SlideShare a Scribd company logo

LTU Cybersecurity

M
Michael Fieldhouse

The document discusses cyber security threats and provides advice. It notes that hacking is now a criminal activity, cyber crime costs $400 billion annually, and 230,000 new malware pieces are released daily. Individuals and organizations must take collective responsibility for cyber safety. Physical and IT security are directly linked, and supply chains and third parties present security risks if not properly vetted. Organizations must have recovery plans in place in case of an attack, as the attackers have the advantage.

1 of 15
Download to read offline
latrobe.edu.au CRICOS Provider 00115M Data and Security Michael Fieldhouse Director – Emerging Businesses and Federal Government Hewlett Packard Enterprise Adjunct Professor – La Trobe University September 2016
2La Trobe University Four things I want to leave you with…  Cyber safety is our collective responsibility  Direct link between physical and IT security  Supply chain & 3rd party security is critical  How are you going to recover from a cyber attack?
3La Trobe University Let’s set the scene…  Hacking was once the domain of the hobbyists – “the nerd” – now a criminal activity  Cyber crime (2015: ~$400bn) is nearly as large as global drug trade (~$435bn)  An etimated 800 million personal records where stolen during 2014  230,000 new pieces of malware are released every day  Whale phishing (focused on executives) nets catchers between $25k - $50k per time ̶ Thieves will pose as these executives to get money or information from employees using fake company logos and email signatures  Monash University found that 72% of surveyed Australian middle school students had experienced unwanted or unpleasant contact from strangers on their social networking profile
4La Trobe University Cyber criminals…  But don’t think cyber criminals only focus on corporations, banks or wealthy celebrities  Individual users like you and me are also targets  Cyber criminals collaborate…  They work across international boundaries – without accountability for their actions  They focus on the weakest link… think about your supply chain ̶ External advisors: accountants, lawyers, etc… ̶ Third party companies that provide input to your business ̶ Do you ask your advisors to report their security incidents?
5La Trobe University Examples…  Cost to Australia is around $4bn p.a.  “Per Symantec, cyber crime has touched nearly 5 million Australians”  32% of Australian smartphone users have experienced mobile cyber crime in the past 12 months
6La Trobe University More examples…  Conversations can be edited using Photoshop, etc and sent to your workplace… simple extortion
7La Trobe University Cyber safety and education is our collective responsibility  Cyber safety staff inductions  Lunch time awareness session  IT Manager circulating details of current scams and issues  Put up posters warning of the risks  Talk about the issue in staff meetings & encourage reporting ̶ Eliminate the ‘fear of honesty’
8La Trobe University Your data and information  Understand what is public and what is private  If private… how important is it?  What data or information is on a “needs to know basis” only?  What happens if the data is compromised?  Do you have a plan for recovery? Have you tested it?
9La Trobe University Recovery…  The game is in favour of attackers ̶ 230,000 pieces of malware released everyday ̶ The reach of criminals is international  Do you have a plan if you are compromised? ̶ What would you communicate to clients, staff, other stakeholders? ̶ What insurance do you have? (Note: usually this is minimal) ̶ What impact could cyber crime have on your cash flow? ̶ Is it part of the business continuity plan? Have you tested the plan? ̶ Has there been discussion at management or board level?
10La Trobe University The link between physical & IT security  Human mules ̶ Accessing unprotected systems ̶ USBs, WiFi points and computer connections  ‘Tailgating’  Visitor check-in ̶ Identification ̶ Logging the visitor ̶ What areas are off limits? ̶ Escorting procedures
11La Trobe University Supply chain security  Cyber criminal focus on the weakest points and where the value is ̶ International financial marketing ̶ Information is king  Contract documents moving back and forward from lawyers  Information on production yields  Pricing information ̶ Marketing and advertising firms
12La Trobe University Other thoughts for consideration  Purchase of USBs and second hand computers  Movement of data and information between work and home environments  Cyber safety education for adults on the dangers of computer games ̶ Communication between avatars
13La Trobe University Cyber vulnerability is a service business
14La Trobe University Four things I want to leave you with…  Cyber safety is our collective responsibility  Direct link between physical and IT security  Supply chain & 3rd party security is critical  How are you going to recover from a cyber attack?
Thank you latrobe.edu.au CRICOS Provider 00115M ….a good article to read: HBR Cyber security lessons from the Pentagon, Sept 2015 Michael Fieldhouse +61 421 060 590 michael.fieldhouse@hpe.com Linkedin - https://au.linkedin.com/in/michaelfieldhouse

Recommended

Research paper -- neri
Research paper -- neriResearch paper -- neri
Research paper -- neri
aejay_neri
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull.com
 
Brua computer forensics specialist
Brua computer forensics specialistBrua computer forensics specialist
Brua computer forensics specialist
fernando_bruaj
 
Mary hankins fernando br ua
Mary hankins fernando br uaMary hankins fernando br ua
Mary hankins fernando br ua
Jennifer Cataluña
 
Cataluña mary hapkins
Cataluña mary hapkinsCataluña mary hapkins
Cataluña mary hapkins
Jennifer Cataluña
 
Dungogan chap2 lab 1
Dungogan chap2 lab 1Dungogan chap2 lab 1
Dungogan chap2 lab 1
ricky098
 
Zamayla chap2 lab 1
Zamayla chap2 lab 1Zamayla chap2 lab 1
Zamayla chap2 lab 1
zamayla143
 
European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016
Omer Coskun
 

Recommended

Research paper -- neri
Research paper -- neriResearch paper -- neri
Research paper -- neri
aejay_neri
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull.com
 
Brua computer forensics specialist
Brua computer forensics specialistBrua computer forensics specialist
Brua computer forensics specialist
fernando_bruaj
 
Mary hankins fernando br ua
Mary hankins fernando br uaMary hankins fernando br ua
Mary hankins fernando br ua
Jennifer Cataluña
 
Cataluña mary hapkins
Cataluña mary hapkinsCataluña mary hapkins
Cataluña mary hapkins
Jennifer Cataluña
 
Dungogan chap2 lab 1
Dungogan chap2 lab 1Dungogan chap2 lab 1
Dungogan chap2 lab 1
ricky098
 
Zamayla chap2 lab 1
Zamayla chap2 lab 1Zamayla chap2 lab 1
Zamayla chap2 lab 1
zamayla143
 
European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016
Omer Coskun
 
Cataluña computer forensics specialist
Cataluña computer forensics specialistCataluña computer forensics specialist
Cataluña computer forensics specialist
Jennifer Cataluña
 
Computer Forensics Specialist
Computer Forensics SpecialistComputer Forensics Specialist
Computer Forensics Specialist
Guevarra Institute of Technology
 
Cataluña computer forensics specialist
Cataluña computer forensics specialistCataluña computer forensics specialist
Cataluña computer forensics specialist
Jennifer Cataluña
 
Computer forensics paper
Computer forensics paperComputer forensics paper
Computer forensics paper
Guevarra Institute of Technology
 
Computer forensics paper ---neri
Computer forensics paper ---neriComputer forensics paper ---neri
Computer forensics paper ---neri
aejay_neri
 
Jenevie
JenevieJenevie
Jenevie
jenevie_llagas
 
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsOpen Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Black Duck by Synopsys
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013
Martin Jordan
 
Mary hankins(lord)
Mary hankins(lord)Mary hankins(lord)
Mary hankins(lord)
lord_durana
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
Dr Lendy Spires
 
HispanoTech Event - The Cyber Security Readiness of Canadian Organizations
HispanoTech Event - The Cyber Security Readiness of Canadian OrganizationsHispanoTech Event - The Cyber Security Readiness of Canadian Organizations
HispanoTech Event - The Cyber Security Readiness of Canadian Organizations
Fernando Blasco
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
Charmaine Servado
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Eric Vanderburg
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
Cyber Crime is around us
Cyber Crime is around usCyber Crime is around us
Cyber Crime is around us
lichuyuliting
 
Cyber security analysis presentation
Cyber security analysis presentationCyber security analysis presentation
Cyber security analysis presentation
Vaibhav R
 
Cyber Security Basics for the WFH Economy
Cyber Security Basics for the WFH EconomyCyber Security Basics for the WFH Economy
Cyber Security Basics for the WFH Economy
Internet Law Center
 
Autism_partnership_Brochure
Autism_partnership_BrochureAutism_partnership_Brochure
Autism_partnership_Brochure
Michael Fieldhouse
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sector
Core Security
 
TAG IoT Summit - Why You Need a Strategy for the Internet of Things
TAG IoT Summit - Why You Need a Strategy for the Internet of ThingsTAG IoT Summit - Why You Need a Strategy for the Internet of Things
TAG IoT Summit - Why You Need a Strategy for the Internet of Things
Eric Sineath
 
Federal Information Security - Rob Potter
Federal Information Security - Rob PotterFederal Information Security - Rob Potter
Federal Information Security - Rob Potter
scoopnewsgroup
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
Government Technology and Services Coalition
 

More Related Content

What's hot

Cataluña computer forensics specialist
Cataluña computer forensics specialistCataluña computer forensics specialist
Cataluña computer forensics specialist
Jennifer Cataluña
 
Cataluña computer forensics specialist
Cataluña computer forensics specialistCataluña computer forensics specialist
Cataluña computer forensics specialist
Jennifer Cataluña
 
Computer forensics paper ---neri
Computer forensics paper ---neriComputer forensics paper ---neri
Computer forensics paper ---neri
aejay_neri
 
Mary hankins(lord)
Mary hankins(lord)Mary hankins(lord)
Mary hankins(lord)
lord_durana
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
Dr Lendy Spires
 
HispanoTech Event - The Cyber Security Readiness of Canadian Organizations
HispanoTech Event - The Cyber Security Readiness of Canadian OrganizationsHispanoTech Event - The Cyber Security Readiness of Canadian Organizations
HispanoTech Event - The Cyber Security Readiness of Canadian Organizations
Fernando Blasco
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
Charmaine Servado
 
Cyber Crime is around us
Cyber Crime is around usCyber Crime is around us
Cyber Crime is around us
lichuyuliting
 

What's hot (17)

Cataluña computer forensics specialist
Cataluña computer forensics specialistCataluña computer forensics specialist
Cataluña computer forensics specialist
 
Computer Forensics Specialist
Computer Forensics SpecialistComputer Forensics Specialist
Computer Forensics Specialist
 
Cataluña computer forensics specialist
Cataluña computer forensics specialistCataluña computer forensics specialist
Cataluña computer forensics specialist
 
Computer forensics paper
Computer forensics paperComputer forensics paper
Computer forensics paper
 
Computer forensics paper ---neri
Computer forensics paper ---neriComputer forensics paper ---neri
Computer forensics paper ---neri
 
Jenevie
JenevieJenevie
Jenevie
 
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsOpen Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013
 
Mary hankins(lord)
Mary hankins(lord)Mary hankins(lord)
Mary hankins(lord)
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
 
HispanoTech Event - The Cyber Security Readiness of Canadian Organizations
HispanoTech Event - The Cyber Security Readiness of Canadian OrganizationsHispanoTech Event - The Cyber Security Readiness of Canadian Organizations
HispanoTech Event - The Cyber Security Readiness of Canadian Organizations
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Cyber Crime is around us
Cyber Crime is around usCyber Crime is around us
Cyber Crime is around us
 
Cyber security analysis presentation
Cyber security analysis presentationCyber security analysis presentation
Cyber security analysis presentation
 
Cyber Security Basics for the WFH Economy
Cyber Security Basics for the WFH EconomyCyber Security Basics for the WFH Economy
Cyber Security Basics for the WFH Economy
 

Viewers also liked

TAG IoT Summit - Why You Need a Strategy for the Internet of Things
TAG IoT Summit - Why You Need a Strategy for the Internet of ThingsTAG IoT Summit - Why You Need a Strategy for the Internet of Things
TAG IoT Summit - Why You Need a Strategy for the Internet of Things
Eric Sineath
 
Federal Information Security - Rob Potter
Federal Information Security - Rob PotterFederal Information Security - Rob Potter
Federal Information Security - Rob Potter
scoopnewsgroup
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
Government Technology and Services Coalition
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector
Scott Geye
 

Viewers also liked (14)

Autism_partnership_Brochure
Autism_partnership_BrochureAutism_partnership_Brochure
Autism_partnership_Brochure
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sector
 
TAG IoT Summit - Why You Need a Strategy for the Internet of Things
TAG IoT Summit - Why You Need a Strategy for the Internet of ThingsTAG IoT Summit - Why You Need a Strategy for the Internet of Things
TAG IoT Summit - Why You Need a Strategy for the Internet of Things
 
Federal Information Security - Rob Potter
Federal Information Security - Rob PotterFederal Information Security - Rob Potter
Federal Information Security - Rob Potter
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive Briefing
 
HPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly InnovateHPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly Innovate
 
Cyber security conference 2016 - OpenSphere Overview
Cyber security conference 2016 - OpenSphere OverviewCyber security conference 2016 - OpenSphere Overview
Cyber security conference 2016 - OpenSphere Overview
 
Cas cyber prez
Cas cyber prezCas cyber prez
Cas cyber prez
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security Conference
 
[2016] · The CIO’s Flowchart to Achieve Success: How to Tame Tech, Understand...
[2016] · The CIO’s Flowchart to Achieve Success: How to Tame Tech, Understand...[2016] · The CIO’s Flowchart to Achieve Success: How to Tame Tech, Understand...
[2016] · The CIO’s Flowchart to Achieve Success: How to Tame Tech, Understand...
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud Cybersecurity
 
If You Can't Beat 'Em, Join 'Em (AppSecUSA)
If You Can't Beat 'Em, Join 'Em (AppSecUSA)If You Can't Beat 'Em, Join 'Em (AppSecUSA)
If You Can't Beat 'Em, Join 'Em (AppSecUSA)
 

Similar to LTU Cybersecurity

Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 feb
mharbpavia
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
Russell Publishing
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Paige Rasid
 

Similar to LTU Cybersecurity (20)

Showreel ICSA Technology Conference
Showreel ICSA Technology ConferenceShowreel ICSA Technology Conference
Showreel ICSA Technology Conference
 
SLVA - Privacy Framework and Approach
SLVA - Privacy Framework and ApproachSLVA - Privacy Framework and Approach
SLVA - Privacy Framework and Approach
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 feb
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
 
Cyber security best practices
Cyber security best practicesCyber security best practices
Cyber security best practices
 
Ecommerce security
Ecommerce securityEcommerce security
Ecommerce security
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
 
Microsoft Digital Crimes Unit
Microsoft Digital Crimes UnitMicrosoft Digital Crimes Unit
Microsoft Digital Crimes Unit
 
Merit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your SystemsMerit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your Systems
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReport
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdf
 
L123
L123L123
L123
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptx
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security
 

LTU Cybersecurity

  • 1. latrobe.edu.au CRICOS Provider 00115M Data and Security Michael Fieldhouse Director – Emerging Businesses and Federal Government Hewlett Packard Enterprise Adjunct Professor – La Trobe University September 2016
  • 2. 2La Trobe University Four things I want to leave you with…  Cyber safety is our collective responsibility  Direct link between physical and IT security  Supply chain & 3rd party security is critical  How are you going to recover from a cyber attack?
  • 3. 3La Trobe University Let’s set the scene…  Hacking was once the domain of the hobbyists – “the nerd” – now a criminal activity  Cyber crime (2015: ~$400bn) is nearly as large as global drug trade (~$435bn)  An etimated 800 million personal records where stolen during 2014  230,000 new pieces of malware are released every day  Whale phishing (focused on executives) nets catchers between $25k - $50k per time ̶ Thieves will pose as these executives to get money or information from employees using fake company logos and email signatures  Monash University found that 72% of surveyed Australian middle school students had experienced unwanted or unpleasant contact from strangers on their social networking profile
  • 4. 4La Trobe University Cyber criminals…  But don’t think cyber criminals only focus on corporations, banks or wealthy celebrities  Individual users like you and me are also targets  Cyber criminals collaborate…  They work across international boundaries – without accountability for their actions  They focus on the weakest link… think about your supply chain ̶ External advisors: accountants, lawyers, etc… ̶ Third party companies that provide input to your business ̶ Do you ask your advisors to report their security incidents?
  • 5. 5La Trobe University Examples…  Cost to Australia is around $4bn p.a.  “Per Symantec, cyber crime has touched nearly 5 million Australians”  32% of Australian smartphone users have experienced mobile cyber crime in the past 12 months
  • 6. 6La Trobe University More examples…  Conversations can be edited using Photoshop, etc and sent to your workplace… simple extortion
  • 7. 7La Trobe University Cyber safety and education is our collective responsibility  Cyber safety staff inductions  Lunch time awareness session  IT Manager circulating details of current scams and issues  Put up posters warning of the risks  Talk about the issue in staff meetings & encourage reporting ̶ Eliminate the ‘fear of honesty’
  • 8. 8La Trobe University Your data and information  Understand what is public and what is private  If private… how important is it?  What data or information is on a “needs to know basis” only?  What happens if the data is compromised?  Do you have a plan for recovery? Have you tested it?
  • 9. 9La Trobe University Recovery…  The game is in favour of attackers ̶ 230,000 pieces of malware released everyday ̶ The reach of criminals is international  Do you have a plan if you are compromised? ̶ What would you communicate to clients, staff, other stakeholders? ̶ What insurance do you have? (Note: usually this is minimal) ̶ What impact could cyber crime have on your cash flow? ̶ Is it part of the business continuity plan? Have you tested the plan? ̶ Has there been discussion at management or board level?
  • 10. 10La Trobe University The link between physical & IT security  Human mules ̶ Accessing unprotected systems ̶ USBs, WiFi points and computer connections  ‘Tailgating’  Visitor check-in ̶ Identification ̶ Logging the visitor ̶ What areas are off limits? ̶ Escorting procedures
  • 11. 11La Trobe University Supply chain security  Cyber criminal focus on the weakest points and where the value is ̶ International financial marketing ̶ Information is king  Contract documents moving back and forward from lawyers  Information on production yields  Pricing information ̶ Marketing and advertising firms
  • 12. 12La Trobe University Other thoughts for consideration  Purchase of USBs and second hand computers  Movement of data and information between work and home environments  Cyber safety education for adults on the dangers of computer games ̶ Communication between avatars
  • 13. 13La Trobe University Cyber vulnerability is a service business
  • 14. 14La Trobe University Four things I want to leave you with…  Cyber safety is our collective responsibility  Direct link between physical and IT security  Supply chain & 3rd party security is critical  How are you going to recover from a cyber attack?
  • 15. Thank you latrobe.edu.au CRICOS Provider 00115M ….a good article to read: HBR Cyber security lessons from the Pentagon, Sept 2015 Michael Fieldhouse +61 421 060 590 michael.fieldhouse@hpe.com Linkedin - https://au.linkedin.com/in/michaelfieldhouse