Presentation is loading. Please wait.

Presentation is loading. Please wait.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Published byHector Davidson Modified over 9 years ago

Similar presentations

Presentation on theme: "Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc."— Presentation transcript:

1 Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

2 Copyright Carrie Kerskie Who am I Carrie Kerskie Entrepreneur Kerskie Group, Inc. (formerly Marcone Investigations, Inc.) Business identity theft Intellectual property infringement Privacy assessment and training Association of Certified Identity Theft Investigators (aciti.org) Certified Identity Theft Investigator program Identity theft expert Author “Your Public Identity; Because Nothing is Private Anymore Numerous articles for various publications Public speaker Conferences, corporate events

3 Copyright Carrie Kerskie Outline Data Breach –Statistics –Sources –Cost –Tips to reduce risk –Consequences Identity Theft Six types Sources Warning Signs Restoration Tips to reduce risk

4 Copyright Carrie Kerskie Data breach statistics 2011 Breach Report, Identity Theft Resource Center, December 20112011 Breach Report Worldwide, approximately 1.1 million identities were exposed per breach, mainly owing to the large number of identities breached through hacking attacks. More than 232.4 million identities were exposed overall during 2011. Deliberate breaches mainly targeted customer- related information, primarily because it can be used for fraud. Internet Security Threat Report Volume 17, Symantec, April 2012Internet Security Threat Report Volume 17 Companies in the computer software, IT and healthcare sectors accounted for 93 percent of the total number of identities stolen in 2011. Theft or loss was the most frequent cause, across all sectors, accounting for 34.3 percent, or approximately 18.5 million identities exposed in 2011. Internet Security Threat Report Volume 17, Symantec, April 2012Internet Security Threat Report Volume 17 Incidents involving hacking and malware were both up considerably in 2011, with 81 percent utilized some form of hacking and malware incorporated in 69 percent of data breaches. 2012 Data Breach Investigations Report (DBIR), Verizon Business, April 20122012 Data Breach Investigations Report (DBIR) Most data breach victims fell prey because they were found to possess an (often easily) exploitable weakness rather than because they were pre-identified for attack; 79 percent of victims were targets of opportunity, and 96 percent of attacks were not highly difficult. 2012 Data Breach Investigations Report (DBIR), Verizon Business, April 20122012 Data Breach Investigations Report (DBIR) Total number of records containing sensitive personal information involved in security breaches in the U.S. is 562,943,732 in 3,241 data breaches since January 2005. Information is sold on the information black market for $10-50 per record

5 Copyright Carrie Kerskie Sources of data breach Employee negligence –Internet, email, passwords, not securing sensitive information, portable devices –Why: money, lack of training, policies not enforced, lack of supervision Theft –Laptop, portable storage device, back-up tapes, passwords, portable devices –Why: money, revenge, lack of training, policies not enforced, lack of supervision Hacker –Wardriving, back doors, malware, spear phishing –Why- money, fame, revenge, espionage

6 Copyright Carrie Kerskie Cost of data breach Average mitigation expense $200 per compromised record written notification monitoring services investigation fines & penalties customer churn F.S 817.5681 45 days It is more cost effective to be proactive rather than reactive

7 Copyright Carrie Kerskie Tips to reduce risk Privacy assessments –Technical & non-technical –Internal & External Policies & Procedures Employee training

8 Copyright Carrie Kerskie Consequences of data breach Fines & penalties Negative publicity Customer churn Loss of intellectual property Increased risk of identity theft –Business and individual

9 Copyright Carrie Kerskie Six types of identity theft Financial Utilities Government benefits/documents Criminal Medical Business Identity theft CANNOT be prevented

10 Copyright Carrie Kerskie Sources of information Theft Pretexting Garbology Internet Technology

11 Copyright Carrie Kerskie Warning signs Statements Credit report Alerts and notifications Suspicious activity Calls about unknown purchases or collections

12 Copyright Carrie Kerskie Restoration Contact credit bureaus Police report (ID theft report) Get it in writing Documentation crucial Provide documentation to victims Individual victim rights do NOT apply to a business victim!!!

13 Copyright Carrie Kerskie Tips to reduce risk of ID theft Monitor and reconcile Credit reports, statements, and online ID Lock it up Opt out Shred Cyber safety Stop-Think-Click Data security Encrypt devices, use passwords, anti-virus, anti- spyware and a firewall

14 Copyright Carrie Kerskie Summary Proactive is less expensive than reactive Data breach mitigation is $200 per record Risk assessments, training and security crucial Consequences: loss of IP, increase risk of ID theft Identity theft cannot be prevented Monitoring is crucial to reduce loss & save time

15 Copyright Carrie Kerskie Assistance available Marcone Investigations, Inc (Kerskie Group, Inc) Business identity theft monitoring and restoration services Privacy assessments and training Speaking – retreat, annual meeting, etc Online courses, live training, consulting Buy the book - “Your Public Identity: Because Nothing is Private Anymore” Contact Information Phone: (239) 435-9111Email:ck@CarrieKerskie.com www.CarrieKerskie.comwww.CarrieKerskie.com Twitter: @naplespi Sign up for my FREE eNewsletter at www.CarrieKerskie.com

Download ppt "Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc."

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Red Flags Rule BAS Forum August 18, 2010. What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.

Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
What to Know, What to Do Presentation Powered By: The Federal Trade Commission Consumer Protection Toolkit.

What to Know, What to Do Presentation Powered By: The Federal Trade Commission Consumer Protection Toolkit.
Protecting Your Identity: What to Know, What to Do.

Protecting Your Identity: What to Know, What to Do.
Consumer Authentication in e-Banking & Part 748 – Appendix B Response Program Catherine Yao Information Systems Officer NCUA.

Consumer Authentication in e-Banking & Part 748 – Appendix B Response Program Catherine Yao Information Systems Officer NCUA.
Identity Theft Someone steals your personal information for his/her own gain It’s a crime!

Identity Theft Someone steals your personal information for his/her own gain It’s a crime!
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,

Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.

STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.
©2011 Kingston Technology Corporation. All rights reserved. All trademarks and registered trademarks are the property of their respective owners. Best.

©2011 Kingston Technology Corporation. All rights reserved. All trademarks and registered trademarks are the property of their respective owners. Best.
MONEY MANAGEMENT II Billing Errors/Disputes & Identity Theft.

MONEY MANAGEMENT II Billing Errors/Disputes & Identity Theft.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Knowing cyber risks is essential to manage cyber liabilities CYBER SECURITY TO REDUCE CYBER LIABILITY.

Knowing cyber risks is essential to manage cyber liabilities CYBER SECURITY TO REDUCE CYBER LIABILITY.
** Deckplate training for Navy Sailors **.  On Thursday, 9 July, the Office of Personnel Management (OPM) announced a cyber incident exposed the federal.

** Deckplate training for Navy Sailors **.  On Thursday, 9 July, the Office of Personnel Management (OPM) announced a cyber incident exposed the federal.
1Copyright 2009. Jordan Lawrence. All rights reserved. Annual In-House Symposium Practical Steps to Minimize Privacy Risks: Understanding The Intersection.

1Copyright Jordan Lawrence. All rights reserved. Annual In-House Symposium Practical Steps to Minimize Privacy Risks: Understanding The Intersection.

Similar presentations

Ads by Google