Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybersecurity – Three Perspectives

Published by남희 육 Modified over 6 years ago

Similar presentations

Presentation on theme: "Cybersecurity – Three Perspectives"— Presentation transcript:

1 Cybersecurity – Three Perspectives
by Nicholas A. Klinefeldt, Faegre Baker Daniels Paul H. Luehr, Faegre Baker Daniels Nicholas Gerhart, FBL Financial Group, Inc. Drake University Law School and ACC, Iowa Chapter 5th Annual Corporate Counsel Forum, Des Moines, IA

2 Threat Landscape: Data Breach Costs
U.S. average cost of a data breach ($4 M globally) $6.5 M 29% Increase since 2013, in global cost of a breach U.S. average cost for each exposed record ($158 globally) $221 Source: 2016 Cost of Data Breach Study: Global Analysis, Sponsored by IBM, Conducted by Ponemon Institute LLC (June 2016)

3 Threat Landscape: Data Breach Costs
66% 34% Indirect Costs: Staff hours Lost Goodwill Customer “Churn” Direct Costs: Outside Counsel Outside Experts ID Theft Insurance Notification Costs Source: 2016 Cost of Data Breach Study: Global Analysis, Sponsored by IBM, Conducted by Ponemon Institute LLC (June 2016)

4 Global Data Breach Cost – Per Capita, by Industry
Threat Landscape: Data Breach Costs Global Data Breach Cost – Per Capita, by Industry Source: Ponemon Institute, “2016 Cost of Data Breach Study: Global Analysis,” Sponsored by IBM (June 2016)

5 Threat Landscape: Threat Actors and their Motives
Charge for Fraudulent Treatment Obtain Free Treatment or Purchase Prescription Drugs Wage or Tax Fraud Monetize Personal Data Steal Intellectual Property Expose Sensitive Data Destroy or Corrupt Data Disrupt Services Extortion FINANCIALLY MOTIVATED HACKERS HACKTIVISTS/TERRORISTS SECURITY RESEARCHERS NATION STATES INSIDERS

6 Threats - Extortion Ransomware

7 Ransomware Threats - Extortion
Spam (up 4x) with ransomware = 40% to 66%, Demand = $200 to $10,000+ (often in Bitcoin) Largest cost = downtime Sources: IBM, Malwarebytes, Datto

8 Threats - Extortion WannaCry – one of the largest attacks in history
Over 230,000 infections Over 150 countries Vulnerable Unpatched Windows OS Old, pirated OS Victims UK NHS Telefonica FedEx

9 Threats – Fraud

10 “Business Email Compromise” (BEC)
Threats - Fraud “Business Compromise” (BEC) Losses $3 billion in losses by Feb. 2017 Up 1300% since Jan. 2015 Victims in 50 states and 100 countries Average = $25,000 to $90,000 Ubiquiti Networks: $46.7 million in fraud transfers

11 Threats: Attacks on the Internet of Things
IoT DDoS Dyn DOS Example Traffic spike = 40-50x above normal Victims = Dyn, Amazon, Netflix, Twitter, et al Source = Internet of Things (IoT) DVR Video cameras Sources: Dyn, Krebs on Security

12 Incident Response Team
Prevention: Develop an Effective IR Team Deploy an Effective IR Team Multiple representatives Led by counsel With contact sheet for: Outside counsel Forensic experts Crisis communicators Notification firms Insurance agent/broker Law enforcement In-House Counsel Outside Counsel Client & Media Relations In-House IT Incident Response Team Human Resources CPO, CSO Compliance Outside Forensics Experts Business Unit

13 Prevention: Insurance as part of your IR Team
Insurance - Types Probably not E&O anymore Cyber Coverage Cost of investigation (using pre-approved attorneys & experts?) Cost of repairs Lost business? Timing Notify broker/agent upon suspecting a breach Notify before paying ransom

14 Prevention: Law Enforcement as part of your IR Team

15 Prevention: Law Enforcement as part of your IR Team
Mandatory Reporting Personally Identifiable Information, Medical Records Financial Institutions (SAR), Investors (SEC), etc. Goals Solve crime, assist victims, seek justice NOT “take over” a victim’s business Typical Requests Raw intrusion data – hard drives, logs NOT your internal memos or reports Typical Benefits Intel back on a particular type of perpetrator PR value of letting public know that you’ve contacted the authorities

16 Prevention: Re-Design Corporate Governance
Board Executive Management Bus Ops IT Network Architecture InfoSec Marketing Legal Finance Insurance/Risk Risk Committee Insurance Litigation Board Executive Management Bus Ops IT Network Architecture InfoSec Marketing Legal Privacy Finance Insurance/Risk Privacy & Security

17 Corp. Strategy Affected
Prevention: Develop an Effective IR Plan Include: Initial triggers Escalation paths Crisis Management Team IR Team Info. Security Help Desk Timing expectations Regulatory drivers & PRACTICE! Threat Level Impact Response Team Threat Type Response Time Crisis Comms Crisis Corp. - Global Global IR Extortion 2 hours Patient Health Local IR Tech Major Incident Corp. – Regional Stolen IP 24 hours  Corp. Strategy Affected Local Incident Corp. - Local Lost, encrypted 48 hours  Loss of Bus. Data laptop

18 Prevention: Use your Plan to Move Efficiently
Average Time to Contain = 59 to 82 days Source: IBM / Ponemon Institute, “2016 Cost of Data Breach Study: Global Analysis” (June 2016) “Real World” Investigation Timeline Rebuild Drives Preservation (4 – 14 days) Forensic Analysis (21 – 28 days) Malware Analysis (10 – 21 days) Scanning (21 – 28 days) Report (10 – 21 days) 1 10 20 30 40 50 60 (days)

19 Questions?

Download ppt "Cybersecurity – Three Perspectives"

Similar presentations

Travelers CyberRisk for Insurance Companies

Travelers CyberRisk for Insurance Companies
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Overview of Cybercrime

Overview of Cybercrime
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, 2013 11:30 am – 12:30 pm.

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.
AUGUST 25, 2015 Cyber Insurance:

AUGUST 25, 2015 Cyber Insurance:
Cyber Security Nevada Businesses Overview June, 2014.

Cyber Security Nevada Businesses Overview June, 2014.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2013 CCH Incorporated. All Rights Reserved. 4025 W. Peterson Ave. Chicago,

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave. Chicago,
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Have the Time? Steps to Deal with Cybercrime HFTP Annual Conference Bellevue, Washington October 23, 2015 Presented by: John D. Daum, CPA Scott Perry (Just.

Have the Time? Steps to Deal with Cybercrime HFTP Annual Conference Bellevue, Washington October 23, 2015 Presented by: John D. Daum, CPA Scott Perry (Just.
1Copyright 2009. Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.

1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.
Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.

Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215) 864-6435

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
Cyber Summit 2016 Data Bytes and Frights Presented by: President and CEO Peter J. Elliott, CPCU.

Cyber Summit 2016 Data Bytes and Frights Presented by: President and CEO Peter J. Elliott, CPCU.
Being there When you need us Thats our policy. Cyber Awareness – what can be done?

Being there When you need us Thats our policy. Cyber Awareness – what can be done?

Similar presentations

Ads by Google