cyber 101
play

Cyber 101 Aaron Yates Chief Executive, Berea A crash course on - PowerPoint PPT Presentation

Aug 17, 2023 •187 likes •532 views

www.berea-group.co m Cyber 101 Aaron Yates Chief Executive, Berea A crash course on cyber security, data protection and cyber insurance. Chelmsford CII Wednesday, 13th February 2019 Berea Focused on high scale cyber support for SMEs.

  1. www.berea-group.co m Cyber 101 Aaron Yates Chief Executive, Berea A crash course on cyber security, data protection and cyber insurance. Chelmsford CII Wednesday, 13th February 2019

  2. Berea • Focused on high scale cyber support for SMEs. • Work with insurers, MGAs and insurance brokers. • Happy to explain more after our session.

  3. Why are we here? • Is it really a problem? • What, exactly, is the problem? • What is cyber insurance? • What’s happening with distribution? • How do Berea fit in?

  4. Let’s make it real

  5. Pop quiz Is your website a risk? www.securityheaders.io Try us, too! www.berea-group.com

  6. Pop quiz Is your iPhone secure? Let’s find out… Settings → Touch ID/Face ID and Passcode → Erase Data Is the setting green or grey ?

  7. Pop quiz Have you been compromised? www.haveibeenpwned.com If you’ve been with your employer less than a couple of years try using your personal email address.

  8. What just happened? We have evidenced We have made a These insights are that you have very small part symptomatic of a vulnerabilities of the issue visible far bigger problem

  9. The far bigger problem “ Cyber” (Oct 17 - Oct 18) Fires (Oct 17 - Oct 18) • 1.6m offences • 167,150 attended virus/Computer Misuse Act. to nationally. • 1.5m cyber-related • Of which 15,577 were fraud offences. commercial premises. 8,493 /day. 458 /day. Probably not insured. Highly likely to be insured.

  10. What’s the problem?

  13. Why is it now such a problem? Competition Efficiency Profitability demands for c reating Because use of technology creates a vicious cycle

  14. Pop quiz Have you ever sent an email after 10pm?

  15. Governance is patchy-to-MIA for most businesses Layers of legacy systems under new technology

  16. What’s happening, and why?

  17. We have Who has a And uses To exploit a Creating an actor motivation a vector vulnerability an incident… Staff Website Human Accident Financial Loss/Costs Organised Crime Negligence Email Software Reputation Damage Opportunists Physical media Hardware Malice Legal/Regulatory Script Kiddies Financial Physical office Hacktivists Social media Ethical Hackers Moral Telephone Nationstate Supplier Ego Customer

  18. Cyber Information Data Security Protection

  19. Information Security Background Key concepts • Not legally mandated • Confidentiality • Sensible business practice • Integrity • Identify and manage risks • Availability • Risk score prioritises activity

  20. Data Protection Background Why is legislation changing? • Legally mandated by GDPR • 20 years of change • Requires data to be stored securely • Decisions are being made about us • Honour the rights of individuals Consequences • Penalties of up to 4% GAT or €20m • Lawful basis for processing • Reputation damage • Evidence compliance activity

  21. Information Data Security Protection Financial Legal Reputation loss issues damage

  22. Cyber insurance?

  23. When the worst happens 1 2 3 Identify what Stop the attack, Contend with has happened restore service the fallout

  24. 1st Party Breach/Incident Event Costs

  25. 3rd Party Privacy (Regulatory + Liability) 1st Party Breach/Incident Event Costs 3rd Party Network/Security Liability

  26. 3rd Party Privacy (Regulatory + Liability) 1st Party Crime/ “Cyber” Breach/Incident Fidelity Business Event Costs Interruption 3rd Party Network/Security Liability

  27. 3rd Party Privacy (Regulatory + Liability) Stock deterioration 1st Party Crime/ “Cyber” Breach/Incident PCI-DSS Fidelity Business Event Costs Interruption Transmit A Virus... 3rd Party Network/Security Liability

  28. Distribution issues

  29. + E&O + Noise + Silent Cyber Brokers Media Insurers & MGAs Brokers Trade Assocs Insurers & MGAs Broker The client Consultants Brokers Insurers & MGAs Brokers Staff x90~ x lots

  30. What needs to happen? 5 A better, risk managed buying journey Invest & 4 Maintain ISO 27001 3 1 2 Cyber Staff Risk insurance awareness control

  31. Governance specifications A growing alphabet soup With road blocks • Cyber Essentials • “DIY” possible with expertise • ISO 27001 • Consultants cost >£1,000 +VAT • PCI-DSS • Too few experts • GDPR Fundamentals • Firms are unsure where to start • Insurance/client requirements

  32. Cyber Essentials What is it? Background • Technical governance specification • Standardise procurement assurance • A recognised certification • Minimum benchmark for British firms • Reduce common threats by 70-80% • Recognised by the ICO for GDPR • Join risk management and insurance

  33. How Berea fit in Insurers & MGAs Insurance Brokers Embed Cyber Essentials Proactively engage clients with as a risk management value Berea’s unique services as a add to your PI and SME ready-made sales journey to packaged offerings. buying cyber insurance.

  34. Thank you Any questions?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent & Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT ITY How cyber is becoming a key aspect of the ubiquity generation. CYBER SUMMIT More to come 3 2018 Deloitte Cyber Risk Services 4 2018

514 views • 19 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the Land: : Wh What t the Numbe mbers rs Tell l Us Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides

722 views • 31 slides
90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO HUMAN ERROR ERROR CYBER AWARE CYBER AWARE NEXT-GEN SECURITY AWARENESS TRAINING Cyber Crime Is Now A Cyber Crime Is Now A Business Opportunity

550 views • 25 slides
1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the

1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the

1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the evolution of IT environments has been the origin of Cyber Space as a result for the Internet use by all subjects in the world, that is Individual

1.17k views • 67 slides
Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on:

Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on:

Slides (for Schools Use) to Brief Parents on Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on: What is Cyber Bullying? MOEs Cyber Wellness Education School-wide Programmes

388 views • 14 slides
CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats to small businesses 3. Cyber Recovery Insurance Y our presenters Anne Jackson Sarah Morton Gary Hibberd Sales Director, Lorega Sales and

342 views • 31 slides
Cyber Moving Targets Yashar Dehkan Asl Introduction An overview of different cyber moving target

Cyber Moving Targets Yashar Dehkan Asl Introduction An overview of different cyber moving target

Cyber Moving Targets Yashar Dehkan Asl Introduction An overview of different cyber moving target techniques, their threat models, and their technical details. Cyber moving target technique: Defend a system Increase the complexity of cyber

442 views • 40 slides
Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

1.07k views • 39 slides
Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot gray inc. @dotgray Sunday, March 15, 15 Resources Codex.WordPress.org / Hardening_WordPress Blog.Sucuri.net / WordPress Security WPSecure.net /

608 views • 32 slides
Risk Management Information Security Dr Hans Georg Schaathun Hgskolen i lesund Autumn 2011

Risk Management Information Security Dr Hans Georg Schaathun Hgskolen i lesund Autumn 2011

Risk Management Information Security Dr Hans Georg Schaathun Hgskolen i lesund Autumn 2011 Week 5 Dr Hans Georg Schaathun Risk Management Autumn 2011 Week 5 1 / 1 Learning Outcomes After this week, students should be able to

727 views • 72 slides
CSc 337 LECTURE 26: REGULAR EXPRESSIONS AND SECURITY Regular expressions in JavaScript var str =

CSc 337 LECTURE 26: REGULAR EXPRESSIONS AND SECURITY Regular expressions in JavaScript var str =

CSc 337 LECTURE 26: REGULAR EXPRESSIONS AND SECURITY Regular expressions in JavaScript var str = "The rain in SPAIN stays mainly in the plain"; var res = str.match(/ain/g); - The match function takes a regular expression as a

408 views • 19 slides
Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The

Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The

Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The Free Haven Project 1 Overview We design and deploy anonymity systems. Version 1: You guys are studying this in academia, and we're

684 views • 25 slides
WordPress Security Dont Be a Mark (with apologies to anyone named Mark) Will Chatham @willc

WordPress Security Dont Be a Mark (with apologies to anyone named Mark) Will Chatham @willc

WordPress Security Dont Be a Mark (with apologies to anyone named Mark) Will Chatham @willc www.willchatham.com Asheville Area WordPress Group, August 17, 2016 Overview Security Threats: Why & Who How WordPress Gets Hacked

376 views • 18 slides
Security Note: These slides are created using information from. Network Security Essentials by

Security Note: These slides are created using information from. Network Security Essentials by

Security Note: These slides are created using information from. Network Security Essentials by William Stallings Computer Networking, A top-down approach by James F.Kurose and Keith W.Ross Maximum Security by Anonymous Lectures and Notes from

489 views • 38 slides
Background Body background Subtle patterns background textures List marker (see

Background Body background Subtle patterns background textures List marker (see

Background Body background Subtle patterns background textures List marker (see snippets) Default: window size Advantage: grows and shrinks easily Disadvantage: harder to design Making body fixed width Advantage:

277 views • 4 slides
Section 9 MATERIAL PULLED FROM LAST SECTION AND LAST YEARS SLIDES Todays Agenda

Section 9 MATERIAL PULLED FROM LAST SECTION AND LAST YEARS SLIDES Todays Agenda

Section 9 MATERIAL PULLED FROM LAST SECTION AND LAST YEARS SLIDES Todays Agenda Administrivia Review Design Patterns Design Pattern Worksheet Course Review Administrivia HW9 due tonight at 10PM Friday Final Exam In regular

314 views • 16 slides

More recommend