PowerPoint Presentation

[Audio] Contents 02 An Introduction to CBCM, ISO 04 What is Cybersecurity ? 08 What is Business Continuity? 10 Cybersecurity Behavioural rules 11 Anti-spam plug-in tool in Outlook 12 Data Classification for files and emails 13 Security Incident Management 15 Appendix : WFH / Phishing Emails.

[Audio] Cybersecurity and Business Continuity Management (CBCM) IMI CIB Division - International Department - International Hub Branch Update: July 2021 IMI CIB Division - International Department - International Branch.

[Audio] Information Security Officer (ISO) The Local Information Security Officer hierarchically reports to Cybersecurity and Business Continuity Management (CBCM) of the Chief IT, Digital and Innovation Officer Governance Area (CIDIO). Ensure oversight of cybersecurity, IT security, business continuity and IT fraud at International Branch level, in coordination with the competent central functions. Ensure, in coordination with the competent central functions, the adaptation and application to the local context of the Group's policies and guidelines on cybersecurity, IT security and business continuity. Monitor local regulations changes within the relevant areas of responsibility, updating the relevant legal inventory. Continuously evaluate, in coordination with the competent central functions, the impact of internal and external regulations, including technical standards, on local processes and procedures, proposing changes aimed at ensuring adequate control of the relevant risks, including those related to the use of third parties, and substantial compliance with Group regulations and local regulatory requirements. Define and keep the IT Security Plan at International Branch level and the Sectoral Business Continuity Plan. Ensure, within the relevant areas of responsibility, local supervision of relations with supervisory bodies, institutional bodies, judicial authorities and the Police Force, guaranteeing disclosure by and involvement of the competent corporate control functions. Spread the culture of cybersecurity, IT security, IT fraud prevention and business continuity in the Branch, in coordination with the competent central functions and providing advisory support in the context of specific initiatives and projects of the Branch. Support and verify the application at local level of external and internal regulations on cybersecurity, IT security and business continuity, in collaboration with the competent functions of the Chief IT, Digital and Innovation Officer. Ensure the execution of controls and monitoring aimed at guaranteeing adequate oversight of cyber, IT security and business continuity risks..

[Audio] What is Cybersecurity? The practice that allows to protect digital assets in terms of confidentiality, integrity and availability (C.I.A.) of both organizational and technological resources to support company processes and services…. *definition from ISP Group Cybersecurity Guidelines People Users must understand and comply with basic data security principles like choosing strong passwords, being wary of attachments in email, and backing up data. Learn more about basic cybersecurity principles. .. also Processes & Technology Types of cybersecurity threats : Phishing, Ransomware, Malware, Social engineering etc. Cybersecurity Information Portal https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html Web mail, social web-site and storage web services are blocked for Hong Kong branch as recommended by HKMA (local regulator) Cybersecurity: the practice that allows to protect in terms of confidentiality, integrity and availability of both organizational and technological resources to support company processes and services - already typical of IT security - and the ability to guarantee resilience, robustness and reactivity in facing the threats that come from cyber space, defined as the complex ecosystem resulting from the interaction of people, software and services on the Internet by means of technologies, devices and networks connected to it..

[Audio] Technology solutions aren't enough - adopting the right behaviors is key to cybersecurity.

[Audio] In particular, 90%1 of cyber incidents are triggered by the human factor due to inappropriate behavior 90%1 of all safety incidents result from some form of human error.... Click on malicious links and give away credentials Browsing malicious websites and connecting to insecure networks Mismanagement of devices (e.g. loss, compromise,...) and carelessness when sharing data and information ...with potential significant direct and indirect impacts for Hong Kong Branch Regulatory fines Business disruption Loss of reputation Direct economic impacts Expensive remediations Using company credentials for personal activities (e.g. registering on websites or social networks) 1. IBM Cybsersecurity Intelligence Index.

[Audio] 10 golden rules to always keep in mind Manage your company credentials carefully (e.g., don't use them to register for web or social services) Always make sure of the identity of the interlocutor (e.g. phone calls) and of the sender of E-mails, SMS and documents Do not share Bank’s information (e.g., organizational chart, processes) outside of it (e.g., on Social) Be careful when browsing the web and only download software allowed by company policy Keep your business devices safe by not allowing access to third parties Do not reconfigure the security settings of devices provided by the Bank Do not use company devices (e.g. Laptop, Smartphone) for personal activities and vice versa (unless authorized) Use Data Loss Prevention tool to classify documents and emails Immediately report any computer incidents (e.g., possible malware, lost device, etc.) Limit information shared (e.g., via email, SharePoint, etc.), especially to third parties, to business purposes only 10 9 8 7 6 5 4 3 2 1.

[Audio] What is Business Continuity? The capability of an organization to continue the delivery of products or services at pre-defined acceptable levels following a disruptive incident (from wiki) ISP Governance : Business Continuity Guidelines & Crisis Management Model Local regulation (HKMA) : TM-G-2 Business Continuity Planning BIA – Business Impact Analysis  BCP for Critical activities and resources systems based on RTO (Recovery Time Objective) BU – Building unavailable scenario CPU – Critical Personnel unavailable scenario DR – Disaster recovery (for IT systems) Drill Tests  Simulate the activation of BU, CPU and DR scenarios Critical activity required 48<= RTO.

[Audio] Intesa Sanpaolo Group Business Continuity Guidelines.

[Audio] Cybersecurity Behavioural rules Subject: Welcome on board : Hong Kong: Cybersecurity and Business Continuity Management (CBCM)- share of resources and tools Dear xxx, Welcome on board ! I would take this opportunity to share with you the Cybersecurity Behavioural rules (attached) with the sections: How to… 4.2. manage IT tools (and the password rule) 4.3. safely communicate 4.4. browse the Internet safely 4.5. report a suspicious situation 4.6. manage documents safely Enclosed also the email for the intro of the anti-spam plug-in tool in Outlook for your reference. When you receive any suspicious email for phishing or spam, you please follow the instructions to report accordingly. Feel free to contact me if you need further information in Cybersecurity and Business Continuity topics. Have a good day, Kenneth, CBCM Hong Kong.

[Audio] Anti-spam plug-in tool in Outlook To report suspicious email.

[Audio] Data Classification for files and emails To classify your data in file and email In File Explorer, when you right-click a file (excel, word, PPT, PDF), you will see the option “Classify and protect”. In Outlook, when you prepare an email, you will find the label as above under the toolbar… DATA CLASSIFICATION PROCEDURE The DLP infographic There is a Frequently Asked Questions (F.A.Q.) available in Intranet (In English after the Italian version): link.

[Audio] Security Incident Management ISP Hong Kong Branch Incident Management Process.

[Audio] Reporting anomalies and theft or loss of devices In the event of anomalies and systems’ problems it is necessary to consult your Manager/IT/CBCM, to evaluate the possibility to activate the incident management process. Even in case of theft or loss of devices containing Company data or the access badge to the ICC office, it is necessary to promptly report the event to your Manger/IT/CBCM so that the transmission process can be activated urgently by the dedicated support structures, the credentials can be blocked, and the regular procedure of reporting can be activated. In the same way episodes of suspect misappropriates or data leakage must be promptly reported so that the transmission process can be activated by the dedicated support structures and they can adopt the necessary countermeasures to handle notifications to the authorities. * Recap the 10th golden rule (slide 7).

[Audio] Appendix Work From Home - Six Security Tips for Home Office English version : https://www.hkcert.org/my_url/en/guideline/20040303 Never Share the Work Device’s Account with Others Ensure Privacy in the Working Environment Ensure Security of Working Environment Ensure Wi-Fi Connection is Secured Protect Data Strictly Comply with Company Information Security Guidelines Chinese version : https://www.hkcert.org/my_url/zh/guideline/20040303 切勿與他人共用工作裝置帳戶 確保工作環境的私隱 確保工作環境的資訊安全 確保連接的Wi-Fi的安全 保護數據 嚴格遵守公司資訊保安指引 Source: HKCERT.

[Audio] Appendix ALERT for PHISHING EMAIL Try this link  https://www.intesasanpaolo.com/login.

[Audio] Appendix. Appendix. ALERT for PHISHING EMAIL.

[Audio] Any Questions? What about physical security?.

[Audio] One more thing… Sign-in options User ID / Password PIN (7-8 digits) Biometric (face recognition) Daily life using PIN ATM card for banking services (i.e. cash, account transfer etc.) Mobile phone access *User ID/name not required Reference : Why a PIN is better than an online password.

[Audio] Thank You !. Thank You !.