data breaches identity theft and employees
play

Data Breaches, Identity Theft, and Employees Joining the Dots - PowerPoint PPT Presentation

Sep 25, 2022 •212 likes •479 views

San Francisco Chapter San Francisco Chapter Data Breaches, Identity Theft, and Employees Joining the Dots Joining the Dots and Dispelling the Myths Dispelling the Myths What youll learn What youll learn Data Breaches +

  1. San Francisco Chapter San Francisco Chapter Data Breaches, Identity Theft, and Employees 
 Joining the Dots Joining the Dots 
 and Dispelling the Myths Dispelling the Myths

  2. What you’ll learn What you’ll learn  Data Breaches + identity theft + employees  Data Breaches or Data Donations?  Data Breaches + Identity Theft  The True Cost of Data Breaches  Who’s to blame?  Join the dots and change the outcome San Francisco Chapter San Francisco Chapter

  3. We are the data!  Data breaches rarely rarely result in identity theft.  Data breaches rarely rarely involve hackers or other criminals  Most Most data breaches are an inside job, but not not a crime  Most Most data breaches can be avoided by better employee awareness and education  Awareness is the the cheapest security on the block  And it doesn’t even have to work, to work! San Francisco Chapter San Francisco Chapter

  4. What is a data breach? What is a data breach? “The definition of a breach is so broad, “The definition of a breach is so broad, almost nothing is excluded.” almost nothing is excluded.”  Failure to encrypt data before sending it out (to a payroll service, for example)  Failing to properly erase data from hard drives before transporting or disposing of the computer.  Failing to properly protect credit card information after a transaction.  Failing to properly protect employee payroll information from other employees. San Francisco Chapter San Francisco Chapter

  5. What is a data breach? What is a data breach?  Losing a laptop with unprotected data.  Dumping data in the trash without shredding it first.  Inadvertently posting sensitive information unprotected on a computer, server, or web site.  Copies of data, such as computer discs, that can’t be accounted for.  A computer sent out for repair without protecting or removing sensitive data first. San Francisco Chapter San Francisco Chapter

  6. What is a data breach? What is a data breach?  Failing to adequately protect backup data.  Losing a flash data drive containing sensitive data.  Failing to restrict access to sensitive data only to employees who need access.  Storing sensitive information on a network or internet-connected computer without a properly installed firewall. And data doesn’t have to be credit card information. It And data doesn’t have to be credit card information. It can be home address, phone numbers, order histories, or can be home address, phone numbers, order histories, or email address. email address. San Francisco Chapter San Francisco Chapter

  7. Drip, Drip, Drip. Drip, Drip, Drip. 
 The Year of the Data Breach  Data breaches up 40% in 2007, 443 reported breaches, exposing 127 million records  In the first half of 2008 there were 342 reported data breaches.  TJ Maxx breach (Jan 07) may have exposed nearly 100 million customers.  TJ Maxx originally estimated $3-5 million, then admitted $250m. Ultimate cost could exceed $1 billion San Francisco Chapter San Francisco Chapter

  8. Do data breaches = identity theft? Do data breaches = identity theft?  Anywhere between 7 and 15 million Americans fall victim to identity theft every year.  Identity theft may cost businesses and individuals as much as $50 billion  There’s little evidence that data breaches lead to identity theft There’s little evidence that data breaches lead to identity theft (Source: The Government Accounting Office (GAO) 
  Although previous studies have proven that only a fraction of fraud in the U.S. is due to data breaches, 77% of consumers 77% of consumers intend to stop shopping at merchants that suffer from data intend to stop shopping at merchants that suffer from data breaches. breaches. (Source: Javelin Research, April 2007) San Francisco Chapter San Francisco Chapter

  9. The Real Cost to the Losers The Real Cost to the Losers Money Money Profits Profits Share value Share value Trust Trust Reputation Reputation Brand Brand Customers Customers Jobs Jobs Lawsuits Lawsuits San Francisco Chapter San Francisco Chapter

  10. The financial cost to the losers The financial cost to the losers  Data breach incidents cost companies $197 per compromised customer  Lost business opportunity, including losses associated with customer churn and acquisition, represented the most significant component of the cost increase - $128 in 2007 Average total per-incident costs in 2007 were $6.3 million  The cost of lost business increased to $4.1 million in 2007,  approximately two-thirds of the average total cost per incident. (Ponemon Institute 2007 Annual Study: Cost of a Data Breach.) San Francisco Chapter San Francisco Chapter

  11. The cost of a data breach The cost of a data breach  Breaches by third-party organizations such as outsourcers, contractors, consultants, and business partners were reported by 40 percent of respondents.  Breaches by third parties were also more costly than breaches by the enterprise itself, averaging $231 compared to $171 per record. “Although companies are responding to data breaches more efficiently, consumers seem to be less forgiving when their personal information is compromised." Dr. Larry Ponemon, chairman and founder of The Ponemon Institute. San Francisco Chapter San Francisco Chapter

  12. The Impact on Customers The Impact on Customers  84% of American consumers have reported increased concern or anxiety due to data loss events.  62% of consumers have been notified that their confidential data has been lost. (Ponemon Institute) San Francisco Chapter San Francisco Chapter

  13. The Impact on Customers The Impact on Customers  “12 million consumers have switched banks to “12 million consumers have switched banks to reduce the risk of becoming victims of identity reduce the risk of becoming victims of identity theft.” theft.” Financial Insights  More than two thirds of the American public More than two thirds of the American public have lost confidence in the handling of their have lost confidence in the handling of their personal information.” personal information.” Privacy and American Business and Harris Interactive study San Francisco Chapter San Francisco Chapter

  14. The Impact on Customers The Impact on Customers  62% of consumers said that they would be more upset with a company that lost their information due to negligence than if that company lost their information as the result of theft.  85% will reward companies who are 85% will reward companies who are perceived as security leaders with perceived as security leaders with increased purchases. increased purchases. (Source: Javelin Research) San Francisco Chapter San Francisco Chapter

  15. Ready to meet the bad guys? Ready to meet the bad guys?  “Employee misconduct and unintentional actions like errors and omissions are the greatest cause of data security breaches.” (2007 Global Security Survey, Deloitte Touche Tohmatsu )  “Insider misuse and unauthorized access to information by insiders are the No. 1 and No. 2 security threats worrying IT security professionals.” Computer Economics' "Trends in IT Security Threats: 2007" 
 "Security awareness training is arguably the most important part "Security awareness training is arguably the most important part of a successful security program.” of a successful security program.” 
 Computerworld, 2007 
 San Francisco Chapter San Francisco Chapter

  16. Employees and Data Breaches Employees and Data Breaches  In the first fix months of 2007 there were more than 70 publicized data breaches attributed to employee or insider error.  In June 2007 alone, 24 reported data breaches attributed to user error or dishonesty exposed the personal records of nearly 3 million Americans.  Of more than 342 data breach incidents in the first six months of 2008, the vast majority were traced to employees and insiders, including human error, dishonest actions, and the loss of computers. Only 14% were are a result of outside hackers. (Privacy Rights Clearinghouse) San Francisco Chapter San Francisco Chapter

  17. Why are employees such a risk? Why are employees such a risk? Lack of security awareness training. 1. Inadequate security awareness training. 2. Failure to create or enforce security policies 3. Lack of security awareness champions 4. Lack of management commitment to Lack of management commitment to 5. 5. security awareness security awareness 
 San Francisco Chapter San Francisco Chapter

  18. Other insiders are to blame too Other insiders are to blame too  Senior management either doesn’t “get it” or doesn’t want to admit it. 
  Most security/IT professionals either don’t believe in the value of awareness or don’t believe they have the necessary resources to make a sufficient difference. 
  Building awareness is unlike all other security measures because it requires all employees to devote some of their time to security, as opposed to just a handful of security employees devoting all of their time. 
 San Francisco Chapter San Francisco Chapter

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes Identity theft can cost you time and money. Tips for Preventing Identity Theft

322 views • 10 slides
Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6 million 63% Identity fraud is a serious issue. people experienced of confirmed data Fraudsters have identity theft in 2014 breaches involved stolen

605 views • 29 slides
Identity Theft By: Brian Paulsen How common is identity theft? According to the US Department of

Identity Theft By: Brian Paulsen How common is identity theft? According to the US Department of

Identity Theft By: Brian Paulsen How common is identity theft? According to the US Department of Justice, 10% of people over the age of 16 reported being victims of identity theft in 2016 (Harrell). Who is most susceptible? Multiple reports

233 views • 21 slides
Training to Prevent Identity Theft Identity Theft is the fastest growing crime in America.

Training to Prevent Identity Theft Identity Theft is the fastest growing crime in America.

Training to Prevent Identity Theft Identity Theft is the fastest growing crime in America. The Social Security number is a major privacy concern for most people, because it links to information that is typically kept private. Exposing

326 views • 17 slides
the bottom line your data protects protecting to remedy the harm caused by identity theft. ties

the bottom line your data protects protecting to remedy the harm caused by identity theft. ties

24 and lost sales. 7 to the indictment, the thieves security breach. 8 According tion with the T.J. Maxx data of 11 individuals in connec- announced the indictment D e p a r t m e n t r e c e n t l y identity theft, the Justice catch the

561 views • 6 slides
What is Identity Theft? "Someone obtaining your personal identifying information without

What is Identity Theft? "Someone obtaining your personal identifying information without

Identity Fraud: Protecting Your Identity Between Work and Play Ryan Sothan, Outreach Coordinator Nebraska Department of Justice, Office of the Attorney General Consumer Protection and Anti-Trust Division What is Identity Theft?

314 views • 18 slides
Child Identity Theft: What to Know, What to Do Colleen Tressler FTC Division of Consumer &

Child Identity Theft: What to Know, What to Do Colleen Tressler FTC Division of Consumer &

Child Identity Theft: What to Know, What to Do Colleen Tressler FTC Division of Consumer & Business Education ctressler@ftc.gov consumer.ftc.gov IdentityTheft.gov Definition of Identity Theft Identity theft is the misuse of

459 views • 20 slides
IDENTITY THEFT FINANCIAL EDUCATION SERIES Equal Housing Lender. Member FDIC and Associated

IDENTITY THEFT FINANCIAL EDUCATION SERIES Equal Housing Lender. Member FDIC and Associated

4/2/2018 IDENTITY THEFT FINANCIAL EDUCATION SERIES Equal Housing Lender. Member FDIC and Associated Banc-Corp AGENDA Tips to avoid identity theft What you should do if you become a victim of identity theft How to obtain free

381 views • 4 slides
Identity Theft 101 Wanda Downs, AAP Director, CU Development & Marketing Identity Theft 101

Identity Theft 101 Wanda Downs, AAP Director, CU Development & Marketing Identity Theft 101

Identity Theft 101 Wanda Downs, AAP Director, CU Development & Marketing Identity Theft 101 Identity Theft 101 Wanda Downs First Carolina Corporate Credit Union, 2004 to present > Director of CU Development & Marketing AAP

440 views • 16 slides
(1 in 4) Fraud (43%) (12.6 M) 2013 Identity Theft Report Javelin Strategy & Research FTC

(1 in 4) Fraud (43%) (12.6 M) 2013 Identity Theft Report Javelin Strategy & Research FTC

THE THE NEW NORM NEW NORM IDENTIT IDENTITY Y THE THEFT FT AND AND GO GOVERNMENT VERNMENT FRA FRAUD UD Identity Fraud Data Breach Government (1 in 4) Fraud (43%) (12.6 M) 2013 Identity Theft Report Javelin Strategy &

527 views • 17 slides
What will you learn? During this presentation you will learn: How ID theft and account fraud

What will you learn? During this presentation you will learn: How ID theft and account fraud

What will you learn? During this presentation you will learn: How ID theft and account fraud happen The effects of ID theft and fraud How to avoid becoming a victim Identity Protection Identity Theft is Rampant Number of victims rose

764 views • 30 slides
Identity Theft Wiam Younes Training and Awareness Coordinator Information Security Office(ISO)

Identity Theft Wiam Younes Training and Awareness Coordinator Information Security Office(ISO)

Identity Theft Wiam Younes Training and Awareness Coordinator Information Security Office(ISO) www.cmu.edu/iso Computing Services www.cmu.edu/computing What is Identity Theft? Identity Theft is a crime in which an impostor obtains key

409 views • 24 slides
IRS Criminal Investigation Detroit Field Office Identity Theft The FTC estimates that as many

IRS Criminal Investigation Detroit Field Office Identity Theft The FTC estimates that as many

IRS Criminal Investigation Detroit Field Office Identity Theft The FTC estimates that as many as 9 million Americans have their identities stolen each year. How Do They Get Your Information? Theft of valuables purses, wallets, cell

344 views • 15 slides
Fighting Identity Theft Big Data Analytics to the Rescue Seshika Fernando WSO2 Me - Seshika

Fighting Identity Theft Big Data Analytics to the Rescue Seshika Fernando WSO2 Me - Seshika

Fighting Identity Theft Big Data Analytics to the Rescue Seshika Fernando WSO2 Me - Seshika Computer Science & Finance Streaming Analytics 100% Open Source Middleware Company Apache Way http://wso2.com/

441 views • 25 slides
Developments in CyberSecurity Law presented by www.udalllaw.com Security Breaches &

Developments in CyberSecurity Law presented by www.udalllaw.com Security Breaches &

Developments in CyberSecurity Law presented by www.udalllaw.com Security Breaches & Security Requirements Security Breaches Criminal Conduct -computer viruses (ransomware) -physical theft -server, laptops, flash drives -electronic

668 views • 31 slides
Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond

Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond

Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond Daler Radjabov, Esq. NYCLA CLE Institute Todays topics CoronaVirus related scams How to secure your online identity How to protect your

514 views • 22 slides
(AS) 2 Q12 Opportunity Day 22 nd August 2012 Disclaimer Agenda The information contained in

(AS) 2 Q12 Opportunity Day 22 nd August 2012 Disclaimer Agenda The information contained in

Asiasoft Corporation PLC. (AS) 2 Q12 Opportunity Day 22 nd August 2012 Disclaimer Agenda The information contained in this presentation is for information purposes only and does not constitute an offer or invitation to sell or the solicitation

613 views • 45 slides
Full Year 2010 Full Year 2010 Investor & Analyst Conference Call February 25, 2011 Driving

Full Year 2010 Full Year 2010 Investor & Analyst Conference Call February 25, 2011 Driving

Full Year 2010 Full Year 2010 Investor & Analyst Conference Call February 25, 2011 Driving the future. Safe Harbor Disclaimer Safe Harbor Statement under the Private Securities Litigation Reform Act of 1995. Various statements contained

963 views • 60 slides
ValueVision Media (NASDAQ: VVTV) THE RIGHT LEADERSHIP & STRATEGY TO CREATE SHAREHOLDER

ValueVision Media (NASDAQ: VVTV) THE RIGHT LEADERSHIP & STRATEGY TO CREATE SHAREHOLDER

BUILDING AND INSPIRING COMMUNITIES THROUGH SHOPPING ValueVision Media (NASDAQ: VVTV) THE RIGHT LEADERSHIP & STRATEGY TO CREATE SHAREHOLDER VALUE May 28, 2014 DISCLOSURES SAFE HARBOR This document contains certain forward -looking

689 views • 44 slides
For personal use only Investor Presentation AUGUST 2014 For personal use only Disclaimer on

For personal use only Investor Presentation AUGUST 2014 For personal use only Disclaimer on

For personal use only Investor Presentation AUGUST 2014 For personal use only Disclaimer on Presentation This Presentation is not a prospectus nor an offer for securities in any jurisdiction nor a securities recommendation. The information in

488 views • 23 slides
SUCCESS Act Damian Porcari Regional Director Elijah J. McCoy Midwest Regional Office Progress

SUCCESS Act Damian Porcari Regional Director Elijah J. McCoy Midwest Regional Office Progress

SUCCESS Act Damian Porcari Regional Director Elijah J. McCoy Midwest Regional Office Progress and potential: A profile of women inventors on U.S. patents Motivation & objective Women comprise a small minority of patent inventors.

571 views • 33 slides
Getting Some Closure aka Best Practices for JavaScript and jQuery in WordPress Vasken Hauri

Getting Some Closure aka Best Practices for JavaScript and jQuery in WordPress Vasken Hauri

Vasken Hauri | @vaskenhauri #WP-API | http://tinyurl.com/lfgsqc4 Getting Some Closure aka Best Practices for JavaScript and jQuery in WordPress Vasken Hauri Vasken Hauri | @vaskenhauri #WP-API | http://tinyurl.com/lfgsqc4 About me VP of

751 views • 23 slides
ICANN 48 Security and Stability Advisory Committee Activities Update ICANN Buenos Aires

ICANN 48 Security and Stability Advisory Committee Activities Update ICANN Buenos Aires

ICANN 48 Security and Stability Advisory Committee Activities Update ICANN Buenos Aires Meeting November 2013 Agenda 1. SSAC Overview and Activities Patrik Fltstrm 2. SSAC Advisory on Concerning the Mitigation

398 views • 36 slides
Styling a design system based on Bootstrap 4 and Web Components @ andres galante Hola! @

Styling a design system based on Bootstrap 4 and Web Components @ andres galante Hola! @

qCON SP, APril 24th, 2017 Styling a design system based on Bootstrap 4 and Web Components @ andres galante Hola! @ andres galante pt_AR CSS MODULARITY qCON SP, APril 24th, 2017 Styling a design system based on Bootstrap 4 and Web

1.1k views • 94 slides

More recommend