protect your small business from cyber attacks
play

Protect Your Small Business From Cyber Attacks Presenter: Jacob - PowerPoint PPT Presentation

Aug 22, 2022 •270 likes •529 views

Protect Your Small Business From Cyber Attacks Presenter: Jacob Blacksten Technology Business Advisor, Delaware SBDC 01/01/2018 www.delawaresbdc.org Small Businesses are a Target 68% of breaches took months or longer to 58% of data breach

  1. Protect Your Small Business From Cyber Attacks Presenter: Jacob Blacksten Technology Business Advisor, Delaware SBDC 01/01/2018 www.delawaresbdc.org

  2. Small Businesses are a Target 68% of breaches took months or longer to 58% of data breach victims are small businesses discover 32 42 58 68 www.delawaresbdc.org Source: 2018 Verizon Data Breach Report

  3. Program Purpose

  4. Raise awareness of cyber risk within Delaware’s community Help businesses manage the threat and impact of cyber interference Foster innovation in cyber security Program Purpose

  5. Why Create a Security Plan? • Cyber is: Behavioral, Physical, Technological • S E C U R I T Y • The unknown is expensive • Increased scrutiny and liability from buyers, business partners, etc. • You want to protect your brand, your customers, your employees, your buyers, etc. • Demonstration of reasonable effort to protect your data and systems. Can you? www.delawaresbdc.org

  6. The Small Business Cybersecurity Workbook • To provide small business with a starting concept for creating a Written Information Security Program or (WISP). • Defining a reasonable program for handling cybersecurity within a small business. • This is just a starting point . It is meant to get small businesses thinking in a security mindset. www.delawaresbdc.org

  7. IDENTIFY ‐ (Pg 8) Cybersecurity Workbook What structures and practices do you have in place to identify cyber threats? • Based off the NIST Framework PROTECT ‐ (Pg 12) • Concept is simple What are the basic practices you have in place to protect your systems? • Common language which all DETECT ‐ (Pg 19) understand What do you use to identify someone of something malicious? RESOIND ‐ (Pg 21) How will you deal with a breach if and when it occurs? RECOVER ‐ (Pg 23) How will you get your business back to normal after a breach?

  8. Section 1: Identify A Risk‐Based Approach Physical Software Security •What do you collect? •Which ones do you have? •What sensitivity level? •Desktops •Inventoried and •Who has them? •Where’s it located? current? •Laptops •How are they •Who has access to it? •Mobile Devices maintained? •Outside consultant? Know Your Operating Company Systems www.delawaresbdc.org

  9. Section 2: Protect Usernames and Passwords Data Segregation Timeouts and Lockouts Firewalls and patching Training and Awareness Login www.delawaresbdc.org

  10. Passwords & Authentication Authentication Passwords www.delawaresbdc.org

  11. Passwords & Authentication Passwords Authentication What you know: Password Mandatory Password Cycle What you have: Token Length 8 – 64 Characters What you are: Biometrics Multifactor Require Special Characters Password Hints Scan Against Common Known/Used www.delawaresbdc.org

  12. Passwords & Authentication Passwords Authentication What you know: Password NO Mandatory Password Cycle What you have: Token Length 8 – 64 Characters What you are: Biometrics Multifactor Require Special Characters Password Hints Scan Against Common Known/Used www.delawaresbdc.org

  13. Passwords & Authentication Passwords Authentication What you know: Password NO Mandatory Password Cycle What you have: Token Length 8 – 64 Characters What you are: Biometrics Multifactor Don’t Require Special Characters Password Hints Scan Against Common Known/Used www.delawaresbdc.org

  14. Passwords & Authentication Passwords Authentication What you know: Password NO Mandatory Password Cycle What you have: Token Length 8 – 64 Characters What you are: Biometrics Multifactor Don’t Require Special Characters Avoid Password Hints Scan Against Common Known/Used www.delawaresbdc.org

  15. Section 3: Detect www.delawaresbdc.org

  16. Section 3: Detect AntiVirus and AntiMalware Scan for unusual activity Foreign Password Login! www.delawaresbdc.org

  17. Section 3: Detect AntiVirus and AntiMalware Scan for unusual activity Congratulations! You are our 100 th visitor of the day and we would like to thank you. Foreign Password Login! Claim Reward! www.delawaresbdc.org

  18. Section 4: Respond www.delawaresbdc.org

  19. Section 4: Respond • Contact legal support • Contact a Digital Forensics Team • Document EVERYTHING! • Date of Incident • Explanation of Incident • How Discovered • How Remediated • Date Affected • Steps Taken To Close Vulnerability • Updated Backups www.delawaresbdc.org

  20. Section 4: Recover • Getting back to normal • Move swiftly and obtain assistance • Communication • Document www.delawaresbdc.org

  21. House Bill 180 • August 24, 2017, Governor John Carney signed into law the first update to Delaware’s data breach law in 12 years. • Enacts new requirements for Delaware’s businesses for protecting personal information. • If you conduct business in Delaware and own, license or maintain personal information on Delaware residents, you are required to “implement and maintain reasonable procedures and practices to prevent the unauthorized acquisition, use, modification, disclosure, or destruction of personal information collected or maintained in the regular course of business.” www.delawaresbdc.org

  22. What Counts as Personal Information? House Bill 180 To be personal information, the categories listed below must be associated with a Delaware resident’s first name or initial and last If the data I own, license or maintain is hacked, what is my obligation? name in combination with any of the categories below with the required password or security • code You have 60 days to provide notice to affected individuals unless you • Social Security number can determine after an appropriate investigation that the breach is • Driver’s license number “unlikely to result in harm.” • Financial account number • Passport Number • • If the data breach includes Social Security numbers, residents shall be Username or email address in combination with a password or security offered credit monitoring services at no cost to the residents for a question period of one year. If the effected number of Delaware residents • Medical information exceeds 500, the Attorney General is to be notified. • Health insurance information • DNA profile • • If encrypted data is breached, you don’t have to provide notice unless Biometric data used to access information the encryption key is also breached. • An individual taxpayer identification number www.delawaresbdc.org

  23. Cyber Risk Assessment Tool www.delawaresbdc.org

  24. DatAssured Cybersecurity Workbook Do’s and Don’ts • Small Business Cybersecurity • Safe Payments SBDC SBDC • Vendor Questions Online Online Resources Resources Cybersecurity Plans • FCC Cyber Planner • Ransomware Public Handout Information Security Policy Templates • SANS • Cybersecurity Resource List www.delawaresbdc.org

  25. Helping Delaware’s small business community secure their critical data and infrastructure Jacob Blacksten Technology Business Development Delaware SBDC jacobb@udel.edu www.delawaresbdc.org

Recommend

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO HUMAN ERROR ERROR CYBER AWARE CYBER AWARE NEXT-GEN SECURITY AWARENESS TRAINING Cyber Crime Is Now A Cyber Crime Is Now A Business Opportunity

550 views • 25 slides
Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks

Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks

AUGUST 25, 2015 Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks Tyler Gerking, Partner David B. Smith, CPCU, ARM, Insurance & Risk Management Consultant What is Cyber Insurance?

368 views • 10 slides
How to protect yourself and your business from the threat of Cybercrime Presented by Laura

How to protect yourself and your business from the threat of Cybercrime Presented by Laura

How to protect yourself and your business from the threat of Cybercrime Presented by Laura Hodgson Cyber Protect Officer Cyber.safe@titan.pnn.police.uk Who are we? North West Regional Organised Crime Unit Cumbria Collaboration of 6 North

353 views • 20 slides
DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1

DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1

www.nviso.be DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1 Demo time 2 Threat actor groups 3 Nation states 4 Hacktivism 5 Organized cyber crime 6 The bad competitor 7 The Internet of

777 views • 42 slides
Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer

Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer

Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer Jennie.williams_cyber@titan.pnn.police.uk www.titanrocu.org.uk TITAN-ROCU @titanrocu TITAN-ROCU Cyber Dependant Crime (Pure Cyber Crime) Cyber

749 views • 15 slides
FCIC-112798 1. Protect the United States from terrorist attack 2. Protect the United States

FCIC-112798 1. Protect the United States from terrorist attack 2. Protect the United States

FCIC-112798 1. Protect the United States from terrorist attack 2. Protect the United States against foreign intelligence operations and . espionage 3. Protect the United States against cyber-based attacks and high- technology crimes 4. Combat

670 views • 29 slides
Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced Persistent Threats (APT) Cybercriminals, Exploits and Malware Denial of Service attacks (DDoS) Domain name hijacking Corporate

347 views • 13 slides
Cyber Security And For Business Seminar Enter your business card for an opportunity to win the

Cyber Security And For Business Seminar Enter your business card for an opportunity to win the

Cyber Security And For Business Seminar Enter your business card for an opportunity to win the most productivity tool for your business worth over $200 Cyber Security And For Business Seminar How Cyber Criminals Are Targeting Small

459 views • 30 slides
CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect

CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect

CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer, Essex Police Barry Linton, Thorpe Bay U3A Thorpe Bay U3A Criminal insight - why commit cybercrime? Scale Nationally 1.6 million cyber

429 views • 25 slides
Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and

Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and

Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and develop relationships with companies and organisations within the region to promote cyber security and the role of the SEROCU CCU. The Regional

217 views • 18 slides
CYBER - SECURITY PART 2 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer,

CYBER - SECURITY PART 2 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer,

CYBER - SECURITY PART 2 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer, Essex Police Barry Linton, Thorpe Bay U3A Thorpe Bay U3A HOW DO I PROTECT MYSELF 2 ALL ABOUT PASSWORDS Change your passwords regularly.

425 views • 27 slides
Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44 17917 623 068 T: +44 1684 878178 F: +44 1684 878171 dibble.clark@3sdl.com What is Cyber? Commercial in Confidence Policy in Action Commercial in

275 views • 25 slides
Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean

Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean

Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean Camp, Marthie Grobler, Julian Jang-Jaccard, Christian Probst, Karen Renaud, Paul Watters Cyber is Global It is unrealistic to study cyber at a

719 views • 36 slides
The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix

The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix

The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix Severe Weather Hazardous Spill Failed Large Pacific rural flood Global Financial Asia 10 % State Crisis Interstate Cyber Attacks Conflict

335 views • 11 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent & Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET -

SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET -

SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET - Enhancing Cyber Resilience Relation to NCSRA II SARNET | October 5th 2016 CYBER THREATS ARE EVOLVING Key trends Cyber Cyber Cyber Magnitude of

153 views • 13 slides
PII Awareness Briefing Introduction Cyber attacks on private, public and government

PII Awareness Briefing Introduction Cyber attacks on private, public and government

PII Awareness Briefing Introduction Cyber attacks on private, public and government information systems are becoming all too common. From hackers to cyber criminals and nation states, todays attackers are more disciplined,

918 views • 12 slides
2.4 Cyber-Safety Protect Your Computer The Internet is a global network of networks with

2.4 Cyber-Safety Protect Your Computer The Internet is a global network of networks with

2.4 Cyber-Safety Protect Your Computer The Internet is a global network of networks with billions of connected computers. Protect Your Computer Unfortunately, not all of those computers are used by honest, law abiding citizens. Protect Your

294 views • 28 slides
Evolving Cyber Risks for Small Businesses Sponsored By: Evolving Cyber Risks for Small

Evolving Cyber Risks for Small Businesses Sponsored By: Evolving Cyber Risks for Small

Evolving Cyber Risks for Small Businesses Sponsored By: Evolving Cyber Risks for Small Businesses Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides Recording of todays webinar Corresponding

515 views • 19 slides
Cyber attacks as use of force in international relations: ius ad bellum and ius in bello Prof.

Cyber attacks as use of force in international relations: ius ad bellum and ius in bello Prof.

Cyber attacks as use of force in international relations: ius ad bellum and ius in bello Prof. Marco Pedrazzi Department of International, Legal, Historical and Political Studies Milan University 1 Cyber war and outer space Satellites =

583 views • 27 slides
Anatomy of a Data Theft Attack For Sacramento ISACA January 2016 Mike Landeck Cyber Security

Anatomy of a Data Theft Attack For Sacramento ISACA January 2016 Mike Landeck Cyber Security

Anatomy of a Data Theft Attack For Sacramento ISACA January 2016 Mike Landeck Cyber Security Consultant Agenda 1. USB Attacks 2. QR Code Attacks 3. Advanced Phishing Attacks 4. Malvertising 5. Watering Hole Attacks 6. How Simple Browser

1.32k views • 33 slides
WORLDWIDE CYBER-ATTACKS: THEIR IMPACT ON THE INTERNATIONAL HEALTH SERVICES AND THEIR ANSWER IN

WORLDWIDE CYBER-ATTACKS: THEIR IMPACT ON THE INTERNATIONAL HEALTH SERVICES AND THEIR ANSWER IN

MOL2NET 2017, International Conference on Multidisciplinary Sciences, 3rd edition. Section 08: LAWSCI-01: Wokshop on Challenges in Law, Technology, Life, and Social Sciences. 25 30 July, 2017. Bilbao, Spain. WORLDWIDE CYBER-ATTACKS: THEIR

78 views • 5 slides
Towards a Semantic of XML Signature - How to Protect Against XML Wrapping Attacks Sebastian Gajek,

Towards a Semantic of XML Signature - How to Protect Against XML Wrapping Attacks Sebastian Gajek,

Towards a Semantic of XML Signature - How to Protect Against XML Wrapping Attacks Sebastian Gajek, Lijun Liao, Jrg Schwenk Horst-Grtz-Institut Ruhr-University Bochum, Germany Presented by Michael McIntosh Java and Web Services Security

505 views • 11 slides
I mplementing California s Small Business Health Exchange John Arensmeyer Small Business

I mplementing California s Small Business Health Exchange John Arensmeyer Small Business

I mplementing California s Small Business Health Exchange John Arensmeyer Small Business Majority April 26, 2012 About Small Business Majority Small business advocacy organization founded and run by small business owners

121 views • 10 slides

More recommend