Top 7 Ways Employees Cause Cybercrime Infections


Published on

Deploying an army of cyber-security solutions doesn’t mean that your organization’s data is safe. Despite all the information and security solutions out there, North American companies are still not fully aware of the dangers that hackers, social media, and insider threats pose on the organization’s data and reputation.
Truth is, the average user doesn’t really know how to protect themselves... which is ironic, because employees are the #1 cause of security threats today.

As the one in charge of your organization’s IT security, it is on your shoulders to prevent and fix threats caused by the users you support. Join our panel of security experts on September 26th at 11am PDT and discover the top 7 ways employees cause cybercrime infections (plus learn best practices on how to fix them once and for all)!

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Top 7 Ways Employees Cause Cybercrime Infections

  1. 1. The Top 7 (Latest) Ways Employees Cause Cybercrime Infections
  2. 2. Meet Our Speakers Jason Dettbarn Senior Technology Analyst Cynthia James Director Business Development, CISSP Alex Brandt VP Americas
  3. 3. About Our Experts: Kaspersky • Founded in 1997; largest private anti-malware company – 100% focused on anti-malware • Over $700M annual revenues • Presence in 19 countries • #1 vendor in Germany, France, Spain, Eastern Europe • Protecting over 300 million end points • America’s distribution: 12,000 outlets; top two vendors (revenue & units shipping) • Top supplier to OEMs/ISVs of anti-malware worldwide
  4. 4. Today’s Agenda        Cybercrime Threatscape: Malware Growth Current Malware: Comprehension Gap The Top (Latest) 7 Ways Employees Cause Cyber Crime Infections Security Solution Overview 3 Tips for CyberSafety at Home Giveaway Questions & Answers
  5. 5. Cybercrime Threatscape: Malware Growth 200k unique malware samples PER YEAR were identified in 2006; 2M in 2007…now it’s up to 200K malware samples PER DAY. The quality of malware improves every year.
  6. 6. Current Malware: Comprehension Gap • Recent years have seen exponential growth in malware. • Anyone can enter the cybercrime game. • Cybercriminals earn over $100B a year. Over 200K Per DAY Where most employees/end users think we still are Where we really are today (2013) Cybercrime will never stop.
  7. 7. #1. Poor Password Management present The Top 7 (Latest) Ways Employees Cause Cybercrime Infections
  8. 8. #1. Poor Password Management • Same password, all sites and servers (personal and business) • Easy to guess from Facebook
  9. 9. #2. “Don’t Bore Me With Safety” • Users ignore warnings • Users ignore usage policies • Users don’t inform IT of known security issues
  10. 10. #3. Promiscuous Use of WIFI • • On average we have 4.5 personal internet connected devices How many walk into work each day? • How many WIFIs have we frequented in between? • How secure are they? • To get infected only takes ONE malicious participant from one network OR • ONE device which the owner doesn’t realize is infected
  11. 11. #4. Users DEMAND • To be always on, always connected • To all social media • To get the latest features …regardless of the security issues
  12. 12. #5. They Are Easy APT Targets Cybercriminals target social media for clues • The (new) defacto “morals clause” in employment agreements (don’t hurt the brand) • Behavior broadcasts over social media • Don’t upset hacktivists! •
  13. 13. #6. Companies Under-Estimate The Insider Threat • • • 1 incident of insider fraud per week per year 75% caused financial loss It’s very easy to sell data these days
  14. 14. #7. Privileges Accumulate… And Are Abused • • • When employees change jobs, do rights to data change? Are passwords reset when employees leave? Are admin passwords or backdoors documented and closed?
  15. 15. Special Giveaway!   Kaspersky CyberSecurity Digest - Free Security Bulletin Free Kaseya Security Bundle Trial Interested? Just respond to the Poll located on the right bottom corner of your Webex platform! Next: The Latest in Mobile Threats
  16. 16. The Latest in Mobile Threats  Top infection vector – infected apps  “Crackers” are widely available: open app, insert malware, repost it Infected via ads  Malware is downloaded for Windows or Android   Infection via SMS or email Profit model: 1.) SMS premium messaging; 2.) theft of assets (APTs); 3.) stealing authentication codes  Advertisers receive the same information we provide the app (geolocation apps for example) Biggest problem: Android updates take 6 months to get 
  17. 17. Remediation Recommendations – – – Purchase apps from legitimate storefronts (“Verify Apps”) Use AV on smartphones to defend against APTs Help employees with their devices: • • • • Turn Bluetooth to undiscoverable Warn them about malicious apps Require them to register every mobile device which uses the corporate wifi Push data about “cybersafety at home”
  18. 18. 3 Tips for Cyber Safety at Home • • • Go long – longer passphrases are much more secure No online banking except over secured wifi Safety/privacy - tell kids & teens: – – How geolocators in photos work Privacy doesn’t exist - don’t share family details online
  19. 19. Poor Password Management Privileges Accumulate… And Are Abused Companies Under-Estimate the Insider Threat “Don’t Bore Me With Safety” The Top Seven They are Easy APT Targets Users DEMAND Promiscuous Use of WIFI
  20. 20. The Power of Layered Security
  21. 21. Kaseya Security Stack Endpoint Monitoring & Hardening Antivirus AntiMalware Remediation Agent Procedures Monitoring Monitoring Kaseya Antivirus Passwords Kaseya AntiMalware Service Desk & PSA USB Block Processes Scheduling & Management
  22. 22. Layered Security: Let’s Take a Look
  23. 23. About Our Experts: Kaseya “Providing Enterprise-Class IT Systems Management for Everybody”
  24. 24. UNIFIED MANAGEMENT Discover the State of IT Manage the State of IT Automate the State of IT • • • • • Scheduling • Procedures • API/Messaging • Reporting • Dashboards • Interactive Data Views Systems Assets Mobile Devices Network Devices IT Configuration Management • • • • • • Remote Management Software Deployment Power Management Image Deployment Desktop Migration Mobile Device Management Business Continuity • • Asset Management • Network Discover & AD • Hardware/Software • • Asset Management Virtual Machine Management AntiVirus AntiMalware • • Patch Management Software Updates • File & Folder Backup Service Delivery • • • Security • • Image Backup Image Virtualization Service Desk/Ticketing Policy Management Service Billing • • Policy Compliance Time Tracking Systems Monitoring • • • Systems Checks & Alerts Agent Monitoring Enterprise Monitoring • • Agent-less Monitoring Log Monitoring
  25. 25.
  26. 26. Q&A / Resources Discover: nars/en/kaseya-solution-overview Contact us: 1 (877) 926-0001 Try Kaseya: roduct-preview.aspx Use Promo Code: security072013 Visit us: