Cyber Security Planning 101
1 like542 views
This document summarizes a cyber security planning panel discussion. The panelists discussed (1) the importance of cyber security for all organizations, even small and medium enterprises, as attackers target any organization that may have assets; (2) that all organizations have cyber security responsibilities to customers, stakeholders, and authorities; and (3) that organizations can take action to improve their cyber security through basic measures and defenses. The panel then covered specific cyber security threats like ransomware and weaponized artificial intelligence, trends showing small businesses and public sectors are increasingly targeted, and best practices for mitigation including having a plan, insurance, and a cyber security partner.
Cyber Security Planning 101
- 2. ANDRE W LOSCHM ANN M A RK G A U DE T RYAN VALLE E PANELISTS BRYAN HARALOVICH Partner, Welch LLP President & CTO, Field Effect Software Product Line Manager, CIRA Senior VP, Fully Managed
- 3. Cyber Security and SMEs Andrew L os ch ma n n
- 4. 3 messages for SMEs in 2019: You can do something You are important You have cyber security responsibilities
- 5. Message #1 You are important. • Threat actors (“attackers”) are not individuals, they’re organizations. • The motivation is almost always financially motivated. • Like most organizations, they adapt. In 2019, this means automation and scale: Data theft and resale, Credential sales, Ransomware, Financial Redirection… what’s next? If you have any assets, or have the potential to have an asset, you are a target.
- 6. Message #2 You have cyber security responsibilities. • Customers • Stakeholders • Regulatory, Industry and other authorities
- 7. Message #3 You can do something. • It is not an impossible problem. • Cyber Security threats are well understood at this point, as are effective defence strategies. • This technology, knowledge and process needed to make a real difference is not out of reach. • Believe it or not, the basics matter, and making a mistake on the basics are what will get you into trouble.
- 8. Measuring Success Cyber Security is measurable and should: • Be continuous • Improve your network • Lower your risk (and costs)
- 11. Of organizations reported being compromised last year. This number approaches 100% in larger organizations. 43%
- 13. DNS as a Layer of Defense Use of DNS Firewalls Could Reduce 33% of All Cybersecurity Breaches.
- 14. DNS Firewall as layer of defense
- 15. Of malicious data breaches came from a form of cyber-attack that leverages emails, texts, phone calls or even in- person visits. 93%
- 16. Only 54 per cent of small businesses provide cybersecurity training for their employees even though the most common form of malware seen by our respondents, phishing attacks (42 per cent), directly exploit employees as a point of weakness. 54% The Human Layer of Defense
- 17. Reduction in users clicking on phishing emails after implementing D-Zone Cybersecurity Awareness Training. 3x Transform your users into a human firewall
- 18. The most integrated training, phishing simulation, gamification and measurement tool available. D-Zone Cybersecurity Awareness Training Score and measure Ongoing and Remedial Training “Turned cyber risk from something to lose sleep about into something we effectively manage” C-Therm Technologies Awareness Survey Phishing simulation End user training modules and risk analysis
- 19. CIRA delivers a family of cybersecurity services to Canadian organizations. D-Zone Anycast DNS Authoritative DNS for your domains Improve performance with a global footprint Protect from DNS DDoS and DNS hijacking D-Zone DNS Firewall Recursive DNS with threat blocking 100,000 new threats blocked daily Stops malware command-and- control D-Zone Cybersecurity Awareness Training Phishing and training for end-users Most integrated platform available Reduce user clicks on malware links by 3X
- 20. Summary • Defense in Depth • Leverage additional layers • DNS • Staff
- 21. Fully Managed – Cyber Security RYAN VAL L EE
- 22. Current threats and who they are targeting The Continued Increase in Ransomware. • In 2016, a business fell victim to ransomware every 40 seconds. • 70% of all malware attacks last year were ransomware. • 91% of cyberattacks begin with spear phishing email, which are commonly used to infect organizations with ransomware. Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021, up from $3 trillion in 2015. Ransomware is expected to worsen and make up a proportionately larger share of total cybercrime by 2021.
- 23. Weaponization of Artificial Intelligence • Security companies are using AI to protect environments and users, therefore it is certain that the hackers are following suit in their attack methodologies. • Hackers leverage AI in spear phishing exploits to create carefully targeted messages that trick people into sharing sensitive data and installing malware. • AI is used to collect information about a target organization from across the internet, to instigate detailed and targeted exploits, and crack passwords.
- 24. Who Are They Targeting? • 71% of ransomware attacks in 2018 targeted small businesses, with an average ransom demand of $116,000 USD. • Consumer-targeted ransomware attacks have declined by 33% since the end of 2018. • Ransomware attacks on business targets have seen a substantial increase in the first quarter of 2019, up by 195 percent since the fourth quarter of 2018. • 16% of cyber-attacks target public sector entities, 15% focus on healthcare organizations, and 10 % of attacks target the financial industry. • • • • • • • • •
- 25. Who Are They Targeting? - Continued • As can be seen from the data, public administrations are a very large target and this has been seen with the number of public municipalities which have suffered breaches recently. • “There's over two thousand municipalities in Canada ... they hold a lot of sensitive information on individuals ... on properties, on a lot of transactions. They're very vulnerable.” Dan Mathieson, mayor of Stratford … in a CBC news report after the municipality was hit with ransomware on 14th April 2019.
- 26. Best practices in Risk Mitigation (Financial, public and brand damage) HAVE A PLAN CYBERSECURITY INSURANCE CYBERSECURITY PARTNER
- 27. Disclosure issues surrounding the Personal Information Protection and Electronic Documents Act (PIPEDA) PIPEDA applies to private-sector organizations across Canada that collect, use or disclose personal information in the course of a commercial activity. As of 1st November 2018, it is mandatory to report to the Privacy Commissioner of Canada breaches of security safeguards involving personal information that pose a real risk of significant harm to individuals. Failure to report such a breach can lead to fines of up to $100,000. (source: Government of Canada & Global News) • • •
- 28. W R I T T E N P L A N S Prevention Policy Essential steps for preventing attacks S E C U R I T Y H Y G I E N E B E T T E R A U T H E N T I C A T I O N 2 - F A C T O R A U T H E N T I C A T I O N E D U C A T I O N
- 29. Call for help! Business Continuity Plan Steps to take after a cyber attack Disconnect the internet Isolate the Servers Call Insurance Company Execute DR Plan Find Patient Zero Clean the Environment Restore Data and Servers Report the Breach Ongoing impact
- 30. ANDRE W LOSCHM ANN M A RK G A U DE T RYAN VALLE E PANELISTS BRYAN HARALOVICH Partner, Welch LLP bharalovich@welchllp.com 613.236.9191 President & CTO, Field Effect Software aloschmann@fieldeffect.com 613.686.6342 Product Line Manager, CIRA mark.gaudet@cira.ca 613.237.5335 Senior VP, Fully Managed Ryan.vallee@fullymanaged.com 613.591.9800
- 31. THANK YOU