Considerations for Cybersecurity and Data Security in Today’s World

Slides:

Advertisements

Similar presentations

Travelers CyberRisk for Insurance Companies

Advertisements

Ethics, Privacy and Information Security

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

OWASP Principles for GIS Data Security Keeping your GIS data secure.

Security Controls – What Works

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

Information Security Technological Security Implementation and Privacy Protection.

Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

Did You Hear That Alarm? The impacts of hitting the information security snooze button.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Case Study: Department of Revenue Data Breach National Association of State Auditors, Comptrollers and Treasurers March 21, 2013.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.

Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.

Security in ERP Systems By Jason Rhodewalt & Marcel Gibson.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Chap1: Is there a Security Problem in Computing?.

Friday, October 23, Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director.

Cybersecurity Risk, Remediation, Response Nathan Gibson, CCE, CEH.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.

Security Mindset Lesson Introduction Why is cyber security important?

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)

Risk Management Dr. Clive Vlieland-Boddy. Managements Responsibilities Strategy – Hopefully sustainable! Control – Hopefully maximising profits! Risk.

Stopping Attacks Before They Stop Business

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

Your Partner for Superior Cybersecurity

The time to address enterprise mobility is now

3 Do you monitor for unauthorized intrusion activity?

Cyber Security Zafar Sadik

Cybersecurity - What’s Next? June 2017

Case Study - Target.

Comprehensive Security and Compliance at an Affordable Price.

Team 1 – Incident Response

Data Minimization Framework

Gift Card Risk Mitigation – Presentation A

Security Standard: “reasonable security”

THR2099 What to do BEFORE all hell breaks loose: Building a modern cybersecurity strategy.

Introduction to a Security Intelligence Maturity Model

Managing a Data Breach Prevention-Detection-Mitigation

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.

Dissecting the Cyber Security Threat Landscape

Forensics Week 11.

Information Security: Risk Management or Business Enablement?

Data Security Team 1.

Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,

Company Overview & Strategy

Data Privacy and Breaches

Cyber Security in the Mortgage Industry

Cyber Issues Facing Medical Practice Managers

Understanding Security Layers

Cybersecurity compliance for attorneys

How to Mitigate the Consequences What are the Countermeasures?

Protecting Your Company’s Most Valuable Asset

Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino

Protecting your data with Azure AD

Cyber Security in a Risk Management Framework

Who am I?. Information Security and You: Identity Theft and Credit Card Encryption.

Company Name | Phone Number | Website | Address

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

OU BATTLECARD: Oracle Identity Management Training

What is Cybersecurity Office of Information Technology

Anatomy of a Common Cyber Attack

Presentation transcript:

Considerations for Cybersecurity and Data Security in Today’s World ACIL Education Series Presented by | Darrell Laffoon March 25 – 30, 2019 Washington, DC

Can you survive a breach? Do you know that you are in the ring What is your plan And then what?

Fundamental Questions What are cybersecurity and data-security risks? How can you protect your cyber and data assets

What are cybersecurity and data-security risks?

Information Security – Protecting your Most Valuable Asset MVA Workforce Data Second & Third party Customer Data Partner Data Research Data Company IP “Data is the new oil.” — Clive Humby Clive Humby – data scientist cybersecurity preventative methods used to protect digital information and assets from being stolen, compromised or attacked data-security is a set of standards and technologies that protect data from intentional or accidental destruction, modification or disclosure.

Cybercrime is BIG BUSINESS $1200 $300 $20 $11 $4 Black Market Value Personal Information What is your research and results worth? What about other IP? Visa or MasterCard Date of Birth Medical Insurance Bank Account Complete Identity

The New Oil Fields… 2018 Data Breaches 500 million Starwood guest reservation database was compromised, including name, address, phone number, date of birth, gender, email address, passport number, and Starwood’s rewards information. Under Armour confirmed a breach that impacted 150 million MyFitness Pal users. Usernames, email addresses and hashed passwords were among the information exposed. 92 million MyHeritage users were exposed in a data breach event after a data file containing MyHeritage user login credentials was found on a private server. Nearly 87 million Facebook user accounts were compromised after hackers took control of approximately 50 million accounts plus an additional 40 million accounts that may have been accessed. 60 million Email address, username, user ID, account number, street address, phone number, authorized users, mailing campaign data, real time tracking data. A hack by an unauthorized party lead to a data breach at Ticketfly that affected 26 million user names, addresses, email addresses and phone numbers. Government Payment Service leaked personal information of more than 14 million customers including names, addresses, phone numbers, and partial credit card data. Do you think these guys had a plan?

58% Don’t recognize they are a target Lower InfoSec Budgets SME’s are targets too Don’t recognize they are a target Lower InfoSec Budgets Lack cybersecurity skillsets Easier to infiltrate 58% Verizon – 2018 Data Breach Investigations Report

- Robert Mueller - FBI Director “ There are only two types of companies: those that have been hacked, and those that will be. - Robert Mueller - FBI Director

Accept and understand that you are at Risk Top Risks Human Error Hacker Extortion Hactivism Espionage https://www.travelers.com/resources/cyber-security/top-5-cyber-risks-for-businesses

How can you protect your cyber and data assets?

Information Security Hygiene CIA Triad Confidentiality Integrity Availability Constant & Evolving Threats Layered Security Continuous PDM Cycle Top level information protection and privacy controls are an absolute necessity

Layered Security – Prevent, Detect & Manage Data Application Host Network Physical/Enterprise PDM Controls Prevent Detect Manage Reduce the attack surface

Information Security Plan 4/3/2019 Information Security Governance The goal is to meet and exceed the strictest policies and controls Enterprise Wide Security Policies Security Committee Industry Standards/ Best Practices Compliance & Certification 3rd Party Auditing, Testing Strict Role Based Access Control Strict Change Management Disaster Recovery/BCP Training & Education Standards & Best Practices 3rd Party Certifications Job #1 - 24/7 x 365 Defense in Depth & Breadth Principle of Least Privilege Multi-Factor Authentication Secure Profile Triple Layer Encryption Independent Testing & Verification Threat Assessment & Response Independent Auditors & Testing Partner Security Assessments

“ Football is two things. It’s blocking and tackling. I don’t care about formations or new offenses or tricks on defense. You block and tackle better than the team you’re playing, you win. – Vince Lombardi

Protect yourself, your employees, your customers and your business Information Security 101 Protect yourself, your employees, your customers and your business Prevent Leverage cloud and vendor to reduce attack surface Detect – Practice good information hygiene and secure all digital assets - Proactively identify, monitoring, test, and verify – Mitigate risk, prepare and plan, and respond quickly Leverage cloud and vendor services to reduce your attack surface Seek guidance from cybersecurity experts to assess cyber risk and develop strategic plans to minimize exposures Manage Seek guidance from cybersecurity experts