Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Insurance for Data Breaches Márk Félegyházi Laboratory of Cryptography and System Security (CrySyS Lab) Department of Telecommunications Budapest.

Published byJosiah Campion Modified over 10 years ago

Similar presentations

Presentation on theme: "Cyber Insurance for Data Breaches Márk Félegyházi Laboratory of Cryptography and System Security (CrySyS Lab) Department of Telecommunications Budapest."— Presentation transcript:

1 Cyber Insurance for Data Breaches Márk Félegyházi Laboratory of Cryptography and System Security (CrySyS Lab) Department of Telecommunications Budapest University of Technology and Economics www.crysys.hu

2 Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium www.crysys.hu Failure to protect data  2006 May – Department of Veteran Affairs – 28.6m name, SSN, DoB  2007 March – TJ Maxx – 94m credit and debit cards  2008 end – Heartland Payment Systems – 100m credit and debit card info  2011 April – Sony Online – 24.6m accounts Is this going to continue? 2

3 Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium www.crysys.hu Failure to protect data AND  Wall Street Journal, 2007 Sep 22: 3

4 Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium www.crysys.hu Cost of breach is substantial  SME breach of 25000 records – cost of $4.16m  Sony breach of 77m records compromised –$171m spent (May 24, 2011) on –total costs? $258 per record – $20.6 billion conservative – $5.6 billion 4

5 Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium www.crysys.hu Solution – Static audits  Payment Card Industry Data Security Standard (PCI DSS) 5 content provider users Malice auditor

6 Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium www.crysys.hu Proposal – Dynamic security monitoring + Insurance 6 content provider users Malice security company cyber-insurance company

7 Laboratory of Cryptography and System Security CrySyS Adat- és Rendszerbiztonság Laboratórium www.crysys.hu Key points  data value assessment  design a clear data flow in system  monitor data flow  establish security 7 Márk Félegyházi, Crysys Lab, BME-HIT mfelegyhazi@crysys.hu www.crysys.hu

Download ppt "Cyber Insurance for Data Breaches Márk Félegyházi Laboratory of Cryptography and System Security (CrySyS Lab) Department of Telecommunications Budapest."

Similar presentations

Célzott informatikai támadások napjainkban Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology.

Célzott informatikai támadások napjainkban Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology.
Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?

Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?
Payment Card Industry Data Security Standard AAFA ISC/SCLC Fall 08.

Payment Card Industry Data Security Standard AAFA ISC/SCLC Fall 08.
ISACA January 8, 2013. IT Auditor at Cintas Corporation Internal Audit Department Internal Security Assessor (ISA) Certification September 2010 Annual.

ISACA January 8, IT Auditor at Cintas Corporation Internal Audit Department Internal Security Assessor (ISA) Certification September 2010 Annual.
What we all need to know. Approval Date: April 30, 2012 Approved by: President's Council.

What we all need to know. Approval Date: April 30, 2012 Approved by: President's Council.
National Bank of Dominica Ltd. 2011 Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.

National Bank of Dominica Ltd Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.
BRET JOHNSON-SR DIRECTOR OF SALES TSYS MERCHANT SOLUTIONS

BRET JOHNSON-SR DIRECTOR OF SALES TSYS MERCHANT SOLUTIONS
LESSONS LEARNED ON THE WAY TO PCI COMPLIANCE

LESSONS LEARNED ON THE WAY TO PCI COMPLIANCE
Text mining Gergely Kótyuk Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics www.crysys.hu.

Text mining Gergely Kótyuk Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics
Credit: Worlock. K, June (2011), Education & Training: 2010 Final Market Size and Share Report, Outsell –Advancing the Business of Information.

Credit: Worlock. K, June (2011), Education & Training: 2010 Final Market Size and Share Report, Outsell –Advancing the Business of Information.
BUSINESS PLAN Project Brief: Facilitating general public to have Cash-in-hand by converting mobile phone credit to cash. And transfering the credit to.

BUSINESS PLAN Project Brief: Facilitating general public to have Cash-in-hand by converting mobile phone credit to cash. And transfering the credit to.
Targeted attacks of recent days Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics.

Targeted attacks of recent days Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics.
Stuxnet, Duqu és társai – kifinomult internetes kártevők kifejlesztése, átalakítása, továbbfejlesztése Stuxnet, Duqu and others – development and operation.

Stuxnet, Duqu és társai – kifinomult internetes kártevők kifejlesztése, átalakítása, továbbfejlesztése Stuxnet, Duqu and others – development and operation.
Kriptográfia - a legerősebb láncszem a kiberbiztonság gyakorlatában? Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest.

Kriptográfia - a legerősebb láncszem a kiberbiztonság gyakorlatában? Boldizsár Bencsáth PhD Laboratory of Cryptography and System Security (CrySyS) Budapest.
CLEARER: Security and Privacy Research Roadmap for the CrySyS Lab Levente Buttyán, Márk Félegyházi, Boldizsár Bencsáth Laboratory of Cryptography and System.

CLEARER: Security and Privacy Research Roadmap for the CrySyS Lab Levente Buttyán, Márk Félegyházi, Boldizsár Bencsáth Laboratory of Cryptography and System.
R Street Improvement Project (30% Review Meeting) February 28, 2007 August 20, 2008 City of Sacramento R Street Market Plaza Project 16 th Street to 18.

R Street Improvement Project (30% Review Meeting) February 28, 2007 August 20, 2008 City of Sacramento R Street Market Plaza Project 16 th Street to 18.
Parachute Neighborhood Watch Presentation February 9, 2010.

Parachute Neighborhood Watch Presentation February 9, 2010.
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Information & Communication Technologies 08 2014 NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.

Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

Similar presentations

Ads by Google