June 2 nd, 2016 Security Awareness

Similar documents
Security & Phishing

Personal Cybersecurity

Cybersecurity The Evolving Landscape

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Cyber Insurance: What is your bank doing to manage risk? presented by

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Altitude Software. Data Protection Heading 2018

How Breaches Really Happen

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Cyber-Threats and Countermeasures in Financial Sector

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Cybersecurity and Nonprofit

CYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW

Cyber Security. Our part of the journey

Maximum Security with Minimum Impact : Going Beyond Next Gen

Cyber Security Updates and Trends Affecting the Real Estate Industry

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

716 West Ave Austin, TX USA

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Data Breach Preparedness & Response

Data Breach Preparedness & Response. April 16, 2015 Daniel Nelson, C EH, CIPP/US Lucas Amodio, C EH

Cybersecurity and Hospitals: A Board Perspective

2017 Annual Meeting of Members and Board of Directors Meeting

ANATOMY OF AN ATTACK!

Compliance vs Competence: Cyber Security Management for Data Centers. Dr. Suku Nair University Distinguished Professor and Chair, SMU

Cybersecurity Auditing in an Unsecure World

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Governance Ideas Exchange

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

The Cyber War on Small Business

Cyber Security Risk Management and Identity Theft

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

Cyber Attack: Is Your Business at Risk?

How will cyber risk management affect tomorrow's business?

Moving from Prevention to Detection March 2017

with Advanced Protection

Service Provider View of Cyber Security. July 2017

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

Defense in Depth. Constructing Your Walls for Your Enterprise. Mike D Arezzo Director of Security April 21, 2016

Caribbean Cyber Security: Not Only Government s Responsibility

A Simple Guide to Understanding EDR

Security Audit What Why

KnowBe4 is the world s largest integrated platform for awareness training combined with simulated phishing attacks.

PEOPLE CENTRIC SECURITY THE NEW

Understanding the Changing Cybersecurity Problem

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Defensible and Beyond

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

AKAMAI CLOUD SECURITY SOLUTIONS

The emerging battle between Cyber Defense and Cybercrime: How Technology is changing to keep Company and HR data safe

News Flash: Some Things Actually Do Work in Security!!!

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

CYBER SOLUTIONS & THREAT INTELLIGENCE

Evolution of Spear Phishing. White Paper

Incident Response. Tony Drewitt Head of Consultancy IT Governance Ltd

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity

2016 Tri-State CF Partnership Webinar Series. Cyber Crime Trends a State of the Union April 7, 2016

MODERN DESKTOP SECURITY

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

DIGITAL ACCOUNTANCY FORUM CYBER SESSION. Sheila Pancholi Partner, Technology Risk Assurance

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

HOSTED SECURITY SERVICES

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Unified Communications Phase 2 Presentation to IT Services Users Group

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

AT&T Endpoint Security

Copyright 2011 Trend Micro Inc.

ID Theft and Data Breach Mitigation

Changing the Game: An HPR Approach to Cyber CRM007

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Défense In-Depth Security. Samson Oduor - Internet Solutions Kenya Watson Kamanga - Seacom

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

Cyber Risk for. Small and Medium-Sized Enterprises (SMEs)

Cyber Risks in the Boardroom Conference

COMPLETING THE PAYMENT SECURITY PUZZLE

Expanding Cyber Security Management for Critical Infrastructure

Preparing for a Breach October 14, 2016

Cybersecurity Today Avoid Becoming a News Headline

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

Internet of Things Toolkit for Small and Medium Businesses

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Panda Security 2010 Page 1

Protect Your Institution with Effective Cybersecurity Governance. Baker Tilly Virchow Krause, LLP

Achieving End-to-End Security in the Internet of Things (IoT)

Legal Issues Surrounding the Internet of Things and Other Emerging Technology

Cybersecurity Session IIA Conference 2018

ISACA West Florida Chapter - Cybersecurity Event

CYBER INSURANCE: MANAGING THE RISK

A CFO s Guide to Cyber Security in the Coming Year

Keys to a more secure data environment

Transcription:

June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down

Protecting People, Property and Business Assets Goal for Today Current Security Landscape The Impact of Data Breach or Data Loss Raise everyone s overall awareness Security risks Techniques to reduce risk Changes in Strategy What we should and can be doing?

Security is a Growing Concern The AV-TEST Institute registers over 390,000 new malicious programs every day https://www.av-test.org

Then Organizational Risk Now Malware has Changed Then Low Business Impact Less Sophisticated Targeted PC s Now High Business Impact High Sophistication Targets Data High Visibility Low

Active malware trends over the last 10 years Security is a Growing Concern

The Impact of Data Breach or Data Loss Organizational ability recover Brand damage Associated Costs

The Impact of Data Breach or Data Loss

In 2015 FBI Received 2,500 Ransomware attack complaints costing victims $24M The first 3 months of 2016 Ransomware Attacks have cost victims $209M Source NBC News

Attackers Evolve, Adapt and Accelerate Dark markets and services grow New targets emerge (IoT, Cars etc.) Attacks will drive down the technology stack Data Apps Operating Systems Firmware Hardware Ransomware and CEO email fraud rises

Phishing 80% of Infections stem from massive e- mail attacks Phishing vs Spear Phishing Attackers are aware of 3 rd party relationships between large targets and smaller service providers

Spear Phishing

Spear Phishing

Phishing

Phishing

Phishing 5/12/2016

Services for sale

Need a credit card?

Cyber Criminals Offer Custom Built Ransomware and Hacking Services

Another Scary Fact

Background Security goes back as far a man kind.

The Traditional Approach to Security Antivirus Firewall Internet

Early Defense in Depth

Defense in Depth Example Antivirus & Antimalware Firewall Antivirus Antispyware Intrusion Prevention Internet

Defense in Depth The idea behind Defense in Depth is to defend your data and systems against any particular attack, using several independent methods Perimeter Internal Network Endpoint Firewall CGSS IPS Policies Access Rights Monitoring Antivirus Anti Malware Cloud Security

Why is all this important?

The United States is the most targeted country in the world. Fireeye Cyber Threat Map

Who are we trying to protect from? Nation States Insiders Organized Crime Other Companies Thrill Seekers Notoriety Political Activists

How do they do it? Poorly configured systems using default passwords and settings which are weak Exploit known vulnerabilities which are easy to find Metasploit CGE (Cisco Global Exploiter) Password cracking tools to break weak passwords Social engineering / Email Planting infection in web sites Real examples

Tools and Techniques Summary Train Network Users to have a healthy level of skepticism Keep Software up to date Least privileged access Encrypt Data in transit & on mobile devices Segment & Isolate Networks Documented and Tested DR Plan Regular tests/auditing to ensure measures are effective Data Loss Protection tools

Summary Seek an optimal balance of Risk/Cost Understand what we are protecting Treat security as on going concern Not a set it and forget it Ongoing Security Awareness Training

Will Anyone Out There Take on the Rest of My Risk?

Why Cyber/Privacy Breach Liability Insurance? Both the federal government, and each of the 50 states, impose certain actions upon persons/entities/businesses/agencies who maintain personal information on systems or computers in the event of a breach or suspected breach. Certain actions could include written notice to all impacted individuals, purchase of individual identification protection for 1 year ( Lifelock ), credit report monitoring for each impacted individual, and monetary responsibility for financial losses to the impacted individuals. There is NO insurance coverage for any of these items absent a cyber/privacy breach liability policy. The existence of statute and the absence of insurance creates an unfunded potential liability.

What Perils Will Cyber/Privacy Breach Liability imposed by statute Regulatory defense and penalties PCI fines and expenses Insure For? Notification of Individuals expenses Legal services/crisis management/public relations services. Cyber extortion Specific coverage parts can be bought ala carte or are offered as a bundle depending on specific need.

What Perils will Cyber/Privacy breach NOT Insure for? Failure to perform professional duties in a satisfactory manner. (Ex: systems designs, software build). Loss of digital assets (data). Loss of revenue (unless specifically added to the cyber policy). First party theft of money/securities.

THANK YOU TO OUR SPONSORS!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback