The emerging battle between Cyber Defense and Cybercrime: How Technology is changing to keep Company and HR data safe

Size: px

Start display at page:

Download "The emerging battle between Cyber Defense and Cybercrime: How Technology is changing to keep Company and HR data safe"

Helena McKenzie
6 years ago
Views:

3 AGENDA BRIEF Update on Cyber Threat Landscape HR Involvement Solutions Q&A TM

4 Do we treat cybersecurity as: an IT duty? an Operations duty? or HR duty? TM

5 ecellar Systems, LLC

7 R.I.P. 201?

8 TM

9 If you have integrity,.nothing else matters. If you do NOT have integrity,.nothing else matters. TM

10 BUSINESS IMPACT EVOLUTION OF THE CYBER THREAT Impact of attacks growing as technology becomes more inter-connected Hig h Low Unsophisticated Attacks Exploration and Experimentation (Damage normally caused by accident) Hacks conducted for Notoriety 1987 Christmas Tree Exec Worm 1980s Network attacks Hackers Insecure codes Attacks with a Purpose Hackers identifying how to exploit weaknesses. Damage and Disruption done on purpose Distinction between Script Kiddies and Hackers develops Emergence of commercial internet (Web 1.0) Virus (1 st Polymorphic Virus Cryptoviralogy is born 1990s Data breach Cyber crime Malware Critical infrastructure attacks Identity theft Age of Hackers utilize as the delivery system for worms and viruses Criminal organizations start building infrastructure to exploit cyber crime. Most activity is web defacement/network breakins with limited data theft Web 2.0 Advent of BOT Attacks 2000s Cyber warfare RISE OF THE ELITE HACKER Cyber Crime becomes monetized. (Data sales and Ransomware) Widespread state sponsored attacks Hackers start utilizing tertiary networks to breach the target. Cyber Activism become commonplace 2010 Operation Aurora revealed June 2010 Stuxnet released Foreign state sponsored cyber espionage Cyber terrorism Mobile Threat Data is now mobile and connected devices are the target Commercial/Military UAVs Artificial intelligence Mobile payment Networked telematics Internet of things DDoS Mirai Botnet FUTUR E

11 Cybersecurity 2017 Trends 'Malware as a precision tool to breach an organization s defenses Ransomware Phishing

12 250 Volume of Spam In Excess of 205 Billion per DAY Q Q Q Q Q Q Q Q Q1 2017

13 Volume of Malware Million New Incidents Per DAY 1,000, , , , , , , , , ,

14 Cyber Crime Is Big Business for Hackers Easy and Profitable to Sell Data

16 Hacker Activity Past to Current Monetized their activity More sophistication Smaller organizations targeted

17 Cost to any organization of a cyber-attack can literally destroy a business.

18 Per-Record Data Breach Costs by Industry $450 $400 $ Healthcare $350 $300 $250 $200 $150 $123 Transportation $137 Energy $149 Industrial $154 Retail $200 Education $245 Financial $100 $ 50 $71 Public $ Ponemon Institute Cost of Data Breach Study

19 Cost / Profit from Crime Norton / Symantec Corp: July 2016 Global black market in marijuana, cocaine and heroin COMBINED: $288 billion Cost of global cybercrime: $388 billion and growing

20 Information from: 2016: 1,093 data breaches in U.S. (TRACKED) - almost half of World breaches 900,000,000 Records Stolen

21 Information from: Average consolidated cost of a data breach in 2016 was $17.36 million. Average small size company breach cost was $454,000

22 Information from: Minimum Cost of Breach: Small Company was $300,000 Medium size company was $6.7 million Large size company was $73.75 million

23 Economic cost and Reputational Costs are Significant.

24 Only 6% of Companies will Survive Longer than 2 Years after a Data Breach. Gartner Research

25 A FIREWALL AND ANTI- MALWARE SOFTWARE ARE NOT ADEQUATE PROTECTION!

26 You MIGHT be THINKING......But we have our IT guys protecting us

Re-active Cyber Security Works to: Detect Analyze

27 CRITICAL TO UNDERSTAND DIFFERENCES IT Department Break / Fix Install Software Keep machines working Re-active Cyber Security Works to: Detect Analyze Defend Proactive Your HR and IT Department s Best Friend

28 CRITICAL TO UNDERSTAND DIFFERENCES IT Department Cyber Security Break / Fix Install Software Keep machines working Re-active Prevents Bad Guys from: Gaining access to Company records Holding Company Hostage Your HR and IT Department s Best Friend

29 Nationally, the time elapsed from the initial breach to when the breach is detected exceeds 200 days - Accenture

30 Time from the detection of a new vulnerability by to client notification is under 24 Hours

31 The SOLUTION Military Grade Cyber Security Prevention and Protection The Alliance Network January 2016

32 Best Defense is often Prevention 85% of All Cyber Security Attacks Can be Stopped by Implementing 5 Cyber Security Tools

33 OUR SUITE of PRODUCTS Titanium Castle Nimble Feather Stonewall Aegis Razor Wire Picket Fence We assess and rank a company s vulnerabilities to hacking. This gives the Company s IT department the ability to fix these weaknesses. Remember the IT department can't fix what it doesn t know about. Your HR and IT Department s Best Friend

34 Cyber Security Protection

35 Cyber Security Protection Effective Security Strategies to Fortify and Thwart Threats

42 True Cyber Security Protection Defense in Depth

43 True Cyber Security Protection Protocol 46 Bitdefender Razor Wire Picket Fence PROTOCOL TRUE CYBER SECURITY 46 PROTECTION PROTECTION Nimble Feather Stonewall Aegis

44 COMPETITION OUR COMPANY ADVANTAGE AFFORDABILITY Ease of Use Plug and Play Reports Pull All Information Together

45 COMPETITION OUR COMPANY ADVANTAGE Military and 3 Letter Agency Cyber Security Expertise and Experience Fighting an A-Typical War

46 COMPETITION OUR COMPANY ADVANTAGE Our Solutions are PRO-ACTIVE rather than REMEDIAL

47 COMPETITION OUR COMPANY ADVANTAGE We get AHEAD of the Breach Not Clean up the Mess After

48 COMPETITION OUR COMPANY ADVANTAGE PRO-ACTIVE Multi device/sensor concept make us different / better than the competition All Protocol 46 tools work in concert to provide continuous scanning and multiple layers of proactive protection.

49 COMPETITION OUR COMPANY ADVANTAGE PRO-ACTIVE Our solutions are monitored and updated in response to the cyber threat-scape. Competitors or other products do not update, do not upgrade or have the ability to change like we do.

50 Do we treat cybersecurity as: an IT duty? An Operations duty? or HR duty? TM

51 Q and A

52 THANK YOU! Scott Schue (763) Chuck Standfuss (612)

Can you answer CYBER SECURITY CHECKLIST What is our plan to respond to a data breach? Are we adequately insured? How do we monitor our systems and prevent breaches?

Cybersecurity checklist Can you answer these questions about your business? Do our security goals align with business priorities?

53 Can you answer CYBER SECURITY CHECKLIST What is our plan to respond to a data breach? Are we adequately insured? How do we monitor our systems and prevent breaches? How often do we verify the effectiveness of our security? Is our security clear and consistent? Are third parties really securing our most valuable information? Cybersecurity checklist Can you answer these questions about your business? Do our security goals align with business priorities? How much is the issue of security integrated into your business? Do we have the basic rights for security measures? Have we identified and protected our most valuable processes and information? Do we treat cybersecurity as an IT, an Operations, or a HR duty?

54 Inventory of Authorized and Unauthorized Devices Inventory of Authorized and Unauthorized Software Secure Configurations for Hardware and Software Continuous Vulnerability Assessment and Remediation The one we don t do is: Controlled Use of Administrative Privileges

55 True Cyber Security Protection Effective Security Strategies to Fortify and Thwart Threats Bitdefender Razor Wire Nimble Feather Picket Fence Stonewall Aegis

56 Proud to be Veteran owned Over 150 years of Military Intelligence and Cyber Security Experience.

Service Provider View of Cyber Security. July 2017

Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through