Presentation is loading. Please wait.

Presentation is loading. Please wait.

Your security risk is higher than ever.

Published byRichard Bishop Modified over 6 years ago

Similar presentations

Presentation on theme: "Your security risk is higher than ever."— Presentation transcript:

1 Your security risk is higher than ever.
$19.95/mo. 40% buys hackers easy-to-use “as-a-service” options for attacks. ZDNet of spam contains ransomware. IBM Your security risk is higher than ever.

2 16% over 2015. 2016 ransomware attacks were up Verizon 2016 DBIR

3 of recipients open phishing messages.
30% of recipients open phishing messages. click on attachments. 12% Verizon 2016 DBIR

4 You can’t afford to be wrong on this one.
1 in 2 70% $1B USD executives experience a ransomware attack of businesses hit pay the ransom in ransom paid in 2016 IBM IBM FBI estimate

5 “IT wants things to work smoothly, while security wants security.
Feedback from a survey of 100 CIO/CSOs “IT wants things to work smoothly, while security wants security. At the endpoint, they have to work together to maintain both.”

6

7 Install top rated antivirus software
10 Security tips Install top rated antivirus software

8 Best as of May 2017

9 Restrict administrator rights

10 Install and update a firewall

11 Implement patches and software on popular software

12 Enforce strict password policies

13 Top 25 most common passwords
123456 qwerty 111111 password 123123 qwertyuiop mynoob 123321 666666 18atcskd2w 1q2w3e4r 654321 555555 3rjs1la7qe google 1q2w3e4r5t 123qwe zxcvbnm 1q2w3e

14 Lock those screens

15 Secure wi-fi routers

16

17 Secure your browsers

18 Use encryption

19 Train and recruit users.

20 Our defense-in-depth solutions
Patch & Vulnerability Management Application Control & Privilege Management Endpoint Security Secure Program Management Patch and secure the OSes and 3rd-party apps that you can. Prevent all other apps from running while practicing the principles of least privilege. Add advanced anti-malware and AV capabilities, device control, and global policy for all devices. Marry security capabilities with workflows and asset management processes to complete a secure lifecycle. Patch management Vulnerability management Application control Privilege management Device control Anti-malware Threat alerting Asset management Service management Secure configuration management

21 The first 5 controls Inventory of authorized and unauthorized devices
CIS, US-CERT, ASD, and other authorities prioritize these five elements of cyber hygiene to significantly reduce security threats. Inventory of authorized and unauthorized devices Inventory of authorized and unauthorized software Secure configuration Controlled use of administration privileges Continuous vulnerability assessment and remediation

22 Department of Homeland Security/FBI Cybersecurity Briefing December 30, 2016
Although in the context of nation-state cyber hacking, in this nationwide public (no clearance required) call, the following techniques were recommended to improve cybersecurity prophylaxis Data Backups Risk Analysis and remediation Staff Training Vulnerability Scanning & Patching Application Whitelisting Incident Response Business Continuity Planning Penetration Testing

23

24 Physical security

Download ppt "Your security risk is higher than ever."

Similar presentations

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.

Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.

E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.

Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.

IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.
Chapter 2 Securing Network Server and User Workstations.

Chapter 2 Securing Network Server and User Workstations.
Critical Security Controls & Effective Cyber Defense Hasain “The Wolf”

Critical Security Controls & Effective Cyber Defense Hasain “The Wolf”
©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.

©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Information Security tools for records managers Frank Rankin.

Information Security tools for records managers Frank Rankin.
Best Cyber Security Practices for Counties An introduction to cybersecurity framework.

Best Cyber Security Practices for Counties An introduction to cybersecurity framework.
September 20, 2016 How to Defend Your Organization from a Cyber Breach LTC Tim Bloechl (U.S. Army, Ret.) Director, Cyber Security Business.

September 20, 2016 How to Defend Your Organization from a Cyber Breach LTC Tim Bloechl (U.S. Army, Ret.) Director, Cyber Security Business.
Endpoint and DataCenter Security

Endpoint and DataCenter Security
Explaining Bitcoins will be the easy part: Email Borne Attacks and How You Can Defend Against Them Karsten Chearis Sales Engineer.

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Karsten Chearis Sales Engineer.
Your Partner for Superior Cybersecurity

Your Partner for Superior Cybersecurity
Sophos Intercept X Matt Cooke – Senior Product Marketing Manager.

Sophos Intercept X Matt Cooke – Senior Product Marketing Manager.

Similar presentations

Ads by Google