Agenda Do You Need to Be Concerned? Information Risk at Nationwide

Slides:



Advertisements
Similar presentations
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Advertisements

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Security for Today’s Threat Landscape Kat Pelak 1.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Controls for Information Security
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Norman SecureSurf Protect your users when surfing the Internet.
Information Security Information Technology and Computing Services Information Technology and Computing Services
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Program Objective Security Basics
No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
[Name / Title] [Date] Effective Threat Protection Strategies.
InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Information Security and YOU!. Information Assurance Outreach Information Security Online Security Remote Access with Demonstration The Cloud Social.
Dell Connected Security Solutions Simplify & unify.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.
Information Security Sharon Welna Information Security Officer.
The way to avoid being trap into cyber crime. What is cyber crime? The Department of Justice categorizes computer crime in three ways: 1. The computer.
Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.
Computer Security By Duncan Hall.
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.
INTRODUCTION & QUESTIONS.
Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
Information Security and Technology Overview Presented By: Enterprise Risk Management (ERM) Division Jill Martucci, CISA, SSCP, Senior Allison Hall, Experienced.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.
CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.
Tuesday March 15, 2016 Session 19-D Technology Forum David Finkelstein, CIO RiverSpring Health.
Avoiding Frauds and Scams Barbara Martin-Worley Director, Consumer Fraud Protection 18 th Judicial District Attorney’s Office Serving Arapahoe, Douglas,
KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
3 Do you monitor for unauthorized intrusion activity?
Information Security.
I S P S loss Prevention.
Data Compromises: A Tax Practitioners “Nightmare”
Information Security 101 Richard Davis, Rob Laltrello.
ARE YOU A TARGET? YOU MAY NOT REALIZE IT, BUT YOU ARE A TARGET FOR CYBER CRIMINALS. IDENTITY THEFT IS ON THE RISE. BE AWARE AND TAKE PREVENTIVE ACTIONS.
Today’s Risk. Today’s Solutions. Cyber security and
Cybersecurity Awareness
Call AVG Antivirus Support | Fix Your PC
Securing the Threats of Tomorrow, Today.
Brandon Traffanstedt Systems Engineer - Southeast
12 STEPS TO A GDPR AWARE NETWORK
Information Security Awareness
How to Stay Safe Online Rollie Edwards.
3 Do you monitor for unauthorized intrusion activity?
6. Application Software Security
3 Do you monitor for unauthorized intrusion activity?
Presentation transcript:

Nationwide Information Risk Management (IRM) M. Travis Michalak Nationwide Financial – AVP Information Risk Management May 12, 2015

Agenda Do You Need to Be Concerned? Information Risk at Nationwide What Can You Do to Better Protect Yourself and Your Sensitive Data Questions

Do You Need to Be Concerned?

Understanding the threat landscape ALL COMPANIES ARE ALL AT RISK. NO MATTER THE SIZE OR INDUSTRY.

Understanding the threat landscape 15% INCREASE IN THREAT ACTIVITY IN THE FINANCIAL SERVICES INDUSTRY 33% OF BREACHES WERE DISCOVERED INTERNALLY 9 MILLION + PEOPLE EXPERIENCE IDENTITY THEFT EVERY YEAR 2.5 BILLION RECORDS COMPROMISED OVER THE PAST FIVE YEARS 8 MONTHS IS THE AVERAGE TIME AN ADVANCED THREAT GOES UNDETECTED ON A VICTIM’S NETWORK 62% INCREASE IN BREACHES 1IN 5 ORGANIZATIONS HAVE BEEN ATTACKED

Understanding the threat landscape Why is Security an NF Technology Trend? Organized Crime, Hactivists, Nation State, Industrial Espionage, Insider Threat, Careless Employees all pose Threats to the Financial Services sector The Threat is Intensifying Introduction to new technologies such as Mobile, Cloud Computing, Data Analytics are introducing new security challenges Technology Landscape is Changing Fast Many of our customers (e.g., State & County Public Retirement Plans) are asking for this functionality to better protect their consumers information Our Business Partners and Customers Expect Security & Trust There are expanding methods and portals where weaknesses are exposed including, E-Mail / Web, Web User Interface, Identity Compromise, Physical Access & Social Engineering Vulnerabilities and Attack Vectors are Expanding

Information Risk at Nationwide

Information Risk at Nationwide Operational Risk is just one Risk “Type” of our Enterprise Risk Management (ERM) Framework IT Operational Risk Managed by Information Risk Management What does IT Operational Risk Management cover? IT operational risk management facilitates Nationwide’s efforts to: Protect confidential information Have systems and businesses that are recoverable Be prepared to respond to a crisis Be in compliance with regulations and Nationwide policies. Information Security Continuity Management Crisis Management Compliance & Regulatory

Information Security at Nationwide   TOP 10 MOST TRUSTED COMPANY The Ponemon Institute, which conducts independent research on privacy, data protection and information security, has named Nationwide one of the top 10 Most Trusted Companies for privacy every year for the past 10 years. Nationwide is proud of this recognition and takes information security and privacy very seriously.  DEDICATED TEAM OF PROFESSIONALS Nationwide has over 150 dedicated trained information risk management professionals who are continuously focused ensuring we help protect the private information and help assure the availability of systems AWARD-WINNING SECURITY & PRIVACY TRAINING Nationwide IT has an award-winning information security and privacy training and awareness program.

Business Continuity at Nationwide COMPREHENSIVE BUSINESS & SYSTEMS RECOVERY PROGRAM In an effort to meet the expectations of our members, we strive to provide continuous service operations. Nationwide uses a comprehensive Business Continuity and System Recovery program where recovery plans are reviewed, updated and tested on a regular basis TOP TIER IV DATA CENTER Our recently opened Data Center in New Albany, Ohio (Data Center East) has qualified as a Tier IV facility, the highest possible rating LEED CERTIFIED Nationwide committed early in its planning cycle to apply for Leadership in Energy and Environmental Design (LEED) certification for Data Center East

Information Security at Nationwide Current Defense in Depth Strategy We provide different protections across all different layers Intrusion Detection / Intrusion Prevention Event & Incident Management Security Policies & Standards (Regulations) Education & Awareness Workstation Security Network Security Software Security Perimeter Security Server Security Database Security

What Can You Do to Better Protect Yourself and Your Sensitive Data?

Mobile Device Protection Use a start up and auto-lock passcode Never leave your device unattended and transport it in a hidden area Avoid conducting financial transactions over public wireless networks Only install applications from legitimate application stores Understand what data (location, contacts, access to social networks) the application can access on your device before you download Download the latest operating system updates and security software (if applicable) to help defend against viruses, malware and other online threats Enable location tracking and remote wipe software if available Do not tamper with your Smartphone’s operating system (e.g. jailbreaking)

Secure your WIFI Secure your WIFI with WPA2 and a strong password Secure access to the wireless router Change the wireless network name Turn off remote and wireless access to the router’s settings Enable a Guest network Update your firmware Search online

Recognize & Avoid Phishing Red Flags Check the sender Dear Customer Bad spelling and grammar Urgent requests Be careful with website links Be suspicious of attachments Requests for sensitive information Sound too good to be true?

Social Media Tips Consider what you post Control visibility and privacy Routinely check your settings Respond to a breach

Other Ways to Protect Turn on WPA2 Make passwords long and strong Unique account, unique password Keep a clean machine Automate software updates Admin user account only to complete a specific task Consider the information you post on social sites Enable a firewall (Personal Firewall) Limit use of administrator accounts Protect your $$ Don’t be tricked into opening an attachment or providing confidential information about yourself Never provide your user ID & password via a clicked-on link from an email or text When in doubt, throw it out

Questions Thank You! M. Travis Michalak Associate Vice President Nationwide Financial – Information Risk Management michalm@nationwide.com 614-677-6809 1 Nationwide Plaza 3-17-202 Columbus OH 43215 Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.