CYSPEX Breakfast Briefing is a Success!

CYSPEX Cyber Security Breakfast: From Threat to Solution

Is your organisation leveraging the competitive advantage of a positive cyber security culture? What is your organisation doing to promote cyber security and support the Government in making the UK the world's leading market place? It’s a fine line between protection and enablement –   how is your organisation dealing with the cultural and behavioural impacts? 

These questions and more were raised at the CYSPEX Cyber Security Breakfast held at the Houses of Parliament on the 1st March 2012.  It was a full house with attendees from the government, private sector and academia providing insights and responses to some of the challenges facing the UK in Cyber Security.

The event was sponsored by Templar Executives and Stratex Systems. Andrew Fitzmaurice, CEO, Templar Executives, introduced the speakers and set the scene explaining, “Today’s briefing is designed to promote the holistic approach required for effective cyber security and to hear from those in the public and private sectors who understand this and are actively contributing to the National Cyber Security Strategy".

Key note speakers included; Andrew Miller MP and Chair of the Science and Technology Select Committee, Adrian Leppard, Commissioner of Police for the City of London, John Cook, Head of Defence Security and Assurance Services, Ministry of Defence, Simon Parker, Chief Information Officer, Babcock International Group PLC and Rena Lalgie, Deputy Director of Cyber Security, Department for Business Innovation and Skills. Both Baroness Paul Neville-Jones (Special Representative to Business on Cyber Security) and Lord Errol supported the event and participated in the lively audience debate that followed. All of these attendees are prominent in the actions they are taking to develop the UK’s Cyber Security maturity response.

Andrew Miller MP opened the session by highlighting it is imperative for government and business to work together to tackle the cyber threat which is growing and “increasingly complex and dynamic”.  Commissioner Leppard re-enforced this by stating that last year alone, fraud cost the UK economy £38.6billion.

Commissioner Leppard outlined the plans of the Economic Crime Unit and National Fraud Intelligence Agency and the steps they are taking to centralise the capture of fraud intelligence. The Commissioner concluded by saying; “the threat of internet crime is increasing exponentially and whilst both the government and the private sector have responded positively to this challenge we have got to keep the pace going” a view that was echoed by all speakers.

John Cook from the MoD and Simon Parker, CIO of Babcock shared the approach that their respective organisations are taking to increase their Cyber Maturity capability. Simon Parker explained that technology was only part of the picture; to be effective the culture of the organisation needed to be changed by carrying out training, at all levels, to raise awareness. Both the speakers concurred that organisations need to do more to articulate their information risk appetite and manage risk in accordance with that appetite.

John and Simon also emphasised the need for the board to endorse a Cyber Security strategy and drive change from the top. Implementing effective cyber security requires everyone within an organisation to be accountable and take responsibility for understanding the threats and vulnerabilities they face and how they can prevent them. Addressing the supplier  market, John Cook said suppliers need to “take action to ensure and demonstrate they have sufficient cyber security measures in place in what is a dynamic challenge that none of us can afford to ignore.” It was noted that those suppliers who did take action were not only contributing to the overall aim of the National Cyber Security Strategy – making UK Plc the place to do business – but also gaining a competitive advantage.

Rena Lalgie called for a shift in emphasis so that cyber security is seen as an enabler for economic prosperity and that there needs to be a focus on galvanising and partnering with the private sector to deliver the change necessary in this area. Cyber security should be an integral part of how companies manage their corporate risk.  

In his closing remarks Andrew Miller MP commented on the next generation of the UK workforce and observed “the missing link is in education; technical and practical skills and behavioural change need to be taught and embedded in the education process.  We need to shift the dynamics so young people grow up knowing how to protect their own work and are used to working in that way.”

 

To find out more about the speakers and CYSPEX please visit the CYSPEX website www.cyspex.com

StratexSystem's Consultancy Partner’s Productivity Improved by 20-30% with StratexPoint

StratexSystems are pleased to announce the success of one of our key consultancy partners who have seen a 20-30% jump in project productivity through the use of StratexPoint as a project delivery tool. By delivering more for less, over a shorter time frame, our consultancy partner’s clients have seen considerable benefit, as have our consultancy partner with extended project benefits.

Our software solution, StratexPoint, is an integrated strategy execution and risk management solution built on Microsoft SharePoint. By using this unique product organisations are able to clarify their strategic objectives, align their risk appetite and manage their key risks to enable the sustainable execution of their strategy. The traditional approach of most consultancy firms is the design the strategy and/or risk frameworks using an array of spreadsheets and powerpoints. This often involves a significant amount of re-working, re-presenting data and information which adds little value to the project but is very time consuming. Seeking to eliminate this non-value add effort during projects, our consultancy partner selected StratexPoint as its enabling technology platform as it is built in SharePoint meaning it is familiar, easy to use and very fast to ‘slice’ information for different audiences.

In addition to eliminating time consuming spreadsheet and powerpoint manipulation, our consultancy partner has not only deliver productivity increases of 20–30% but also found StratexPoint enables it to rapidly create momentum, builds buy-in and support early in the project and allows clients to clearly see what the future of strategy execution and risk management may look like.

Andrew Smart, CEO and founder of StratexSystems, said "When StratexPoint is embedded into a consultancy's delivery process, it creates a compelling consultancy proposition which adds real value to clients. With our shared view that strategy and risk management must be integrated to ensure the strategy is sustainable, working with this consultancy partner, we are able to deliver significant additional value during the project phase and should clients chose, on an ongoing basis."

StratexPoint Enhanced Dashboard Taster

Over the last few months, the team at StratexSystems has been collaborating with existing and new clients to improve our solution. Below is a taster of our enhanced dashboards. 

The Strategy Execution overview dashboard is designed to provide senior executives with the information to enable them to understand how well they are executing their strategy while managing their risks. 

For those that like Gauge Dashboards, StratexPoint introduces the Indicator Overview Dashboard. This provides a snapshot of indicator status for all indicators within a business unit. This can be viewed as a stand-alone dashboard or as a drill-down from the Strategic Overview Dashboard.

To get the detail of an objective, this drill-down dashboard provides a single page view of everything related to an objective, KPI status and trends, actions etc.

The Key and Emerging Risk Dashboard is designed to enable our clients to understand their level of exposure for both key and emerging risks, how that has changed over time and where the ‘Top 10’ exposures for each are.

For a free thirty day trial of StratexPoint click here. 

Risk Management and Spreadsheets

Many organisations are now using spreadsheets to monitor and manage their risks but research suggests that this could be inefficient and impractical for risk managers.

Software, such as StratexPoint, allows risks, that an organisation face, to be clarified, aligned and effectively managed. StratexSystems believe that every business should be able to execute their business strategy whilst operating within an acceptable level of risk exposure. With a series of easy-to-deploy visual tools, like those provided in StratexPoint, risk management can be made more efficient and effective, for any organisation.

The following papers reinforce the view that spreadsheets are not the best risk management tool; throughout the papers, common weaknesses and limitations when using spreadsheets to manage risks, particularly within the financial sector, are discussed.

http://blogs.hbr.org/cs/2010/09/basel_iii_and_the_problem_with.html

http://arxiv.org/abs/0908.4420

http://www.spreadsheetrisks.com/SpreadsheetsLondon.pdf

 

US banks told to protect businesses more from cybertheft

As a small parts supplier for the troubled US automotive industry, the Michigan-based Experi-Metal was constantly seeking ways to cut costs and improve efficiency. Online banking was no exception: the manufacturer signed up for that service in 2000 at the behest of Comerica, its bank.

Experi-Metal regularly received emails from the Dallas-based bank with instructions. So controller Keith Maslowski was not surprised in early 2009 when one arrived that directed him to fill out a “Comerica business connect customer form”. He typed in his user name, password and pin number from a token at 7.35am on January 22, three weeks into his employer’s 50th anniversary year. Less than seven hours later, Experi-Metal’s coffers were empty.

Read the full story on FT.com

StratexSystems Partners with Cyber Security Experts to Develop Strategic Cyber Security Solution

StratexSystems, a provider of integrated strategy execution and risk management solutions is pleased to announce the launch of CYSPEX (Cyber Strategic Programme Execution), a unique, comprehensive cyber security solution designed to provide boards and senior executives with a holistic view of their organisational cyber security status. 

Developed with the combined Cyber Security and Risk-Based Performance Management expertise of Templar Executives (www.templarexecs.com) and Manigent (www.manigent.com), CYSPEX enables organisations to monitor and implement the delivery of their cyber strategy while managing and mitigating the organisation’s cyber risks in line with their risk appetite. Not only does this ensure your organisational information is secure and managed through its lifecycle, it also means information is delivered in a timely, relevant and valued manner.

An organisation’s value is increasingly made up of its information assets, such as patents, designs and custom databases, and how well they exploit them. As a result, these are increasingly coming under attack from a range of individuals, including commercial and governmental parties. In this environment, cyber security has to be a board level responsibility and solutions must deliver tangible business benefits.

Recent figures show that 92% of large organisations are currently experiencing losses from cyber incidents[1] which involve their information being lost or stolen and infrastructures being taken offline, or more worryingly, taken over. Poor cyber security can cost your business directly, through fines and litigation fees, and indirectly, by damaging your brand value, competitive advantage, productivity and revenue streams. 

As experienced Risk Management Software Providers, StratexSystems are aware of the impact cyber risk can have on businesses: CYSPEX (Cyber Strategic Programme Execution) is a unique and comprehensive cyber security application designed to provide boards and senior executives with an holistic view of their organisational cyber security posture. Developed with the combined Cyber Security and Risk-Based Performance expertise of Templar Executives and Manigent, CYSPEX enables organisations to monitor and manage the delivery of their cyber strategy while managing and mitigating the organisation’s cyber risks in line with their risk appetite. Not only does this ensure your organisational information is secure and managed through its lifecycle, it also means information is delivered in a timely, relevant and valued manner.

StratexSystems CEO and Founder, Andrew Smart said: “We are excited to be partnering with Templar Executives to develop this innovative cyber security solution. Cyber Security is moving up the agenda of our clients but we believe there is a need for a strategic approach which is aligned to business strategy”.

Templar Executives CEO and Founder, Andrew Fitzmaurice said “The UK Government and UK PLC are increasingly recognising the holistic nature of the range of threats posed by cyber-attacks, and every day we seem to wake up to reports of another cyber security breach. Indeed, recent events such as the Stuxnet incident, and incidents at leading organisations such as HMRC, HSBC and Zurich Insurance plc, demonstrate the need for a comprehensive solution which enables a mindset change regarding Cyber Security. With our partners, StratexSystems we believe that CYSPEX will provide, for the first time, organisations with an opportunity to develop that much needed solution”.

www.cyspex.com

[1] State of Security Survey, 2011, Symantec

How Clients Use Our Solution: Initiative Management Case Study

The Situation

The IT infrastructure function of a major investment bank, with staff in over 45 centres globally, needed to improve their current infrastructure and enable the business to achieve their objectives. This function undertakes over 100 major initiatives each year with significant capital investment and people involved and therefore consistent, clear delivery was vital.

The Challenge

With on-going pressure to tightly manage costs, reduce headcount and meet regulatory pressure, the IT infrastructure function were faced with the challenge(s) of:

Read More

Webinar Download: 'How to deliver an effective, robust risk framework while responding to regulatory action'

Following Part Two of our How To Webinar Series, please download/stream the recorded webinar, free of charge, by visiting: http://www.screencast.com/t/4nxvomaas72B

To register for Part Three ‘How to Lower your Operational Losses via improved Risk Management’ and/or Part Four ‘How To Leverage SharePoint for Risk Management’ visit: http://www.stratexsystems.com/how-to-series/

By registering, you will automatically receive a downloadable/stream-friendly version of the webinar, as well as access to the live session.