Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session 13 Cyber-security and cybercrime. Contents  What’s the issue?  Why should we care?  What are the risks?  How do they do it?  How do we protect.

Published byEmma Ward Modified over 8 years ago

Similar presentations

Presentation on theme: "Session 13 Cyber-security and cybercrime. Contents  What’s the issue?  Why should we care?  What are the risks?  How do they do it?  How do we protect."— Presentation transcript:

1 Session 13 Cyber-security and cybercrime

2 Contents  What’s the issue?  Why should we care?  What are the risks?  How do they do it?  How do we protect the firm?  What if the worst happens?

3 What’s the issue?

4 PRIORITY RISK

5 What’s the issue 60-81% report breach… £65k-£1.15m cost of one breach… 84% believe colleagues violate controls… …GLOBAL COST - £338 bn

6 Why should we care?

7 Why should I care? Principle 10: Protect client money and assets Outcome 4.1: Keep the affairs of clients confidential Principle 8: Run your business effectively and in accordance with proper governance and sound financial and risk management principles http://www.lawsociety.org.uk/advice/cyber-security/

8 Why should we care? Breach of confidentiality Structural and financial instability Reputational damage

9 Confidentiality What are the risks?

10 Confidentiality Client lists Strategic client information or personal data Financial information Payment and transactional information Trade secrets Personal details of prominent clients dealings Must protect client confidential information

11 Structural and financial instability What are the risks?

12 Structural and financial instability Systems unavailable Financial losses Overloading Dependence on IT infrastructure Reputational damage

13 What are the risks?

14 Reputation damage BOGUS LAW FIRMS

15 How do they do it?

16 Phishing Malware Hacking Overloading Identity theft

17 Identify our vulnerabilities… How can we protect our firm?

18 Identify your vulnerabilities People Passwords Operations Too much information

19 Take action! How can we protect our firm?

20 Take action – the ‘do’ list Manage the risk properly Restrict data sticks and email attachments Keep browsers etc updated Restrict file access Take identity theft precautions Have a policy Encrypt remote data Back-up Sound HR procedures Training and awareness

21 Take action – the ‘don’t’ list! Use unsecured webmail or unapproved devices to transfer files Use guessable passwords and locally stored files Let your operating systems fall behind Store critical files online without backups. work remotely on an unsecured Wi-Fi connection

22 What if the worst happens?

23 Contain and recover Assess on-going risk Notify Evaluate and respond

24 Summary  What is cybercrime  Why it’s important to us  The risks  Cybercrime types and methods  Protection  Incident management?

25 Final comments Any questions?

Download ppt "Session 13 Cyber-security and cybercrime. Contents  What’s the issue?  Why should we care?  What are the risks?  How do they do it?  How do we protect."

Similar presentations

Security and Control Soetam Rizky. Why Systems Are Vulnerable ?

Security and Control Soetam Rizky. Why Systems Are Vulnerable ?
Women in Technology 2009 Mary Henthorn. Security Prevent loss, theft, or inappropriate access Privacy Ensure freedom from intrusion or disturbance Security.

Women in Technology 2009 Mary Henthorn. Security Prevent loss, theft, or inappropriate access Privacy Ensure freedom from intrusion or disturbance Security.
MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.

MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.
© Peter Readings 2007 1 Data Leakage Pete Readings CISSP.

© Peter Readings Data Leakage Pete Readings CISSP.
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
Risk & Financial Management Allison Wooddisse & Emma Dickin

Risk & Financial Management Allison Wooddisse & Emma Dickin
IDENTITY THEFT AND FRAUD CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.

IDENTITY THEFT AND FRAUD CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Protecting Your Identity: What to Know, What to Do.

Protecting Your Identity: What to Know, What to Do.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.

Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.
Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.

Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.
Training prepared by Geoff Webb Information Security & Governance Consultant Data Protection isn’t a choice, it’s the law What all CPH staff must do 17/07/2013.

Training prepared by Geoff Webb Information Security & Governance Consultant Data Protection isn’t a choice, it’s the law What all CPH staff must do 17/07/2013.
Data Classification & Privacy Inventory Workshop

Data Classification & Privacy Inventory Workshop
Information Security Policies and Standards

Information Security Policies and Standards
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
1 Pertemuan 17 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 17 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
Effective Identification and Management of Compliance Risks Peter Scott, 1 Peter Scott Consulting.

Effective Identification and Management of Compliance Risks Peter Scott, 1 Peter Scott Consulting.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.

Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.

Similar presentations

Ads by Google