Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Data Breach Prevention and Response: Front-End Detection and Back-End.

Published bySydney Cole Modified over 9 years ago

Similar presentations

Presentation on theme: "1 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Data Breach Prevention and Response: Front-End Detection and Back-End."— Presentation transcript:

1 1 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Data Breach Prevention and Response: Front-End Detection and Back-End Protection

2 2 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Today’s Moderator Bruce MacDougall Senior Vice President WGA

3 3 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. “If we do not act, we leave our nation vulnerable to protect the technologies that have unleashed untold opportunities for people around the globe.”

4 4 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. 783 Data Breaches hit U.S. Business in 2014, a 27.5% increase over 2013.

5 5 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Known Attacks 2014-2015

6 6 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Latest Hack Earlier this month, Premera Blue Cross Security breach that exposed medical and financial information 11 million customers Most devastating cyber-attack in the health care industry to date

7 7 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Response takes center stage Prevention Protection Cyber Threats: What to expect in 2015

8 8 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Today’s Featured Speakers Paul Morville John Doernberg Founder VP Product Confer Technologies, Inc. Vice President Cyber Practice Leader WGA

9 9 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Front End Prevention

10 10 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Reporter: “Willie, why do you rob banks?” Willie: “Because that’s where the money is.”

11 11 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Bank Robbers in 2015 Evgeniy Bogachev $3M reward for his arrest Has stolen an estimated $100M Recently went into hiding Uses Zeus malware to steal banking information

12 12 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Where is the money in 2015?

13 13 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Other motivations beyond money

14 14 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. All Kinds of Businesses Targeted 45% of breaches in the private sector are of companies with less than 1,000 employees Source: 2014 Verizon Breach Investigations Report

15 15 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. How do they operate? Attack endpoint?

16 16 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Confer – What We Do 16 CROWDSOURCED BLACKLIST Combined power of 50 antivirus engines BEHAVIORAL ANALYTICS Detect combinations of attacker techniques that all attacks share APPLIED INTELLIGENCE Apply crowdsourced threat intelligence on endpoint LIGHTWEIGHT SENSOR MOBILEPCSSERVERS WINDOWS, MAC, ANDROID (IOS and LINUX Coming Soon) The Confer Cloud THREAT PREVENTION Stop advanced and zero day attacks INCIDENT RESPONSE Who, what, when, where, and how? APPLIED INTEL Automated threat sharing and intelligence-based protection

17 17 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Multi-Engine Approach Dramatically Improves Detection Signature s Static Behavioral Dynamic Behavioral Signatures 5% Static Behavioral 20% Confer has > 99% Detection Rates Plus, incident response and applied intelligence provide context and understanding

18 18 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Exceptionally Lightweight Sensor CPUDiskNetwork < 1% increase over baseline CPU utilization < 1% increase over baseline disk I/O utilization < 3.5MB data transferred per day In comparison, leaving the CNN web page open for 60 seconds results in 10MB data transferred and dramatically higher CPU utilization versus Confer

19 19 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Confer: Redefining Endpoint Security Lightweight and cloud-based: simple to deploy and use Multiplatform: Windows, Mac, Android, iOS, Linux Prevents advanced attacks AND simplifies incident response

20 20 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Back End Protection

21 21 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Board are showing more concern about cyber threats SEC pushing for board members to take greater responsibility for cyber risks Not all measures are technical (i.e. deciding which breach prevention measures should we adopt) Legal Compliance and Disclosure Issues Governance Cyber Considerations

22 22 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Cyber Concern at Board Level – 74% According to a 2014 NYSE Corporate Governance/FTI Consulting research study

23 23 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Generally fall into three major categories: Human Error System Glitches Criminal Attack Causes of a Breach Most frequent cause Most costly

24 24 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Current Cyber Trends Sony Pictures breach a reminder that (1) data loss is a major exposure (the attackers wiped out much of the data on Sony’s network), and (2) employee privacy is a major exposure Anthem breach a reminder that (1) attackers can penetrate a network months before an attack is discovered (thought to have broken into network in April 2014) and (2) notification responsibilities aren’t always clear Renewed focus on healthcare and HIPAA/HITECH: – Breach notification requirement – State Attorney Generals can bring civil actions in federal court – Civil monetary penalties range from $50k-$100k per violation and $25k-$1.5M in a calendar year

25 25 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Cost of a breach in U.S. $5.9m average

26 26 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Cost of dealing with a breach Forensic costs -- can be significant Data loss -- Sony Pictures situation Business interruption exposures

27 27 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Thinking within the NIST Framework What is your risk What are your cyber security practices Where do you want/need to be

28 28 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Risk Practices Distinction between privacy breach and network security breach Not all losses are technical Can face significant cyber losses even if you don't have a lot of PII or PHI

29 29 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. The role of cyber insurance Risk management and insurance drives behavioral change in the marketplace Mitigates loss by forcing insureds to assess the potential risk and their cyber defense mechanisms

30 30 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Response Plan Having the right players as initial responders Practicing and revising Transfer risk ​

31 31 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. A look at the insurance marketplace $2B estimated total premium for cyber insurance in 2014 Survey of insurance brokers finds: – 61% say cyber is viewed in the top three most significant business threats to their clients – But just 18% of brokers say over 40% of their clients have some cyber liability coverage

32 32 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Insurance Trends Some carriers are reasonably flexible on coverage terms, others more cautious Some carriers increase or eliminate sublimits on first- party costs (forensics, notification, credit monitoring, legal) Firming prices in industries where carriers see greater exposure (healthcare and especially retail)

33 33 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. More information Overwhelming amount of information out there when it comes to data security and privacy No shortage of new Cyber Threats WGA has launched an open-source online forum to collect data CyberRiskHub.com

34 34 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Contact Information Paul Morville Confer paul@confer.net 617.821.1341 John Doernberg WGA jdoernberg@wgains.com 617.646.0336 Bruce MacDougall WGA bmacdougall@wgains.com 617.646.0279 Thank you for joining us today Confer Technologies http://www.confer.net/ WGA http://www.WGAins.com

Download ppt "1 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Data Breach Prevention and Response: Front-End Detection and Back-End."

Similar presentations

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Travelers CyberRisk for Insurance Companies

Travelers CyberRisk for Insurance Companies
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
Key Changes to HIPAA from the Stimulus Bill (ARRA) Children’s Health System Department Leadership Meeting October 28, 2009 Kathleen Street Privacy Officer/Risk.

Key Changes to HIPAA from the Stimulus Bill (ARRA) Children’s Health System Department Leadership Meeting October 28, 2009 Kathleen Street Privacy Officer/Risk.
Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,

Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,
Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.

Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Recent Trends and Insurance Considerations March 2015

Recent Trends and Insurance Considerations March 2015
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.

Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.
Overview of Cybercrime

Overview of Cybercrime
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
AUGUST 25, 2015 Cyber Insurance:

AUGUST 25, 2015 Cyber Insurance:
Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.

Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.
Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.

Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.

Similar presentations

Ads by Google