cyber 101
play

Cyber 101 Aaron Yates Chief Executive, Berea A crash course on - PowerPoint PPT Presentation

Aug 17, 2023 •187 likes •532 views

www.berea-group.co m Cyber 101 Aaron Yates Chief Executive, Berea A crash course on cyber security, data protection and cyber insurance. Chelmsford CII Wednesday, 13th February 2019 Berea Focused on high scale cyber support for SMEs.

  1. www.berea-group.co m Cyber 101 Aaron Yates Chief Executive, Berea A crash course on cyber security, data protection and cyber insurance. Chelmsford CII Wednesday, 13th February 2019

  2. Berea • Focused on high scale cyber support for SMEs. • Work with insurers, MGAs and insurance brokers. • Happy to explain more after our session.

  3. Why are we here? • Is it really a problem? • What, exactly, is the problem? • What is cyber insurance? • What’s happening with distribution? • How do Berea fit in?

  4. Let’s make it real

  5. Pop quiz Is your website a risk? www.securityheaders.io Try us, too! www.berea-group.com

  6. Pop quiz Is your iPhone secure? Let’s find out… Settings → Touch ID/Face ID and Passcode → Erase Data Is the setting green or grey ?

  7. Pop quiz Have you been compromised? www.haveibeenpwned.com If you’ve been with your employer less than a couple of years try using your personal email address.

  8. What just happened? We have evidenced We have made a These insights are that you have very small part symptomatic of a vulnerabilities of the issue visible far bigger problem

  9. The far bigger problem “ Cyber” (Oct 17 - Oct 18) Fires (Oct 17 - Oct 18) • 1.6m offences • 167,150 attended virus/Computer Misuse Act. to nationally. • 1.5m cyber-related • Of which 15,577 were fraud offences. commercial premises. 8,493 /day. 458 /day. Probably not insured. Highly likely to be insured.

  10. What’s the problem?

  13. Why is it now such a problem? Competition Efficiency Profitability demands for c reating Because use of technology creates a vicious cycle

  14. Pop quiz Have you ever sent an email after 10pm?

  15. Governance is patchy-to-MIA for most businesses Layers of legacy systems under new technology

  16. What’s happening, and why?

  17. We have Who has a And uses To exploit a Creating an actor motivation a vector vulnerability an incident… Staff Website Human Accident Financial Loss/Costs Organised Crime Negligence Email Software Reputation Damage Opportunists Physical media Hardware Malice Legal/Regulatory Script Kiddies Financial Physical office Hacktivists Social media Ethical Hackers Moral Telephone Nationstate Supplier Ego Customer

  18. Cyber Information Data Security Protection

  19. Information Security Background Key concepts • Not legally mandated • Confidentiality • Sensible business practice • Integrity • Identify and manage risks • Availability • Risk score prioritises activity

  20. Data Protection Background Why is legislation changing? • Legally mandated by GDPR • 20 years of change • Requires data to be stored securely • Decisions are being made about us • Honour the rights of individuals Consequences • Penalties of up to 4% GAT or €20m • Lawful basis for processing • Reputation damage • Evidence compliance activity

  21. Information Data Security Protection Financial Legal Reputation loss issues damage

  22. Cyber insurance?

  23. When the worst happens 1 2 3 Identify what Stop the attack, Contend with has happened restore service the fallout

  24. 1st Party Breach/Incident Event Costs

  25. 3rd Party Privacy (Regulatory + Liability) 1st Party Breach/Incident Event Costs 3rd Party Network/Security Liability

  26. 3rd Party Privacy (Regulatory + Liability) 1st Party Crime/ “Cyber” Breach/Incident Fidelity Business Event Costs Interruption 3rd Party Network/Security Liability

  27. 3rd Party Privacy (Regulatory + Liability) Stock deterioration 1st Party Crime/ “Cyber” Breach/Incident PCI-DSS Fidelity Business Event Costs Interruption Transmit A Virus... 3rd Party Network/Security Liability

  28. Distribution issues

  29. + E&O + Noise + Silent Cyber Brokers Media Insurers & MGAs Brokers Trade Assocs Insurers & MGAs Broker The client Consultants Brokers Insurers & MGAs Brokers Staff x90~ x lots

  30. What needs to happen? 5 A better, risk managed buying journey Invest & 4 Maintain ISO 27001 3 1 2 Cyber Staff Risk insurance awareness control

  31. Governance specifications A growing alphabet soup With road blocks • Cyber Essentials • “DIY” possible with expertise • ISO 27001 • Consultants cost >£1,000 +VAT • PCI-DSS • Too few experts • GDPR Fundamentals • Firms are unsure where to start • Insurance/client requirements

  32. Cyber Essentials What is it? Background • Technical governance specification • Standardise procurement assurance • A recognised certification • Minimum benchmark for British firms • Reduce common threats by 70-80% • Recognised by the ICO for GDPR • Join risk management and insurance

  33. How Berea fit in Insurers & MGAs Insurance Brokers Embed Cyber Essentials Proactively engage clients with as a risk management value Berea’s unique services as a add to your PI and SME ready-made sales journey to packaged offerings. buying cyber insurance.

  34. Thank you Any questions?

Recommend

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent & Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT ITY How cyber is becoming a key aspect of the ubiquity generation. CYBER SUMMIT More to come 3 2018 Deloitte Cyber Risk Services 4 2018

514 views • 19 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the Land: : Wh What t the Numbe mbers rs Tell l Us Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides

722 views • 31 slides
90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO HUMAN ERROR ERROR CYBER AWARE CYBER AWARE NEXT-GEN SECURITY AWARENESS TRAINING Cyber Crime Is Now A Cyber Crime Is Now A Business Opportunity

550 views • 25 slides
1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the

1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the

1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the evolution of IT environments has been the origin of Cyber Space as a result for the Internet use by all subjects in the world, that is Individual

1.17k views • 67 slides
Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on:

Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on:

Slides (for Schools Use) to Brief Parents on Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on: What is Cyber Bullying? MOEs Cyber Wellness Education School-wide Programmes

388 views • 14 slides
CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats to small businesses 3. Cyber Recovery Insurance Y our presenters Anne Jackson Sarah Morton Gary Hibberd Sales Director, Lorega Sales and

342 views • 31 slides
Cyber Moving Targets Yashar Dehkan Asl Introduction An overview of different cyber moving target

Cyber Moving Targets Yashar Dehkan Asl Introduction An overview of different cyber moving target

Cyber Moving Targets Yashar Dehkan Asl Introduction An overview of different cyber moving target techniques, their threat models, and their technical details. Cyber moving target technique: Defend a system Increase the complexity of cyber

442 views • 40 slides
Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

1.07k views • 39 slides
The Cyber Landscape Ikahan Seminar Jakarta April 2019 Commodore James McCormack RAN Commander

The Cyber Landscape Ikahan Seminar Jakarta April 2019 Commodore James McCormack RAN Commander

The Cyber Landscape Ikahan Seminar Jakarta April 2019 Commodore James McCormack RAN Commander Defence SIGINT and Cyber Command Scope What is cyber Cyber 101. The Conceptual Framework The nature of the cyber threat problem.

753 views • 12 slides
Identity Theft in Cyber Space Dr R N Singh Member (Technical) Cyber Appellate Tribunal

Identity Theft in Cyber Space Dr R N Singh Member (Technical) Cyber Appellate Tribunal

Identity Theft in Cyber Space Dr R N Singh Member (Technical) Cyber Appellate Tribunal Department of Electronics and IT Ministry of Communications and IT New Delhi 3 rd Cyber Security India 2016 International Summit at Le-Meridien Connaught

582 views • 8 slides
The Future of Cyber-security WILL SOCIETY BE ABLE TO TRUST TECHNOLOGY? The Cyber Black -

The Future of Cyber-security WILL SOCIETY BE ABLE TO TRUST TECHNOLOGY? The Cyber Black -

The Future of Cyber-security WILL SOCIETY BE ABLE TO TRUST TECHNOLOGY? The Cyber Black - Swan The cyber 9/11 Apocalypse we must prevent and be prepared STUXNET The Cyber Black - Swan The cyber 9/11 Apocalypse we

533 views • 15 slides
on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown

on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown

The impact of Covid-19 on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown Director, Cyber, Middle East 1 Control Risks Cyber attacks exploiting the pandemic Share of attack vector of organized

447 views • 10 slides
Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Prentice Wealth Management Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape Verizon VBIR 2015 Report Cyber Breach Trending Outsider v Insider Threat Personal Identity Protection

819 views • 12 slides
Cyber Safety How to Stay Connected & Protected Overview Cybe Cyber r Fr Fraud aud &

Cyber Safety How to Stay Connected & Protected Overview Cybe Cyber r Fr Fraud aud &

Cyber Safety How to Stay Connected & Protected Overview Cybe Cyber r Fr Fraud aud & Cybe & Cybercri rcrime me Online Fraud and Cyber Scams Quiz What percent of people dont use a passcode for their smartphone? A. 10% B.

611 views • 30 slides
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD students and employees)

359 views • 23 slides
COUNTING CYBER WEAPONS New Approaches to identify and control destructive cyber tools Thomas

COUNTING CYBER WEAPONS New Approaches to identify and control destructive cyber tools Thomas

COUNTING CYBER WEAPONS New Approaches to identify and control destructive cyber tools Thomas Reinhold, PEASEC Agenda Why is the question important? What are destructive cyber tools? How can cyber weapons get identified and controlled? Next

459 views • 10 slides

More recommend