Rcs triumfant watchful_webinar_final

1,499 views
1,829 views

Published on

Are you controlling information disclosure? Exploring the causes, costs, and remedies for a data breach.
This webinar will explore the causes and costs of data breaches, as well as ways to prevent and mitigate the impact that results from the inadvertent exposure of sensitive data.
Attacks from the inside and outside of the network will be discussed, along with the various aspects of a data breach, including the types of data at risk and the variety of costs and impacts that an organization might incur.
We will discuss a number of high profile breaches, including TJX, Heartland Payment Systems, Sony, and others. Costs from various industry reports will be presented, together with original statistical analyses from Risk Centric Security. The webinar will conclude with a discussion of cutting edge types of safeguards and controls, including integrated encryption-based rights management, egress filtering and control, and advanced malware detection and auto-remediation.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,499
On SlideShare
0
From Embeds
0
Number of Embeds
1,020
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Rcs triumfant watchful_webinar_final

  1. 1. Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  2. 2. Risk Centric Security is an acknowledged authority on the costsand impacts of data breaches and other types of cyber-securityevents. The Company offers state of the art SaaS tools, training,and consulting that empower Information Security Professionalsto perform credible, defensible, and reproducible risk anddecision analyses, and to articulate the results and relevance ofthese analyses in language that business counterparts willunderstand.Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved. Risk Analysis for the 21st Century®Patrick Florer has worked in Information Technology andSecurity for over 33 years. In addition, he worked a paralleltrack in evidence-based medicine for 17 of those years. He isthe CTO and Cofounder of Risk Centric Security. In addition,he is a Distinguished Fellow of the Ponemon Institute. Mr.Florer graduated summa cum laude from the University ofTexas at Austin and is a member of the scholastic honorsociety Phi Beta Kappa.
  3. 3. Deconstructing the causes and costs of a data breach:• Threat Landscape• Types of Data• Types of Costs• Breach Reports• Frameworks, Bias and Correlation• Breach Examples• Closing Remarks• Q & ARisk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  4. 4. 14% of data breaches / 69% of securityincidents caused by internal agents (VerizonDBIR 2013)33% of breaches in 18 companies studiedwere caused by malicious insiders(Ponemon/Symantec 2011 CODB – Mar, 2013)21% of electronic crime events caused byinsiders (CERT 2011 Cybersecurity Survey)Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  5. 5. The actions of agents outside of anorganization that result in a data breach,including:AccidentsNegligenceMaliciousness:HackingPhishingMalware deliveryRisk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  6. 6. 92% of data breaches / 31% of security incidentscaused by external agents (Verizon DBIR 2013)76% of network intrusions exploited weak or stolencredentials (Verizon DBIR 2013)58% of electronic crime events caused by externalagents (CERT 2011 Cybersecurity Survey)40% of breaches caused by malware (Verizon DBIR2013)Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  7. 7. 55% - Organized Crime21% - State affiliated agents2% - activist/hacktivist1% - former employees21% - other or unknown(all figures from Verizon 2013 DBIRRisk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  8. 8. 78% of initial compromises rated as low (68%) or very low(10%) difficulty73% of subsequent actions rated as low (71%) or very low(2%) difficulty22% of initial compromises rated as moderately difficult / 7%of subsequent actions rate the same<1% of initial compromises rated as highly difficult / 21% ofsubsequent actions rate the sameAlmost all moderate and highly difficult actions pertain toespionage and NOT to organized crime.(all figures from Verizon 2013 DBIR)Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  9. 9. Operational DataIntellectual PropertyFinancial InformationPersonally Identifiable Information (PII)Protected Health Information (PHI)Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  10. 10. • Breached entity?• Shareholders?• Citizens / the public at large?• Card brands?• Issuing banks?• Customers?• Business partners?• Consumers?• Taxpayers (law enforcement costs)?Risk Centric Security, Inc. Confidential and Proprietary.Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  11. 11. Fixed / Overall CostsPer record costs:• Direct/Primary• Indirect/Secondary• Variable costs that scale with magnitude ofbreachRisk Centric Security, Inc. Confidential and Proprietary.Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  12. 12. Costs that we should be able to discover and/or estimate:• Lost productivity• Incident response and forensics costs• Costs of replacing lost or damaged hardware, software, orinformation• Public relations costs• Legal costs• Costs of sending letters to notify customers and businesspartners• Costs of providing credit monitoring• Fines from governmental action (HIPAA/HITECH, FTC, StateAttorneys General, etc.)
  13. 13. Costs that we should be able to discover and/orestimate:• Fines and indemnifications imposed by contracts withbusiness partners• Contractual fines and penalties resulting from PCI DSSrelated incidents - either data loss or compliance failure• Judgments and legal settlements - customers, businesspartners, shareholders• Additional compliance and audit costs related to legalsettlements (20 years of additional reporting, for example)Risk Centric Security, Inc. Confidential and Proprietary.Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  14. 14. Costs that might be difficult to discover and/orestimate:• Loss of competitive advantage• Loss of shareholder value• Reputation loss• Opportunity and Sales losses from customers andbusiness partners who went elsewhere• Value of intellectual propertyRisk Centric Security, Inc. Confidential and Proprietary.Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  15. 15. Ponemon Institute 2011 Cost of Data Breach Study:United States (March, 2013)49 Companies surveyed – multiple people per company.Breach sizes ranged from 5K – 100K exposed records.Participants estimated the minimum and maximumamounts for a number of costs, from which the mid-pointvalue was selected.According to some legal experts, Ponemon Institutenumbers are the “gold” standard in the Federal Courts.The raw data are published in the report appendix.Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  16. 16. In the 2011 report:Overall weighted average per record = $194 (down from $214in 2010)Overall average total = $5.5 M (down from $7.2M in 2011)Minimum total cost = $566 KMedian total cost = $4.5 MMaximum total cost = $20.9 MRisk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  17. 17. Ponemon Institute 2013 Cost of Cyber Crime Study:United States56 Organizations Companies surveyed, > 1,000 seatsCosts were due to cyber crime – no errors or accidentalexposures4 week study period extrapolated to 52 weeks.The 56 organizations in the study experienced 102 cyberattacks per week; 1.8 attacks each per week.Annualized costs per company ranged from $1.4M to$46M, with the average = $8.9M and the median = $6.2MAverage attack took 24 days to resolve and cost $592KRisk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  18. 18. Net Diligence 2013 Cyber Liability & Data BreachInsurance Claims study137 events between 2009 and 2011 – claims data wereprovided by underwritersAverage cost per breach = $3.7 millionPayouts were net of deductibles/retentions, which rangedfrom $50K to $1MReport breaks out many types of costs: Crisis services,Legal Defense, Legal SettlementsCyber insurance does not reimburse for “soft” costs likelost customers, brand damage, and lost stock value.Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  19. 19. TJXHeartlandSonyGlobal PaymentsDepartment of Revenue of South Carolina
  20. 20. Plans for the Presidential HelicopterCoca-ColaMerger AcquisitionsInsider ThreatFord Motor Company
  21. 21. Measured on a per record basis, the cost per recorddeclines as the size of the breach increasesMeasured on a total cost basis, the total cost increasesas the number of exposed records increasesBoth of these correlations are weakRisk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  22. 22. Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  23. 23. Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  24. 24. We have covered many topics today. To summarize:• Data breaches are caused by threats from theinside and threats from the outside.• Data breaches are caused by accidents, negligence,and maliciousness.• Data breaches involve many types of data.• Data breaches involve many types of costs.• There are many useful preventative technologies.• There are many effective technologies for breachdetection and mitigation.Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  25. 25. Watchful Software is focused on providing data-centricinformation protection that works. With the massive amountsthat have been invested in securing the network perimeter, onething has become painfully clear: todays enterprises must securethe information itself.Charles Foley is the Chairman and CEO of Watchful Software, Inc.Mr. Foley has over 20 years experience leading both private and public company teamsto success. Prior to Watchful Software, Mr. Foley was the Chairman and CEO ofTimeSight Systems, Inc., a developer of leading-edge storage and video managementsolutions for the physical security market. He also served as President of Tacit Networks,Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.a leader in Wide Area Network acceleration systems,where he designed the marketing and businessdevelopment strategies that led to their profitableacquisition by Packeteer (NASDAQ: PKTR).
  26. 26. Risk Centric Security, Inc. Confidential and Proprietary .Copyright © 2013 Risk Centric Security, Inc . All rights reserved.Heather Goodnight is the Regional Sales director forTriumfant, Inc. She is one of the most accomplishedbusiness and sales development professionals working inthe information security space. By focusing on customers’business needs and aligning products and services, shehelps bring forth the benefits of successful sellingfundamentals and best practices that positively impactbottom-line results.Triumfant leverages patented analytics to detect, analyze and remediate themalicious attacks that evade traditional endpoint protection solutions suchas the Advanced Persistent Threat, Zero Day Attacks, targeted attacks, androotkits. Triumfant automates the process of building a contextual andsurgical remediation that addresses the malware and all of the associatedcollateral damage. Endpoints go from infection to remediation in fiveminutes without the need to reboot or re-image.
  27. 27. Thank you !Patrick Florer, CTO and Co-founderRisk Centric Security, Incpatrick@riskcentricsecurity.com214.828.1172Heather Goodnight, Regional Sales DirectorTriumfant, Inc.heather.goodnight@triumfant.com214.405.5789Charles Foley, Chairman and CEOThomas McClinton, Central US Sales DirectorWatchful Software, Inc.thomas.mcclinton@watchfulsoftware.com832.754.8501Risk Analysis for the 21st Century®

×