Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identifying and Preparing for Emerging Industry Risks

Published byCharla White Modified over 7 years ago

Similar presentations

Presentation on theme: "Identifying and Preparing for Emerging Industry Risks"— Presentation transcript:

1 Identifying and Preparing for Emerging Industry Risks
Samuel Jabbour, Natalia Nincevic, Mary Kate Truss, Justin Simmons, and Vivian Wu

2 Ransomware Change Fatigue
Emerging Risks Ransomware Change Fatigue Risk that takes the form of a systematic issue or business practice that has: Not previously been identified Been identified but dormant Yet to rise to an area of significant concern All of the above

3 Ransomware

4 Ransomware Ransomware attacks were predicted to be a $1 Billion dollar business by the end of 2016 -FBI Ransomware attacks have increased 6,000% in 2016 and are in almost 40% of spam messages -IBM Security Ransomware attacks were most common in the financial services and healthcare industries -Malwarebytes

5 Ransomware What is Ransomware?
Ransomware is a type of malware that infects a system and blocks access to the victim’s data. The virus then threatens to perpetually block access to the data or publish it unless a ransom is paid Ransomware

6 How Does A Ransomware Infection Occur?
The most common way is in an messages that is carrying downloader Trojans (phishing) Websites hosting exploit kits, which attempt to exploit vulnerabilities in the browser or other software

7 Issue With Ransomware The biggest issue is if a computer containing Non- public information (NPI) becomes infected Ransomware spreads like most malware. So if a single computer is infected, it can spread through various means to others on the network So if a system without any NPI is affected, it can potentially spread to one that does contain NPI

8 Hypothetical Scenario
Server Server

9 Hypothetical Scenario
Server Server

10 Mitigation Strategies
What We Do Additional Strategies Regularly patch software & system Whitelisting software apps running on machines Educate and inform employees about phishing and other exploit attempts Have at least three backups of the data (3-2-1 rule) Additional security required to use UIs that connect to production servers Expand use of two factor authentication Blacklist checking

11 Change Fatigue

12 Change Fatigue is the #1 Emerging risk for Q2 2017
The risk of increased employee fatigue and diminished productivity due to high frequency of change initiatives, or poorly operated change initiatives Change Fatigue

13 Disruptions Effect on Change Fatigue
New Players Blend Competitor Partnerships Corelogic & Ellie Mae Large Fintechs Entering Market Finastra has large capabilities Changes in our Industry Consumer behavior Client demands Supply of products & services Organizational Changes Black Knight Stays Competitive Through Innovation Change Management New Policies With this growth will come change management and with change management comes the potential to cause change fatigue. Large-scale Projects

14 Failed Change Management & Change Fatigue
Unintended Consequences Burnout Disengagement Decreased Productivity Increased Turnover Change Resistant Reasons for Failure and Fatigue Poor Communication Poor Design

15 Organizational Readiness
Pyramid of Readiness Mitigation Strategies Fail Fast & Fail Cheap Survey employees on their stress levels and satisfaction Communicate the change initiative to all affected employees Support a high changing culture Use a granular step model Keep ERM & ISO involved throughout the process Ready for Change Individual Readiness Change Agents Target Population Communication Organizational Readiness Scope Definition Stake Holder Analysis Measurement

16 Questions?

Download ppt "Identifying and Preparing for Emerging Industry Risks"

Similar presentations

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
SACM Terminology Nancy Cam-Winget, David Waltermire, March.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
1 Internet Security Threat Report X Internet Security Threat Report VI Figure 1.Distribution Of Attacks Targeting Web Browsers.

1 Internet Security Threat Report X Internet Security Threat Report VI Figure 1.Distribution Of Attacks Targeting Web Browsers.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Enterprise Network Risks Email Attachments -- Workers opening an attachment could unleash a worm or virus onto the corporate network, and a new evolution.

Enterprise Network Risks Attachments -- Workers opening an attachment could unleash a worm or virus onto the corporate network, and a new evolution.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
3.4.4 The opportunities and problems of entering new markets abroad:

3.4.4 The opportunities and problems of entering new markets abroad:
March 21, 2012 John Vigouroux CEO M86 Security (acquired by Trustwave)

March 21, 2012 John Vigouroux CEO M86 Security (acquired by Trustwave)
Topic 5: Basic Security.

Topic 5: Basic Security.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Return to the PC Security web page Lesson 6: Improving Email Security.

Return to the PC Security web page Lesson 6: Improving Security.
Understand Malware LESSON 2.6 98-367 Security Fundamentals.

Understand Malware LESSON Security Fundamentals.
©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.

©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.
NETWORK SECURITY Definitions and Preventions Toby Wilson.

NETWORK SECURITY Definitions and Preventions Toby Wilson.
1 #UPAugusta2016. 2 3 Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6.

1 #UPAugusta Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6.
NADAV PELEG HEAD OF MOBILE SECURITY The Mobile Threat: Consumer Devices Business Risks David Parkinson MOBILE SECURITY SPECIALIST, NER.

NADAV PELEG HEAD OF MOBILE SECURITY The Mobile Threat: Consumer Devices Business Risks David Parkinson MOBILE SECURITY SPECIALIST, NER.
Mac OS X backdoor Trojan, now in beta? 報告人:劉旭哲. Introduction It targets users of Mac OS X As even the malware itself admits, it is not yet finished. It.

Mac OS X backdoor Trojan, now in beta? 報告人:劉旭哲. Introduction It targets users of Mac OS X As even the malware itself admits, it is not yet finished. It.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

Similar presentations

Ads by Google