ARMAGEDDON IS HERE: IDENTITY AND COMPUTER BREACHES

Slides:

Advertisements

Similar presentations

1 Cyber Insurance and IT Security Investment: Impact of Interdependent Risk Hulisi Ogut, UT-Dallas Srinivasan Raghunathan, UT-Dallas Nirup Menon, UT-Dallas.

Advertisements

MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.

Protecting Personal Information Guidance for Business.

Computer, Privacy, and Data Protection

KDE Employee Training. What IS a Data Breach? Unauthorized release (loss or theft) of Sensitive or Confidential Data, such as PII, PHI, etc. On site or.

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

Fine Tuned Machines Building a Strong Brand Image by Securing External Data Transmission A Review of Information Security in the Debt Collections World.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

1 An Overview of Computer Security computer security.

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

Identity-Theft is the fastest growing crime in America; 9.9 MILLION victims were reported last year, according to a Federal Trade Commission survey!

Discovering Computers 2010

[INSERT COMPANY NAME] Protecting Against Data Breach YOU ARE THE FIRST LINE OF DEFENSE Copyright 2010 Jackson Lewis LLP This sample training powerpoint.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Understanding Security Layers

Security and Privacy Strategic Global Partners, LLC.

Privacy and Information Management ICT Guidelines.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

Data Security Project PROJECT WRAP-UP Timeline – July 2011 through December 2012 Project Charge – Compile resources and best practices for the proper handling.

Internet Security Breach & Its Impact on Business Operations Kim Nguyen Manish Shirke Wa Mo Saravanan Velrajan.

Joel Rosenblatt Director, Computer and Network Security September 10, 2013.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Csci5233 computer security & integrity 1 An Overview of Computer Security.

Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network.

Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.

Katrine Evans: Current issues Key themes in enquiries and complaints “Privacy at work” Neil Sanson: Risk Data breach guidelines Data encryption Combining.

Government Agency’s Name April  At the end of this course, the learner will be able to: ◦ Define personally identifiable information ◦ List examples.

Government Agency’s Name April Identity Theft is when someone steals your personal information and uses it as their own, usually for some financial.

Cybersecurity Test Review Introduction to Digital Technology.

BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 3 OTHER DAMAGING THREATS.

Company Proprietary and Confidential Texas Association of Community Health Centers - Proprietary and Confidential Fourth and Goal: Score with Meaningful.

USDA 2016 Financial Management Training Transforming Shared Services Cyber Security Presented by Jack Blount.

Computer Security Keeping you and your computer safe in the digital world.

Computer Security and the “H” word Glen Klinkhart, CEO Mike Messick, CTO.

4 Reasons Website Monitoring Service is Mandatory for Online Success.

Protecting PHI & PII 12/30/2017 6:45 AM

Add video notes to lecture

Public Facilities and Cyber Security

Responding to Intrusions

Tax Identity Theft Presenter Date

Understanding Security Layers

Business Risks of Insecure Networks

Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.

Jack J. Bensimon Countering Identity Theft and Synthetic Identities:

Answer the questions to reveal the blocks and guess the picture.

Information Security: Risk Management or Business Enablement?

Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,

Robert Leonard Information Security Manager Hamilton

Cyber Security in the Mortgage Industry

Reporting personal data breaches to the ICO

Protecting Personal Information Guidance for Business.

Threat Landscape for Data Security

Security Agility: Creating a Multi-Disciplinary Framework

Chapter 1: Information Security Fundamentals

Objectives Telecommunications and Network Physical and Personnel

Understand Risks to IT Security

Chapter 1: Information Security Fundamentals

HIPAA Overview.

Confidentiality.

Policies and Procedures to Protect you, your Office and your Data

Presented by Elizabeth Kunkel Member Service Trainer

A Secret Service Perspective on Credit Card Fraud

PERSONALLY IDENTIFIABLE INFORMATION: AUDIT CONSIDERATIONS

Protecting Student Data

What is Cybersecurity Office of Information Technology

Information Security in Your Office

Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.

Presentation transcript:

ARMAGEDDON IS HERE: IDENTITY AND COMPUTER BREACHES

You Don’t Know What You Don’t Know There’s No Such Thing as Worthless Data The bad guys gather seemingly worthless bits of data to launch social engineering attacks or use a small piece of information to complete the attack puzzle Compromises Happen All of the Time Even to companies who take security seriously Even to companies who do everything reasonable It may not be YOUR data but it is YOUR responsibility to protect it

IT’S NOT JUST NORMA AND MIKE’S PROBLEM RICK assumes the risk for the loss of data IT protects the data to the identified risk level Data protection, breach prevention MUST be a joint operation for success

Breach Scenario

There is a Cost for a Compromise

Who are the Victims? 37% of breaches affected financial organizations 24% of breaches occurred in retail and restaurants 20% of network intrusions involved manufacturing, transportation, and utilities 20% of network intrusions hit information and professional services firms 38% of breaches impacted larger organizations 27 countries affected

Who Perpetrated the Breaches?

What Can I Personally Do? Only collect and use information that is absolutely necessary, and only share with those who absolutely need the information “Review and reduce”—inventory your PII and PII data flows, and look for ways to reduce PII Follow all Departmental policies and procedures Think before you hit the “send” button (E-mail is by far the #1 source of breaches) “Scramble, don’t gamble”—encrypt, encrypt, encrypt Minimize (or eliminate) the use of portable storage devices Protect PII on paper—enforce a clean desk policy, use secure shredding bins, locked cabinets, etc.

Questions?