Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
1
IT advisory
Cyber Security – Why I Should
(or Shouldn’t) be Worried
Rodney Murray
Douglas Jambor
2
IT advisory
Agenda
 Brief Look at Current Data Breach Trends
 Security Incidents – What are we seeing?
 Common Scenar...
3
IT advisory
Firm Overview
4
IT advisory
Data Breach Trends
5
IT advisory
Recent Statistics
728
829
1099
1662
1531
1264
0
200
400
600
800
1000
1200
1400
1600
1800
2009 2010 2011 2012...
6
IT advisory
Recent Statistics
6%
8%
10%
11%
37%
Financial
Govt. & Public Sector
Education
Retail
Healthcare
Top 5 Sector...
7
IT advisory
Recent Statistics
$155
$165
$179
$215
$220
$300
$363
Industrial
Retail
Communications
Financial
Pharmaceutic...
8
IT advisory
Recent Statistics
Average Time to Identify
a Breach
206 days
Source: 2015 Verizon Data Breach Report
Ransomw...
9
IT advisory
Recent Statistics
Breach Root Causes 2015
Malicious or Criminal Attack
System Glitch
Human Error
Source: Pon...
10
IT advisory
Recent Statistics
Source: Hackmageddon.com
Cyber
Espionage
11%
Hacktivisim
22%
Cyber Crime
67%
11
IT advisory
Recent Statistics
Source: Health and Human Services
Improper Disposal
5%
Hacking/IT
Incident
7%
Loss
14%
Th...
12
IT advisory
Recent Statistics
Source: http://datalossdb.org/statistics
13
IT advisory
Recent Statistics
Source: http://datalossdb.org/statistics
14
IT advisory
Recent Statistics
Source: http://datalossdb.org/statistics
15
IT advisory
Recent Known Breaches
Target Michaels
Neiman Marcus AOL
Experian PF Chang’s
Humana – Atlanta JP Morgan Chas...
16
IT advisory
Additional Breach Examples
www.privacyrights.org
Insurance Vendor inadvertent file access Unknown
Capital M...
17
IT advisory
Data Mobility
 2 of 5 employees download work files to
personal devices
 2 of 5 employees plan to use old...
18
IT advisory
Increasing Compliance Demands
Financial Institutions / Public Companies
Gramm-Leach-Bliley
PCI – Credit and...
19
IT advisory
What can I do?
Question – If someone was trying to breach
your systems today …
WHO WOULD BE THE FIRST TO NO...
20
IT advisory
Unanticipated Costs
 Investigation Costs
 Regulatory / Industry Fines or Penalties
 Remediation / Infras...
21
IT advisory
Security Incidents
What are we seeing?
22
IT advisory
 76% of network intrusions exploited weak
or stolen credentials
 40% incorporated malware
 35% involved ...
23
IT advisory
Greed
Cybercrime Lifecycle
24
IT advisory
Victim Identification
 Sea of opportunity = 1 out of every 7 people
have data worth targeting
 1 Billion ...
25
IT advisory
Propagation
 In the past, we saw hackers grabbing the
databases or flat files and leaving
 Now, we see ha...
26
IT advisory
Data Exfiltration
 Using advance techniques to exfiltrate data
 Encryption
Buyer Identification
 Web for...
27
IT advisory
Recycling
 The organization reinvests their $$$
 Recycle tools and techniques learned
 Re-implement thes...
28
IT advisory
Data Exfiltration Complete
29
IT advisory
Hackers View of Your Network
30
IT advisory
Hackers View of Your Network
31
IT advisory
Hackers View of Your Network
32
IT advisory
Hackers View of Your Network
33
IT advisory
Hackers View of Your Network
34
IT advisory
Hackers View of Your Network
35
IT advisory
Hackers View of Your Network
36
IT advisory
Hackers View of Your Network
37
IT advisory
Hackers View of Your Network
38
IT advisory
Game, Set, Match
39
IT advisory
Common Scenarios
40
IT advisory
Common Scenario
 Sluggish Internet
 Strange messages / prompts
 Minor file / folder changes and addition...
41
IT advisory
Common Scenario
 Multiple file transfer / receipt methods
 Weak remote access controls
 Limited / part-t...
42
IT advisory
Common Scenario
 Use of small third party company for IT
support – NO SECURITY FOCUS!
 Outdated software ...
43
IT advisory
Common Scenario
 Visitors / non-employees not challenged
when onsite
 Data on printers?
 Workstations?
...
44
IT advisory
Common Results
 Nuisance viruses
 Key logger on individual machines
 Botnet sending data outside of the ...
45
IT advisory
Benefits of a Security
Assessment
46
IT advisory
Information Protection Life Cycle
47
IT advisory
Data Security and Privacy
48
IT advisory
Questions
49
IT advisory
For More Information / Assistance:
Rodney Murray
rodney.murray@dhgllp.com
Douglas Jambor
douglas.jambor@dhg...
Upcoming SlideShare
Loading in …5
×

Cybersecurity Presentation 6-11-15

651 views

Published on

  • Be the first to comment

  • Be the first to like this

Cybersecurity Presentation 6-11-15

  1. 1. 1 IT advisory Cyber Security – Why I Should (or Shouldn’t) be Worried Rodney Murray Douglas Jambor
  2. 2. 2 IT advisory Agenda  Brief Look at Current Data Breach Trends  Security Incidents – What are we seeing?  Common Scenarios  Benefits of a Security Assessment
  3. 3. 3 IT advisory Firm Overview
  4. 4. 4 IT advisory Data Breach Trends
  5. 5. 5 IT advisory Recent Statistics 728 829 1099 1662 1531 1264 0 200 400 600 800 1000 1200 1400 1600 1800 2009 2010 2011 2012 2013 2014 Source: http://datalossdb.org/statistics
  6. 6. 6 IT advisory Recent Statistics 6% 8% 10% 11% 37% Financial Govt. & Public Sector Education Retail Healthcare Top 5 Sectors Breached by Number of Incidents Source: 2015 Symantec Internet Threat Report
  7. 7. 7 IT advisory Recent Statistics $155 $165 $179 $215 $220 $300 $363 Industrial Retail Communications Financial Pharmaceuticals Education Health Breach Cost Per Capita 2014 Source: Ponemon Institute 2015 Cost of Data Breach Study
  8. 8. 8 IT advisory Recent Statistics Average Time to Identify a Breach 206 days Source: 2015 Verizon Data Breach Report Ransomware 113%
  9. 9. 9 IT advisory Recent Statistics Breach Root Causes 2015 Malicious or Criminal Attack System Glitch Human Error Source: Ponemon Institute 2015 Cost of Data Breach Study 47% 25% 29%
  10. 10. 10 IT advisory Recent Statistics Source: Hackmageddon.com Cyber Espionage 11% Hacktivisim 22% Cyber Crime 67%
  11. 11. 11 IT advisory Recent Statistics Source: Health and Human Services Improper Disposal 5% Hacking/IT Incident 7% Loss 14% Theft 51% Unknown 3% Unauthorized Access 20% Types of Breaches 500+
  12. 12. 12 IT advisory Recent Statistics Source: http://datalossdb.org/statistics
  13. 13. 13 IT advisory Recent Statistics Source: http://datalossdb.org/statistics
  14. 14. 14 IT advisory Recent Statistics Source: http://datalossdb.org/statistics
  15. 15. 15 IT advisory Recent Known Breaches Target Michaels Neiman Marcus AOL Experian PF Chang’s Humana – Atlanta JP Morgan Chase Home Depot Jimmy John’s Anthem Federal Gov’t SC Department of Revenue NC Department of Transportation
  16. 16. 16 IT advisory Additional Breach Examples www.privacyrights.org Insurance Vendor inadvertent file access Unknown Capital Management Undetected hack accessed databases 800 Insurance Forms sent to DOL posted to public site Unknown Credit Union File published on website 39,000 Investment Management COBRA database accessed Unknown NASDAQ Malware installed between 11/08 & 10/10 Unknown Bank Malware on employees computer 115,775 Bank Data not redacted for court records 146,000 Bank Backup tapes missing during transport Unknown
  17. 17. 17 IT advisory Data Mobility  2 of 5 employees download work files to personal devices  2 of 5 employees plan to use old company data in new jobs  56% of employees do not believe it is a crime to use a competitor’s trade secrets  68% say their company does not take steps to deter data leakage - Symantec study
  18. 18. 18 IT advisory Increasing Compliance Demands Financial Institutions / Public Companies Gramm-Leach-Bliley PCI – Credit and debit card data HIPAA – healthcare / patient data FISMA - Federal Government Contractors Large / public customer requirements Service Organization Controls Reporting Individual state requirements
  19. 19. 19 IT advisory What can I do? Question – If someone was trying to breach your systems today … WHO WOULD BE THE FIRST TO NOTICE IT? Determined by People, Process, Technology in place Reducing risk will require investment …  Skillsets / resources  Software / hardware solutions  Third party relationships for monitoring
  20. 20. 20 IT advisory Unanticipated Costs  Investigation Costs  Regulatory / Industry Fines or Penalties  Remediation / Infrastructure Change Costs  Brand Damage
  21. 21. 21 IT advisory Security Incidents What are we seeing?
  22. 22. 22 IT advisory  76% of network intrusions exploited weak or stolen credentials  40% incorporated malware  35% involved physical attacks  29% leveraged social tactics  13% resulted from privilege misuse and abuse - Symantec study Cybercrime Lifecycle
  23. 23. 23 IT advisory Greed Cybercrime Lifecycle
  24. 24. 24 IT advisory Victim Identification  Sea of opportunity = 1 out of every 7 people have data worth targeting  1 Billion targets worldwide Infiltration  Using the low hanging fruit exploit methods  Not burning Zero-days exploits Cybercrime Lifecycle
  25. 25. 25 IT advisory Propagation  In the past, we saw hackers grabbing the databases or flat files and leaving  Now, we see hackers latching on data sources and persisting Aggregation  Exploit a server or workstation in a Business’ internal network  This device become an aggregation point for data collection Cybercrime Lifecycle
  26. 26. 26 IT advisory Data Exfiltration  Using advance techniques to exfiltrate data  Encryption Buyer Identification  Web forums  Sometimes up 10,000 users  Liquidate the data and collect the cash Cybercrime Lifecycle
  27. 27. 27 IT advisory Recycling  The organization reinvests their $$$  Recycle tools and techniques learned  Re-implement these tools, techniques and lessons learned against the next victim Cybercrime Lifecycle
  28. 28. 28 IT advisory Data Exfiltration Complete
  29. 29. 29 IT advisory Hackers View of Your Network
  30. 30. 30 IT advisory Hackers View of Your Network
  31. 31. 31 IT advisory Hackers View of Your Network
  32. 32. 32 IT advisory Hackers View of Your Network
  33. 33. 33 IT advisory Hackers View of Your Network
  34. 34. 34 IT advisory Hackers View of Your Network
  35. 35. 35 IT advisory Hackers View of Your Network
  36. 36. 36 IT advisory Hackers View of Your Network
  37. 37. 37 IT advisory Hackers View of Your Network
  38. 38. 38 IT advisory Game, Set, Match
  39. 39. 39 IT advisory Common Scenarios
  40. 40. 40 IT advisory Common Scenario  Sluggish Internet  Strange messages / prompts  Minor file / folder changes and additions  User / system ID changes and additions  Notification from employees’ banks of suspicious Web logon attempts
  41. 41. 41 IT advisory Common Scenario  Multiple file transfer / receipt methods  Weak remote access controls  Limited / part-time internal IT resources  No proactive monitoring – relying on standard Malware/AV products
  42. 42. 42 IT advisory Common Scenario  Use of small third party company for IT support – NO SECURITY FOCUS!  Outdated software patches / virus signatures  Low level of employee / customer awareness
  43. 43. 43 IT advisory Common Scenario  Visitors / non-employees not challenged when onsite  Data on printers?  Workstations?  Other common vulnerabilities?
  44. 44. 44 IT advisory Common Results  Nuisance viruses  Key logger on individual machines  Botnet sending data outside of the network  Malware  Ransomware
  45. 45. 45 IT advisory Benefits of a Security Assessment
  46. 46. 46 IT advisory Information Protection Life Cycle
  47. 47. 47 IT advisory Data Security and Privacy
  48. 48. 48 IT advisory Questions
  49. 49. 49 IT advisory For More Information / Assistance: Rodney Murray rodney.murray@dhgllp.com Douglas Jambor douglas.jambor@dhgllp.com

×