Cyber Risk for. Small and Medium-Sized Enterprises (SMEs)

Similar documents
Cyber Attack: Is Your Business at Risk?

The Cyber War on Small Business

Cybersecurity and Nonprofit

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

Cyber Risks in the Boardroom Conference

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity

Cybersecurity The Evolving Landscape

Brian S. Dennis Director Cyber Security Center for Small Business Kansas Small Business Development Center

Managing Cybersecurity Risk

People risk. Capital risk. Technology risk

Data Breach Preparedness & Response

Data Breach Preparedness & Response. April 16, 2015 Daniel Nelson, C EH, CIPP/US Lucas Amodio, C EH

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

June 2 nd, 2016 Security Awareness

Jeff Wilbur VP Marketing Iconix

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

2017 RIMS CYBER SURVEY

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

Cyber-Threats and Countermeasures in Financial Sector

Cybersecurity Auditing in an Unsecure World

Cyber Insurance: What is your bank doing to manage risk? presented by

Potential business impact of cybercrime on small and medium enterprises (SMEs) in 2016 Survey report USA. October, 2016

CYBER INSURANCE MARKET WATCH SURVEY EXECUTIVE SUMMARY. October 2016

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

DATA BREACH NUTS AND BOLTS

Moving from Prevention to Detection March 2017

A Privacy and Cybersecurity Primer for Nonprofits Nonprofits in the Digital Age March 9, 2016

mhealth SECURITY: STATS AND SOLUTIONS

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

The Evolving Threat to Corporate Cyber & Data Security

Cyber Security Program

Have breaches declined since the massive Heartland Payments leak in 2008? What proportion of breaches are the result of hacking?

Sage Data Security Services Directory

Governance Ideas Exchange

Cybersecurity in Higher Ed

Cyber Security. The Question of the Day. Sylint Group, Inc. How did we come up with the company name Sylint and what does it mean?

DeMystifying Data Breaches and Information Security Compliance

Cyber security tips and self-assessment for business

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action

Nine Steps to Smart Security for Small Businesses

How will cyber risk management affect tomorrow's business?

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Security Audit What Why

Service Provider View of Cyber Security. July 2017

AIRMIC ENTERPRISE RISK MANAGEMENT FORUM

CYBER INSURANCE: MANAGING THE RISK

Choosing the Right Security Assessment

CyberEdge. End-to-End Cyber Risk Management Solutions

2017 Annual Meeting of Members and Board of Directors Meeting

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

Background FAST FACTS

Express Monitoring 2019

How to Prepare a Response to Cyber Attack for a Multinational Company.

Cyber and data security How prepared is your charity?

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Defensible and Beyond

DIGITAL ACCOUNTANCY FORUM CYBER SESSION. Sheila Pancholi Partner, Technology Risk Assurance

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

Database Auditing and Forensics for Privacy Compliance: Challenges and Approaches. Bob Bradley Tizor Systems, Inc. December 2004

IT risks and controls

REGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES. Dynamic Solutions. Superior Results.

CYBER RISK MANAGEMENT

The Cost of Denial-of-Services Attacks

The Data Breach: How to Stay Defensible Before, During & After the Incident

Mastering Data Privacy, Social Media, & Cyber Law

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

ASSESSMENT LAYERED SECURITY

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

Robert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group

Keys to a more secure data environment

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

HIPAA COMPLIANCE WHAT YOU NEED TO DO TO ENSURE YOU HAVE CYBERSECURITY COVERED

Preparing for a Breach October 14, 2016

Security Awareness Training Courses

Information Security Is a Business

Cybersecurity and Hospitals: A Board Perspective

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Cyber Security Incident Response Fighting Fire with Fire

Changing the Game: An HPR Approach to Cyber CRM007

Cyber Liability Preventive Services & Tools Specific & Pre-Emptive Considerations BEFORE the Inevitable Cyber Event.

Leveraging Best Practices to Determine your Cyber Insurance Needs. Sector Conference, Toronto November 2017

Cybersecurity, safety and resilience - Airline perspective

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Cyber Security Audit & Roadmap Business Process and

BHConsulting. Your trusted cybersecurity partner

Introduction to Information Security Management

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA

Cybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls

EXECUTIVE SUMMARY JUNE 2016 Multifamily and Cybersecurity: The Threat Landscape and Best Practices

Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS

An ICS Whitepaper Choosing the Right Security Assessment

Emerging Technologies The risks they pose to your organisations

Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

Incident Response Services

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Transcription:

R

Cyber Risk for Small and Medium-Sized Enterprises (SMEs) Presenters: Jing Guo, Junyi Yang 09/09/2016

New York Times Headlines: No business too small to be hacked Rokenbok Education 7 employees Restructure Their Entire Business and IT System

Presentation Flow Chart Key Findings Cyber Risk for SMEs Perception V.S. Reality Challengers for Insurance Carriers Cyber Insurance for SMEs Actions & Challenges for SMEs Monitoring Key Tracking Findings and Process Cyber Risk for Conclusion SMEs

Key Findings Cyber risk - A Real and Growing Concern for SMEs SMEs: cyber risk management SMEs vary by business sector

What is Cyber Risk for SMEs? Operational Risk Four Categories: Attacks on Physical Systems Authentication & Privilege Attacks Denial of Service Malicious Internet Content

The Perception V.S. The Reality Perception Reality Too Insignificant Large Businesses are more Targeted HALF SMEs are Victims

The Perception V.S. The Reality Perception Reality Inadequate Resources Applied Appropriate Security Protocols Less Time & Money Devoted Have no data security policies

The Reality Continuous - Business Impact 93% of SMEs that suffered a cyber breach have had an impact on their business 60% of SMEs will be out of business within 6 months of a cyber attack In General, Cyber Impact Cost Increased 238% from $8,700 (2013) to $20,700 (2014)

The Reality Continuous - Business Impact Reputation Damage Loss of Clients Ability to Operate Loss of Money/Savings

The Reality Continuous - Business Impact Time to Recover

Actions to Reduce Cyber Risk A Formal Password Policy Weak Password Writing Down Instead of Memorizing Frequently Changed

Actions to Reduce Cyber Risk Providing Proper Training to the Employees 75%: Social Media Usage Restriction on Internet Access Regulate usage of external equipments (e.g USB)

Actions to Reduce Cyber Risk Monitoring their IT Network Store their data online Timely Actions Access

Actions to Reduce Cyber Risk Conduct IT system security test Operation security is up to date Establish a cyber incident response team/plan

Challenges for SMEs Complexity of Cyber Risk Difficult for SMEs to fully understand

Challenges for SMEs Operational Risk Four Categories: Attacks on Physical Systems Authentication and Privilege Attacks Denial of Service Malicious Internet Content

Challenges for SMEs SMEs Vary by Business Sector

Challenges for SMEs Countless Cybersecurity Options But No Guidance Antivirus Software Cybersecurity Consultants Cyber Insurance/ Broker

Cyber Insurance SMEs Less than 3% of SMEs Have Cyber Insurance Large Businesses 40% of Large Businesses Have Cyber Insurance

Cyber Insurance (First-Party Coverage) Physical Asset Damage Business Loss & Client Loss Business Interruption Recovery of Data & System State-Sponsored & Forensic Cost Terrorists Cyber Attacks Theft Response Cost

Cyber Insurance (Third-Party Coverage) Bodily Injury Reputational Liability Third-Party Asset Damage Third-Party Privacy Liability Privacy Liability Regulatory Fines & Penalties

Challenges for Insurance Carriers Need to be customized by business sector Need to be easily accessible with clearly defined benefits and coverage levels The underwriting process needs to be streamlined Need to be affordable and comprehensive

Monitoring and Tracking Cyber Risk Costs Database Monitoring Update Frequently Predictive Model

Conclusion and Next Steps Cyber Risk is underestimated by SME owners Actions can be taken initially but individual SME cannot manage all of their cyber risk

Conclusion and Next Steps Cyber insurance for SMEs is not well-developed Cyber Insurance needs to be customized by needs Develop a monitoring and tracking process The Goldenson Center for Actuarial Research

Q&A Team Members: Jay Krutiak: jay.krutiak@uconn.edu Jing Guo: jing.guo@uconn.edu Junyi Yang: junyi.yang@uconn.edu Project Manager: Niu Gao: Niu.Gao@uconn.edu Project Director: Jeyaraj Vadiveloo: Jeyaraj.Vadiveloo@uconn.edu

Q&A Team Members: Jay Krutiak: jay.krutiak@uconn.edu Jing Guo: jing.guo@uconn.edu Junyi Yang: junyi.yang@uconn.edu Project Manager: Niu Gao: Niu.Gao@uconn.edu Project Director: Jeyaraj Vadiveloo: Jeyaraj.Vadiveloo@uconn.edu

Q&A

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback