Cyber Security Catalogue
CyberSecurityCatalogueInformation Protection and Business ResilienceNew ventures must be prepared to face fierce competition
KPMG CYBER SECURITY OVERVIEWThe constantly evolving threat landscape means that cyber riskis an everyday business consideration, in the same way thatthreats in the real world has always been. Cyber security is not aquick technical fix nor is it a matter solely for the IT department.KPMG South Africa’s Cyber Security team assists organisationsin transforming their security, privacy and continuity controlsinto business-enabling platforms while maintaining theconfidentiality, integrity and availability of critical businessfunctions. The KPMG Cyber approach strategically aligns withour clients’ business priorities and compliance needs.THE KPMG CYBER APPROACHThe KPMG Cyber approach is designed to be simple, effectiveand most importantly, aligned with the business needs of ourclients.Our services are segmented and supported by specialisedteams, providing our clients with the right resources for anyparticular cyber-related need. Below is a breakdown of serviceofferings and our approach to cyber security:Cyber Assurance Services incl. ISO, ISAE, PKI/NIST, etc.1
CYBER READINESS ASSESSMENTKPMG’s Cyber Readiness Assessment (CRA) provides an in-depth review of an organisation’s ability toprotect its information assets and its preparedness against cyber threats. The cyber security landscapeand the associated threats evolves at a rapid rate. The focus on cyber security is increasing accordingly,fuelled by the many high profile and highly disruptive/ damaging security breaches reported every day.As a result, organisations are subject to increasing amounts of legislative, corporate and regulatoryrequirements to show that they are managing and protecting their information appropriately. It is alsoincreasingly common for government buyers and large corporates to demand confidence in informationmanagement as a qualifier for lucrative contracts or partnerships. With the stakes so high, organisationsmust decide on their cyber risk appetite and how they will respond. We can work with you to give you theadvice and challenge you need to make decisions with confidence.WHAT IS A CYBER READINESS ASSESSMENT?KPMG believes that we offer a unique service in the market thatlooks beyond pure technical preparedness for cyber threats.It provides a holistic view that analyses people, process andtechnology to enable clients to understand areas of vulnerability,to identify and prioritise areas for remediation and todemonstrate both corporate and operational compliance, turninginformation risk to business advantage.In developing the assessment, KPMG has combined internationalinformation security standards with global insight of best practicein risk management, cyber security, governance and peopleprocesses. This global framework and approach provides abenchmarking view against your peers, and provides a modularand scalable approach that addresses six key dimensions of anorganisation’s cyber readiness, as shown below:2
CYBER GOVERNANCE AND RESILIENCESooner or later any cyber defence will be breached. Organisations need to develop cyber resilience, a continuum oftested processes that enable it to respond appropriately to incidents of all sizes, including those which escalate andthreaten the survival of the organisation itself. Focusing on technology alone to address these issues is not enough.Effectively managing cyber risk means putting in place the right governance and the right supporting processes,along with the right enabling technology. KPMG has assisted some of the world’s largest organisations in definingthe cyber governance strategies, and establishing the right controls and capabilities to be cyber resilient.KPMG’S CYBER GOVERNANCE AND RESILIENCE APPROACHIt is essential that leaders take control of allocating resourcesto deal with cyber security, actively manage governance anddecision making over cyber security, and build an informed andknowledgeable organisational culture.KPMG’S APPROACH FOCUSES ON ADDRESSING KEYQUESTIONS THAT ARE TOP OF MIND FOR OUR CLIENTS:Our Cyber Governance Health Check identifies areas in whichthe board should act to improve its cyber risk management.KPMG will perform an assessment of the current Policies andStandards, Organisational Structure and Reporting Frameworkrelating to cyber security based on leading practice standardsand frameworks and provide a report highlighting the areasof concerns and provide recommendations for closing thegaps. Once priorities have been set, KPMG can assist clientsin defining and developing their cyber security policies andstandards, organisational structure and reporting metrics. How big are cyber risks for our organisation and theorganisations we do business with? Do governance processes and the organisational cultureenable effective cyber risk management? Are we prepared to act in the event of a crisis or incident?Do we know how we should communicate and whoshould do it? Do we know which processes and/or systems represent thegreatest assets from a cyber security perspective? Do our partners have the same risk appetite and cybersecurity measures as we do?Cyber GovernanceAn articulatedCyber Strategy3ExecutiveCommitmentDefined andEmpoweredRoles andResponsibilitiesClear ReportingandCommunicationChannelsUnderstanding ofCyber Assetsand RisksIn-force Policies,Procedures andGuidelines
DATA GOVERNANCE AND PRIVACYKeeping data safe is no longer an afterthought at most organisations. Privacy has taken the global spotlight aswe see mainstream organisations suffer severe reputational and financial damage resulting from informationbreaches. It is becoming increasingly relevant as organisations begin processing and extracting value from datain new ways through new technologies. Around the world, data protection and privacy legislation is increasinglyimportant, and increasingly inconvenient. KPMG takes a business centric risk-based approach to Data Governanceand Privacy, which focuses on both the technical and governance layers.WHAT’S ON YOUR MIND? Do we know what sensitive information we have,where it is stored, who has access to it, and howit is destroyed? Are we complying with the relevant regulatoryand international certification standards? Are we spending our time and money in the rightareas? Is the board demonstrating due diligence,ownership, and effective management ofinformation risk?We have identified eight high-risk focus areas highlighted in thediagram below, and offer guidance based on an augmented DataGovernance life cycle to assist organisations in minimising riskand maximising control over data.The information that an organisation possesses and uses is its mostvaluable asset. As data becomes more complex in today’s digitalera, it is ever more important that information usage and protectionbe transparent. Customers, regulators and partners demand dataprivacy. Good data governance reduces the risk of accidental and/or deliberate breaches of client information, employee data and/or intellectual property, and ultimately supports brand protectionand increased enforcement of policies both internally and withthird parties. In a world where data loss is heavily publicised andpenalised, getting this right is proving financially significant, bothfinancially and from a reputation standpoint.OUR APPROACHKPMG provides clients with assistance in two primary areas: Data Governance Processes: KPMG supports clients increating and implementing the appropriate policies andprocess while advising on thirdparty management. Technical Platforms: KPMG advises our clients on theappropriate technical solutions for their needs, andpartner with some of the leading solution providers tobring you the best capabilities.4
EMERGING TECHNOLOGYRISK ASSESSMENTTechnology is playing a key role in capitalising on new business opportunities in an ever-competitive business world. Weexpect new global players to increasingly emerge and challenge market leaders. While the U.S. continues to be the techleader, other countries vie for that position. Multiple versions of “Silicon Valleys” are springing up in tech hubs such asTel Aviv, Shanghai, Tokyo, London, New York and Seoul as a tech economy builds with start-ups and innovations.Cloud and mobile continue to power the shift to a new portfolioof emerging technologies: the Internet of Things, data &analytics and 3D printers, to name a few. The prospect ofdrones, digital currencies, robotics and artificial intelligencegoing mainstream adds a new dimension to the technologyindustry landscape.OUR APPROACHAs the scope of technology disruption increases, many newmonetisation opportunities and business models are emerging.The rewards for embracing new technologies run deep, fromproductivity gains to cost efficiencies to quicker innovationcycles. Several risks loom large, however, with securityremaining the biggest concern as technology companiescontinue to figure out how to prevent the growing numberof hacking attempts and cyber-attacks that continue to makeheadlines. Governance and Controls Review: KPMG will review thegovernance processes and controls relating to access, securedevelopment and configuration, and incident and changemanagement.WHAT’S ON YOUR MIND? How do we balance technology risks and rewards? Are we achieving tangible benefits fromemerging technologies? Are we able to predict threats associated with newinnovations? Do we understand emerging technologies well enough toprotect your technology investments?5Our approach is to assist our clients to recognise and responsiblymanage the enterprise wide risks resulting from the adoptionand implementation of new and emerging technologies byperforming the following: Technical Security Assessment: KPMG will perform atechnical assessment aimed at ensuring that the infrastructureand security controls are implemented as designed andaccording to leading practice standards.
THREAT MODELINGCyber threats represent significant commercial and operational risk, yet many organisations do not know whatthreats they face, what their most crtitical cyber assets are, or who and what they are defending against. KPMG’sThreat Modeling approach aligns to industry leading standards and frameworks, including OCTAVE, IRAM2, and ISO27035 amongst others.Cyber threats represent significant commercial and operationalrisk. Many enterprises are vulnerable to breaches, downtime andnon-compliance and we understand your organisation, given itscomplex environments, company profile and pivotal importanceto the South African economy may also be susceptible to thesethreats and attacks.OUR APPROACHWe leverage a structured approach to identify potential threatsand vulnerabilities, along with the “cyber kill chain”.Our approach to threat intelligence reviews follows a twophased approach, as described below: IRAM2-aligned Threat Profiling Assessment: KPMG willperform an analysis of your current cyber threat environment,information assets, threats profiles, vulnerabilities as well asthe assets and associated threat events that could affect themutilising the IRAM2 methodology, from the Information SecurityForum (ISF).WHAT’S ON YOUR MIND? Are we aware of the threats we face, both internaland external? Will my firm’s existing combination of securitycontrols protect against a sophisticated cyberattack in practice? Are we extending our risk awareness to our supplychain and external vendors? Attack Path Definition and Kill Chain Mapping: KPMG willanalyse the current cyber threat countermeasures implementedby the organisation, and map these against the threats andrisks identified above, in order to map the events to attackpaths. These models will then allow us to assess the capabilityto prevent, detect and respond to cyber threats using theLockheed-Martin and Intel approach to the Intrusion Kill Chain.INTRUSION KILL CHAINReconnaissanceResearch,identificationand selection oftargets, oftenrepresented ascrawling internetwebsites such asconferenceproceedings andmailing lists foremail addresses,socialrelationships, orinformation onspecifictechnologies.DetectWeaponizationCoupling a remoteaccess trojanwith an exploitinto a deliverablepayload, typicallyby means of anautomated tool(weaponizer)increasingly, clientapplications datafiles such as adobePDF or MicrosoftOffice documentsserve as theweaponizeddeliverable.DenyDeliveryTransmission of theweapon to the targeted environmentusing vectors likeemail attachments,websites, and USBremovable media.ExploitationAfter the weapon isdelivered to victimhost, exploitationtriggers intruders’code. Most often,exploitation targetsan application oroperating on of aremote accesstrojan or backdooron the victimsystem allows theadversary tomaintainpersistence insidethe environment.DegradeCommand andControl (C2)Actions onObjectivesTypically,compromisedhosts must beaconoutbound to aninternet controllerserver to establisha C2 channel.Only now, afterprogressingthrough the firstsix phases, canintruders takeactions toachieve theiroriginalobjectives.Typically thisobjective isdata exfiltrationwhich involvescollecting,encrypting andextractinginformation fromthe victimenvironment.DeceiveDestroyRef: Lockheed Martin: Intelligence-Driven Computer Network Defense informed by Analysis of Adversory Campaigns and intrusion kill chain6
SECURE SDLCMost organisations have a well-oiled machine with the sole purpose to create, release, and maintain functionalsoftware. However, the increasing concerns and business risks associated with insecure software have broughtincreased attention to the need to integrate security into the development process. Implementing a proper SecureSoftware Development Life Cycle (SSDLC) is important now more than ever.The use of the internet and network systems has becomeall pervasive and increases the risk for data integrity duringsoftware development. Instilling secure coding practices andcontrols within the development lifecycle can reduce softwaremaintenance costs, decreases the number of security flaws andincreases software reliability.OUR APPROACHKPMG utilises a framework that encompasses the variousaspects that organisations should be addressing, namelysecurity policies and awareness, risk evaluations, securityarchitectures, security assessment tools and softwaredevelopment methodologies with the aim to create a repeatable,auditable process that does not rely on after-the-fact inspections,in a way that best suits the team. Requirements and Design: Identify the business objectivesand determine whether these align to the delivery of high qualitysystems, strong management controls and productivity Development: Conduct threat and risk assessments toidentify potential threats and vulnerabilities in order to minimizethe impact of attacks and assist in the development of riskbased test plans and use cases through defining actors, assets,services, roles and data sources etc. Testing: Conduct security testing including vulnerabilityassessments and penetration testing on software in a controlledenvironment to identify vulnerabilities. Perform code reviewsand make recommendations based on software security bestpractices and the results of the review. Live: Vulnerability management to ensure that environmentalscanning provides an accurate reflection of vulnerabilities andthat there is adequate coverage of the attack.Cyber Operations and Incident Response Services Be in a defensible position7
CYBER OPERATIONS AND INCIDENTRESPONSE SERVICESISO 27035Detect and ReportAssess and DecideRespondLessons LearntIn the unpredictable and fast-paced battle against cyber attackers, well-prepared incident response teams are a powerful weapon inan agency’s arsenal. Responsible for assessing security systems and responding to security threats, incident response teams play avital role in resolving issues and controlling damage of system breaches, malware exposure, and other security events.Your organisation is notified by an external party that theybelieve your company may have been “hacked” and yourcustomer data may be at risk. What do you do?WHAT’S ON YOUR MIND?You have now confirmed that an unauthorised individual or teamhas gained access to your systems and data. You’re not sureexactly what was accessed and what may have been lost. Whatnext? Is our incident response and monitoring programs tuned tocatch the attacks of today and not those of five years ago?If all security fails at some point, are we prepared to failgracefully by having a defined incident response program?Are you ready to manage a cyber- incident?8
CYBER OPERATIONS AND INCIDENTRESPONSE SERVICESWHAT’S ON YOUR MIND? The level of control measures implementedto address identified risks and reduce the impactof compromise? Why are we struggling to keep up with therequirements of fast-changing operationalrisk mandates? Does our monitoring process also identify risksto business? Are we extending our risk awareness to oursupply chain and external vendors?OUR APPROACHKPMG’s approach to Cyber Response is created in in accordancewith several international acceptable frameworks includingNIST, ISO and SANS. Our approach is refined through real-wordexperiences with a focus on actionable results, rules of evidenceand technical security experience. Contain and Investigate: During this phase, we helpdetermine the source, method, and impact of the breach event,while attempting to assist you in limiting ongoing damage.These efforts are typically a balancing act between investigatingand eradicating the threat. Responses can range from allowingthe malicious actions to continue in order to facilitate evidence Prepare and Train: One of the most common causes of agathering to an immediate suppression of malicious actions infailed response is lack of adequate preparation. KPMG can assistorder to limit damage.your organisation in establishing clear lines of communication,policies and procedures, and rules of engagement, in order to Recover: This phase consists of removal efforts that couldset the groundwork for a successful response if and when an not occur during the previous phases because of the potentialincident occurs. In a parallel track, our teams work continuously impact on investigative efforts or prioritisation of other activities.to keep current on the latest technical methods, tools, and The focus of this stage is to return the environment to normalcertifications for incident response.operations. Detect and Initiate: The trigger for this phase is a technicalalert, an indication of fraud, or other communications froman outside entity such as law enforcement or an Internetservice provider to your organisation. Our incident responseprofessionals help execute plans created during the preparationphase and provide answers to pressing questions, such as: Havewe been breached? Is the activity continuing? What are thepotential damages? Do we need to begin notification and selfreporting? Resolve: A significant work stream during this phase isvulnerability assessment and penetration testing. This workmay occur throughout the incident response process to supporttactical efforts, and is followed by a more comprehensiveprocess during this phase in order to determine the root causesof the malicious activity. This enables us to produce prioritisedrecommendations for improving the technical and governanceenvironments, which can help prevent similar events fromoccurring in the future. Report and Pursue: The final phase consists of engagementreporting and may include ongoing support activities related tolegal or civil pursuits of individuals or groups.9
VULNERABILITY AND PENETRATION TESTINGWhen a digital intruder accesses your network, they gain the ability to retrieve sensitive information andcompromise your databases. The fallout may impact your business and its reputation. Information systems areone of the essential components of all the business processes, and in order to protect critical data and provide ITsystems security it has become increasingly important to regularly evaluate the security of your computer systemsand network. By simulating an attack from external and internal threats, KPMG can perform periodic assessmentsto provide an effective roadmap for protection of your business’ critical information assets and address securitythreats before they are viable for a digital intruder.KPMG can help better protect your business’s critical andconfidential information. With highly qualified and experiencedprofessionals and proven tools, KPMG Vulnerability andPenetration Testing services provide objective and reliablesolution according to your specific needs, with tactical andstrategic security gap reports that support efficient closure ofkey vulnerabilitiesWHAT’S ON YOUR MIND? Can we reliably identify our vulnerabilities andreduce attack vectors available to digital intruders? Are we reliably addressing our key vulnerabilities? Are we able to detect when an attack is occurring?POTENTIAL BENEFITS TO YOU Identification of risks surrounding how the confidentiality ofdata may be compromised. Identification of poorly implemented security controls whichmay lead to performance and/or security issues.OUR APPROACHKPMG’s approach is based on the risks facing your organisation.Cyber attackers can target your network and eCommerceapplications from the other side of the globe. Employees mayalso be attempting to compromise your confidential information.Thus, three types of penetration tests are available: Vulnerability Assessment: We use industry recognisedvulnerability assessment tools such as Nessus, CyberArkand Acunetix to determine any vulnerabilities within theorganisation, whether the vulnerabilities have been identifiedby the organisation’s vulnerability management solution andwhether the organisation is able to respond and remediate thevulnerabilities using a structured approach. External penetration test: We assess and quantify threatsand vulnerabilities associated with specific target environments,such as Web servers, eCommerce sites, electronic mail serversand other publicly visible servers which could be targeted bycyber attackers. Internal penetration test: These help you focus on theprotection of critical data and resources, intranet servers anddatabases and administrative level accounts. This type of testcan identify risks which could be exploited by a disgruntledemployee.AFFORDABLE PIECE OF MINDKPMG strives to offer you value, reasonable professional feesand an objective assessment of your network security controls.Our team offers an impressive track record and network ofknowledge at your service. We have executed penetrationtests for both small and large organisations with a wide rangeof network designs and information systems, across all keyindustry sectors.10
SOCIAL ENGINEERING AND SECURITY AWARENESSEvery chain is as strong as its weakest link, and in cyber security this chain-link is often human. Employees withdirect access to protected assets are usually the most obvious target for those with malicious intent to gainaccess to sensitive information. By-passing security controls via Social Engineering methods provides a lowcost and often stealthy way for attackers to breach defences and setup further and more advanced attacks. Takingthese phenomenon into consideration, identification of the human risks and assessing the awareness level of theorganisation are critical tasks that can’t be postponed.OUR APPROACHThe assessment is performed by imitating the most commonand effective attacks and techniques used by hackers and isdesigned to measure the efficacy of existing corporate securitypolicies, security measures and employee training programmes. Security awareness campaign: Beyond assessing thelevel of users’ security awareness and periodically organisedawareness trainings, it is also important to sustain employees’awareness. The most effective method to achieve this is toorganise a campaign, which can help remind employees everyday of the most important security concerns.Our approach is broken up into three phases:Possible elements of the campaign: Assessment of security awareness level- socialengineering exercise: Social engineering is a collection ofattack methods and techniques, which exploit the deficienciesof user awareness. Illegal access to sensitive information, dataleaks or other security breaches could be based on employeesnot knowing the contents of security policies, or not observingthe rules. Technological solutions do not provide complete securityagainst social engineering attacks; the only one effectivecountermeasure is the improvement of security awareness. Thebest method to measure security awareness of an organisation’semployees is to perform a social engineering exercise. In thecourse of our engagement, the current security controls willbe tested by testing human factors, which will be completedby a number of techniques such as, dumpster diving, phishingattacks, impersonation via telephone and attempting to gainaccess to the organisations building. A fictional character or “comic book”-like series containingmotivating messagesPosters in the office promoting security awarenessScreensavers highlighting human factor threatsTests, exercises and games.Example of KPMG’s security AwarenessCourse MenuInformation Security BasicsSystem and Communication SecurityData SecurityPhysical SecuritySoftware Security Security awareness training: After identifying securityweaknesses emanating from human factors, the organisationcan determine the requirements of security awareness, followedup by training for employees. Its purpose is to inform colleaguesabout the security policies and rules of the organisation and thenecessity of observing them, as well as creating awareness ofthreats and attack types which target users.We recommend establishing our Training Programme at threelevels: separate trainings for all users, for management and forthe IT function. Specified training materials support participantsin recognising the relevant threats and related securitycountermeasures.11Standards for Information Security
CYBER INCIDENT SIMULATIONYour phone rings – sensitive information on your employees and your customers has been leaked –what do you do?ARE YOU READY TO MANAGE A CYBER INCIDENT?WHAT IS CYBER INCIDENT SIMULATION?We have observed through many high- profile examples, theanswer to the question is unfortunately not well-known byorganisations and the necessary reaction and response remainpoorly understood.KPMG’s Cyber incident simulation service helps yourorganisation examine and understand its current incidentresponse capabilities to better prepare for and manage cyberincidents.While organisations can attempt to manage a crisis as it evolves,the likelihood of success of this approach is very low. This isoften compounded by the use of untested incident responseplans or poorly defined organisational responsibilities.With proven experience in incident response, crisiscommunications, operations and incident response planning,KPMG’s cyber team will test and assess your people, your plansand processes by creating custom scenarios for you organisationthat replicate the challenges of real cyber incidents.The challenge is that cyber threats are increasingly complex andtheir effects are readily amplified through social media and a 24hour news cycle.The frequency and severity of today’s cyber incidents makethem unlike any crisis your organisation has likely dealt withbefore.This type of testing is an effective tool for your organisation toassess its current and desired state of incident preparednessand forms an important part of establishing your defensibleposition.Are you ready?12
CYBER INCIDENT SIMULATIONOUR APPROACHTo assess, test and improve your organisation’s ability torespond to a cyber- incident, KPMG uses a three step approachwhich can be customised to meet the needs of your organisationbased on your current level of preparedness.We will begin by working with you to obtain the necessaryinformation on business processes and areas on concernthat are essential for developing the exercises and simulationscenario.We then employ a combination of the following methods: Gamified workshop: KPMG will facilitate a workshop forthe organisations core operational and cyber security incidentresponse team (CSIRT). KPMG will utilise our proprietary cardbased game to simulate real world cyber security incidentsand the responses available to mitigate them. This gamefeatures real world scenarios and solutions to gain insight intocurrent cyber security threats. The game is played under thesupervision of KPMG experts who will engage in discussion withyour organisation around the concepts and threats that havebeen identified after the game has been played. This gamifiedworkshop will identify the threats faced by your organisation, theopportunity of those threats arising and the current capabilitiesyour organisation has to defend against the threats.13 Paper- based simulation: or your organisation’s incidentresponse plan and capabilities. This crisis scenario eventwill follow the full life cycle of an incident and the KPMGmethodology will be utilised in order to evaluate the capabilitiesto mitigate the risks involved. Scenarios will range acrossbusiness functions and assess your organisations full capabilitiesagainst cyber threats. During the test, KPMG’s cyber team willwork with you to review all elements of your current incidentresponse plan and provide actionable recommendations tostrengthen it. Red team/ Blue team exercise: A red/blue team exerciseinvolves KPMG’s Cyber Defence team simulating advancedattacks against your entire organisation. The blue team will becomprised of the organisation’s staff who will be divided into aseparate computer lab, modelled after your defence capabilities.These exercises comprise points based scenar
the cyber governance strategies, and establishing the right controls and capabilities to be cyber resilient. KPMG'S CYBER GOVERNANCE AND RESILIENCE APPROACH It is essential that leaders take control of allocating resources to deal with cyber security, actively manage governance and decision making over cyber security, and build an informed and
the 1st Edition of Botswana Cyber Security Report. This report contains content from a variety of sources and covers highly critical topics in cyber intelligence, cyber security trends, industry risk ranking and Cyber security skills gap. Over the last 6 years, we have consistently strived to demystify the state of Cyber security in Africa.
What is Cyber Security? The term cyber security refers to all safeguards and measures implemented to reduce the likelihood of a digital security breach. Cyber security affects all computers and mobile devices across the board - all of which may be targeted by cyber criminals. Cyber security focuses heavily on privacy and
Cyber Vigilance Cyber Security Cyber Strategy Foreword Next Three fundamental drivers that drive growth and create cyber risks: Managing cyber risk to grow and protect business value The Deloitte CSF is a business-driven, threat-based approach to conducting cyber assessments based on an organization's specific business, threats, and capabilities.
Cyber Security Training For School Staff. Agenda School cyber resilience in numbers Who is behind school cyber attacks? Cyber threats from outside the school Cyber threats from inside the school 4 key ways to defend yourself. of schools experienced some form of cyber
Cyber crimes pose a real threat today and are rising very rapidly both in intensity and complexity with the spread of internet and smart phones. As dismal as it may sound, cyber crime is outpacing cyber security. About 80 percent of cyber attacks are related to cyber crimes. More importantly, cyber crimes have
DHS Cyber Security Programs Cyber Resilience Review (CRR) Evaluate how CIKR providers manage cyber security of significant information services and assets Cyber Infrastructure Survey Tool (C-IST) Identify and document critical cyber security information including system-level configurations and functions, cyber security threats,
Cyber security in a digital business world 68% of cyber security leaders will invest more in security as their business model evolves. 44% are using managed security services 21% report that suppliers and business partners were the source of a cyber attack in the last 12 months www.pwc.co.nz/gsiss2017 Cyber security in a digital business world
A First Course in Scientific Computing Symbolic, Graphic, and Numeric Modeling Using Maple, Java, Mathematica, and Fortran90 Fortran Version RUBIN H. LANDAU Fortran Coauthors: KYLE AUGUSTSON SALLY D. HAERER PRINCETON UNIVERSITY PRESS PRINCETON AND OXFORD
