storage's
facility such as temperature, humidity,
power management controls
o Add text here
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
23. Backup Maintenance - Developing Alternate Sites
23
Cold Sites
o Facility with adequate
infrastructure and space
for IT system support
o Infrastructure facility –
electricity, wired
connections
o No IT equipment
available
o Add text here
01.
Hot Sites
o Office spaces with
necessary hardware,
supporting infrastructure
and staff
o Staff at hot site are
available 24x7
o Add text here
02.
Warm Sites
o Partial equipped office
space with some
hardware, software,
wired connections
equipment
o Normal operational
facility for another system
during contingency plan
activation event
o Add text here
03.
Mobile Site
o Customized,
transportable shells
with essential IT and
wired connections
equipment
o Add text here
04.
Mirrored Site
o Facilities with real tie
information mirroring
with all technical
aspects
o Identical to primary site
o Sites are organized,
designed, built, and
operated by
organization
o Add text here
05.
The contingency plan consists of building an alternate site in order to perform system operations. The firm can build their own alternate site or can acquire site on commercial lease.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
24. Site
Implementation
cost
Hardware
equipment
requirement
Telecommunication
connection
requirement
Time to setup Location
Cold Sites Low None None Long Fixed
Warm Sites Medium Partial Partial/ Full Medium Fixed
Hot Sites Medium/ high Full Full Short Fixed
Mobile Site High Dependent Dependent Dependent Not Fixed
Mirrored Site High Full Full None Fixed
Backup Maintenance – Assessing Different Alternate Sites
24
This slide portrays information about how firm will assess different alternate sites on certain parameters such as implementation cost, hardware and telecommunication connection
requirement, setup time, location.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
25. Backup Maintenance – Recovery Budget Planning
25
Vendor
Costs
Hardware
Costs
Software
Costs
Travel/
Shipping
Costs
Labor/
Contractor
Costs
Testing Costs Supply Costs
Cold Site
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Warm Site
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Hot Site
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Mobile Site
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Mirrored Site
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Commercial
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Internal
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Slas
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Storage
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
Text Here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Add
text here
Equipment
replacement
Offsite
storage
Alternate
site
The firm requires enough financial resources for effective contingency plan implementation. The top-level executives need to allot budget to handle costs associated to vendors,
hardware, software, shipping, testing and supply.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
26. Essential Contingency Plan Strategies
26
Server Website
Local area
network
Wide area
network
Mainframe
systems
Distributes
systems
Contingency plan coordination with system
security controls
✔ ✔ ✔ ✔ ✔ ✔
Vendors coordination ✔ ✔
Systems, configurations & vendor
information documentation
✔ ✔ ✔ ✔ ✔ ✔
Add text here ✔ ✔
Add text here ✔ ✔ ✔
Single points of failures detection ✔ ✔
Redundancy implementation in critical
components
✔ ✔
System backups ✔ ✔ ✔ ✔ ✔
Remote access and wireless technologies
integration
✔ ✔
Add text here ✔ ✔
Add text here ✔ ✔ ✔
This slide portrays information contingency considerations and solutions. The considerations consists of technical requirements that assist contingency solution and contingency solution
are used to implement contingency strategy.
Contingency
considerations
Contingency
solutions
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
27. Contracts Critical ✔
Add text here Add text here
Add text here Add text here
Add text here Add text here
Add text here Add text here
Department 2
Whenever the firm hits serious security risks, it will need to retrieve the crucial information
based on priorities in IT department and time taken to retrieve the information.
Agenda for Cybersecurity
Incident Management
27
Maximum Allowable Downtime
1-2 Days 3-5 days 1-2 weeks > 2 weeks
Department Priorities
Department 1
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
28. Vital Records Maintenance Register
28
Settlement Agreements Department File Cabinets Vault
Scanned images on Network
drive/Other Parties
Litigation Files Department File Room
Scanned Images of pleadings on
Network drive
Outside Counsel/Courts
Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here
Add text here Add text here Add text here Add text here
Description
Primary Location
of Records
Alternate (Backup)
Location of Records
Other Sources to
Obtain Records
The IT department will keep track of crucial information and the location where these records are kept, it will also provide information regarding alternate backup location of the
records and the other sources through which records can be retrieved.
29. Business Impact Assessment
29
What's at Stake: $34 MM
Strengths
o Ability to work from alternate site if
access to e-mail and system is
available through dial-up access
o Will need records and files as well
o Add text here
Weaknesses
o Unable to work remotely if access to
records and files is restricted
Loss impact
o Department not be able to perform
>95% of its work without access to
computers or work areas
o Add text here
o Add text here
Issue –
Network
failure
Department
or Function –
XYZ Corp.
Executive –
Dexter
Hastings
Number of
Employees –
453
BCP
Representative
– Stella Thetcher
Primary Business
Function – Add
text here
The effect of critical business concern and their impact on the firm’s growth will be assessed. How much amount is at stake will be determined. Firm
strength, weaknesses will be evaluated, and overall loss impact will be mentioned.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
30. 1
Retrieval of
department Vital
Records
1 day 1.5 day XYZ
2 Identify recovery site
3
Retrieve Business
Continuity Plans
4
Retrieval of
department Vital
Records
5 Add text here
6 Add text here
7 Add text here
30
Recovery
Task List
Maintenance Task No.
The tasks which can be recovered are mentioned with the time
taken for the recovery and the person responsible for the
recovery is mentioned.
Task
Description
Estimated
Time
Actual
Time
Assigned
To
Comments
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
31. Cybersecurity Maintenance Checklist
31
✔
✔
✔ ✔
✔
✔ ✔
✔
✔ ✔
✔ ✔
Activities
Daily Weekly Monthly Quarterly
System Monitoring
– Real time
Backup
monitoring
Preventive
Maintenance
Virus Scanning
Security Patches
Disk Error Checking
Executive Reporting
Review and
Planning Meeting
This slide provides information regarding service maintenance checklist that is prepared for the client and the activities mentioned will be performed on daily, weekly, monthly
or quarterly basis.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
32. 32
o Determining Roles and Responsibilities for Risk Handling
o Role of Management in Effective Information
Security Governance
Table
of Contents
05
Role of
Personnel
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
33. Determining Roles & Responsibilities for Risk Handling
33
Chief Risk Officer
o Reports to executive management
o Development and implementation of risk management program
o Handles unacceptable risks and losses related to operations
o Add text here
Chief Information
Security Officer
o Responsible for firm’s information security program by assigning
appropriate level of protection to firm’s information resources
o Add text here
o Add text here
Senior Management &
Executive
o Documenting existing and new risks and their impact
o Add text here
o Add text here
o Add text here
Line
Management
o Follow risk management practices
o Perform risk management activities
o Add text here
o Add text here
This slide provides information regarding the roles and responsibilities of management in handling cyber security risks. Key people involved in risk handling are chief risk
officer, chief information security officer, senior management and executives and line managers.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
34. Board of Directors
Demonstrate alignment
process
Assign risk management
policies and regulatory
compliance
Assign security
effectiveness reporting
Assign security activity
costs and protected
information value
Assign resource
utilization and
knowledge management
policy
Assign process
integration policy
Senior Executives
Develop processes to
integrate business and
security objectives
Safeguard all roles and
responsibilities comprise
of risk management
activities
Security activities
monitoring and reporting
Protected information
value assessment
Safeguarding processes
for capturing knowledge
Deliver overview of all
process functions and
integration plans
Steering Committees
Ensure business unit
managers and process
owners follow integration
Review security strategy
Emerging risks and
compliance issues
identification
Review whether security
initiatives meet business
objectives
Security initiatives review
security resources
effectiveness
Process review
Critical business
processes identification
Chief Information Security
Officer
Prepare security
strategy, security
program initiatives
Prepare risk mitigation
strategies, business
impact assessments
Security activities
monitoring
Security resources
effectiveness and
utilization monitoring
Effectiveness and
efficiency metrics
development
Gaps identification &
action plan
Role of Management in Effective Information Security Governance
34
Management
Level
Strategic
Alignment
Risk
Management
Measuring
Performance
Value
Delivery
Integration
Managing
Resource
This slide portrays information regarding the responsibilities that are to be performed by board of directors, senior executives, steering committees and chief information security
office in order to ensure the effective information security governance.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
35. 35
oBudget for Effective Cybersecurity Management
oStaff Training Schedule with Cost
Table
of Contents
06
Cost Associated
to Firm
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
36. Budget for Effective Cybersecurity Management
36
Functional Area Software Implement Duration Cost of Implementation
Incident Management XYZ Software 2 months $15,000
Risk Management ABC Software 3 months $12,000
Client Onboarding Process Add text here Add text here Add text here
Document Management Add text here Add text here Add text here
Information Management Add text here Add text here Add text here
Release Management Add text here Add text here Add text here
Firm has prepared a budget for managing cybersecurity by optimizing various functional areas. It also provides information about the software used and the duration required
for implementation.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
37. Advanced software training
o Self assessment tools
o 3 hours class
o 3 online modules
o $150 per employee
o 7 hour blended real time
online class
3 – in person seminars
$250 per employee
Advanced skills training
o Self assessment tools
o 4 hours class
o 7 online modules
o One on One evaluation
o $150 per employee
o 4 hour blended real time online
class
o 3 coaching sessions
o $250 per employee
Training module 1
o Self assessment tools
o 4 hours class
o 3 online modules
o Role playing
o $150 per employee
o 3 hour blended real time online
class
o 3 coaching sessions
o 3-hour role playing
o $250 per employee
Training module 2
o Self assessment tools
o 4 30 min. podcasts
o 3 online modules
o Role playing
o $150 per employee
o 5 hour blended real time online
class
o 3 in person seminars
o 3-hour role playing
o $250 per employee
Staff Training Schedule with Cost
37
o Fundamentals of information
risk management
o Risk assessment including business impact
assessment, threat, vulnerability
o Security policies in practice
o Supplier relationship management and information
risk handling
o Add text here
o Add text here
Trainings will include –
Packages Level 1 Level 2
The employees will also require external training which will play important role in their development.
The external training will be given by experts of various fields. This training will not be free, and
charges will cost the firm per employee.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
38. 38
o Effective Security Management
o Implementing Cybersecurity Framework
Table
of Contents
07
Impact
Analysis
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
39. No. of systems where security
requirement not met
120 60 40 20
Unauthorized IP addresses, ports &
traffic
1520 1200 450 200
No. of access rights authorized,
revoked, reset or changed
120 102 82 42
No. of incidents damaging public
image
15 10 5 2
No. of malicious codes prevented 251 221 182 120
No. of actual access violations XX XX XX XX
No. of security incidents XX XX XX XX
Add text here XX XX XX XX
Add text here XX XX XX XX
Impact Analysis – Effective Security Management
39
Q1 Q2 Q3 Q4
FOCUS AREAS
This slide portrays information regarding how firm is successful in handling security issues/events and is able in reducing the occurrence of events.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
40. Impact Analysis – Implementing Cybersecurity Framework
40
CSF Metric Start Current Target Trend
Controls Met 45% 60% 85% Improving
0% 20% 40% 60% 80% 100%
Recover
Respond
Detect
Protect
Identify
Performance
NIST
Core
Functions
Met Partially Met Not Yet Met
This slide portrays information regarding the impact of successful implementation of cybersecurity framework or core functional areas. This slide
portrays how IT department is progressing on different aspects.
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
41. 41
o Incidents Tracking
o Cyber Risk Management
Table
of Contents
08
Dashboard
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
42. Alerts 1Hr 24Hr
High 0 6
Medium 0 0
Low 0 1
Dashboard – Incident Tracking
42
Application Whitelisting
This slide portrays information regarding the dashboard that firm will track various incidents detected. These incidents will be managed in order to avoid cybersecurity risks.
Patch Applications Patch Operating Systems Restrict Admin Privileges
Alerts 1Hr 24Hr
High 0 0
Medium 0 0
Low 0 0
Alerts 1Hr 24Hr
High 0 0
Medium 0 4
Low 0 1
Alerts 1Hr 24Hr
High 0 3
Medium 0 0
Low 0 0
Disable untrusted Microsoft
Office Macros
User Application Hardening Multi-Factor Authentification Daily backup of important data
Incidents Open - 0 Closed - 0 Incidents Open - 0 Closed - 0 Incidents Open - 0 Closed - 0 Incidents Open - 0 Closed - 0
Alerts 1Hr 24Hr
High 0 0
Medium 0 0
Low 0 0
Alerts 1Hr 24Hr
High 0 0
Medium 0 0
Low 0 0
Alerts 1Hr 24Hr
High 0 0
Medium 0 0
Low 0 0
Alerts 1Hr 24Hr
High 0 0
Medium 0 0
Low 0 0
Incidents Open - 0 Closed - 0 Incidents Open - 0 Closed - 0 Incidents Open - 0 Closed - 0 Incidents Open - 0 Closed - 0
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
43. Risk Rating Breakdown
Dashboard – Cyber Risk Management
43
37.5%
% Risks >= Threshold
# Risks >= Threshold: Top 5 Vulnerabilities
25
67
33
44
28
0 10 20 30 40 50 60 70 80
Overly trusting employees
Physical Security
Dormant Accounts
Excessive user permissions
Encryption vulnerabilities
This slide portrays information regarding the dashboard that firm will use to manage cyber risks. The dashboard will provide clear picture of risk prevailing and how they are
treated to technical engineers and board level executives.
40%
2%
13%
47%
Medium Risk40 Critical Risk High Risk Low Risk
Critical Risk
High Risk
Low Risk
Medium Risk
# Risks >= Threshold: Top 5 Entities
Action Plan Breakdown
56.2%
Response progress for
Risks >= Threshold
391
# of Risks >= Threshold
Average Risk Threshold – 12.3
87.5%
Risk Analysis Progress
1.9%
32.9%
7.6%
57.6%
Deferred Implemented Planned TBD
Deferred
Implemented
Planned
TBD
16
16
18
19
66
0 10 20 30 40 50 60 70
Internal Medicine - Davidson
Regional Medical Center
Asheville Vascular Care
Internal Medicine East
General Hospital
Total # of Risk Ratings
Rare Unlikely Moderate Likely
Almost
Certain
40 50 40 2 3
60 40 50 50 3
50 108 150 160 104
140 207 101 90 80
200 404 106 102 20
Severe
Major
Moderate
Minor
Insignificant
Risk Heat Map
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
46. Cyber Security Governance
46
Senior Management
Steering Committee and
Executive Management
CISO/
Steering Committee
Business Strategy
Risk Management/Information Security Strategy
Security Action Plan, Policies, Standards
Organisation objectives
Security Requirements
Security Programmes
Implementation
Security Objectives
Monitor/Metrics
Reporting Trend Analysis
This slide portrays information about how firm will assess different alternate sites on certain parameters such as implementation cost, hardware and telecommunication
connection requirement, setup time, location.
47. This slide portrays information about how firm will assess different alternate sites on certain parameters such as implementation cost, hardware and telecommunication
connection requirement, setup time, location.
30 60 90 Days Plan
47
30 Days
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Text Here
60 Days
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Text Here
90 Days
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Text Here
48. Financial
48
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Revenue
$ 245
Deposits
$ 432
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Net Income
$ 352
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
This slide portrays information about how firm will assess different alternate sites on certain parameters such as implementation cost, hardware and telecommunication
connection requirement, setup time, location.
49. Clustered Column
49
70.00%
60.00%
80.00%
50.00% 50.00%
30.00%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
2015 2016 2017 2018 2019 2020
In
Percentage
Financial Year
Product 01
This graph/chart is linked to excel, and
changes automatically based on data. Just left
click on it and select “Edit Data”.
Product 02
This graph/chart is linked to excel, and
changes automatically based on data. Just left
click on it and select “Edit Data”.
This slide portrays information about how firm will assess different alternate sites on certain parameters such as implementation cost, hardware and telecommunication
connection requirement, setup time, location.
50. This slide portrays information about how firm will assess different alternate sites
on certain parameters such as implementation cost, hardware and
telecommunication connection requirement, setup time, location.
Dashboard
50
Minimum
This graph/chart is linked to excel,
and changes automatically based
on data. Just left click on it and
select “Edit Data”.
0%
20%
50%
10%
30%
30% 100%
90%
80%
70%
60%
40%
Medium
This graph/chart is linked to excel,
and changes automatically based
on data. Just left click on it and
select “Edit Data”.
0%
20%
50%
10%
30%
100%
90%
80%
70%
60%
40%
50%
Maximum
This graph/chart is linked to excel,
and changes automatically based
on data. Just left click on it and
select “Edit Data”.
0%
20%
50%
10%
30%
100%
90%
80%
70%
60%
40%
70%
51. Our Team
51
This slide portrays information regarding the amount that is spend by firm in settling cases of cybersecurity failures which not only consider as financial losses but hampered
firm’s public image.
Adam Levine
designer
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Krystal Jung
designer
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Theo James
designer
Sandara Than
designer
52. 52
Vision
This slide is 100% editable. Adapt it to your needs and
capture your audience's attention.
Mission
This slide is 100% editable. Adapt it to your needs and
capture your audience's attention.
Goal
This slide is 100% editable. Adapt it to your needs and
capture your audience's attention.
This slide portrays information regarding the amount that is spend by firm in settling
cases of cybersecurity failures which not only consider as financial losses but
hampered firm’s public image.
Our Mission
53. Monday Tuesday Wednesday Thursday Friday Saturday Sunday
- - Text Here
Text Here
-
- Text Here
-
-
- - Text Here
Weekly Timeline with Task Name
53
Name Here
Name Here
Name Here
Name Here
Name Here
This slide portrays information about how firm will assess different alternate sites on certain parameters such as implementation cost, hardware and telecommunication
connection requirement, setup time, location.
Text Here
Text Here
Text Here
Text Here
Text Here
54. Roadmap for Process Flow
54
Text Here
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Text Here
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Text Here
This slide is 100%
editable. Adapt it to
your needs and
capture your
audience's attention. Text Here
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Text Here
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
Text Here
This slide is 100%
editable. Adapt it to
your needs and
capture your
audience's attention.
This slide portrays information about how firm will assess different alternate sites on certain parameters such as implementation cost, hardware and telecommunication
connection requirement, setup time, location.