Wednesday, April 13, 2016

Interesting Takeaways from the IIA - PwC Cybersecurity Session!

It is not a secret that I am not a big fan of the IIA Ottawa Chapter!



I usually avoid its IIAOttawa@Noon training events ,but today I have attended  the event because the topic is of high interest to me.The session was about "Trends in Cybersecurity and Privacy" and was based on PwC 's Global State of Information Security Survey 2016.The presentation was delivered by two PwC partners from the Toronto and Ottawa offices. The full survey is available at the PwC website, so I am not going to repeat any of its contents here, but rather would like to share some of the interesting points discussed during the session:
  • Organized crime "as- a -service" is on the rise on the deep web! It is much easier to hire criminals online than ever before!
  • Insiders and former insiders remain the biggest risk to cybersecurity and the focus of the cybersecurity experts.
  • Cybersecurity insurance is gaining momentum in the private sector ,the public sector is still to catch up!
  • Cybersecurity and Privacy are business issues, internal auditors should avoid the technology trap when dealing with it.
  • More organizations are monitoring the activities of their employees during and after working hours!
  • Canada is slow in using the cloud due to fear of the "big brother" eyes!
  • Canada is behind when it comes to cloud usage guidance. It did not issue official guidance similar to those issued by the US and the UK.
  • Ontario.ca website ,that we Ontarians use to renew our driving licences and health cards,  is hosted by Amazon! The justification is that it provides the highest security  available in light of the daily 2-3  denial-of-service (DoS) attacks it receives.
  • And finally compliance with cybersecurity frameworks does not necessary mean security is achieved! 
I must admit that I have enjoyed today's event and found it informative and relevant! I am glad I have attended .
The $20 I paid for parking fees was indeed a good investment!

No comments:

Post a Comment

Are you getting the most from the ethics mandatory hours?

 Like many of you at this time of year, I have been looking to take the mandatory two hours of ethics training to comply with the IIA cpe  r...