cyber threats and how to a void them
play

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of - PowerPoint PPT Presentation

Nov 30, 2022 •32 likes •342 views

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats to small businesses 3. Cyber Recovery Insurance Y our presenters Anne Jackson Sarah Morton Gary Hibberd Sales Director, Lorega Sales and

  1. CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats to small businesses 3. Cyber Recovery Insurance

  2. Y our presenters Anne Jackson Sarah Morton Gary Hibberd Sales Director, Lorega Sales and Marketing Managing Director, Manager, Lorega Agenci Lorega LTD

  3. Increasing global internet use • 3.7 billion internet users globally • Devices not limited to desktop and mobiles • Huge increase in internet connected devices, including thermometers, refrigerators and smart watches. http://wearesocial.com/uk/blog/2017/01/digital-in-2017-global-overview Lorega LTD

  4. http://www.excelacom.com /resources/blog/2016- update-what-happens-in- What happens online in 60 one-internet-minute seconds? https://iabuk.net/research/library/time-spent-online-july-december-2015 Lorega LTD

  5. But what else is happening? https://www.helpnetsecurity.com/2016/04/08/dark-web-content/ Lorega LTD https://darkwebnews.com/help-advice/access-dark-web/

  6. Motivations for cyber criminals • Cyber crime and data breaches aren’t always about money • Other motivations include hacktivism, teenage boredom and training for larger crimes http://www.hackmageddon.com/2016/02/16/january-2016-cyber-attacks-statistics/ Lorega LTD

  7. THREATS TO SMEs What’s out there? Lorega LTD

  8. Types of threats to businesses rd par Ro Rogue Employee 3 rd Negl Ne glige gence Ou Outsider r Thre reat party an and d vendo dor threat at • • Employee could Physical theft of • • Hacking Cloud and other send data to the data storage or data • Hacktivism wrong place or systems • Data could be source • Malware, sold to • Network interruption • Physical loss of ransomware and competitors hardware such as a • viruses Loss of data or theft of mobile phone or • Could be used data • Leads to theft of laptop for extortion • data, unauthorised Backdoor intrusions • Victims of phishing access to systems or emails total shutdown of systems and websites Lorega LTD

  9. Types of threat: Rogue Employees • May steal data when leaving to join a competitor • Could use data for own use • Could lead to criminal convictions Avoid the threat • Ensure robust data security policies and procedures in place • Only grant access to data or certain technologies if necessary Lorega LTD

  10. Types of threat: Negligence • PICNIC – Problem In the Chair, Not In the Computer • Rise of BYOD Avoid the threat • Ensure proper disposal of sensitive data • Password protect devices • Have backups in place Lorega LTD

  11. Types of threat: Outsider Threats • This is what most people think about when they think of cyber security and cyber crime Avoid the threat • 10 steps to avoid cyber bugs and thugs • Protect systems • Invest in cyber security • Have a cyber insurance policy in place • Secure WIFI networks Lorega LTD

  12. Types of threat: Phishing emails • UK the most targeted nation for phishing attacks and ransomware in 2015 • 85% of organisations reported being the victim of a phishing attack in 2015 • 30% of phishing emails are opened • 9 out of 10 phishing emails carry ransomware or malware Avoid the threat • If it looks dodgy, impersonal, it probably is • Don’t click on attachments or links from unknown senders • Don’t email personal or financial information • Never go to banking websites from emails • Turn on two factor authentication Lorega LTD

  13. Sophisticated Google Drive phishing • Tom Scott received an email that looked like a google drive attachment • The sending address was disguised as a friend’s email Lorega LTD

  14. Look familiar? Lorega LTD

  15. Types of threat: CEO Fraud Lorega LTD

  16. Types of threat: CEO Fraud • 1 in 3 companies have been victims of CEO fraud email • Over 80% of security professionals believe executives in their organisation could fall for targeted phishing scams • Often ask for bank details, but employee records have also been targeted • Can happen on the phone Avoid the threat • Would your CEO normally ask you to make that payment or send those details? • Ring to check • Be vigilant and look out for spelling mistakes, different ways of speaking or anything unusual • Always check bank statements Lorega LTD

  17. Types of threat: Ransomware • 54% of UK companies hit by ransomware attacks last year • 37% of organisations affected have paid the ransom • 32% of UK have lost files or data • 34% of companies globally have lost money • Average of 9 hours spent on remediation • Only 4% of businesses confident in dealing with ransomware Avoid the threat • Never pay the fine • Always backup data • Don’t download .exe or other program files from unknown sources • Don’t allow macros in Excel documents downloaded from the Internet • Always keep anti-virus software up to date Lorega LTD

  18. What do they look like? Lorega LTD

  19. Types of threat: DDOS • Frequency of distributed denial-of-service (DDoS) attacks has increased more than 2.5 times over the last 3 years. • The average size of DDoS attacks is increasing steadily and approaching 1 Gbps, enough to take most organizations completely offline. • Globally the number of DDoS attacks grew 25 percent in 2015 and will increase 2.6-fold to 17 million by 2020. Avoid the threat • Server scripts can alert you if a DDoS attack is suspected • Overprovision site bandwidth to accommodate more traffic • Have a plan to communicate with customers Lorega LTD

  20. What can be done? An introduction to Cyber Recovery Insurance Lorega LTD

  21. Impact of a data breach on small businesses • Incidence of cyber attacks is rising • Any loss of personal information can be complex and time-consuming to deal with • Trading impact of loss of confidence in the business and brand • New EU regulations could mean heavy fines for your customers - businesses are currently exposed to fines up to £500K, but this could go up to $20m or 4% of annual turnover • Cost of restoring IT systems • Risk of third party claims • Threat of business failure Lorega LTD

  22. GDPR • Businesses have a responsibility to ensure appropriate and proportionate security of personal data held • Sensitive personal data is of particular concern • Data subjects must give consent for their data to be held • Businesses must report to the ICO within 72 hours of becoming aware of the data breach • New legislation comes into play on 25 th May 2018 – businesses need to be ready now Lorega LTD

  23. Cyber Recovery Insurance • Cyber Recovery is an insurance policy which provides and pays for the cost of a Cyber Emergency Response Team (CERT) to deal with the crisis when a system has been breached • Administered by Lorega, who have many years of experience helping customers when they need it most • Payment of certain fines, penalties, awards, damages and the cost of credit monitoring • Helps businesses recover from a covered data security breach Lorega LTD

  24. What is a data security breach? • Occurs where ‘Personal information’ is copied, transmitted, viewed or stolen by anyone unauthorised to do so • This could include the loss or theft of a laptop, hacking or unauthorised access to computer systems or data files • Personal data which identifies an individual - even without a name associated with it • Includes exposure to identity theft or aspects of a person’s life Lorega LTD

  25. In Inciden ent Managem emen ent In Inves estigation & Res estoration Cr Crisis Respon onse Awards, Aw s, fines s & & monitoring • Advice to ensure • • • Investigation and IT Emergency line In the event of a compliance with Data advice in respect of available 24/7, Regulatory Security Law Regulatory 365 days a year investigation: • Investigation and IT Investigation • • Initial incident Payment of Regulatory advice in respect of • third party claims Legal advice in respect notification and costs and damages • of Regulatory full assessment Legal and PR advice in • Payment of Regulatory respect of third party Investigation • Advice on fines and penalties claims and protection • Assisting with the immediate • of business reputation Payment of credit restoration of emails, actions monitoring costs online and other software systems Li Limit Li Limit Li Limit Li Limit £300 £100,000 £5000 £25000 Lorega LTD

  26. Policy details • Underwritten by Hiscox • 24/7, 365 days a year claims helpline, with nationwide response • Provides cover for first covered data breach • Breaches must be notified within 12 hours of discovery within the period of insurance Lorega LTD

  27. Exclusions • Excludes certain sectors – local and central government and government agencies, health service and housing associations • Any subsequent data breach, a data breach discovered outside period of insurance, or occurring outside of UK • Other exclusions, set out in Section 5 of the policy schedule, apply Lorega LTD

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N ,

Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N ,

Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N , M A S S A C H U S E T T S J U N E 4 , 2 0 12 Antitrust Notice 2 The Casualty Actuarial Society is committed to adhering strictly to the

577 views • 26 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed

Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed

Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed by us are not representative of the City of Charlotte. OUTLINE INTRODUCTIONS HUMAN THREATS CYBER THREATS QUESTIONS INTRODUCTIONS

445 views • 25 slides
The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber

The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber

The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber Crime Growth Number of mobile 200M devices affected IBM 11.6M Number of accounts hacked CNN Money 432M Number of malware samples collected Intel

652 views • 30 slides
The New Era of Cyber Threats The Shift to Self-Learning, Self-Defending Networks Georgiana

The New Era of Cyber Threats The Shift to Self-Learning, Self-Defending Networks Georgiana

The New Era of Cyber Threats The Shift to Self-Learning, Self-Defending Networks Georgiana Wagemann Director of Sales, Darktrace Evolving Threats in a New Business Landscape Outsourced IT, SaaS, cloud, virtual, supply chain, IoT Not just data

412 views • 15 slides
Introduction to Cyber Threats: current status, perspectives and reflects in Brazil Adriano Mauro

Introduction to Cyber Threats: current status, perspectives and reflects in Brazil Adriano Mauro

Introduction to Cyber Threats: current status, perspectives and reflects in Brazil Adriano Mauro Cansian Agenda New Cybernetic Global Order Cyber threats. The present and future threat scenarios. The scenario in Brazil. Final

617 views • 46 slides
Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig

Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig

Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig picture The asymmetric nature of the Internet The current state of cyber underground Our current approach UNCLASSIFIED 7 Software Integrity Denial

388 views • 18 slides
Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities

Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities

Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities Executive Order Number 8 Identify high risk cyber security issues facing COV. Provide advice and recommendations to secure COV networks,

449 views • 20 slides
Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation

Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation

Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation Baltimore Division Overview Cyber Threat Overview Cyber-enabled Fraud Types of Cyber-enabled Fraud Business Email Compromise

796 views • 47 slides
Bot BotNets Nets- Cy Cyber ber To Torr rriris irism Battling Battling the the threats

Bot BotNets Nets- Cy Cyber ber To Torr rriris irism Battling Battling the the threats

Bot BotNets Nets- Cy Cyber ber To Torr rriris irism Battling Battling the the threats threats of of interne internet Assoc. Prof. Dr. Sureswaran Ramadass National Advanced IPv6 Center - Director Why Talk About Botnets? Because Bot

379 views • 27 slides
Cyber Threats and Federally-funded Cyber Resources Eugene Kipniss State, Local, Tribal, or

Cyber Threats and Federally-funded Cyber Resources Eugene Kipniss State, Local, Tribal, or

Cyber Threats and Federally-funded Cyber Resources Eugene Kipniss State, Local, Tribal, or Territorial Government Entity 2 Why SLTT Governments? Criminals look for data... and governments have a lot of it! 3 TLP: WHITE 3 CBA 6 CBA 4

911 views • 35 slides
Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib

Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib

Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib Dr. Zahri Yunos Presentation Outline 1. Our Service: CyberDEF (Cyber Defence) 2. Our R&D Product: CMERP (Coordinated Malware Eradication &

605 views • 25 slides
Seminar Series Industrial Cyber Threats and Future Planning Robert M. Lee Twitter: @RobertMLee

Seminar Series Industrial Cyber Threats and Future Planning Robert M. Lee Twitter: @RobertMLee

Seminar Series Industrial Cyber Threats and Future Planning Robert M. Lee Twitter: @RobertMLee Email: rlee@dragos.com Web: www.dragos.com Agenda Where We Are Selected Case Studies in Cyber Attacks Where Were Heading

424 views • 24 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and

Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and

1 Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and Strategies Symposium University of Bahrain 21 st September 2016 By: Ahmed Albalooshi, CISA, CISM, CGEIT. First Vice President IT Al Baraka Banking

200 views • 15 slides
Review: Thread package API tid thread_create (void (*fn) (void *), void *arg); - Create a new

Review: Thread package API tid thread_create (void (*fn) (void *), void *arg); - Create a new

Review: Thread package API tid thread_create (void (*fn) (void *), void *arg); - Create a new thread that calls fn with arg void thread_exit (); void thread_join (tid thread); The execution of multiple threads is interleaved Can

498 views • 45 slides
and Protecting Assets Information Technology Manager - Redstone Arsenal 15,000 users

and Protecting Assets Information Technology Manager - Redstone Arsenal 15,000 users

Cyber Theft and Protecting Assets Information Technology Manager - Redstone Arsenal 15,000 users Technology and Digital Forensics Counter Drug Agency (Army) Canfield Computer Solutions since 1995 Network and workstation

339 views • 4 slides
Networks EMERG WORKSHOP on IOT / M2M REGULATION WITH A FOCUS ON AUTONOMOUS DRIVING Rome, Italy

Networks EMERG WORKSHOP on IOT / M2M REGULATION WITH A FOCUS ON AUTONOMOUS DRIVING Rome, Italy

5G Technical and Regulatory Issues Leveraging Next Generation Mobile Networks EMERG WORKSHOP on IOT / M2M REGULATION WITH A FOCUS ON AUTONOMOUS DRIVING Rome, Italy 26-27 September 2018 Mohamed Ramadan Shafek Nareman Gamal Ibrahem Technical

566 views • 35 slides
Security and Scalability Considerations Rodney Joffe SVP and Senior Technologist, NeuStar

Security and Scalability Considerations Rodney Joffe SVP and Senior Technologist, NeuStar

Security and Scalability Considerations Rodney Joffe SVP and Senior Technologist, NeuStar Confidential and proprietary Introduction A Registry is much more than a database and software; it includes: Network infrastructure firewalls,

141 views • 11 slides
Project Manager, Defense Communications and Army Transmission Systems Overview COL Enrique L.

Project Manager, Defense Communications and Army Transmission Systems Overview COL Enrique L.

Project Manager, Defense Communications and Army Transmission Systems Overview COL Enrique L. Costas Project Manager 24 JAN 2018 PM DCATS Structure Personnel Military 7 Plans, Operations, Readiness Division Mr. Craig Powderly Core

242 views • 12 slides
Technological Advisory Council 12-4-2014 Agenda Mobile Device Theft Working Group IIT

Technological Advisory Council 12-4-2014 Agenda Mobile Device Theft Working Group IIT

Technological Advisory Council 12-4-2014 Agenda Mobile Device Theft Working Group IIT Student Presentation Cybersecurity Working Group Internet of Things Working Group 477 Testing Working Group Advanced Sharing

2.07k views • 181 slides
Spring 2016 http://www.sox.net Agenda - Thursday Logistics Introductions Agenda Bash

Spring 2016 http://www.sox.net Agenda - Thursday Logistics Introductions Agenda Bash

Southern Crossroads (SoX) Participant Meeting Spring 2016 http://www.sox.net Agenda - Thursday Logistics Introductions Agenda Bash Advisory Committee seats on SLR Board Network Updates Commodity Internet GRNOC NSF

625 views • 44 slides
Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod

Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod

Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013 Outline Genesis - why we built it, where and when did the idea begin Issues requirements What

417 views • 26 slides
Its Go Time Robots Attack Family Internet Safety Paul Krasley March 25, 2009 This briefing

Its Go Time Robots Attack Family Internet Safety Paul Krasley March 25, 2009 This briefing

Unclassified Its Go Time Robots Attack Family Internet Safety Paul Krasley March 25, 2009 This briefing is classified UNCLASSIFIED Unclassified Unclassified Directorate Mission Services | DAC At a Glance Prev. Maint.

395 views • 17 slides

More recommend