protect your small business from cyber attacks
play

Protect Your Small Business From Cyber Attacks Presenter: Jacob - PowerPoint PPT Presentation

Aug 22, 2022 •270 likes •529 views

Protect Your Small Business From Cyber Attacks Presenter: Jacob Blacksten Technology Business Advisor, Delaware SBDC 01/01/2018 www.delawaresbdc.org Small Businesses are a Target 68% of breaches took months or longer to 58% of data breach

  1. Protect Your Small Business From Cyber Attacks Presenter: Jacob Blacksten Technology Business Advisor, Delaware SBDC 01/01/2018 www.delawaresbdc.org

  2. Small Businesses are a Target 68% of breaches took months or longer to 58% of data breach victims are small businesses discover 32 42 58 68 www.delawaresbdc.org Source: 2018 Verizon Data Breach Report

  3. Program Purpose

  4. Raise awareness of cyber risk within Delaware’s community Help businesses manage the threat and impact of cyber interference Foster innovation in cyber security Program Purpose

  5. Why Create a Security Plan? • Cyber is: Behavioral, Physical, Technological • S E C U R I T Y • The unknown is expensive • Increased scrutiny and liability from buyers, business partners, etc. • You want to protect your brand, your customers, your employees, your buyers, etc. • Demonstration of reasonable effort to protect your data and systems. Can you? www.delawaresbdc.org

  6. The Small Business Cybersecurity Workbook • To provide small business with a starting concept for creating a Written Information Security Program or (WISP). • Defining a reasonable program for handling cybersecurity within a small business. • This is just a starting point . It is meant to get small businesses thinking in a security mindset. www.delawaresbdc.org

  7. IDENTIFY ‐ (Pg 8) Cybersecurity Workbook What structures and practices do you have in place to identify cyber threats? • Based off the NIST Framework PROTECT ‐ (Pg 12) • Concept is simple What are the basic practices you have in place to protect your systems? • Common language which all DETECT ‐ (Pg 19) understand What do you use to identify someone of something malicious? RESOIND ‐ (Pg 21) How will you deal with a breach if and when it occurs? RECOVER ‐ (Pg 23) How will you get your business back to normal after a breach?

  8. Section 1: Identify A Risk‐Based Approach Physical Software Security •What do you collect? •Which ones do you have? •What sensitivity level? •Desktops •Inventoried and •Who has them? •Where’s it located? current? •Laptops •How are they •Who has access to it? •Mobile Devices maintained? •Outside consultant? Know Your Operating Company Systems www.delawaresbdc.org

  9. Section 2: Protect Usernames and Passwords Data Segregation Timeouts and Lockouts Firewalls and patching Training and Awareness Login www.delawaresbdc.org

  10. Passwords & Authentication Authentication Passwords www.delawaresbdc.org

  11. Passwords & Authentication Passwords Authentication What you know: Password Mandatory Password Cycle What you have: Token Length 8 – 64 Characters What you are: Biometrics Multifactor Require Special Characters Password Hints Scan Against Common Known/Used www.delawaresbdc.org

  12. Passwords & Authentication Passwords Authentication What you know: Password NO Mandatory Password Cycle What you have: Token Length 8 – 64 Characters What you are: Biometrics Multifactor Require Special Characters Password Hints Scan Against Common Known/Used www.delawaresbdc.org

  13. Passwords & Authentication Passwords Authentication What you know: Password NO Mandatory Password Cycle What you have: Token Length 8 – 64 Characters What you are: Biometrics Multifactor Don’t Require Special Characters Password Hints Scan Against Common Known/Used www.delawaresbdc.org

  14. Passwords & Authentication Passwords Authentication What you know: Password NO Mandatory Password Cycle What you have: Token Length 8 – 64 Characters What you are: Biometrics Multifactor Don’t Require Special Characters Avoid Password Hints Scan Against Common Known/Used www.delawaresbdc.org

  15. Section 3: Detect www.delawaresbdc.org

  16. Section 3: Detect AntiVirus and AntiMalware Scan for unusual activity Foreign Password Login! www.delawaresbdc.org

  17. Section 3: Detect AntiVirus and AntiMalware Scan for unusual activity Congratulations! You are our 100 th visitor of the day and we would like to thank you. Foreign Password Login! Claim Reward! www.delawaresbdc.org

  18. Section 4: Respond www.delawaresbdc.org

  19. Section 4: Respond • Contact legal support • Contact a Digital Forensics Team • Document EVERYTHING! • Date of Incident • Explanation of Incident • How Discovered • How Remediated • Date Affected • Steps Taken To Close Vulnerability • Updated Backups www.delawaresbdc.org

  20. Section 4: Recover • Getting back to normal • Move swiftly and obtain assistance • Communication • Document www.delawaresbdc.org

  21. House Bill 180 • August 24, 2017, Governor John Carney signed into law the first update to Delaware’s data breach law in 12 years. • Enacts new requirements for Delaware’s businesses for protecting personal information. • If you conduct business in Delaware and own, license or maintain personal information on Delaware residents, you are required to “implement and maintain reasonable procedures and practices to prevent the unauthorized acquisition, use, modification, disclosure, or destruction of personal information collected or maintained in the regular course of business.” www.delawaresbdc.org

  22. What Counts as Personal Information? House Bill 180 To be personal information, the categories listed below must be associated with a Delaware resident’s first name or initial and last If the data I own, license or maintain is hacked, what is my obligation? name in combination with any of the categories below with the required password or security • code You have 60 days to provide notice to affected individuals unless you • Social Security number can determine after an appropriate investigation that the breach is • Driver’s license number “unlikely to result in harm.” • Financial account number • Passport Number • • If the data breach includes Social Security numbers, residents shall be Username or email address in combination with a password or security offered credit monitoring services at no cost to the residents for a question period of one year. If the effected number of Delaware residents • Medical information exceeds 500, the Attorney General is to be notified. • Health insurance information • DNA profile • • If encrypted data is breached, you don’t have to provide notice unless Biometric data used to access information the encryption key is also breached. • An individual taxpayer identification number www.delawaresbdc.org

  23. Cyber Risk Assessment Tool www.delawaresbdc.org

  24. DatAssured Cybersecurity Workbook Do’s and Don’ts • Small Business Cybersecurity • Safe Payments SBDC SBDC • Vendor Questions Online Online Resources Resources Cybersecurity Plans • FCC Cyber Planner • Ransomware Public Handout Information Security Policy Templates • SANS • Cybersecurity Resource List www.delawaresbdc.org

  25. Helping Delaware’s small business community secure their critical data and infrastructure Jacob Blacksten Technology Business Development Delaware SBDC jacobb@udel.edu www.delawaresbdc.org

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO HUMAN ERROR ERROR CYBER AWARE CYBER AWARE NEXT-GEN SECURITY AWARENESS TRAINING Cyber Crime Is Now A Cyber Crime Is Now A Business Opportunity

550 views • 25 slides
Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks

Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks

AUGUST 25, 2015 Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks Tyler Gerking, Partner David B. Smith, CPCU, ARM, Insurance & Risk Management Consultant What is Cyber Insurance?

368 views • 10 slides
How to protect yourself and your business from the threat of Cybercrime Presented by Laura

How to protect yourself and your business from the threat of Cybercrime Presented by Laura

How to protect yourself and your business from the threat of Cybercrime Presented by Laura Hodgson Cyber Protect Officer Cyber.safe@titan.pnn.police.uk Who are we? North West Regional Organised Crime Unit Cumbria Collaboration of 6 North

353 views • 20 slides
DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1

DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1

www.nviso.be DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1 Demo time 2 Threat actor groups 3 Nation states 4 Hacktivism 5 Organized cyber crime 6 The bad competitor 7 The Internet of

777 views • 42 slides
Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer

Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer

Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer Jennie.williams_cyber@titan.pnn.police.uk www.titanrocu.org.uk TITAN-ROCU @titanrocu TITAN-ROCU Cyber Dependant Crime (Pure Cyber Crime) Cyber

749 views • 15 slides
FCIC-112798 1. Protect the United States from terrorist attack 2. Protect the United States

FCIC-112798 1. Protect the United States from terrorist attack 2. Protect the United States

FCIC-112798 1. Protect the United States from terrorist attack 2. Protect the United States against foreign intelligence operations and . espionage 3. Protect the United States against cyber-based attacks and high- technology crimes 4. Combat

670 views • 29 slides
Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced Persistent Threats (APT) Cybercriminals, Exploits and Malware Denial of Service attacks (DDoS) Domain name hijacking Corporate

347 views • 13 slides
Cyber Security And For Business Seminar Enter your business card for an opportunity to win the

Cyber Security And For Business Seminar Enter your business card for an opportunity to win the

Cyber Security And For Business Seminar Enter your business card for an opportunity to win the most productivity tool for your business worth over $200 Cyber Security And For Business Seminar How Cyber Criminals Are Targeting Small

459 views • 30 slides
CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect

CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect

CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer, Essex Police Barry Linton, Thorpe Bay U3A Thorpe Bay U3A Criminal insight - why commit cybercrime? Scale Nationally 1.6 million cyber

429 views • 25 slides
Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and

Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and

Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and develop relationships with companies and organisations within the region to promote cyber security and the role of the SEROCU CCU. The Regional

217 views • 18 slides
CYBER - SECURITY PART 2 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer,

CYBER - SECURITY PART 2 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer,

CYBER - SECURITY PART 2 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer, Essex Police Barry Linton, Thorpe Bay U3A Thorpe Bay U3A HOW DO I PROTECT MYSELF 2 ALL ABOUT PASSWORDS Change your passwords regularly.

425 views • 27 slides
Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44 17917 623 068 T: +44 1684 878178 F: +44 1684 878171 dibble.clark@3sdl.com What is Cyber? Commercial in Confidence Policy in Action Commercial in

275 views • 25 slides
Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean

Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean

Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean Camp, Marthie Grobler, Julian Jang-Jaccard, Christian Probst, Karen Renaud, Paul Watters Cyber is Global It is unrealistic to study cyber at a

719 views • 36 slides
The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix

The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix

The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix Severe Weather Hazardous Spill Failed Large Pacific rural flood Global Financial Asia 10 % State Crisis Interstate Cyber Attacks Conflict

335 views • 11 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent & Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET -

SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET -

SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET - Enhancing Cyber Resilience Relation to NCSRA II SARNET | October 5th 2016 CYBER THREATS ARE EVOLVING Key trends Cyber Cyber Cyber Magnitude of

153 views • 13 slides
Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital

Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital

Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital Government Phil l Bertoli lini Co-Director, Center for Digital Government Agenda Cybersecurity Issues & Trends Cybersecurity

720 views • 57 slides
Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case

Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case

Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case study CYBER SECURITY & PRIVACY FORUM 2014 CSP Track 3 _ Cyber Attacks & Defences in critical Infrastructure CYSPA Alessandro Pollini, Deep

336 views • 15 slides
Deaths and Death Rates from an Unusual Event By Sex Female Male Total Persons at risk 462

Deaths and Death Rates from an Unusual Event By Sex Female Male Total Persons at risk 462

Deaths and Death Rates from an Unusual Event By Sex Female Male Total Persons at risk 462 851 1,313 Survivors 308 142 450 Deaths 154 709 863 Death rate (%) 33.3 83.3 65.7 Deaths and Death Rates from an Unusual Event By

693 views • 43 slides
Cutting edge Forum on Autonomous Driving, Contributions from Intelligent Robotics, AI and ITS

Cutting edge Forum on Autonomous Driving, Contributions from Intelligent Robotics, AI and ITS

Cutting edge Forum on Autonomous Driving, Contributions from Intelligent Robotics, AI and ITS AD19 2019 IEEE/RSJ International Conference on Intelligent Robots and Systems Cutting edge Forum on Autonomous Driving Contributions from Intelligent

191 views • 5 slides
Alfred Ongere Alfred Ongere @ Impact_chaser Telecoms engineer Intel Software Innovator Team lead

Alfred Ongere Alfred Ongere @ Impact_chaser Telecoms engineer Intel Software Innovator Team lead

Alfred Ongere Alfred Ongere @ Impact_chaser Telecoms engineer Intel Software Innovator Team lead & Founder Ai Kenya About AiKenya Ai Kenya is a community of practitioners and enthusiasts in machine learning & Data

297 views • 15 slides
Social Media Its 10:00 PM Do You Know Where Your Brands Are? Reed Smith Palo Alto,

Social Media Its 10:00 PM Do You Know Where Your Brands Are? Reed Smith Palo Alto,

Social Media Its 10:00 PM Do You Know Where Your Brands Are? Reed Smith Palo Alto, California; December 8, 2009 Agenda Social Media: What Is It & Why the Fuss? Understanding Social Media Consumer Power Case Studies

1.08k views • 69 slides
IT LEVEL 3 CAMBRIDGE TECHNICAL EXTENDED CERTIFICATE EXAM BOARD: OCR Amazon key What do you

IT LEVEL 3 CAMBRIDGE TECHNICAL EXTENDED CERTIFICATE EXAM BOARD: OCR Amazon key What do you

IT LEVEL 3 CAMBRIDGE TECHNICAL EXTENDED CERTIFICATE EXAM BOARD: OCR Amazon key What do you think of Amazon Key? Can you think of any potential cyber security issues that could arise from its use? Overview Welcome Course contents Entry

360 views • 15 slides
Trisura Group Ltd. Financial Supplement As at September 30, 2019 (Unaudited) Index Page 1

Trisura Group Ltd. Financial Supplement As at September 30, 2019 (Unaudited) Index Page 1

Trisura Group Ltd. Financial Supplement As at September 30, 2019 (Unaudited) Index Page 1 (Unaudited) 6 - Segmented Underwriting Performance 8 1 - Notes to the Financial Supplement 2-3 Trisura Guarantee & Trisura Specialty 1.1

298 views • 14 slides

More recommend