Moving from Prevention to Detection March 2017

Transcription

1 Moving from Prevention to Detection Le Tran Hai Minh Manager Cyber Security 29

2 Agenda Slide Cyber Security Statistics 3 How to Stay Confidence 8 Contact 19 2

3 Cyber Security Statistics 3

4 Cyber Security Crime Statistics Top cyber threats in 2016 In Q alone, 18 million new malware samples were captured (Source: Panda lab) More than 4,000 ransomeware attacks have occurred everyday since the beginning of 2016 (Source: FBI report) The amount of phishing s containing a form of ransomware grew to 97.25% during Q3 2016, up from 92% in Q (Source: Phisme) (Source: Keepersecurity) 4

5 Cyber Security Crime Statistics 60% Of Hacked SMBs Are Out Of Business 6 Months Later Lloyd s of London Inga Beale, CEO of Lloyd's Reputational damage is usually the thing that's most difficult to quantify" Recent Lloyd's of London data revealed that 92 percent of businesses asked had experienced a breach, Inga Beale, CEO of Lloyd's, told CNBC's Squawk Box. "Apart from businesses in the U.S., there is not a lot of take up of cyber insurance," Beale detailed, despite the problem "affecting almost every single business because of technology these days. With regards to the cost of insurance premiums, "reputational damage is usually the thing that's most difficult to quantify," Beale added. But, she said that by taking out cyber insurance, firms can essentially "limit (their) share price reduction by the action (they) take." Responding appropriately to an attack includes liaising with PR companies and crisis management firms, Beale said. Beale asserted that Lloyd's of London considered itself global market leader in the cyber insurance space, with percent of market share. Evaluating "new risks" was the "essence" of the company 92% 92 percent of European businesses have experienced cyber breaches 5

6 SMEs become favorite targets 1. SMEs an easy target: Limited finance, human, technology 2. SMEs are potentially easy targets due to not being equipped with advanced technologies and lower employees awareness to prevent and resolve attacks on real-time 3. SMEs believed they are not big or important enough to be a target to hackers 4. A compromised SME can be the stepping-stone to attack large organizations 6

7 Major Data Breaches 1. SMEs an easy target: Limited finance, human, technology 2. SMEs are potentially easy targets due to not being equipped with advanced technologies and lower employees awareness to prevent and resolve attacks on real-time 3. SMEs believed they are not big or important enough to be a target to hackers 4. A compromised SME can be the stepping-stone to attack large organizations 7

8 How to Stay Confidence 8

9 How to Make Your Business More Cyber Resilient When are we going to be hacked? People Small and medium-sized enterprises Cyber Risk Awareness training. Most cyber breaches happen because an employee does something that they aren t supposed to do. SMEs believed they are not big or important enough to be a target to hackers: Process Be prepared. Create a business continuity and incident response plan, and test it. Technology Hygiene IT environment, Network security, Malware protection, Managing User Priviledges 9

10 Balance between Prevention and Detection Identity and Account Management (IAM) Advanced authentication technologies boost consumer confidence in their security and privacy capabilities, as well as enhance the customer experienceand protect brand reputation... Security Orchestration and Automation A method of connecting security tools and integrating disparate security systems. It is the connected layer that streamlines security processes and powers security automation. User Behavior Analytics (UBA) UBA solutions look at patterns of human behavior, and then apply algorithms and statistical analysis to detect meaningful anomalies from those patterns anomalies that indicate potential threats. Endpoint Detection and Response (EDR) Technology A comprehensive, proactive endpoint security solution designed to continuous monitor for incidents on hosts and endpoints. 10

11 Threat Detection Tools and Process in place, 2016 Source: s Global State of Information Security Survey

12 Other Solutions to Protect Businesses from Cyber Risks Companies focus should remain on core business and growth, Cloud is a perfect security solution to quickly identify and respond to threats. 12

13 Business Functions Run in the Cloud 63% 36% IT Operations 32% 34% 34% Finance Marketing & Sales Customer Service Source: s Global State of Information Security Survey

14 Other Solutions to Protect Businesses from Cyber Risks (cont.) Companies focus should remain on core business and growth, Cloud is a perfect security solution to quickly identify and respond to threats. MSSP (Managed Security Service Provider) provides outsourced monitoring and management of security devices and systems. 14

15 Increasing of Managed Security Service Provider use 63% Run IT function in the Cloud 60% of financial firms use managed security services for authentication and real-time monitoring and analytics 62% Use managed security services for cyber security 57% Employ biometric for authentication 53% Use open-source software 51% Employ Big Data analytics for cyber security 46% Invest in a security strategy for the IoT Source: s Global State of Information Security Survey

16 Other Solutions to Protect Businesses from Cyber Risks (cont.) Companies focus should remain on core business and growth, Cloud is a perfect security solution to quickly identify and respond to threats. MSSP (Managed Security Service Provider) provides outsourced monitoring and management of security devices and systems. What can t be protected, can be insured. Businesses need to consider Cyber insurance. 16

17 Cyber Insurance The Last Line of Defense Cyber liability insurance cover can include: Data breach/privacy crisis management cover: the investigation, the remediation, data subject notification, legal costs, court attendance and regulatory fines. Multimedia/Media liability cover: defacement of website and intellectual property rights infringement. Extortion liability cover: professional fees related to dealing with the extortion. Network security liability: damages as a result of denial of access, and costs related to the theft of data on thirdparty systems. Source: The Insurance Insider 17

18 Key Takeaways When will we be hacked? be prepared It s time to move from Prevention to Detection Consider out sourced solutions Cloud, MSSP 18

19 Contact us Robert Trong Tran Director +84 (8) Ext Le Tran Hai Minh Manager +84 (4) Ext

20 Thank you! WARNING: The following disclaimer and copyright notices must be customised for your local territory - if you need assistance with appropriate wording, contact your local Risk Management or Office of General Counsel. This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, [insert legal name of the firm], its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it [insert legal name of the firm]. All rights reserved. In this document, refers to [insert legal name of the firm] which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.