Bringing cyber to the Board of Directors & C-level · Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus ... website, contact centers,
Post on 03-Jun-2020
2 Views
Preview:
Transcript
Bringing cyber to the Board of Directors & C-level
and keeping it there
Dirk Lybaert, Proximus
September 9th 2016
5
€ 6 billion
Underlying Revenue
€ 1,7 billion
Underlying EBIDTA
€ 1,53 billion
Contribution to the Belgian state
€ 1 billion
Investments
14,000 FTE’s
6
Towards the best mobile experience and seamless connectivity
Secure sharing with our own Cloud and Security
expertise
A full range of Communication &
Collaboration platforms
Rich and varied content available on all screens
A superior customer experience through all channels:website, contact centers, retail outlets, email and social media
WAN-LANConnectivity
Network-basedCommunications
Professional Services
Datacenter Infrastructure
Network-enabledServices Internet of Things
Telco IT
Communication& Collaboration
Security
Cyber Security has always been a priority for Proximus
Manage risks
Protect customer’s information & company assets
Business continuity
Legal & regulatory compliance
Offer safe & secure solutions
Securityportfolio
Safe & secureservices
&
29 August 2016 Sensitivity: Internal use only 12
It started 2,5 months earlier
when we detected a malware
Communication is key
Multiple stakeholders
Intensive preparation
Timely & transparent
Based on known & verified elements
Don’t enter into speculations (the press will do for you…)
Preserve legal investigation
Innovation
Company Culture
Competitive Market Dynamics
Business Model Evolution
Product & Serviceperformance
Customer Experience
Long term Ambitions VsShort Term Return
Legal/ Regulatory
Equipment & Technology
Employees Skills &Motivation
HR cost & flexibility
Environmental Liability
Macro- Economic factors
Partnership & M&A
Image & Brand perception
Compliance & data privacy
Hacking & Cyber attacks
Disasters
Supply Chain
Political Evolution
0102030405060708090
100
Hacking & Cyber attacks
Reviewed by ExCo & Audit Committee
Proximus cyber security program
Purpose
46 million € investment 2014-2017
reduce risks on information security
detect faster the incidents and provide
an effective response
Company transversal approach
Steering by ExCo & regular reporting to Board of Directors
Policies
Architecture
Compliance
Organization
Strategy
Risk management
Security in development lifecycle
Security testing
Suppliers
Limit entry points
Limit propagation
Limit risks of theft
Patching/updates
Access control for devices & users
And much more…
Segmentation
Administrator access
Encryption
Monitoring 24/7
Incident response & containment
Threat intelligence
Forensic research
International collaboration
Leveraging our internal expertise to help customers
CSIRT as a service
Response
Readiness
Breach
investigation
Incident
Response
Proactive
diagnosisMonitoring
We are subject to strict regulation
EU General Data Protection Regulation (2016)
European Framework Directive 2009/140/EC-> Belgian Telecom Law (2005)
Privacy Act (1992)
“If the rate of change on the outside exceeds the
rate of change on the inside, the end is near”
Jack Welch
29 August 2016
Sensitivity: Confidential
43
Security as Enabler for Business Transformation
New Way of Working
Big Data
Internet of Things
Enabling Company
Security as business objective and enabler for business transformation - 3 drivers
& &Offer safe & secure solutions
Securityportfolio
Safe & secureservices
Certification
Enable business transformation
New Way of Working
Big Data
Internet of Things
Enabling Company
Manage risks
Protect customer’s information & company assets
Business continuity
Legal & regulatory compliance
Insurance coverage
top related