SlideShare a Scribd company logo

Datto event master slides

Download as PPTX, PDF
Gary S. Creigh
Gary S. Creigh

Datto event slides – 20/09/2019

Business
1 of 82
DISASTER MASTERCLASS PREPARING FORYOUR DISASTER
Sara Parris Corporate Business Manager Thames Valley Chamber of Commerce
WiFi code SSID: Datto Guest Passphrase: NorthernLight$
Andre Vaux Managing Director claireLOGIC
Email your questions to: questions@clairelogic.net
Mark Godsland Cismp. Cyber Protect Officer Police Cyber Security Advisor
The state of play… Mark Godsland presents:
DISASTER MASTERCLASS The Cyber Risk Falling victim to cyber crime can be devastating for your business, and when you consider that SMEs make up 99.9% of Britain’s 5.5 million sector businesses, it represents a real threat to the whole of the UK economy. Cyber Protect As part of the UK’s National Cyber Security Strategy the Cyber Protect network has been created to help improve the ability for UK PLC to itself against cyber attack. Risk and protection
Cybercrime – the statistics DISASTER MASTERCLASS
Trends and threats DISASTER MASTERCLASS
Numerous Infographics to download and display www.ncsc.gov.uk Available downloads from the NCSC
NCSC Support of the whole business community. Exercise in a box exercise and further resources NCSC – Exercise in a box
Mail Check Free Platform for assessing email security compliance. It collects, processes analyses DMARC reports from across the public and charity sector Web Check Free Service that helps you find and fix common vulnerabilities in UK public and charity sector websites Protective Domain Name System (PDNS) Free reliable internet accessible DNS service for the public and charity sector protects users from threats posed by known malicious malware Exercise in a Box Free service(For all) that helps your organisation find out how resilient you are to cyber attack, and practise your response in a safe environment NCSC Products and Services DISASTER MASTERCLASS
CiSP (Cyber Security Information Sharing Partnership) is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment, increasing situational awareness and reducing the impact on UK business. Benefits of CiSP Engagement with industry and government counterparts in a secure environment Early warning of cyber threats Ability to learn from experiences, mistakes, successes of other users and seek advice Access to free network monitoring reports tailored to your organisations’ requirements How? Organisations: Sponsors must be a government department, existing member or a regional Cyber PROTECT police officer or industry Individuals: Their Organisation must already have a CiSP account. CiSP DISASTER MASTERCLASS
If you are a business, charity or other organisation which is currently suffering a live cyber attack (in progress), please call 0300 123 2040 immediately
What is a live cyber attack? A live attack is one that is ongoing, that is still affecting your system and your ability to work there is an opportunity for law enforcement to stop the attack and/or secure evidence that assist an investigation. For example: Cyber criminals have accessed your network and stolen personal information about your customers and are demanding payment for its safe return. This is also known as hacking extortion. Or Your website is being flooded with traffic – customers are not able to access it as a result. called a distributed denial of service (DDOS) attack. Additional resources The National Cyber Security Centre (NCSC) has created the Small Business Guide to Response and Recovery. It provides SME’s guidance about how to prepare their response, and plan their recovery to a cyber incident. DISASTER MASTERCLASS Reporting of Fraud and Cyber Crime
DISASTER MASTERCLASS Action Fraud
1) Register an account 4) Other standards IASME ISO 27001/13 2) Plan for an event 3) Consider DISASTER MASTERCLASS Planning and considerations
If you would like more advice or to arrange staff, board level awareness sessions, please contact theTVP Cyber Protect Officer: cyber.protect@thamesvaley.pnn.police.uk Follow us onTwitter feed of @TVPCyber_Fraud “This dedicated @TVPCyber_Fraud account will provided & promote Cyber & Fraud prevention / safeguarding advice for all our communities in theTVP Force area, whilst supporting key National messages / campaigns. Please support us by following / retweeting. Thank you” Sign up forTVP Alerts: www.thamesvalleyalert.co.uk Sign up for action Fraud alerts: www.actionfraud.police.uk/sign-up-for-action-fraud-alert DISASTER MASTERCLASS Contacts and sign-posts
Thank you… Mark Godsland
Andre Vaux Managing Director claireLOGIC
Tim Jeffcoat Engineering Manager Datto, Inc.
THE THREAT OF RANSOMWARE Ransomware is rapidly becoming one of the most significant causes of downtime for small and medium businesses. Other 7% SaaS outage 9% Natural disaster 11% Ransomware & Malware 23% Human error 24% ISP/network outage 26% Study conducted in Sept 2016: aberdeen.com/techpro-essentials/downtime-is-money/
All images are public domain and not intended to slander and all logos are copyright to respective companies
Dark Web
LIVE RANSOMWARE DEMO Don’t try this at home
IMPACT OF AN ATTACK The real risk isn’t the cost of the ransom
HOURS AFTER AN ATTACK SHORT TERM Loss of essential business data Loss of employee productivity Inability to process customer orders Loss of new business
DAYS, WEEKS, MONTHS LONG TERM Damaged trust and market reputation Financial cost of recovery Loss of customers Fines and penalties
SO, WHAT NEXT? Staying safe
BACKUP vs BUSINESS CONTINUITY When Backup Isn’t Enough Everyone agrees that backing up is vital. But many think that they’re safe with just backups. Business Continuity minimises downtime Backup minimises data loss
THE RULE OF THREES Three copies of data Two different mediums One backup offsite
RULE OF THREES AND HYBRID CLOUD On-premise Backup & DR Production Environment Off-site Backup & DR
TESTING… TESTING… 1, 2, 3… How often do you test a disaster recovery? (You do test things, right?!) We still see too many businesses that check backups manually, and have never run a disaster recovery test… https://xkcd.com/1205/
IN SUMMARY: Train users Deploy multiple layers of security Protect systems with business continuity, not just backup Conduct penetration and security vulnerability tests Regularly test backups and procedures Rehearse disaster recovery scenarios
THANK YOU Tim Jeffcoat Manager of Sales Engineering @mrjeffcoat
Andre Vaux Managing Director claireLOGIC
Email your questions to: questions@clairelogic.net
Harriet Subramanian Managing Director Flourish PR
Introduction INTRODUCTION Harriet Subramanian
1. PREVENTION & PREPARATION 2. PAST 3. PRESENT 4. MEDIA MINDS 5. TURNING A BRAND AROUND 6. PLAYING FIELD 7. WHAT IS THE COST? In the words of Warren Buffett: “It takes 20 years to build a reputation and five minutes to ruin it.” INTRODUCTION Introduction DISASTER MASTERCLASS
Beyond Crisis Always be prepared: Crisis Communications Plan – communication platforms identified Process Mapped – roles & responsibilities defined Communications Tree – employees Role play Media Spokespeople & Media Training Script For Answering Calls from Media Media Statements Q&A’s Key Messaging Narrative Budget – paid for versus non paid for INTRODUCTION Prevention & preparation DISASTER MASTERCLASS
Audit & Strategic Planning Media Spokespeople & Media Training Media RelationshipsContent Creation Monitoring Legal Action CRISIS & REPUTATION MANAGEMENT DISASTER MASTERCLASS INTRODUCTION Crisis and reputation management
Past INTRODUCTION
NEW YORK TIMES 1947, copy desk INTRODUCTION How it used to be…
Present
MODERN MEDIA Think in the mind of the media – put yourself in their shoes. • Fast Paced • Competitive • Technology Led • Every picture tells a story • Real People
Media minds
Traditional Media Relations/Editorial e.g. The Times, The Sun, Management Today, Red Magazine, The One Show etc Self-publishing Sites e.g. Enterprise Nation; Microsoft.com Hybrids e.g. Techcrunch, V3 Owned e.g. website, social channels, blogs, Apps RSS Newsfeeds; Wire Services Sky News; Telegraph Business FT.com; Times online Shared Content
Playing field
NEWS OPINION RESEARCH News Agenda Comments Research Reactive v Proactive Expertise Case Studies = jackpot Real News Story Tied to News Agenda Research v Study Playing field DISASTER MASTERCLASS
Case studies & techniques
VACCINE SUPPLY Vaccine supply chain issue for a large pharmaceutical DISASTER MASTERCLASS
COST OF RISK Risk budgeting, risk management & control, supermarkets DISASTER MASTERCLASS
RIDING THE STORM DISASTER MASTERCLASS
Thank you… INTRODUCTION Harriet Subramanian
1 Jubilee House ,Third Avenue, Globe Park Marlow, Buckinghamshire, SL7 1EY OFFICE: +44 (0)1628 882 610 | EMAIL: hello@flourishpr.co.uk Web: www.flourishpr.co.uk
Andre Vaux Managing Director claireLOGIC
Nathan Hankin Cyber Development Executive Jelf
Plan B… INTRODUCTION Nathan Hankin
66 • 3rd party breach response firms • Insurance Policy (Full Cyber policy) • Cyber continuity plan INTRODUCTION KnowYour Options Credit: Varonis by Rob Sobers
67 Global Average Average total cost of a data breach $3.92M Average size of a data breach 25,575 records Cost per lost record $150 Time to identify and contain a breach 279 days Highest country average cost of $8.19 million United States Highest industry average cost of $6.45 million Healthcare United Kingdom Average Average total cost of a data breach $3.88M Average size of a data breach 23,636 records Cost per lost record $155 Time to identify and contain a breach 243 days Country rank for total cost 6 Highest industry for cost per record Services IBM Cost of a Data Breach Report 2019 INTRODUCTION The value of data DISASTER MASTERCLASS
68 • Data Breach • Ransomware • CryptoJackin • Malware Common industries targeted with ransomware in Q2 2019 (Source: Coveware) DISASTER MASTERCLASS INTRODUCTION What I.T. Events May My Company Face
69 Have you or your team got time to manage the breach? DISASTER MASTERCLASS INTRODUCTION Claims Management
70 Who specialise in security and privacy compliance issues. DISASTER MASTERCLASS INTRODUCTION Legal Services
71 Who, what, when, where… You'll most likely never know why. DISASTER MASTERCLASS INTRODUCTION IT Forensic Services
72 You’ve spent years building your brand, and all it takes is a few tweets, a few Facebook posts or a bad video your firms value to plummet. DISASTER MASTERCLASS INTRODUCTION Public Relation
73 A chance to say sorry… and potentially reduce any fine DISASTER MASTERCLASS INTRODUCTION Notification And Credit Monitoring
74 Its not always Ransomware DISASTER MASTERCLASS INTRODUCTION Cyber Extortion
75 If you see a crime, report it` DISASTER MASTERCLASS INTRODUCTION Law Enforcement
76 Don’t always believe what you read • AIG says it handled more than 2,000 cyber claims globally in 2018. • Beazley handled more than 3,300 data incidents in 2018 (more than 10,000 since 2009). • In 2018, specialty cyber insurer CFC paid more than 1,000 cyber claims and expects that number to increase by 50% in 2019. • Hiscox dealt with more than 1,000 cyber-related insurance claims in 2017, a 1700% rise over 2013. DISASTER MASTERCLASS INTRODUCTION Myths About Cyber Insurance
77 Confusion and Conflation of Cyber, Property, and Crime Policies Myth: “Cyber insurance does not cover human error.” Myth: “Data breach costs focus on legal liability.” DISASTER MASTERCLASS INTRODUCTION Myths About Cyber Insurance
78 Confusion and Conflation of Cyber, Property, and Crime Policies Myth: “Insurers dictate which incident response providers and advisors are used.” Myth: “Business Interruption cover is limited.” Myth: “Cyber insurance excludes recent technology or system upgrades.” DISASTER MASTERCLASS INTRODUCTION Myths About Cyber Insurance
79 Cyber covers data and systems, Crime insurance covers financial loss or theft of assets INTRODUCTION Cyber Isn't Crime DISASTER MASTERCLASS
Jelf Insurance Brokers Ltd is authorised and regulated by the Financial Conduct Authority (FCA). Not all products and services offered are regulated by the FCA. Registered in England and Wales number 0837227. Registered Office: Hillside Court, Bowling Hill, Chipping Sodbury, BS37 6JX. Thank you jelf.com
Email your questions to: questions@clairelogic.net
Sara Parris Corporate Business Manager Thames Valley Chamber of Commerce
Eric Torres Channel Development Manager Datto, Inc.
Mark Cyber Protect Officer Police Cyber Security Advisor Andre Managing Director claireLOGIC Harriet Managing Director Flourish PR Nathan Cyber Development Executive Jelf

Recommended

BCP Expo Presentation and company overview final ver. 1.0
BCP Expo Presentation and company overview final ver. 1.0BCP Expo Presentation and company overview final ver. 1.0
BCP Expo Presentation and company overview final ver. 1.0Julian Samuels
 
BCP Expo Presentation and company overview final ver. 1.0
BCP Expo Presentation and company overview final ver. 1.0BCP Expo Presentation and company overview final ver. 1.0
BCP Expo Presentation and company overview final ver. 1.0Julian Samuels
 
Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Paperjam_redaction
 
Phishing simulation exercises, by Michael Jenkins
Phishing simulation exercises, by Michael JenkinsPhishing simulation exercises, by Michael Jenkins
Phishing simulation exercises, by Michael JenkinsJisc
 
The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...Jisc
 
RocketCyber Top 10 Security Startups - 2019
RocketCyber Top 10 Security Startups - 2019RocketCyber Top 10 Security Startups - 2019
RocketCyber Top 10 Security Startups - 2019RocketCyber
 
16231
1623116231
16231James Grant
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityArunvignesh Venkatesh
 

Recommended

BCP Expo Presentation and company overview final ver. 1.0
BCP Expo Presentation and company overview final ver. 1.0BCP Expo Presentation and company overview final ver. 1.0
BCP Expo Presentation and company overview final ver. 1.0Julian Samuels
 
BCP Expo Presentation and company overview final ver. 1.0
BCP Expo Presentation and company overview final ver. 1.0BCP Expo Presentation and company overview final ver. 1.0
BCP Expo Presentation and company overview final ver. 1.0Julian Samuels
 
Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Paperjam_redaction
 
Phishing simulation exercises, by Michael Jenkins
Phishing simulation exercises, by Michael JenkinsPhishing simulation exercises, by Michael Jenkins
Phishing simulation exercises, by Michael JenkinsJisc
 
The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...Jisc
 
RocketCyber Top 10 Security Startups - 2019
RocketCyber Top 10 Security Startups - 2019RocketCyber Top 10 Security Startups - 2019
RocketCyber Top 10 Security Startups - 2019RocketCyber
 
16231
1623116231
16231James Grant
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityArunvignesh Venkatesh
 
How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19Dharmendra Rama
 
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_enMonica Verma
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityNathan Desfontaines
 
dcb1203CyberNDI
dcb1203CyberNDIdcb1203CyberNDI
dcb1203CyberNDIPaul Elliott
 
140707_Cyber-Security
140707_Cyber-Security140707_Cyber-Security
140707_Cyber-SecurityTara Gravel
 
symc_annual2001
symc_annual2001symc_annual2001
symc_annual2001finance40
 
A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)GuardEra Access Solutions, Inc.
 
Backups and Disaster Recovery for Nonprofits
Backups and Disaster Recovery for NonprofitsBackups and Disaster Recovery for Nonprofits
Backups and Disaster Recovery for NonprofitsCommunity IT Innovators
 
Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Armor
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 ReportFortis
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Niran Seriki, CCISO, CISM
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCristian Garcia G.
 
Why managed detection and response is more important now than ever
Why managed detection and response is more important now than everWhy managed detection and response is more important now than ever
Why managed detection and response is more important now than everG’SECURE LABS
 
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...TechSoup
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services OfferedRachel Anne Carter
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat managementRajendra Menon
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...OK2OK
 
Big Data Dectives
Big Data DectivesBig Data Dectives
Big Data Dectives- Mark - Fullbright
 
Sophos
SophosSophos
SophosJean Amani
 
Convince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cureConvince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cureDave James
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 

More Related Content

What's hot

How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19Dharmendra Rama
 
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_enMonica Verma
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityNathan Desfontaines
 
140707_Cyber-Security
140707_Cyber-Security140707_Cyber-Security
140707_Cyber-SecurityTara Gravel
 
symc_annual2001
symc_annual2001symc_annual2001
symc_annual2001finance40
 
A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)GuardEra Access Solutions, Inc.
 
Backups and Disaster Recovery for Nonprofits
Backups and Disaster Recovery for NonprofitsBackups and Disaster Recovery for Nonprofits
Backups and Disaster Recovery for NonprofitsCommunity IT Innovators
 
Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Armor
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 ReportFortis
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Niran Seriki, CCISO, CISM
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCristian Garcia G.
 
Why managed detection and response is more important now than ever
Why managed detection and response is more important now than everWhy managed detection and response is more important now than ever
Why managed detection and response is more important now than everG’SECURE LABS
 
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...TechSoup
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services OfferedRachel Anne Carter
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat managementRajendra Menon
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...OK2OK
 

What's hot (20)

How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19
 
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en
2019 08-27 sikkerhetsfestivalen-cloud_security_infinitystones_present_en
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
 
dcb1203CyberNDI
dcb1203CyberNDIdcb1203CyberNDI
dcb1203CyberNDI
 
140707_Cyber-Security
140707_Cyber-Security140707_Cyber-Security
140707_Cyber-Security
 
symc_annual2001
symc_annual2001symc_annual2001
symc_annual2001
 
A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)
 
Backups and Disaster Recovery for Nonprofits
Backups and Disaster Recovery for NonprofitsBackups and Disaster Recovery for Nonprofits
Backups and Disaster Recovery for Nonprofits
 
Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 Report
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfee
 
Why managed detection and response is more important now than ever
Why managed detection and response is more important now than everWhy managed detection and response is more important now than ever
Why managed detection and response is more important now than ever
 
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...
Cybersecurity in Low-Risk Organizations: Understanding Your Risk and Making P...
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services Offered
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sd
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
 
Big Data Dectives
Big Data DectivesBig Data Dectives
Big Data Dectives
 
Sophos
SophosSophos
Sophos
 

Similar to Datto event master slides

Convince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cureConvince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cureDave James
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideInspiring Women
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfMetaorange
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxMetaorange
 
Digitalisation du secteur de l’eau #2 : Protocoles de communication, hebergem...
Digitalisation du secteur de l’eau #2 : Protocoles de communication, hebergem...Digitalisation du secteur de l’eau #2 : Protocoles de communication, hebergem...
Digitalisation du secteur de l’eau #2 : Protocoles de communication, hebergem...Cluster H2O
 
CIO Digest_July 2013 Issue
CIO Digest_July 2013 IssueCIO Digest_July 2013 Issue
CIO Digest_July 2013 IssuePatrick Spencer
 
Cyber liability FINAL
Cyber liability FINALCyber liability FINAL
Cyber liability FINALChris Evans
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaRahul Neel Mani
 
Cybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowCybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowShantam Goel
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyAgus Wicaksono
 
Information and Cyber Warfare
Information and Cyber WarfareInformation and Cyber Warfare
Information and Cyber WarfareSwapnil Jagtap
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
15 Way to Protect Your Business From a Cyberattack .pdf
15 Way to Protect Your Business From a Cyberattack .pdf15 Way to Protect Your Business From a Cyberattack .pdf
15 Way to Protect Your Business From a Cyberattack .pdfBorja ARRIZABALAGA URIARTE
 
Module 8 - External Crisis – Changing Technology.pptx
Module 8 - External Crisis – Changing Technology.pptxModule 8 - External Crisis – Changing Technology.pptx
Module 8 - External Crisis – Changing Technology.pptxcaniceconsulting
 

Similar to Datto event master slides (20)

Convince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cureConvince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cure
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice Guide
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdf
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptx
 
2014 Conference Brochure - GRC 2.0 Breaking Down the Silos
2014 Conference Brochure - GRC 2.0 Breaking Down the Silos2014 Conference Brochure - GRC 2.0 Breaking Down the Silos
2014 Conference Brochure - GRC 2.0 Breaking Down the Silos
 
Digitalisation du secteur de l’eau #2 : Protocoles de communication, hebergem...
Digitalisation du secteur de l’eau #2 : Protocoles de communication, hebergem...Digitalisation du secteur de l’eau #2 : Protocoles de communication, hebergem...
Digitalisation du secteur de l’eau #2 : Protocoles de communication, hebergem...
 
CIO Digest_July 2013 Issue
CIO Digest_July 2013 IssueCIO Digest_July 2013 Issue
CIO Digest_July 2013 Issue
 
b-ciodigest_apr13.en-us
b-ciodigest_apr13.en-usb-ciodigest_apr13.en-us
b-ciodigest_apr13.en-us
 
Cyber liability FINAL
Cyber liability FINALCyber liability FINAL
Cyber liability FINAL
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial Institutions
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
 
Cybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowCybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To Know
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
Building Cyber Resilience
Building Cyber ResilienceBuilding Cyber Resilience
Building Cyber Resilience
 
Information and Cyber Warfare
Information and Cyber WarfareInformation and Cyber Warfare
Information and Cyber Warfare
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
15 Way to Protect Your Business From a Cyberattack .pdf
15 Way to Protect Your Business From a Cyberattack .pdf15 Way to Protect Your Business From a Cyberattack .pdf
15 Way to Protect Your Business From a Cyberattack .pdf
 
Module 8 - External Crisis – Changing Technology.pptx
Module 8 - External Crisis – Changing Technology.pptxModule 8 - External Crisis – Changing Technology.pptx
Module 8 - External Crisis – Changing Technology.pptx
 

Recently uploaded

(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCRsoniya singh
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Marketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet CreationsMarketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet Creationsnakalysalcedo61
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckPitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckHajeJanKamps
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Timedelhimodelshub1
 
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewasmakika9823
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessAggregage
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...lizamodels9
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 

Recently uploaded (20)

(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Marketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet CreationsMarketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet Creations
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckPitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Time
 
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for Success
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 

Datto event master slides

  • 2. Sara Parris Corporate Business Manager Thames Valley Chamber of Commerce
  • 3. WiFi code SSID: Datto Guest Passphrase: NorthernLight$
  • 5. Email your questions to: questions@clairelogic.net
  • 6. Mark Godsland Cismp. Cyber Protect Officer Police Cyber Security Advisor
  • 7. The state of play… Mark Godsland presents:
  • 8. DISASTER MASTERCLASS The Cyber Risk Falling victim to cyber crime can be devastating for your business, and when you consider that SMEs make up 99.9% of Britain’s 5.5 million sector businesses, it represents a real threat to the whole of the UK economy. Cyber Protect As part of the UK’s National Cyber Security Strategy the Cyber Protect network has been created to help improve the ability for UK PLC to itself against cyber attack. Risk and protection
  • 9. Cybercrime – the statistics DISASTER MASTERCLASS
  • 11. Numerous Infographics to download and display www.ncsc.gov.uk Available downloads from the NCSC
  • 12. NCSC Support of the whole business community. Exercise in a box exercise and further resources NCSC – Exercise in a box
  • 13. Mail Check Free Platform for assessing email security compliance. It collects, processes analyses DMARC reports from across the public and charity sector Web Check Free Service that helps you find and fix common vulnerabilities in UK public and charity sector websites Protective Domain Name System (PDNS) Free reliable internet accessible DNS service for the public and charity sector protects users from threats posed by known malicious malware Exercise in a Box Free service(For all) that helps your organisation find out how resilient you are to cyber attack, and practise your response in a safe environment NCSC Products and Services DISASTER MASTERCLASS
  • 14. CiSP (Cyber Security Information Sharing Partnership) is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment, increasing situational awareness and reducing the impact on UK business. Benefits of CiSP Engagement with industry and government counterparts in a secure environment Early warning of cyber threats Ability to learn from experiences, mistakes, successes of other users and seek advice Access to free network monitoring reports tailored to your organisations’ requirements How? Organisations: Sponsors must be a government department, existing member or a regional Cyber PROTECT police officer or industry Individuals: Their Organisation must already have a CiSP account. CiSP DISASTER MASTERCLASS
  • 15. If you are a business, charity or other organisation which is currently suffering a live cyber attack (in progress), please call 0300 123 2040 immediately
  • 16. What is a live cyber attack? A live attack is one that is ongoing, that is still affecting your system and your ability to work there is an opportunity for law enforcement to stop the attack and/or secure evidence that assist an investigation. For example: Cyber criminals have accessed your network and stolen personal information about your customers and are demanding payment for its safe return. This is also known as hacking extortion. Or Your website is being flooded with traffic – customers are not able to access it as a result. called a distributed denial of service (DDOS) attack. Additional resources The National Cyber Security Centre (NCSC) has created the Small Business Guide to Response and Recovery. It provides SME’s guidance about how to prepare their response, and plan their recovery to a cyber incident. DISASTER MASTERCLASS Reporting of Fraud and Cyber Crime
  • 18. 1) Register an account 4) Other standards IASME ISO 27001/13 2) Plan for an event 3) Consider DISASTER MASTERCLASS Planning and considerations
  • 19. If you would like more advice or to arrange staff, board level awareness sessions, please contact theTVP Cyber Protect Officer: cyber.protect@thamesvaley.pnn.police.uk Follow us onTwitter feed of @TVPCyber_Fraud “This dedicated @TVPCyber_Fraud account will provided & promote Cyber & Fraud prevention / safeguarding advice for all our communities in theTVP Force area, whilst supporting key National messages / campaigns. Please support us by following / retweeting. Thank you” Sign up forTVP Alerts: www.thamesvalleyalert.co.uk Sign up for action Fraud alerts: www.actionfraud.police.uk/sign-up-for-action-fraud-alert DISASTER MASTERCLASS Contacts and sign-posts
  • 23. THE THREAT OF RANSOMWARE Ransomware is rapidly becoming one of the most significant causes of downtime for small and medium businesses. Other 7% SaaS outage 9% Natural disaster 11% Ransomware & Malware 23% Human error 24% ISP/network outage 26% Study conducted in Sept 2016: aberdeen.com/techpro-essentials/downtime-is-money/
  • 24.
  • 25.
  • 26. All images are public domain and not intended to slander and all logos are copyright to respective companies
  • 29. IMPACT OF AN ATTACK The real risk isn’t the cost of the ransom
  • 30. HOURS AFTER AN ATTACK SHORT TERM Loss of essential business data Loss of employee productivity Inability to process customer orders Loss of new business
  • 31. DAYS, WEEKS, MONTHS LONG TERM Damaged trust and market reputation Financial cost of recovery Loss of customers Fines and penalties
  • 33. BACKUP vs BUSINESS CONTINUITY When Backup Isn’t Enough Everyone agrees that backing up is vital. But many think that they’re safe with just backups. Business Continuity minimises downtime Backup minimises data loss
  • 34. THE RULE OF THREES Three copies of data Two different mediums One backup offsite
  • 35. RULE OF THREES AND HYBRID CLOUD On-premise Backup & DR Production Environment Off-site Backup & DR
  • 36. TESTING… TESTING… 1, 2, 3… How often do you test a disaster recovery? (You do test things, right?!) We still see too many businesses that check backups manually, and have never run a disaster recovery test… https://xkcd.com/1205/
  • 37. IN SUMMARY: Train users Deploy multiple layers of security Protect systems with business continuity, not just backup Conduct penetration and security vulnerability tests Regularly test backups and procedures Rehearse disaster recovery scenarios
  • 38. THANK YOU Tim Jeffcoat Manager of Sales Engineering @mrjeffcoat
  • 40. Email your questions to: questions@clairelogic.net
  • 43. 1. PREVENTION & PREPARATION 2. PAST 3. PRESENT 4. MEDIA MINDS 5. TURNING A BRAND AROUND 6. PLAYING FIELD 7. WHAT IS THE COST? In the words of Warren Buffett: “It takes 20 years to build a reputation and five minutes to ruin it.” INTRODUCTION Introduction DISASTER MASTERCLASS
  • 44. Beyond Crisis Always be prepared: Crisis Communications Plan – communication platforms identified Process Mapped – roles & responsibilities defined Communications Tree – employees Role play Media Spokespeople & Media Training Script For Answering Calls from Media Media Statements Q&A’s Key Messaging Narrative Budget – paid for versus non paid for INTRODUCTION Prevention & preparation DISASTER MASTERCLASS
  • 45. Audit & Strategic Planning Media Spokespeople & Media Training Media RelationshipsContent Creation Monitoring Legal Action CRISIS & REPUTATION MANAGEMENT DISASTER MASTERCLASS INTRODUCTION Crisis and reputation management
  • 47. NEW YORK TIMES 1947, copy desk INTRODUCTION How it used to be…
  • 49. MODERN MEDIA Think in the mind of the media – put yourself in their shoes. • Fast Paced • Competitive • Technology Led • Every picture tells a story • Real People
  • 51. Traditional Media Relations/Editorial e.g. The Times, The Sun, Management Today, Red Magazine, The One Show etc Self-publishing Sites e.g. Enterprise Nation; Microsoft.com Hybrids e.g. Techcrunch, V3 Owned e.g. website, social channels, blogs, Apps RSS Newsfeeds; Wire Services Sky News; Telegraph Business FT.com; Times online Shared Content
  • 53. NEWS OPINION RESEARCH News Agenda Comments Research Reactive v Proactive Expertise Case Studies = jackpot Real News Story Tied to News Agenda Research v Study Playing field DISASTER MASTERCLASS
  • 54. Case studies & techniques
  • 55. VACCINE SUPPLY Vaccine supply chain issue for a large pharmaceutical DISASTER MASTERCLASS
  • 56. COST OF RISK Risk budgeting, risk management & control, supermarkets DISASTER MASTERCLASS
  • 59. 1 Jubilee House ,Third Avenue, Globe Park Marlow, Buckinghamshire, SL7 1EY OFFICE: +44 (0)1628 882 610 | EMAIL: hello@flourishpr.co.uk Web: www.flourishpr.co.uk
  • 63. 66 • 3rd party breach response firms • Insurance Policy (Full Cyber policy) • Cyber continuity plan INTRODUCTION KnowYour Options Credit: Varonis by Rob Sobers
  • 64. 67 Global Average Average total cost of a data breach $3.92M Average size of a data breach 25,575 records Cost per lost record $150 Time to identify and contain a breach 279 days Highest country average cost of $8.19 million United States Highest industry average cost of $6.45 million Healthcare United Kingdom Average Average total cost of a data breach $3.88M Average size of a data breach 23,636 records Cost per lost record $155 Time to identify and contain a breach 243 days Country rank for total cost 6 Highest industry for cost per record Services IBM Cost of a Data Breach Report 2019 INTRODUCTION The value of data DISASTER MASTERCLASS
  • 65. 68 • Data Breach • Ransomware • CryptoJackin • Malware Common industries targeted with ransomware in Q2 2019 (Source: Coveware) DISASTER MASTERCLASS INTRODUCTION What I.T. Events May My Company Face
  • 66. 69 Have you or your team got time to manage the breach? DISASTER MASTERCLASS INTRODUCTION Claims Management
  • 67. 70 Who specialise in security and privacy compliance issues. DISASTER MASTERCLASS INTRODUCTION Legal Services
  • 68. 71 Who, what, when, where… You'll most likely never know why. DISASTER MASTERCLASS INTRODUCTION IT Forensic Services
  • 69. 72 You’ve spent years building your brand, and all it takes is a few tweets, a few Facebook posts or a bad video your firms value to plummet. DISASTER MASTERCLASS INTRODUCTION Public Relation
  • 70. 73 A chance to say sorry… and potentially reduce any fine DISASTER MASTERCLASS INTRODUCTION Notification And Credit Monitoring
  • 71. 74 Its not always Ransomware DISASTER MASTERCLASS INTRODUCTION Cyber Extortion
  • 72. 75 If you see a crime, report it` DISASTER MASTERCLASS INTRODUCTION Law Enforcement
  • 73. 76 Don’t always believe what you read • AIG says it handled more than 2,000 cyber claims globally in 2018. • Beazley handled more than 3,300 data incidents in 2018 (more than 10,000 since 2009). • In 2018, specialty cyber insurer CFC paid more than 1,000 cyber claims and expects that number to increase by 50% in 2019. • Hiscox dealt with more than 1,000 cyber-related insurance claims in 2017, a 1700% rise over 2013. DISASTER MASTERCLASS INTRODUCTION Myths About Cyber Insurance
  • 74. 77 Confusion and Conflation of Cyber, Property, and Crime Policies Myth: “Cyber insurance does not cover human error.” Myth: “Data breach costs focus on legal liability.” DISASTER MASTERCLASS INTRODUCTION Myths About Cyber Insurance
  • 75. 78 Confusion and Conflation of Cyber, Property, and Crime Policies Myth: “Insurers dictate which incident response providers and advisors are used.” Myth: “Business Interruption cover is limited.” Myth: “Cyber insurance excludes recent technology or system upgrades.” DISASTER MASTERCLASS INTRODUCTION Myths About Cyber Insurance
  • 76. 79 Cyber covers data and systems, Crime insurance covers financial loss or theft of assets INTRODUCTION Cyber Isn't Crime DISASTER MASTERCLASS
  • 77. Jelf Insurance Brokers Ltd is authorised and regulated by the Financial Conduct Authority (FCA). Not all products and services offered are regulated by the FCA. Registered in England and Wales number 0837227. Registered Office: Hillside Court, Bowling Hill, Chipping Sodbury, BS37 6JX. Thank you jelf.com
  • 78. Email your questions to: questions@clairelogic.net
  • 79. Sara Parris Corporate Business Manager Thames Valley Chamber of Commerce
  • 80. Eric Torres Channel Development Manager Datto, Inc.
  • 81.
  • 82. Mark Cyber Protect Officer Police Cyber Security Advisor Andre Managing Director claireLOGIC Harriet Managing Director Flourish PR Nathan Cyber Development Executive Jelf

Editor's Notes

  1. A few comments from a Policing perspective of the extent of Cyber Risks that effect the wider UK Business Community
  2. A few stats for the audience to consider? Who has been the victim of cybercrime? Who has had spam emails?
  3. These are the current trends and threats Please note that the main 4 factors is more than likely down to a Staff Member, hence investment to continuing staff training is vital!
  4. Available downloads from the NCSC Public sector and Charity entities, please come and see or email the Police Cyber Security Advisor.
  5. NCSC Exercise in a Box video (2.30min) + verbal link the offerings by the NCSC to support the wider business community.
  6. NCSC Products and Services on offer.
  7. Explain the benefits of the CiSP to the audience and how we can assist in membership.
  8. If you are a business, charity or other organisation which is currently suffering a live cyber attack (in progress), please call  0300 123 2040 immediately
  9. This slide shows how and where to report Cyber and Fraud crime via Action Fraud. Please note the Action Fraud 24/7 live reporting tool for businesses You are advised to make sure you know pre incident how to report.
  10. To gain more advice and positive engagement process, consider the above.
  11. To gain more advice and positive engagement process, consider the above.
  12. Contacting TVP Cyber Protect Officer for advice, staff awareness presentations, board decisions and disruptions planning exercise. Our dedicated Twitter account, signing up for TVP and Action Fraud Alerts
  13. https://www.datto.com/resource-downloads/StateOfTheChannelRansomwareReport_EUROPE-5.pdf https://www.aberdeen.com/techpro-essentials/downtime-is-money/
  14. customer records, orders and financial data, product details and proprietary information
  15. THE RULE OF THREES Data has to be stored off site, this much is nothing new. The cloud makes it easy (and cheap!) to store data offsite. But cloud-only can result in long recovery times, and can have hidden costs, so choose carefully. A hybrid approach of onsite+cloud is often the most feasible and flexible.
  16. Look for a solution that automates full backups tests, and allows you to test daily, or even hourly. Ideally, your chosen solution should integrate with other tools to further increase automation and proactive alerting. And what about full-scale DR tests? Just once a year you say? Practise makes perfect.
  17. A reputation is a delicate thing, which can take years to build & shape and mere moments to tarnish or ruin. 2019 – brands under the spotlight already include Boeing; Deutche Bank; Starbucks; Huawei; Facebook; Cambridge Analytics And the way a company communicates with stakeholders and the general public during a crisis can be pivotal in determining whether it bounces back stronger than ever or is irrevocably tarnished by its response to the situation.
  18. Three key reasons for a crisis comms in business – outright lying; fraud or financial embezzlement; sexual misconduct Therefore must have robust risk management processes and clear communications Reputation recovery – two year cycle; relies on a strong brand; pre-existing relationships with media Do not expect media to cut you any slack because you are the new kid on the block
  19. How it is today Huffington Post Guardian Australia news desk
  20. How it used to be
  21. How it is today Huffington Post Guardian Australia news desk
  22. National Public Radio (NPR) US – media is not immune - own reputation crisis (editor resigned over harassment allegations); as much online as broadcast Important to recognize dual aspects of media – online as much as in print and on air
  23. How it is today Huffington Post Guardian Australia news desk
  24. Easy to critique in hindsight but let’s look at some examples
  25. Easy to critique in hindsight but let’s look at some examples
  26. Easy to critique in hindsight but let’s look at some examples
  27. Morning everyone, we've learnt quite a lot so far about your needs and potential wants around an IT lead disaster. Im going to focus on cyber attacks against your systems. We will cover the different type of attacks in a moment. But let's take a look at the option available to you as a business to help you recover after an incident. 3rd party breach response firms – There are many firms out there that can put together a group of services to help you survive a breach. Other firms will manage an incident with your preffered suppliers. The downside to this is that you will be paying them and the firms you use. The positive however is that the firms will have experience dealing with these scenarios, much quicker than an internal team could. Insurance Policy (Full Cyber policy). Note I mention full policy as opposed to an add-on. Add-ons offer tiny limits and may sublimit sections or include exclusions or definitions you may not find on a full policy. Most of you will insure your building and contents because you see the physical and monetary value. Little do people realise just how crucial IT systems are for their to day to day trading. Taking calls, access to your emails, invoicing, inventory, design or manufacturing, that’s the price and value of your tech equipment, your revenue. If you suffer a Cyber attack, the costs could be even more due to fines and penalties. An insurance policy can cover the services mentioned previously but obviously the insurer picks up the cost and you will be left to pay only the excess that you would of pre agreed. You will have top class services that the insurers make use of by using their economy of scales. Who has a business continuity plan for their business in the event of a physical peril such as fire, flood or explosion? Ok good, now keep your hands up if you have a continuity plan in the event of a cyber attack? With a cyber continuity plan, you will need to make a plan, source vendors and create a team to handle the type of threat that may off occurred. You may of saved money by not insuring or using a third party, but is the salary of the team looking after the plan truly cost affective? One thing I need to make very clear. A cyber attack is not just an I.T issue. It effects many people though out the organisation. You will see how as we continue.
  28. IBM Cost of a Data Breach Report 2019
  29. Data Breach, the main attack that everyone is afraid of. Why? Because it costs a lot to fix, you lose customers trust and large fines can be issued. Top 3 breaches to date? Yahoo Date: 2013-14 Impact: 3 billion user accounts. Marriott International Date: 2014-18 Impact: 500 million customers. Adult Friend Finder Date: October 2016 Impact: More than 412.2 million Ransomware is more lucrative than ever for criminals. In an analysis of attacks seen in the second quarter of this year, ransomware incident response firm Coveware reports that the average ransom paid by victims more than doubled from the first part of the year. In Q2 of 2019, the average ransom payment increased by 184 percent to $36,295, as compared to $12,762 in Q1 of 2019," Coveware said. "The increase reflects the growing prevalence of Ryuk and Sodinokibi, variants of ransomware that have rapidly increased their demands. These types of ransomware are predominantly used in targeted attacks on larger enterprises, or on distributed networks of companies via IT managed service providers or hosting ISPs.“ CryptoJacking – Symantec have advised that Cryptojacking has Skyrocketed to the Top of the Attacker Toolkit, Signaling Massive Threat to Cyber and Personal Security, During the past few years, an astronomical rise in cryptocurrency values triggered a cryptojacking gold rush with cyber criminals attempting to cash in on a volatile market. Detections of coinminers on endpoint computers increased by 8,500 percent in 2017. If you want to understand more about cryptojacking, watch their 2 minute video on Youtube. Type in Symantec, cryptojacking. Malware – is any software intentionally designed to cause damage to a computer, server, client, or computer network. Malware does the damage after it is implanted or introduced in some way into a target's computer and can take the form of directly executable code, scripts, so-called "active content" (Microsoft Windows), and other forms of data.[2] Some kinds of malware are largely referred to in the media as computer viruses, worms, Trojan horses, ransomware, spyware, adware, and scareware, among other terms. Malware has a malicious intent, acting against the interest of the computer user—and so does not include software that causes unintentional harm due to some deficiency, which is typically described as a software bug. Programs officially supplied by companies can be considered malware if they secretly act against the interests of the computer user. For example, at one point Sony music Compact discs silently installed a rootkit on purchasers' computers running Microsoft Windows with the intention of preventing illicit copying; but which also reported on users' listening habits, and unintentionally created extra security vulnerabilities. So I will be talking about how an insurance policy would respond to a data breach incident and ransomware attack. This is because the policy would respond in the same way for the other incidents as well. If you haven’t got a cyber continuity plan in place, make note of the services to consider going forward.
  30. Claims Management is where your plan or policy begins. Some insurers let the law firm manage and look after the data breach and other services. Others appoint the IT forensic firm to oversee the claim or have a specific claims manager to work with all the parties involved. Either way, you need to know who's looking after you, how to contact them and you need to make sure that they can provide 24/7 365 days support. That’s the crucial part, a breach can happen at any point or be launched from any country, if you have an internal team looking after this, you need to think about having some form of 24/7 management.
  31. Legal Services. How do I report to the Information Commission Office, Am I in breach of contract? Will I get sued? How do I tell clients? Who will defend me in court? This section under a policy also includes compensation due to third parties that may have been a victim of the breach. For those of you who have clients based worldwide, if you have a current law firm that you work with, Do they specialise in EU or GDPR laws only or can they advise on worldwide laws? Just because the breached happened here, it doesn’t mean you report in the same manner.
  32. The clocks ticking every second counts. When dealing with a data breach you have 72 hours to report the breach to those affected. Your claims manager should of already contacted your forensic service and updated them on the situation. Some insurers charge no excess if an event can be resolved within 48 hours. It’s important to point out I’m refereeing to a IT forensic firm. A computer forensics examiner typically analysis and interprets computer data for investigation of a crime. They provide a scientific process of capturing and analyzing electronically stored information, for the purposes of investigation and establishing narratives of digital activity. They will identify the existence, cause and extent of the breach. Is the firm you use capable?
  33. Yes IT can help you access social media, but are they the voice of the company? You may have a PR or Marketing manager, but have they dealt with this issue before? You should work with a PR firm who specialise in these type of events to deliver the message of the company but in the right tone.
  34. So far we've discussed 1st party covers, how are we going to protect ourselves after we've done something wrong. When you say it like that, it sounds pretty selfish right? We need to notify the effected clients with our legally tight, fluffed up by PR message, we may say sorry in the letter but what have we done to show this? Credit monitoring is a great way to say sorry. For a year, Experian can monitor the effected individuals account for fraudulent activity. They think great, they do care and I'm protected. What we've actually done is even better for the company. As well as saying sorry and getting the client back on side, we have potentially reduced any claim the clients might make against us for emotional distress. Notification costs are also included. This could be to cover the cost of posting letters or setting up call centres to deal with additional calls.
  35. So in the event of a cyber attack, you are unable to use any equipment connected to the network of the connected device. As well as using all the services above, you will usually find a significant ransom to pay. Should the IT forensic firm be unable to restore a backup, they may advised the ransom needs to be paid. Insurers will reimburse you for that expense and continue to offer the IT forensic services. Most people think that because they pay the ransom, their services will be up and running smoothly. Imagine im a burglar and I gained entry to your house and secured it. If you want it back you have to pay me £5,000. If you paid me that £5,000, would you expect your house to be in the same state you left it?
  36. Dr. Michael McGuire on a cybercrime study said that if Cybercrime – was a nation state like the US or Russia – it would be the 13th largest GDP in the entire world. Let’s take a look at some more of the 2018 Cybercrime Statistics that give us a greater insight into how cybercrime is evolving. For the sake of this study, “cybercrime revenues are identified as any revenues arising from crimes where computers play an obviously direct role.” However, there were some categories omitted, things like mass communication scams such as phone scams were not included. Its important to let the police know if you are a victim of cyber crime, insured or not. It could be part of a larger attack or help them understand the attackers plans.
  37. Despite the growth in uptake, the value of cyber insurance has recently been the subject of considerable debate within the insurance industry, some of which has played out in the media. The discussion has, in many cases, not reflected fairly on the role of cyber insurance in reducing the economic impact of risk. The debate has often conflated cyber policies with property, casualty, and crime policies, particularly around how these policies do or do not respond to cyber claims. But the facts are clear: Cyber insurance is a reliable, cost-effective way to transfer the risks companies face from the increasing use of data and technology in business operations. And standalone cyber policies will generally respond to those risks. As the range of cyber risks and coverages have expanded, so have purchase rates of standalone cyber insurance. The number of Marsh clients buying dedicated cyber insurance has doubled over the past five years, with nearly 40% now purchasing cyber policies (see Figure 1). And the development of broader coverage offerings is attracting a wider range of buyers; purchasing among Marsh clients has risen by an average of 15% annually since 2016, with highest growth among the hospitality, manufacturing, education, and power and utility sectors.
  38. Despite increasing appreciation for cyber insurance, many organizations still expect — mistakenly — that cyber losses will be fully covered under non-cyber (property, casualty, or crime) policies. This confusion has been exacerbated by inaccurate or misleading commentary in, and by, the media. The issue stems from the fact that cyber risk as a peril can result in multiple forms of loss that have not traditionally been explicitly excluded under property, casualty, and crime policies. This has created what is known as “silent cyber” — the unknown exposure in an insurer’s portfolio created by a cyber peril that has not been explicitly excluded. As insurers have seen a rise in unexpected claims under non-cyber policies, “silent cyber” is now being more closely monitored and cyber risk increasingly excluded from traditional insurance lines. Along those lines, several insurers have issued clarification of their intent to only cover cyber perils in cyber policies. In early July 2019, Lloyd’s issued a new mandate requiring its market underwriters to ensure that all policies either explicitly affirm or exclude cyber cover, in an effort to eliminate non-affirmative or “silent cyber” risks from property policies as of January 2020, and from liability coverages a year later. Truth: While cyber insurance was primarily designed to address malicious cyber incidents, it has evolved to cover a wide range of operational and human risk, including social engineering, accidental disclosure, loss of a laptop or device, rogue employees, and failed updates or system migration. Generally, cyber policies do not exclude coverage for accidental errors or omissions, and many affirmatively cover such losses through system failure or administrative error coverage grants. Truth: Data breach insurance is the most established aspect of cyber insurance and coverage is broad, particularly for first-party breach response costs, which can include legal, crisis management, call center, forensics, credit monitoring, and notification expenses. Cyber insurance will generally also cover the expenses associated with business interruption and data loss events.
  39. Truth: While most cyber insurers have a recommended panel of service providers (legal counsel and vendors), many are willing to accommodate an insured’s existing or preferred providers. Some insurers will even allow policyholders to have absolute discretion in their choice of vendors. Truth: Business interruption cover has evolved considerably to reflect the nature of how companies function today. Cover will typically extend to the overall financial impact to the business, beyond just the duration of the cyber event. Many policies will also cover losses resulting from a system failure or technology disruption at an insured’s IT vendors or within its supply chain. Truth: A robust cyber insurance policy can contemplate system upgrades where such best practice is the most cost-effective solution. Cyber insurers embrace insureds that view security as a journey, not a destination.
  40. A common misconception is that Cyber insurance covers fraud as standard, that is not the case. You either need a crime add on or a full crime policy. Invoice fraud, social engineering and push payment fraud are all incidents that can be insured but under crime. It covers any financial loss or theft of assets. Cybercrime made up a third of CFCs claims last year and they expect that to grow even further.