We all know, you don't take candy from strangers.
Safety culture is everywhere from stranger danger to aviation. The culture around cyber security should be one of inherent safety and not compliance.
- There’s so much noise around cyber, we know it’s incredibly confusing. We break through that noise.
- Threat and risk are increasing dramatically, yet corporations have been slow to respond effectively.
- Cyber attacks are inevitable. Technology-based defenses are inadequate.
- The market is crying out for a leader.
- Someone to cut through the noise of the cyber industrial complex.
- To present the risk clearly and accurately in simple business terms.
The Cyber Scorecard
$3B-$4B Annual cyber losses in Canada*
$956.21 Average cost per record lost**
$733,109 Average claim payout*
$9-$21 Trillion value creation is at risk***
*2015 Insurance Institute of Canada
**2015 NetDiligence Report
***NACD Cyber Risk Oversight Handbook
CYBER INDUSTRIAL COMPLEX?
WE PREFER BRAINS OVER BRAWN.
Constant awareness of potential vulnerabilities and the adaptability of an intelligent process-driven system enables a holistic approach to safeguarding against threats.
Cyber threats are increasing.
The current approach isn’t working.
85% of cyber attacks would be mitigated by what are called the “hygiene factors” - for example CIS Critical Security Controls #1 through #5.
We believe the answer to this is taking an example from the aviation industry. They created a Flight Safety Culture.
We need to create a Cyber Safety Culture – engaging everyone from the mailroom attendant through the C-Suite to the Board.
If you shoot in the dark how will you know if you hit something?
- Millions have been spent while the risk and exposure continue to increase. Why is this?
- Too often investment focuses on technical endpoints instead of hygiene factors.
- Separating logical and physical security leaves cavernous holes to be exploited by cyber criminals.
- Cyber security information is written in technical baffle-gab directed at an elite few living in the cyber industrial complex.
- Many implementations separate strategy from consideration of execution – they don’t sweat the details – leading to missed objectives.
Proactive not Reactive.
To anticipate threats we need to find the holes and close the gaps. Assess the risk and learn from it.
We are the flashlight in the darkness.