Embed Size (px)
Citation preview
Kapil Dev SinghFounder & CEO, Coeus AgeCo-Founder, Core Quadrant
+91 9811771187, [email protected]
Cyber Security in the Digital Age
Mumbai, March 11, 2016
Digital Landscape, 2015 & Beyond
Digital as a Themeof a deep, broad and sustained research initiative
Building a Digital
Enterprise
Business and IT Priorities, 2014
and 2015
The Jewels of Digital, 2015
Digital Landscape, 2015
& Beyond
Enterprise Digital Tracker
The Jewels of Digital, 2015
Images courtesy of freedigitalphotos.net
Enterprise Digital Tracker
Digital as Enterprise Priorityis on the rise
2014 2015 20165
16 1714
2431
Top Priority 2nd Top Priority
%
Base- 202
Core Quadrant, 2014, 2015, 2016
Base- 142
Base- 113
Business Prioritiesgrowing efficiently
Base- 142
O ps Eff C a sh Gr owth (O ) Gr owth ( I ) C ul tur e C ustomer C om pl i a nce R i sk R a tiona l n
2014 2015 2016
Core Quadrant, 2014, 2015, 2016
Base- 113Base- 202%
IT Prioritiesare competing in nature
Base- 142
IT Eff C onsol i da te O ver ha ul Infr a
O ver ha ul Apps
O utsour ce IT Secur i ty Inter na l Usa g e
New Tec h
2014 2015 2016
Core Quadrant, 2014, 2015, 2016
Base- 113Base- 202%
The Contextual Complexityis on the rise
The Frameworkof an enterprise digital platform
Core
Catalyst
SMAC+
1. Automation of IT Processes
2. Communication between machines, people, processes & data
3. Embedded play of
Analytics and Big Data capabilities4. Availability of IT Management Dashboards on multiple devices5. Elasticity and Spread6. Openness to other platforms
7. Security & Governance across the spectrum
1. Matching expectations of
user experience (UX)2. Digitized, secured and dynamically
retrievable documents3. Automated, agile, managed, connected, secured and contextualized business
processes4. Integrated, open, managed, optimized, orchestrated and secured
business applns5. Secured, quality and rationalized data, and smooth
data flow6. Agile, governed and
secure IT infrastructureCore Quadrant, 2015
Cyber Security Surveygauging the preparedness
Core Quadrant, 2016
• A nation wide survey by Core Quadrant• Core Issues– Organizational Preparedness, Alignment,
Challenges, Structure, and – CISO Leadership
• The cusp of Enterprise Risk Management and Cyber Security
• 50 CFOs and 36 CISOs
Threat Perception - CISOs
Core Quadrant, 2016
Increased Decreased Same Cannot Say
Cyber Threats Focus
Core Quadrant, 2016
Increased Decreased Same Cannot Say
31% 36%
14% 11% 8%
Cyber Security - Alignment
Core Quadrant, 2016
What is your agreement with the following statements regarding alignment of business with cyber risk issues? Please rate on a 5 point scale where 1= completely disagree and 5= completely agree.
CFO CISO
We have a well-defined cyber security strategy in alignment with the business strategy 4.12 3.39
Major CXOs are stakeholders in the cyber risk practice 4.02 3.53
Our top management including the CEO is quite active with respect to cyber risk 3.96 3.78
We have a well-defined cyber security strategy in alignment with the enterprise IT strategy 3.94 3.44
We have created a well defined cyber security governance structure 3.7 3.47
The company board is involved in cyber risk issues through mechanisms like board advisor committee 3.4 3.42
Cyber Security - Key Challenges
Core Quadrant, 2016
What are the top two challenges with respect to cyber security in your organization?
CFO CISORole definition and accountability 46% 19%
A well secured IT and digital platform 46% 0%
The IT and cyber risk leadership capability 30% 19%
A well developed enterprise risk management framework 28% 28%
A well defined holistic cyber security and risk plan 22% 42%
Top leadership’s appreciation of cyber risk as an organizational issue 14% 19%
Availability of skilled security professionals 12% 31%
Availability of adequate budgetary allocations for security 2% 22%
Lack of/inadequate organizational security culture 0% 19%
Cyber Security Structure
Core Quadrant, 2016
Who is responsible for the cyber security practice in your organisation?CFO CISO
Chief Information Officer (CIO) 26% 25%Chief Information Security Officer (CISO) 28% 61%Chief Risk Officer (CRO) 44% 0%Someone at the middle/ junior level 2% 3%Other (please specify) 0% 11%
Who does the person responsible for cyber security report into in your organization?CFO CISO
Chief Information Officer (CIO) 6% 33%Chief Executive Officer (CEO) 4% 19%Chief Financial Officer (CFO) 88% 0%Chief Risk Officer (CRO) 0% 19%Other (please specify) 2% 28%
5 Pillars of Cyber Security
Core Quadrant, 2016
Leadership Strategy Structure Risk Management Technology
CISO Leadership
Core Quadrant, 2016
Please rate the CISO or the person responsible for cyber security in your organisation on the following leadership traits? Please rate on a 5 point scale where 1= very low and 5= very high.
Ability to conceptualise scenarios around business impact of cyber risk 3.8
Ability to motivate and lead people 3.6
Process understanding with respect to cyber security and risk 3.6
Domain understanding of business operations 3.5
Understanding of digital business and digital technologies 3.5
Ability to present convincingly at senior levels and influence decision making 3.5
Technical understanding of the latest development in cyber security products 3.4
CISO Roleappreciating the strategic side
Kapil Dev SinghFounder & CEO, Coeus AgeCo-Founder, Core Quadrant
+91 9811771187, [email protected]
Cyber Security in the Digital Age
Mumbai, March 11, 2016
