Cyber Risk Management & People driven Awareness

Cyber Risk Management & People driven Awareness

2020-06-07 Cyber risk management.jpgFriday 29 May 2020

May 19, the virtual session for CEG Information Security group took place. For the almost 30 participants in the Teams session, a nice program was presented by Richard Verbrugge, Information Security Awareness Manager at ABN AMRO and Sjaak Schouteren, CIPP-E, Cyber Development Leader at Marsh. The recordings of both presentations has been made available.

The extensive report that has been drawn up after the session can be found in the online Knowledge Base. Here you can also find the presentations of Richard and Sjaak (behind the login on 'myCIO'):
"New awareness Approach ABN AMRO" & "Cyber Risk Management"

“Replace the annual e-learning about information security with a continuous learning program that teaches employees to recognize risks in different situations.”
Cyber ​​Security Awareness is especially important at this time with many colleagues working from home, often on BYOD and a great hunger for information about corona (which criminals like to respond to). ABN AMRO approaches this differently today than it did a few years ago. Namely, the 'one size fits all' approach to an awareness campaign no longer suits their employees. Colleagues who were already aware dropped out, answers to compulsory e-learnings were widely shared and the content was quickly and statically outdated.

The new approach increasingly focuses on addressing and helping people individually. With the help of data you tailor the offer to the individual employees. For example, every ABN AMRO employee is now required to spend 5 minutes per month learning about cyber security - continuous learning. People are trained to recognize risks and to know how to act in different situations. The entire presentation of Richard Verbrugge, Information Security Awareness Manager at ABN AMRO, has been recorded and can be viewed here.

"In order to make a good choice for a cyber insurance, the risks must be qualified, quantified and managed."
Within the community of the CIO Platform Nederland, the subject of cyber security insurance has often been topical. Through the CISO Network, we came across Sjaak Schouteren, CIPP / E Cyber ​​Development Leader Marsh, who acts as a broker between the insured and the insurance company for various members. In his presentation he took us into what he sees happening in this market, both on the side of the insurers and on the side of the organization that want to take out insurance.

The most important lesson Sjaak gave: break through the silos within the organization! Know exactly what is going on throughout the organization. There is too little holistic look at cyber risks, much more needs to be discussed outside departments across ICT about current developments, threats, availability of data, etc., not just by IT or Security or CFO. He gave the CISOs an assignment as a good preparation in the process towards a cyber insurance: Discuss the following points within your organization, perhaps during a virtual day start or drink:
=> What are your crown jewels (different perspectives in different departments, depending on what you are judged on, where can your organization get maximum pain)?
=> What costs an hour down, loss of data, what damage can we have, what risk apetite is there?

You can view the explanation per topic here:

  1. Introduction: Sjaak Schouteren and Cyber Risk management on the agenda
  2. Cyber Risk Management explained in more detail
  3. Insurance coverage form insurers covered by cyber crisis risk management
  4. Reflection from studies and own experiences at the start of closing a cyber insurance
  5. Developments at the insurers
  6. The 1st step: Risk management exercise during the online Friday afternoon drinks

In the course of this week, the other 3 videos will be online.
Would you like to receive a message if this is done? Mail to marloes@cio-platform.nl.

Tags
Blog Engels
CIO Platform Nederland
Information Security

« Back

More news

Launch guideline for successful cooperation

2021-05-18 Nieuwsbericht Richtlijn succesvolle samenwerking.pngTuesday 18 May 2021 In close cooperation between CIO Platform Nederland and NLdigital the ‘Guideline for successful cooperation’ has been launched. The guideline provides guidance towards more predictability and transparency in the relationship between providers and users of software. Download the guideline, implement it and make sure to let us know to what extent the guideline is (in)effective in practice. full story
Tags
CIO Platform Nederland
Vendor Relations

Article by FD about GDPR-compliance featuring CIO Platform Nederland finds national audience

AVG 2.jpgMonday 12 April 2021 On April 5th, the Financieele Dagblad published an article with contributions from CIO Platform Nederland about the issues business users face concerning compliance with the GDPR. The article did not remain unnoticed, but also contained a few inaccuracies. Please find below both amendments and a reference to the parliamentary questions asked and other publications in the media based on the article. full story
Tags
CIO Platform Nederland
Vendor Relations

Advisory report NL Cyber Security Council advises an integrated approach to cyber resilience with management at the highest level

CSR Adviesrapport.jpgWednesday 07 April 2021 Yesterday, the demissionary Minister of Justice and Security presented the Cyber Security Council's CSR Advisory Report "Integrated approach to cyber resilience" to the House of Representatives. It contains concrete (strategic) measures to be taken in the short term to get our cyber resilience to the necessary level as quickly as possible, including the corresponding investments of € 833 million. CIO Platform Nederland, represented in the council by Claudia de Andrade - de Wit, is pleased with the publication and emphasizes the importance of the central approach full story
Tags
CIO Platform Nederland
Information Security

Inspiring Board webinar Data Rules!

21-03-02 Data Rules intro Sjoerd.pngThursday 18 March 2021 'Data Rules!' - our inspiration-webinar on value creation through data- specifically designed for the (non-) executive board members and CxOs of the member organizations of CIO Platform Nederland was a huge success! Expert speakers from Alliander, DPG Media, Pon, Royal Schiphol Group, PostNL, Picnic Technologies, Rijkswaterstaat and Radboudumc inspired the interactive audience on the importance, opportunities and impact of data. full story
Tags
CIO Platform Nederland
Digital Strategy

View all news items through the archive

Close