cyber threats and how to a void them
play

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of - PowerPoint PPT Presentation

Nov 30, 2022 •32 likes •342 views

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats to small businesses 3. Cyber Recovery Insurance Y our presenters Anne Jackson Sarah Morton Gary Hibberd Sales Director, Lorega Sales and

  1. CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats to small businesses 3. Cyber Recovery Insurance

  2. Y our presenters Anne Jackson Sarah Morton Gary Hibberd Sales Director, Lorega Sales and Marketing Managing Director, Manager, Lorega Agenci Lorega LTD

  3. Increasing global internet use • 3.7 billion internet users globally • Devices not limited to desktop and mobiles • Huge increase in internet connected devices, including thermometers, refrigerators and smart watches. http://wearesocial.com/uk/blog/2017/01/digital-in-2017-global-overview Lorega LTD

  4. http://www.excelacom.com /resources/blog/2016- update-what-happens-in- What happens online in 60 one-internet-minute seconds? https://iabuk.net/research/library/time-spent-online-july-december-2015 Lorega LTD

  5. But what else is happening? https://www.helpnetsecurity.com/2016/04/08/dark-web-content/ Lorega LTD https://darkwebnews.com/help-advice/access-dark-web/

  6. Motivations for cyber criminals • Cyber crime and data breaches aren’t always about money • Other motivations include hacktivism, teenage boredom and training for larger crimes http://www.hackmageddon.com/2016/02/16/january-2016-cyber-attacks-statistics/ Lorega LTD

  7. THREATS TO SMEs What’s out there? Lorega LTD

  8. Types of threats to businesses rd par Ro Rogue Employee 3 rd Negl Ne glige gence Ou Outsider r Thre reat party an and d vendo dor threat at • • Employee could Physical theft of • • Hacking Cloud and other send data to the data storage or data • Hacktivism wrong place or systems • Data could be source • Malware, sold to • Network interruption • Physical loss of ransomware and competitors hardware such as a • viruses Loss of data or theft of mobile phone or • Could be used data • Leads to theft of laptop for extortion • data, unauthorised Backdoor intrusions • Victims of phishing access to systems or emails total shutdown of systems and websites Lorega LTD

  9. Types of threat: Rogue Employees • May steal data when leaving to join a competitor • Could use data for own use • Could lead to criminal convictions Avoid the threat • Ensure robust data security policies and procedures in place • Only grant access to data or certain technologies if necessary Lorega LTD

  10. Types of threat: Negligence • PICNIC – Problem In the Chair, Not In the Computer • Rise of BYOD Avoid the threat • Ensure proper disposal of sensitive data • Password protect devices • Have backups in place Lorega LTD

  11. Types of threat: Outsider Threats • This is what most people think about when they think of cyber security and cyber crime Avoid the threat • 10 steps to avoid cyber bugs and thugs • Protect systems • Invest in cyber security • Have a cyber insurance policy in place • Secure WIFI networks Lorega LTD

  12. Types of threat: Phishing emails • UK the most targeted nation for phishing attacks and ransomware in 2015 • 85% of organisations reported being the victim of a phishing attack in 2015 • 30% of phishing emails are opened • 9 out of 10 phishing emails carry ransomware or malware Avoid the threat • If it looks dodgy, impersonal, it probably is • Don’t click on attachments or links from unknown senders • Don’t email personal or financial information • Never go to banking websites from emails • Turn on two factor authentication Lorega LTD

  13. Sophisticated Google Drive phishing • Tom Scott received an email that looked like a google drive attachment • The sending address was disguised as a friend’s email Lorega LTD

  14. Look familiar? Lorega LTD

  15. Types of threat: CEO Fraud Lorega LTD

  16. Types of threat: CEO Fraud • 1 in 3 companies have been victims of CEO fraud email • Over 80% of security professionals believe executives in their organisation could fall for targeted phishing scams • Often ask for bank details, but employee records have also been targeted • Can happen on the phone Avoid the threat • Would your CEO normally ask you to make that payment or send those details? • Ring to check • Be vigilant and look out for spelling mistakes, different ways of speaking or anything unusual • Always check bank statements Lorega LTD

  17. Types of threat: Ransomware • 54% of UK companies hit by ransomware attacks last year • 37% of organisations affected have paid the ransom • 32% of UK have lost files or data • 34% of companies globally have lost money • Average of 9 hours spent on remediation • Only 4% of businesses confident in dealing with ransomware Avoid the threat • Never pay the fine • Always backup data • Don’t download .exe or other program files from unknown sources • Don’t allow macros in Excel documents downloaded from the Internet • Always keep anti-virus software up to date Lorega LTD

  18. What do they look like? Lorega LTD

  19. Types of threat: DDOS • Frequency of distributed denial-of-service (DDoS) attacks has increased more than 2.5 times over the last 3 years. • The average size of DDoS attacks is increasing steadily and approaching 1 Gbps, enough to take most organizations completely offline. • Globally the number of DDoS attacks grew 25 percent in 2015 and will increase 2.6-fold to 17 million by 2020. Avoid the threat • Server scripts can alert you if a DDoS attack is suspected • Overprovision site bandwidth to accommodate more traffic • Have a plan to communicate with customers Lorega LTD

  20. What can be done? An introduction to Cyber Recovery Insurance Lorega LTD

  21. Impact of a data breach on small businesses • Incidence of cyber attacks is rising • Any loss of personal information can be complex and time-consuming to deal with • Trading impact of loss of confidence in the business and brand • New EU regulations could mean heavy fines for your customers - businesses are currently exposed to fines up to £500K, but this could go up to $20m or 4% of annual turnover • Cost of restoring IT systems • Risk of third party claims • Threat of business failure Lorega LTD

  22. GDPR • Businesses have a responsibility to ensure appropriate and proportionate security of personal data held • Sensitive personal data is of particular concern • Data subjects must give consent for their data to be held • Businesses must report to the ICO within 72 hours of becoming aware of the data breach • New legislation comes into play on 25 th May 2018 – businesses need to be ready now Lorega LTD

  23. Cyber Recovery Insurance • Cyber Recovery is an insurance policy which provides and pays for the cost of a Cyber Emergency Response Team (CERT) to deal with the crisis when a system has been breached • Administered by Lorega, who have many years of experience helping customers when they need it most • Payment of certain fines, penalties, awards, damages and the cost of credit monitoring • Helps businesses recover from a covered data security breach Lorega LTD

  24. What is a data security breach? • Occurs where ‘Personal information’ is copied, transmitted, viewed or stolen by anyone unauthorised to do so • This could include the loss or theft of a laptop, hacking or unauthorised access to computer systems or data files • Personal data which identifies an individual - even without a name associated with it • Includes exposure to identity theft or aspects of a person’s life Lorega LTD

  25. In Inciden ent Managem emen ent In Inves estigation & Res estoration Cr Crisis Respon onse Awards, Aw s, fines s & & monitoring • Advice to ensure • • • Investigation and IT Emergency line In the event of a compliance with Data advice in respect of available 24/7, Regulatory Security Law Regulatory 365 days a year investigation: • Investigation and IT Investigation • • Initial incident Payment of Regulatory advice in respect of • third party claims Legal advice in respect notification and costs and damages • of Regulatory full assessment Legal and PR advice in • Payment of Regulatory respect of third party Investigation • Advice on fines and penalties claims and protection • Assisting with the immediate • of business reputation Payment of credit restoration of emails, actions monitoring costs online and other software systems Li Limit Li Limit Li Limit Li Limit £300 £100,000 £5000 £25000 Lorega LTD

  26. Policy details • Underwritten by Hiscox • 24/7, 365 days a year claims helpline, with nationwide response • Provides cover for first covered data breach • Breaches must be notified within 12 hours of discovery within the period of insurance Lorega LTD

  27. Exclusions • Excludes certain sectors – local and central government and government agencies, health service and housing associations • Any subsequent data breach, a data breach discovered outside period of insurance, or occurring outside of UK • Other exclusions, set out in Section 5 of the policy schedule, apply Lorega LTD

Recommend

Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N ,

Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N ,

Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N , M A S S A C H U S E T T S J U N E 4 , 2 0 12 Antitrust Notice 2 The Casualty Actuarial Society is committed to adhering strictly to the

577 views • 26 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed

Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed

Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed by us are not representative of the City of Charlotte. OUTLINE INTRODUCTIONS HUMAN THREATS CYBER THREATS QUESTIONS INTRODUCTIONS

445 views • 25 slides
The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber

The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber

The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber Crime Growth Number of mobile 200M devices affected IBM 11.6M Number of accounts hacked CNN Money 432M Number of malware samples collected Intel

652 views • 30 slides
The New Era of Cyber Threats The Shift to Self-Learning, Self-Defending Networks Georgiana

The New Era of Cyber Threats The Shift to Self-Learning, Self-Defending Networks Georgiana

The New Era of Cyber Threats The Shift to Self-Learning, Self-Defending Networks Georgiana Wagemann Director of Sales, Darktrace Evolving Threats in a New Business Landscape Outsourced IT, SaaS, cloud, virtual, supply chain, IoT Not just data

412 views • 15 slides
Introduction to Cyber Threats: current status, perspectives and reflects in Brazil Adriano Mauro

Introduction to Cyber Threats: current status, perspectives and reflects in Brazil Adriano Mauro

Introduction to Cyber Threats: current status, perspectives and reflects in Brazil Adriano Mauro Cansian Agenda New Cybernetic Global Order Cyber threats. The present and future threat scenarios. The scenario in Brazil. Final

617 views • 46 slides
Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig

Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig

Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig picture The asymmetric nature of the Internet The current state of cyber underground Our current approach UNCLASSIFIED 7 Software Integrity Denial

388 views • 18 slides
Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities

Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities

Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities Executive Order Number 8 Identify high risk cyber security issues facing COV. Provide advice and recommendations to secure COV networks,

449 views • 20 slides
Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation

Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation

Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation Baltimore Division Overview Cyber Threat Overview Cyber-enabled Fraud Types of Cyber-enabled Fraud Business Email Compromise

796 views • 47 slides
Bot BotNets Nets- Cy Cyber ber To Torr rriris irism Battling Battling the the threats

Bot BotNets Nets- Cy Cyber ber To Torr rriris irism Battling Battling the the threats

Bot BotNets Nets- Cy Cyber ber To Torr rriris irism Battling Battling the the threats threats of of interne internet Assoc. Prof. Dr. Sureswaran Ramadass National Advanced IPv6 Center - Director Why Talk About Botnets? Because Bot

379 views • 27 slides
Cyber Threats and Federally-funded Cyber Resources Eugene Kipniss State, Local, Tribal, or

Cyber Threats and Federally-funded Cyber Resources Eugene Kipniss State, Local, Tribal, or

Cyber Threats and Federally-funded Cyber Resources Eugene Kipniss State, Local, Tribal, or Territorial Government Entity 2 Why SLTT Governments? Criminals look for data... and governments have a lot of it! 3 TLP: WHITE 3 CBA 6 CBA 4

911 views • 35 slides
Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib

Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib

Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib Dr. Zahri Yunos Presentation Outline 1. Our Service: CyberDEF (Cyber Defence) 2. Our R&D Product: CMERP (Coordinated Malware Eradication &

605 views • 25 slides
Seminar Series Industrial Cyber Threats and Future Planning Robert M. Lee Twitter: @RobertMLee

Seminar Series Industrial Cyber Threats and Future Planning Robert M. Lee Twitter: @RobertMLee

Seminar Series Industrial Cyber Threats and Future Planning Robert M. Lee Twitter: @RobertMLee Email: rlee@dragos.com Web: www.dragos.com Agenda Where We Are Selected Case Studies in Cyber Attacks Where Were Heading

424 views • 24 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and

Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and

1 Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and Strategies Symposium University of Bahrain 21 st September 2016 By: Ahmed Albalooshi, CISA, CISM, CGEIT. First Vice President IT Al Baraka Banking

200 views • 15 slides
Review: Thread package API tid thread_create (void (*fn) (void *), void *arg); - Create a new

Review: Thread package API tid thread_create (void (*fn) (void *), void *arg); - Create a new

Review: Thread package API tid thread_create (void (*fn) (void *), void *arg); - Create a new thread that calls fn with arg void thread_exit (); void thread_join (tid thread); The execution of multiple threads is interleaved Can

498 views • 45 slides
Cyber@UC Meeting 68 Advanced Persistent Threats If Youre New! Join our Slack:

Cyber@UC Meeting 68 Advanced Persistent Threats If Youre New! Join our Slack:

Cyber@UC Meeting 68 Advanced Persistent Threats If Youre New! Join our Slack: cyberatuc.slack.com (URL changed!) SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees:

484 views • 13 slides
Indicator Expansion Techniques Tracking Cyber Threats via DNS and Netflow Analysis United

Indicator Expansion Techniques Tracking Cyber Threats via DNS and Netflow Analysis United

Indicator Expansion Techniques Tracking Cyber Threats via DNS and Netflow Analysis United States Computer Emergency Readiness Team (US-CERT) Detection and Analysis January 2011 Background As the number or compromises escalates and our

182 views • 15 slides
Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats

Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats

Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats in the IoT Cyber attack on the Ukrainian power grid Power outage caused by hackers Security in the IoT is essential, not just for information

1.21k views • 76 slides
Australia's cyber security landscape Threats, Challenges and Opportunities THINK AHEAD, CHANGE

Australia's cyber security landscape Threats, Challenges and Opportunities THINK AHEAD, CHANGE

Australia's cyber security landscape Threats, Challenges and Opportunities THINK AHEAD, CHANGE THE WORLD, CREATE THE FUTURE $139Bn industry by 2020 81,000 new jobs needed by 2020 IoT FAST FACTS IoT consists of all the web-enabled devices that

307 views • 20 slides
ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG.

ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG.

ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG. BADAR ALI ALSALEHI HEAD OF ITU-ARAB REGIONALCYBER SECURITY CENTER DG OF OMAN NATIONAL CERT Dar es Salaam November - 2017 2 3 2014 2015 April-

909 views • 29 slides
International Perspectives to Technological Voter Registration Threats Dr. Beata

International Perspectives to Technological Voter Registration Threats Dr. Beata

International Perspectives to Technological Voter Registration Threats Dr. Beata Martin-Rozumilowicz IFES Director for Europe and Eurasia Background Cyber threats have become an increasing concern since at least the mid-2000s. This has

332 views • 12 slides
networked society High internet penetration and robust infrastructure Borderless

networked society High internet penetration and robust infrastructure Borderless

Fostering cybersecurity collaboration is critical given the danger of cyber threats Singapore as a networked society High internet penetration and robust infrastructure Borderless nature of cyber threats Adopting a whole-of

635 views • 8 slides
Right way to establish critical pro-active defences against emerging cyber threats Andrew J

Right way to establish critical pro-active defences against emerging cyber threats Andrew J

Right way to establish critical pro-active defences against emerging cyber threats Andrew J Clarke Director, One Identity A fast changing world Digital Transformation Internet of Things (IoT) 2 Andrew J Clarke - One Identity The new attack

498 views • 24 slides

More recommend