Cyber Insurance for Data Breaches Márk Félegyházi Laboratory of Cryptography and System Security (CrySyS Lab) Department of Telecommunications Budapest.

Slides:



Advertisements
Similar presentations
Célzott informatikai támadások napjainkban Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology.
Advertisements

Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?
Payment Card Industry Data Security Standard AAFA ISC/SCLC Fall 08.
ISACA January 8, IT Auditor at Cintas Corporation Internal Audit Department Internal Security Assessor (ISA) Certification September 2010 Annual.
What we all need to know. Approval Date: April 30, 2012 Approved by: President's Council.
National Bank of Dominica Ltd Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.
BRET JOHNSON-SR DIRECTOR OF SALES TSYS MERCHANT SOLUTIONS
LESSONS LEARNED ON THE WAY TO PCI COMPLIANCE
Text mining Gergely Kótyuk Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics
Credit: Worlock. K, June (2011), Education & Training: 2010 Final Market Size and Share Report, Outsell –Advancing the Business of Information.
BUSINESS PLAN Project Brief: Facilitating general public to have Cash-in-hand by converting mobile phone credit to cash. And transfering the credit to.
Targeted attacks of recent days Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics.
Stuxnet, Duqu és társai – kifinomult internetes kártevők kifejlesztése, átalakítása, továbbfejlesztése Stuxnet, Duqu and others – development and operation.
Kriptográfia - a legerősebb láncszem a kiberbiztonság gyakorlatában? Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest.
CLEARER: Security and Privacy Research Roadmap for the CrySyS Lab Levente Buttyán, Márk Félegyházi, Boldizsár Bencsáth Laboratory of Cryptography and System.
R Street Improvement Project (30% Review Meeting) February 28, 2007 August 20, 2008 City of Sacramento R Street Market Plaza Project 16 th Street to 18.
Parachute Neighborhood Watch Presentation February 9, 2010.
Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.
Managing Risk in Cloud Computing Contracts Henry Ward and Todd Taylor April 30, 2015.
Case Study: Department of Revenue Data Breach National Association of State Auditors, Comptrollers and Treasurers March 21, 2013.
GRC - Governance, Risk MANAGEMENT, and Compliance
Introduction To Plastic Card Industry (PCI) Data Security Standards (DSS) April 28,2012 Cathy Pettis, SVP ICUL Service Corporation.
Version Number Authentication and Local Key Agreement Levente Buttyán Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology.
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
ThankQ Solutions Pty Ltd Tech Forum 2013 PCI Compliance.
ThankQ Solutions Pty Ltd Lyn Favelle Regular Giving ● Payment types ● How much automation ● Online options ● Support for external F2F ● Payment.
Langara College PCI Awareness Training
VeriShield Protect Revolutionary technology that simplifies PCI DSS compliance with no system upgrades Now available on V x Solutions!
BUSINESS CLARITY ™ PCI – The Pathway to Compliance.
MudiamPCI provide the solution for SAP credit card processing, payment card and card tokenization with aes 256 encryption.
CYBER SECURITY PRACTICES: AN EXPERT PANEL DISCUSSION February 12, 2015 Harvard Business School Association of Boston.
Merchant Services for Website Paycron. About Paycon Paycron is purposive in meeting immediate solutions in crafting merchant account services and credit.
Washington State Auditor’s Office Third Party Receipting Presented to Washington Public Ports Association June 2016 Peg Bodin, CISA.
Pioneers in secure data storage devices. Users have become more accustomed to using multiple devices, are increasingly mobile, and are now used to storing.
Table of Contents The Need for Effective Database Security
Gift Card Risk Mitigation – Presentation A
LESSON 13-1 Recording A Payroll
Threat Intelligence Solutions. Table Of Contents 1.Company Overview 2.Threat Intelligence Solutions 3.Certifications.
Microsoft Dynamics CRM Development
Android App Development Cost. Table Of Contents 1.Company Overview 2.Benefits of Android Development 3.Certifications.
Microsoft Dynamics CRM Development
Microsoft Dynamics CRM Development
Android App Development Cost. Table Of Contents 1.Company Overview 2.Benefits of Android Development 3.Certifications.
Help Desk Services Pricing. Table Of Contents 1.Company Overview 2.Benefits Help Desk Services Pricing 3.Certifications.
Network monitoring service pricing. Table Of Contents 1.Company Overview 2.Network monitoring service pricing 3.Certifications.
Threat Intelligence Solutions. Table Of Contents 1.Company Overview 2.Threat Intelligence Solutions 3.Certifications.
Switchover from Teledeposit to VIRTUAL TERMINAL Moneris Solutions
Customer Service Outsourcing.
Customer Service Outsourcing
Customer Service Outsourcing
Customer Service Outsourcing
Help Desk Outsourcing
Microsoft Dynamics CRM Development
Software Development Costs
Help Desk Outsourcing. Table Of Contents 1.Company Overview 2.Benefits Of Help Desk Outsourcing 3.Certifications.
Chapter 10 Consumer Education.
Cyber Trends and Market Update
MIS 5121 Real World Control Failure
IIA District Conference Seminar Presenter David Cole, CPA, CISA, CRISC
Card Data Fraud.
The Need for Effective Database Security
The Need for Effective Database Security
Anthem Data Breach Group 2: Jing Jiang, Dongjie Wang, Haitao Huang, Binju Gaire, Parneet Toor.
Increasing approval rates in the digital world
Presentation transcript:

Cyber Insurance for Data Breaches Márk Félegyházi Laboratory of Cryptography and System Security (CrySyS Lab) Department of Telecommunications Budapest University of Technology and Economics

Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium Failure to protect data  2006 May – Department of Veteran Affairs – 28.6m name, SSN, DoB  2007 March – TJ Maxx – 94m credit and debit cards  2008 end – Heartland Payment Systems – 100m credit and debit card info  2011 April – Sony Online – 24.6m accounts Is this going to continue? 2

Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium Failure to protect data AND  Wall Street Journal, 2007 Sep 22: 3

Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium Cost of breach is substantial  SME breach of records – cost of $4.16m  Sony breach of 77m records compromised –$171m spent (May 24, 2011) on –total costs? $258 per record – $20.6 billion conservative – $5.6 billion 4

Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium Solution – Static audits  Payment Card Industry Data Security Standard (PCI DSS) 5 content provider users Malice auditor

Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium Proposal – Dynamic security monitoring + Insurance 6 content provider users Malice security company cyber-insurance company

Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium Key points  data value assessment  design a clear data flow in system  monitor data flow  establish security 7 Márk Félegyházi, Crysys Lab, BME-HIT

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.