DIGITAL ACCOUNTANCY FORUM CYBER SESSION. Sheila Pancholi Partner, Technology Risk Assurance

Transcription

1 DIGITAL ACCOUNTANCY FORUM CYBER SESSION Sheila Pancholi Partner, Technology Risk Assurance

2 Section 1: The background

3 World s biggest data breaches 10 years ago accidentally published hacked inside job lost/stolen device or media Poor security Source: Information is Beautiful

4 World s biggest data breaches now accidentally published hacked inside job lost/stolen device or media Poor security Source: Information is Beautiful

5 Why the increase in risk? Big Data & Analytics Increase in... Wearable Technology Connectivity Access points Remote access Mobile Working Personal information Data sharing The Cloud Internet of Things Internet Transactions Social Media

6 Reported cyber breaches, 2017 The extent of the (reported) problem 53,000 incidents 2,216 confirmed breaches 73% Perpetrated by outsiders 49% non PoS installed via

7

8 The challenges some recent comments Why would anyone want to attack our organisation? We do not know what our most critical information assets are in our organisation. We have our networks well protected by good technology We know we have already been attacked but do not know how best to respond and recover effectively. We do not know what good cyber resilience looks like for our organisation Our current information/cyber security training is ineffective in driving new behaviour's across the organisation.

9 The motives Financial incentive theft and extortion Nation-sponsored cyber espionage Competitive advantage Reputation Data incentive Hacking for a cause Leading to financial and data loss, loss to reputation etc.

10 The culprits STATE- SPONSORED ATTACKERS HACKTIVISTS CYBER TERRORIST / SYNDICATES INDIVIDUALS National basis Hacking for a cause Modern form of terrorism Personal gain

11 Types of attacks Insider attacks Phishing and whaling Vulnerability attacks Ransomware

12 How easy is it?

13 Internet forum Forged qualification Became a pilot

14

15 Your cyber footprint Services provided ITC Services consumed Entity Cyber boundary entity 4 Cyber boundary entity1 Real cyber boundary Services engaged Third Parties Cyber boundary entity 3 Cyber boundary - ITC Cyber boundary entity 2 External threats Services engaged Cloud

16 Question: Would you recognise a malicious ?

17 What is phishing and whaling? Phishing Targeting many individuals, mainly with blanket e- mails, and hoping that some will follow links, open attachments, reply with information, or transfer funds Whaling Targeting a small group of individuals with significant data access (often disguised as a manager/ceo) and requesting personal information, bank details changes, or a large funds transfer

18 Malicious content - ransomware

19 Example Gained entry into an employee's computer through 'spear phishing infected it with malware called Carbanak. Sent authentic-looking s from his account that other staff clicked on, spreading the malware through the bank. Found the administrator account for the CCTV equipment They used the CCTV to record everything that happened on the screens of staff who serviced the cash transfer systems. They mimicked the activity of these staff activity in order to transfer money out.

20 What action can you take?

21 Preparedness for response to a data breach event. Calling on experts with years of experience across industry to advise and guide. Physical security and cyber security are on the same continuum Cyber Maturity Roadmap IT & data assets are built in to a corporate risk register IT security has direct representation in to C-Suite. Industry leading frameworks used as a foundation, not be-all, end-all to manage risks. Metrics appropriate to the organisation defined and monitored. Risk based: How much risk can you reduce or offset? How much residual risk are you prepared to accept?

22 Questions to know the answer to Where is my data? Where does it go? Who has access to it? How is it used?

23 Why transform to cyber maturity Forward thinking, anticipating trends and threats Financial penalties of losing customer data Cyber maturity = competitive advantage in marketplace

24 What does good look like? Triple security lock CYBER SECURITY STRATEGY assess technology risk profile security on board agenda update cyber control framework EMPLOYEE EDUCATION make staff aware of cyber risks and how to respond test effectiveness of your cyber awareness programmes formal cyber incident management process THIRD PARTY ASSURANCE check security measures third parties have to protect data secure links between your organisation and third parties ensure third parties conform with your policies and procedures

25 Further information Some useful sites Action Fraud - UK Cyber Security Forum - Information Security Forum - National Crime Agency - Cyber UK -

26 Questions and answers? Whilst every care has been taken to ensure that the information provided in this presentation is as accurate, complete and timely as possible, no complete guarantee, assurance or warranty can be given with regard to the advice and information contained herein.