Robert Giannini GiaSpace MSSP Cyber Security 2017 Robert Giannini GiaSpace MSSP

1998 - Inc 2004 - MSP 2007 - Cloud 2010 SBA 8(a) 2013 – Inc 5000 GiaSpace was started in 1998 and as since then we have evolved with the Technology. Since 2013 we have been receiving recognition from our Industry and included in INC 5000. 2013 – Inc 5000 2013 – MSP #485 2014 – Inc 5000 2016 – MSP #185

Our Clients come from all verticals and sizes

Has anyone in this room or know someone that had: Ransomware where they were asked to pay to get their files back? A data breach where someone had access illegally to the network? Email account compromised? Received an email from someone internally to wire money? Clicked an attachment that caused harm to the pc/mac?

Has your email been compromised? https://haveibeenpwned.com/

IOTs Search engine, lists all open devices on the web… https://www.shodan.io/

http://www.giaspace.com/ransomware-checklist/

It is projected that mobile phone malware attacks will increase over this year. Do you have Antivirus on your phone? You are not alone, most don’t ..

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military information. Social Engineering Email from a friend. If a criminal manages to hack or socially engineer one person’s email password they have access to that person’s contact list–and because most people use one password everywhere, they probably have access to that person’s social networking contacts as well. Once the criminal has that email account under their control, they send emails to all the person’s contacts or leave messages on all their friend’s social pages, and possibly on the pages of the person’s friend’s friends. https://gtreasury.com/whitepapers/cybersecurity-a-view-from-where-i-sit/

This just came in as I am putting together this presentation…. Emails are getting more clever and engineered to your business This just came in as I am putting together this presentation….

Ransomware attacks quadrupled in 2016, expected to double again in 2017 The number of ransomware attacks quadrupled in 2016 and are expected to double again in 2017, according to findings in a report from large insurer Beazley. They suggested that organizations appear to be particularly vulnerable to attacks during IT system freezes, at the end of financial quarters and during busy shopping periods.

Insurer Slapped with $2.2 Million HIPAA Settlement HHS Cites Company's Missteps in Wake of Small Breach In the final days of the Obama administration, the Department of Health and Human Services has issued its second HIPAA enforcement action for 2017. HHS' Office for Civil Rights has entered a $2.2 million settlement with a Puerto Rican insurance company in the wake of its investigation of a 2011 breach involving a stolen unencrypted USB drive that affected only about 2,000 individuals.

Yahoo Takes $350 Million Hit in Verizon Deal Yahoo's data breach misfortunes carry a steep price. The search giant's acquisition by Verizon Communications will go ahead, but the original $4.8 billion purchase price agreed to in July 2016 will be discounted by $350 million, the companies say. Three massive data breaches - one disclosed in September 2016 and two in December 2016 - after hammering out the acquisition deal. Those breaches collectively compromised more than 1 billion accounts, sometimes more than once.

LinkedIn, MySpace Within the space of two weeks in May, a hacker called Peace posted data on the dark web to sell, which allegedly included information on 167 million LinkedIn accounts and, in the following week, 360 million emails and passwords for MySpace users. The LinkedIn leak expands on the 6.5 million encrypted passwords that were posted after a LinkedIn breach in 2012. Motherboard first reported the data leaks. The credentials, which included user names, passwords and emails, were largely from former breaches, according to LeakedSource, a paid hacked data search engine.

21st Century Oncology In March, 21st Century Oncology, a Fort Myers, Fla.-based cancer care provider, announced that a data breach had exposed the information of 2.2 million patients based across all 50 states and internationally. Hackers broke into a company database in October, the company said, accessing personal information of patients, including names, Social Security numbers, physician names, diagnosis, treatment data and insurance information. The company said it had "no indication that the information has been misused in any way."

Careless Licking Gets A Nasty Ransomware Phising Infection: 1,000+ Machines Down More than 1,000 government computer systems shut down. A county in Ohio, US, has had to shut down its entire IT infrastructure due to a ransomware infection. County Auditor Mike Smith found a bright side on an otherwise gloomy day.  "Apparently, our clock still works."

Ransomware Infection Causes Loss of 8 Years Of Police Department Evidence The Police Department in Cockrell Hill, Texas released in a press release that they lost 8 years worth of evidence after the department's server was infected with ransomware.

Small, mid-sized businesses hit by 62% of all cyber attacks http://www.propertycasualty360.com/2015/05/27/small-mid-sized-businesses-hit-by-62-of-all-cyber Healthcare, financial services including insurance, most vulnerable As a SMB, there are a few main basics you need to focus on to protect your business: Educate your employees Know what data needs protection and then protect it Let software and services help Know your vendor’s networks that have access to your network Quickly and clearly communicate breach details to affected parties Revisit your business’ security practices HAVE A NETWORK ASSESMENT ON YOUR NETWORK TO IDENTIFY RISKS

Thank you for listening this morning Thank you for listening this morning. I would like to give you a copy of the Ransomware Rescue Checklist. http://www.giaspace.com/ransomware-checklist/