SlideShare a Scribd company logo

Integrating cybercrime prevention strategies

J
Jacqueline Fick

Integrating the prevention of cybercrime into the overall anti-crime strategies of your organisation. Broad overview of the South African law that applies to cyber. Value of information governance and a hands-on approach to the detection and prevention of cyber crime in your organisation.

BusinessTechnology
1 of 24
www.pwc.com Integrating the prevention of cybercrime into the overall anti-crime strategies of your organisation Africa Cybercrime Security Conference 31 March 2011 Adv Jacqueline Fick
Agenda • Common cybercrimes in South Africa • Getting to grips with the Electronic Communications and Transactions Act • The value of information governance • Implementing a pro-active strategy in your organisation: a hands- on approach to dealing with cybercrime Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 2
Common cybercrimes in South Africa • Unauthorised access (s86(1)) • Unauthorised modification of data and various forms of malicious code (s86(2)) • Denial of Service Attacks (S86(5)) • Devices used to gain unauthorised access to data (s86(4)) • Child pornography • Computer-related fraud • Copyright infringement • Industrial espionage • Piracy • Online gambling (leave to appeal pending) • Phishing/identity theft Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 3
Phishing attacks RSA Online Fraud Reports show that South Africa does not fall within the top ten countries hosting phishing attacks, but features high on the list of top ten countries by attack volume. For thirteen (13) consecutive months the US, UK and South Africa have been the top three targets for mass phishing. (RSA Online Fraud Report – March 2011) RSA statistics for February 2011 Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 4
Getting to grips with the Electronic Communications and Transactions Act, No. 25 of 2002 (ECT Act) Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 5
The ECT ACT 'data message' means data generated, sent, received or stored by electronic means and includes- (a) voice, where the voice is used in an automated transaction; and (b) a stored record; 15 Admissibility and evidential weight of data messages (1) In any legal proceedings, the rules of evidence must not be applied so as to deny the admissibility of a data message, in evidence- (a) on the mere grounds that it is constituted by a data message; or (b) if it is the best evidence that the person adducing it could reasonably be expected to obtain, on the grounds that it is not in its original form. (2) Information in the form of a data message must be given due evidential weight. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 6
The ECT ACT In assessing the evidential weight of a data message, regard must be had to- (a) the reliability of the manner in which the data message was generated, stored or communicated; (b) the reliability of the manner in which the integrity of the data message was maintained; (c) the manner in which its originator was identified; and (d) any other relevant factor. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 7
CHAPTER XIII: ECT ACT 'access' includes the actions of a person who, after taking note of any data, becomes aware of the fact that he or she is not authorised to access that data and still continues to access that data. 86 Unauthorised access to, interception of or interference with data (1) Subject to the Interception and Monitoring Prohibition Act, 1992, (Act 129 of 1992) a person who intentionally accesses or intercepts any data without authority or permission to do so, is guilty of an offence. (2) A person who intentionally and without authority to do so, interferes with data in a way which causes such data to be modified, destroyed or otherwise rendered ineffective, is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 8
CHAPTER XIII: ECT ACT (3) A person who unlawfully produces, sells, offers to sell, procures for use, designs, adapts for use, distributes or possesses any device, including a computer program or a component, which is designed primarily to overcome security measures for the protection of data, or performs any of those acts with regard to a password, access code or any other similar kind of data with the intent to unlawfully utilise such item to contravene this section, is guilty of an offence. (4) A person who utilises any device or computer program mentioned in subsection (3) in order to unlawfully overcome security measures designed to protect such data or access thereto, is guilty of an offence. (5) A person who commits any act described in this section with the intent to interfere with access to an information system so as to constitute a denial, including a partial denial, of service to legitimate users is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 9
CHAPTER XIII: ECT ACT 87 Computer-related extortion, fraud and forgery (1) A person who performs or threatens to perform any of the acts described in section 86, for the purpose of obtaining any unlawful proprietary advantage by undertaking to cease or desist from such action, or by undertaking to restore any damage caused as a result of those actions, is guilty of an offence. (2) A person who performs any of the acts described in section 86 for the purpose of obtaining any unlawful advantage by causing fake data to be produced with the intent that it be considered or acted upon as if it were authentic, is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 10
The value of good information governance Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 11
The value of good information governance • IT is the foundation on which we operate our businesses and information is fast becoming the most valuable asset an organisation has. • The value of information has also led to businesses focusing more on the information or data they host, process or use than on the technology employed to perform these functions. • Need for risk management. • The IT risk environment is influenced by both internal and external factors and measures must be put in place to ensure the protection, confidentiality, availability and authenticity of information, to govern the use of external service providers to host/process data, to regulate the access to company networks from remote locations and off course, to be sensitive to the threat of cyber attacks such as hacking, identity theft, cyber espionage, denial of service attacks, computer- related fraud and extortion. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 12
Definitions Information Governance • King III: … an emerging discipline with an evolving definition. • Wikipedia: … a set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information on all media in such a way that it supports the organisations immediate and future regulatory, legal, risk, environmental and operational requirements. • …an enterprise-wide strategy and framework that establishes the policies, responsibilities and decision-making processes controlling the use of information owned, or accessed by a business. The goal should be to balance risk avoidance, cost reduction and increased business value. Information Governance should also be structured in such a way as to easily adapt to organisational demands, changes in technology and be flexible to provide for new information. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 13
The value of good information governance • Information governance involves a balanced approach designed to meet the needs of the organisation and all of its stakeholders, including its customers, shareholders and regulators. Furthermore, information governance is one component of an organisation’s wider enterprise information management strategy, which itself should be directly aligned with the overall business strategy. (SAS White Paper http://www.eurim.org.uk/activities/ig/SAS_WhitePaper.pdf) Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 14
Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 15
Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Cyber security is just as important as physical security. • Relationship between physical and network security. • Know and understand your organisation: • This includes an understanding of the external environment and the threats facing the organisation. It also refers to a thorough understanding of the internal environment and the way the organisation operates – its employees, levels of staff morale, business partners of the organisation, service providers, etc. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 16
Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Define security roles and responsibilities: • Although security should be everyone within an organisation’s concern, ownership of information security should be assigned to specific individuals, coupled with the necessary levels of authority and accountability. To assist with the process it is recommended that security roles and responsibilities be incorporated into job descriptions and that performance in terms of these areas be measured accordingly. • Ensure that you have proper policies and procedures in place for the use of IT. • Establish clear processes to enable end-users to report suspected cybercrimes. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 17
Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Effective public private partnerships: • The effective control of cybercrime requires more than just cooperation between public and private security agencies. The role of the communications and IT industries in designing products that are resistant to crime and that facilitate detection and investigation is also of critical importance. To effectively address cyber crime also calls for a less re-active and more pro- active approach to the prevention, detection, investigation and prosecution of these crimes. • Value of intelligence: Exchange information with law enforcement agencies. Know your opponent and use the information to develop and update security policies. Think like a hacker. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 18
Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Stay up to date: • Maintain awareness of new developments in both technology and services. Use a risk-based approach to determine when it would be necessary to upgrade or adapt current systems and processes to accommodate new developments. • Continuous auditing and assessment of process: • It is recommended that a process of continuous auditing be implemented to ensure that the strategy remains aligned to business objectives, adapts to changes in technology or identified threats, and to allow for the analysis of information that is gathered from the different implemented controls. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 19
Practical Guidelines and Tips • Email is more than messages. It contains personal information, contact lists, sensitive company information, etc. Email policies: • Do not open suspicious emails. • Use spam filters. • Encrypt important files or records. • Choose complex passwords and change your password regularly. The Post-it problem. • Back up regularly. • Install powerful anti-virus and firewall software and keep it up to date. Regularly update security patches. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 20
Practical Guidelines and Tips • Create good habits such as deleting your temporary internet files and cookies. This protects against hackers who can access your accounts from where you have been on the internet. • Turn off your computer and modem/disconnect from the internet when not in use. • Know what information you have, where it is stored and who has access thereto. • Be wary to provide personal information via a website you are not familiar with. • Never allow strange or unfamiliar individuals to use your computer, not even if they say they are from the IT department! Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 21
Practical Guidelines and Tips • Educate users: • Teach IT users how to identify cyber threats and how to respond. • Share security information with all users of IT in the organisation. • Read up on the latest ways hackers create phishing scams to gain access to your personal information. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 22
In summary • Organisations need to realise the true value of information. • Cyber criminals steal information. • We can only effectively combat cybercrime if we share information and collaborate. • Know your opponent. • Be pro-active and not re-active. • Implement good information governance principles in your organisation. • Educate all IT users. • Protect your information with the same vigour as you protect physical property, brand names, money, etc! Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 23
“Success in preventing cyber attacks depends as much on knowing what to look for as it does on rolling out the right security.” (Howard Schmidt, ComputerWeekly.com 27 March 2009) This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PwC, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2011 PricewaterhouseCoopers (“PwC”), the South African firm. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers in South Africa, which is a member firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity and does not act as an agent of PwCIL.

Recommended

Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Jacqueline Fick
 
Advanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionAdvanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionUlf Mattsson
 
Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Povo News
 
#CyberSafeLambeth
#CyberSafeLambeth#CyberSafeLambeth
#CyberSafeLambethThe Integrate Agency CIC
 
Data privacy & social media
Data privacy & social mediaData privacy & social media
Data privacy & social mediaProf. Jacques Folon (Ph.D)
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data PrivacyMaganathin Veeraragaloo
 
Privacy trends 2011
Privacy trends 2011Privacy trends 2011
Privacy trends 2011Vladimir Matviychuk
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningUlf Mattsson
 

Recommended

Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Jacqueline Fick
 
Advanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionAdvanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionUlf Mattsson
 
Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Povo News
 
#CyberSafeLambeth
#CyberSafeLambeth#CyberSafeLambeth
#CyberSafeLambethThe Integrate Agency CIC
 
Data privacy & social media
Data privacy & social mediaData privacy & social media
Data privacy & social mediaProf. Jacques Folon (Ph.D)
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data PrivacyMaganathin Veeraragaloo
 
Privacy trends 2011
Privacy trends 2011Privacy trends 2011
Privacy trends 2011Vladimir Matviychuk
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningUlf Mattsson
 
Mon cirt khaltar
Mon cirt khaltarMon cirt khaltar
Mon cirt khaltarKhaltar Togtuun
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 
SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)James Neo
 
Finding balance in the age of open data
Finding balance in the age of open dataFinding balance in the age of open data
Finding balance in the age of open dataCaribbean Open Data Conference & Code Sprint
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraKapil Mehrotra
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...David Cunningham
 
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianHow to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianPECB
 
Improve Cybersecurity Education Or Awareness Training
Improve Cybersecurity Education Or Awareness TrainingImprove Cybersecurity Education Or Awareness Training
Improve Cybersecurity Education Or Awareness TrainingTriskele Labs
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSInteraktiv
 
Cybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditorCybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditorKhalizan Halid
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesUlf Mattsson
 
Tufin white paper v1 dcr final
Tufin white paper v1 dcr final Tufin white paper v1 dcr final
Tufin white paper v1 dcr final Clive Freedman
 
Connect And Protect
Connect And ProtectConnect And Protect
Connect And ProtectFuture Position X
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacyrajab ssemwogerere
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
How your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacyHow your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacyTechSoup Canada
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodmanjonneiditz
 
Aquilux, PVC alvéolaire
Aquilux, PVC alvéolaireAquilux, PVC alvéolaire
Aquilux, PVC alvéolaireWilliam Blair
 
Evaluation Question 1
Evaluation Question 1Evaluation Question 1
Evaluation Question 1remuslupinsbutt
 

More Related Content

What's hot

May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 
SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)James Neo
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraKapil Mehrotra
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...David Cunningham
 
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianHow to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianPECB
 
Improve Cybersecurity Education Or Awareness Training
Improve Cybersecurity Education Or Awareness TrainingImprove Cybersecurity Education Or Awareness Training
Improve Cybersecurity Education Or Awareness TrainingTriskele Labs
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSInteraktiv
 
Cybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditorCybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditorKhalizan Halid
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesUlf Mattsson
 
Tufin white paper v1 dcr final
Tufin white paper v1 dcr final Tufin white paper v1 dcr final
Tufin white paper v1 dcr final Clive Freedman
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
How your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacyHow your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacyTechSoup Canada
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodmanjonneiditz
 

What's hot (20)

Mon cirt khaltar
Mon cirt khaltarMon cirt khaltar
Mon cirt khaltar
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)
 
Finding balance in the age of open data
Finding balance in the age of open dataFinding balance in the age of open data
Finding balance in the age of open data
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
 
Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil Mehrotra
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...
 
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianHow to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
 
Improve Cybersecurity Education Or Awareness Training
Improve Cybersecurity Education Or Awareness TrainingImprove Cybersecurity Education Or Awareness Training
Improve Cybersecurity Education Or Awareness Training
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debate
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMS
 
Cybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditorCybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditor
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniques
 
Tufin white paper v1 dcr final
Tufin white paper v1 dcr final Tufin white paper v1 dcr final
Tufin white paper v1 dcr final
 
Connect And Protect
Connect And ProtectConnect And Protect
Connect And Protect
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
 
How your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacyHow your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacy
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodman
 

Viewers also liked

Aquilux, PVC alvéolaire
Aquilux, PVC alvéolaireAquilux, PVC alvéolaire
Aquilux, PVC alvéolaireWilliam Blair
 
Paneer butter masala – a mouth watering delicacy
Paneer butter masala – a mouth watering delicacyPaneer butter masala – a mouth watering delicacy
Paneer butter masala – a mouth watering delicacysahiltandon14
 
Analysis_Gui-eps-converted-to
Analysis_Gui-eps-converted-toAnalysis_Gui-eps-converted-to
Analysis_Gui-eps-converted-toCédric Camier
 
ESRA IRS Briefing 20150519
ESRA IRS Briefing 20150519ESRA IRS Briefing 20150519
ESRA IRS Briefing 20150519K6 Partners
 
Ideaworks Solutions Pvt Ltd- Mobile Application Development
Ideaworks Solutions Pvt Ltd- Mobile Application DevelopmentIdeaworks Solutions Pvt Ltd- Mobile Application Development
Ideaworks Solutions Pvt Ltd- Mobile Application DevelopmentKamal Singh
 
Chana masala a lip smacking indian recipe
Chana masala a lip smacking indian recipeChana masala a lip smacking indian recipe
Chana masala a lip smacking indian recipesahiltandon14
 
Presentació De L'amistat
Presentació De L'amistat Presentació De L'amistat
Presentació De L'amistat fischerc
 
Nme music mag analysis ppt
Nme music mag analysis pptNme music mag analysis ppt
Nme music mag analysis ppt10-klam
 
S&I - ICDC - La durée d'inscription à Pôle emploi au 3è trimestre 2016
S&I - ICDC - La durée d'inscription à Pôle emploi au 3è trimestre 2016S&I - ICDC - La durée d'inscription à Pôle emploi au 3è trimestre 2016
S&I - ICDC - La durée d'inscription à Pôle emploi au 3è trimestre 2016France Travail
 
Taux de couverture par l'indemnisation des demandeurs d'emploi : situation au...
Taux de couverture par l'indemnisation des demandeurs d'emploi : situation au...Taux de couverture par l'indemnisation des demandeurs d'emploi : situation au...
Taux de couverture par l'indemnisation des demandeurs d'emploi : situation au...France Travail
 

Viewers also liked (17)

Aquilux, PVC alvéolaire
Aquilux, PVC alvéolaireAquilux, PVC alvéolaire
Aquilux, PVC alvéolaire
 
Evaluation Question 1
Evaluation Question 1Evaluation Question 1
Evaluation Question 1
 
Paneer butter masala – a mouth watering delicacy
Paneer butter masala – a mouth watering delicacyPaneer butter masala – a mouth watering delicacy
Paneer butter masala – a mouth watering delicacy
 
Lectura i biblioteques a l'era digital
Lectura i biblioteques a l'era digitalLectura i biblioteques a l'era digital
Lectura i biblioteques a l'era digital
 
Dr Madhusmita 15
Dr Madhusmita 15Dr Madhusmita 15
Dr Madhusmita 15
 
Analysis_Gui-eps-converted-to
Analysis_Gui-eps-converted-toAnalysis_Gui-eps-converted-to
Analysis_Gui-eps-converted-to
 
insight
insightinsight
insight
 
ESRA IRS Briefing 20150519
ESRA IRS Briefing 20150519ESRA IRS Briefing 20150519
ESRA IRS Briefing 20150519
 
PosterICAD_4
PosterICAD_4PosterICAD_4
PosterICAD_4
 
Ideaworks Solutions Pvt Ltd- Mobile Application Development
Ideaworks Solutions Pvt Ltd- Mobile Application DevelopmentIdeaworks Solutions Pvt Ltd- Mobile Application Development
Ideaworks Solutions Pvt Ltd- Mobile Application Development
 
Chana masala a lip smacking indian recipe
Chana masala a lip smacking indian recipeChana masala a lip smacking indian recipe
Chana masala a lip smacking indian recipe
 
Nitazoxanide 55981-09-4-api
Nitazoxanide 55981-09-4-apiNitazoxanide 55981-09-4-api
Nitazoxanide 55981-09-4-api
 
Presentació De L'amistat
Presentació De L'amistat Presentació De L'amistat
Presentació De L'amistat
 
Raid
RaidRaid
Raid
 
Nme music mag analysis ppt
Nme music mag analysis pptNme music mag analysis ppt
Nme music mag analysis ppt
 
S&I - ICDC - La durée d'inscription à Pôle emploi au 3è trimestre 2016
S&I - ICDC - La durée d'inscription à Pôle emploi au 3è trimestre 2016S&I - ICDC - La durée d'inscription à Pôle emploi au 3è trimestre 2016
S&I - ICDC - La durée d'inscription à Pôle emploi au 3è trimestre 2016
 
Taux de couverture par l'indemnisation des demandeurs d'emploi : situation au...
Taux de couverture par l'indemnisation des demandeurs d'emploi : situation au...Taux de couverture par l'indemnisation des demandeurs d'emploi : situation au...
Taux de couverture par l'indemnisation des demandeurs d'emploi : situation au...
 

Similar to Integrating cybercrime prevention strategies

Understanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisationUnderstanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisationJacqueline Fick
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy IntroductionG Prachi
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013Vidushi Singh
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesingsegughana
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeDeepak Kumar (D3)
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureLee Dalton
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyShiva Bissessar
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
Get The Information Here For Mobile Phone Investigation Tools
Get The Information Here For Mobile Phone Investigation ToolsGet The Information Here For Mobile Phone Investigation Tools
Get The Information Here For Mobile Phone Investigation ToolsParaben Corporation
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIAAnish Rai
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
A proposed model_for_cybercrime_detectio
A proposed model_for_cybercrime_detectioA proposed model_for_cybercrime_detectio
A proposed model_for_cybercrime_detectioHossam Al-Ansary
 
Behavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationBehavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationAIRCC Publishing Corporation
 
Behavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationBehavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationAIRCC Publishing Corporation
 
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATIONBEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATIONAIRCC Publishing Corporation
 
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdfBelayet Hossain
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentIJERD Editor
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security Wee Tang
 

Similar to Integrating cybercrime prevention strategies (20)

Understanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisationUnderstanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisation
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy Introduction
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesing
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber Crime
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochure
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
 
Get The Information Here For Mobile Phone Investigation Tools
Get The Information Here For Mobile Phone Investigation ToolsGet The Information Here For Mobile Phone Investigation Tools
Get The Information Here For Mobile Phone Investigation Tools
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
 
Ethiopia reba paper
Ethiopia reba paperEthiopia reba paper
Ethiopia reba paper
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
A proposed model_for_cybercrime_detectio
A proposed model_for_cybercrime_detectioA proposed model_for_cybercrime_detectio
A proposed model_for_cybercrime_detectio
 
Behavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationBehavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics Application
 
Behavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationBehavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics Application
 
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATIONBEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
 
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security
 

More from Jacqueline Fick

Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringJacqueline Fick
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaJacqueline Fick
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile LawJacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Jacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsJacqueline Fick
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in GovernmentJacqueline Fick
 

More from Jacqueline Fick (8)

Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeering
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile Law
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber Syndicate
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber Syndicate
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnerships
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in Government
 

Recently uploaded

VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsMichael W. Hawkins
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfOnline Income Engine
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
A305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdfA305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdftbatkhuu1
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 

Recently uploaded (20)

VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdf
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
A305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdfA305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdf
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 

Integrating cybercrime prevention strategies

  • 1. www.pwc.com Integrating the prevention of cybercrime into the overall anti-crime strategies of your organisation Africa Cybercrime Security Conference 31 March 2011 Adv Jacqueline Fick
  • 2. Agenda • Common cybercrimes in South Africa • Getting to grips with the Electronic Communications and Transactions Act • The value of information governance • Implementing a pro-active strategy in your organisation: a hands- on approach to dealing with cybercrime Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 2
  • 3. Common cybercrimes in South Africa • Unauthorised access (s86(1)) • Unauthorised modification of data and various forms of malicious code (s86(2)) • Denial of Service Attacks (S86(5)) • Devices used to gain unauthorised access to data (s86(4)) • Child pornography • Computer-related fraud • Copyright infringement • Industrial espionage • Piracy • Online gambling (leave to appeal pending) • Phishing/identity theft Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 3
  • 4. Phishing attacks RSA Online Fraud Reports show that South Africa does not fall within the top ten countries hosting phishing attacks, but features high on the list of top ten countries by attack volume. For thirteen (13) consecutive months the US, UK and South Africa have been the top three targets for mass phishing. (RSA Online Fraud Report – March 2011) RSA statistics for February 2011 Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 4
  • 5. Getting to grips with the Electronic Communications and Transactions Act, No. 25 of 2002 (ECT Act) Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 5
  • 6. The ECT ACT 'data message' means data generated, sent, received or stored by electronic means and includes- (a) voice, where the voice is used in an automated transaction; and (b) a stored record; 15 Admissibility and evidential weight of data messages (1) In any legal proceedings, the rules of evidence must not be applied so as to deny the admissibility of a data message, in evidence- (a) on the mere grounds that it is constituted by a data message; or (b) if it is the best evidence that the person adducing it could reasonably be expected to obtain, on the grounds that it is not in its original form. (2) Information in the form of a data message must be given due evidential weight. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 6
  • 7. The ECT ACT In assessing the evidential weight of a data message, regard must be had to- (a) the reliability of the manner in which the data message was generated, stored or communicated; (b) the reliability of the manner in which the integrity of the data message was maintained; (c) the manner in which its originator was identified; and (d) any other relevant factor. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 7
  • 8. CHAPTER XIII: ECT ACT 'access' includes the actions of a person who, after taking note of any data, becomes aware of the fact that he or she is not authorised to access that data and still continues to access that data. 86 Unauthorised access to, interception of or interference with data (1) Subject to the Interception and Monitoring Prohibition Act, 1992, (Act 129 of 1992) a person who intentionally accesses or intercepts any data without authority or permission to do so, is guilty of an offence. (2) A person who intentionally and without authority to do so, interferes with data in a way which causes such data to be modified, destroyed or otherwise rendered ineffective, is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 8
  • 9. CHAPTER XIII: ECT ACT (3) A person who unlawfully produces, sells, offers to sell, procures for use, designs, adapts for use, distributes or possesses any device, including a computer program or a component, which is designed primarily to overcome security measures for the protection of data, or performs any of those acts with regard to a password, access code or any other similar kind of data with the intent to unlawfully utilise such item to contravene this section, is guilty of an offence. (4) A person who utilises any device or computer program mentioned in subsection (3) in order to unlawfully overcome security measures designed to protect such data or access thereto, is guilty of an offence. (5) A person who commits any act described in this section with the intent to interfere with access to an information system so as to constitute a denial, including a partial denial, of service to legitimate users is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 9
  • 10. CHAPTER XIII: ECT ACT 87 Computer-related extortion, fraud and forgery (1) A person who performs or threatens to perform any of the acts described in section 86, for the purpose of obtaining any unlawful proprietary advantage by undertaking to cease or desist from such action, or by undertaking to restore any damage caused as a result of those actions, is guilty of an offence. (2) A person who performs any of the acts described in section 86 for the purpose of obtaining any unlawful advantage by causing fake data to be produced with the intent that it be considered or acted upon as if it were authentic, is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 10
  • 11. The value of good information governance Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 11
  • 12. The value of good information governance • IT is the foundation on which we operate our businesses and information is fast becoming the most valuable asset an organisation has. • The value of information has also led to businesses focusing more on the information or data they host, process or use than on the technology employed to perform these functions. • Need for risk management. • The IT risk environment is influenced by both internal and external factors and measures must be put in place to ensure the protection, confidentiality, availability and authenticity of information, to govern the use of external service providers to host/process data, to regulate the access to company networks from remote locations and off course, to be sensitive to the threat of cyber attacks such as hacking, identity theft, cyber espionage, denial of service attacks, computer- related fraud and extortion. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 12
  • 13. Definitions Information Governance • King III: … an emerging discipline with an evolving definition. • Wikipedia: … a set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information on all media in such a way that it supports the organisations immediate and future regulatory, legal, risk, environmental and operational requirements. • …an enterprise-wide strategy and framework that establishes the policies, responsibilities and decision-making processes controlling the use of information owned, or accessed by a business. The goal should be to balance risk avoidance, cost reduction and increased business value. Information Governance should also be structured in such a way as to easily adapt to organisational demands, changes in technology and be flexible to provide for new information. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 13
  • 14. The value of good information governance • Information governance involves a balanced approach designed to meet the needs of the organisation and all of its stakeholders, including its customers, shareholders and regulators. Furthermore, information governance is one component of an organisation’s wider enterprise information management strategy, which itself should be directly aligned with the overall business strategy. (SAS White Paper http://www.eurim.org.uk/activities/ig/SAS_WhitePaper.pdf) Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 14
  • 15. Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 15
  • 16. Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Cyber security is just as important as physical security. • Relationship between physical and network security. • Know and understand your organisation: • This includes an understanding of the external environment and the threats facing the organisation. It also refers to a thorough understanding of the internal environment and the way the organisation operates – its employees, levels of staff morale, business partners of the organisation, service providers, etc. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 16
  • 17. Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Define security roles and responsibilities: • Although security should be everyone within an organisation’s concern, ownership of information security should be assigned to specific individuals, coupled with the necessary levels of authority and accountability. To assist with the process it is recommended that security roles and responsibilities be incorporated into job descriptions and that performance in terms of these areas be measured accordingly. • Ensure that you have proper policies and procedures in place for the use of IT. • Establish clear processes to enable end-users to report suspected cybercrimes. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 17
  • 18. Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Effective public private partnerships: • The effective control of cybercrime requires more than just cooperation between public and private security agencies. The role of the communications and IT industries in designing products that are resistant to crime and that facilitate detection and investigation is also of critical importance. To effectively address cyber crime also calls for a less re-active and more pro- active approach to the prevention, detection, investigation and prosecution of these crimes. • Value of intelligence: Exchange information with law enforcement agencies. Know your opponent and use the information to develop and update security policies. Think like a hacker. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 18
  • 19. Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Stay up to date: • Maintain awareness of new developments in both technology and services. Use a risk-based approach to determine when it would be necessary to upgrade or adapt current systems and processes to accommodate new developments. • Continuous auditing and assessment of process: • It is recommended that a process of continuous auditing be implemented to ensure that the strategy remains aligned to business objectives, adapts to changes in technology or identified threats, and to allow for the analysis of information that is gathered from the different implemented controls. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 19
  • 20. Practical Guidelines and Tips • Email is more than messages. It contains personal information, contact lists, sensitive company information, etc. Email policies: • Do not open suspicious emails. • Use spam filters. • Encrypt important files or records. • Choose complex passwords and change your password regularly. The Post-it problem. • Back up regularly. • Install powerful anti-virus and firewall software and keep it up to date. Regularly update security patches. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 20
  • 21. Practical Guidelines and Tips • Create good habits such as deleting your temporary internet files and cookies. This protects against hackers who can access your accounts from where you have been on the internet. • Turn off your computer and modem/disconnect from the internet when not in use. • Know what information you have, where it is stored and who has access thereto. • Be wary to provide personal information via a website you are not familiar with. • Never allow strange or unfamiliar individuals to use your computer, not even if they say they are from the IT department! Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 21
  • 22. Practical Guidelines and Tips • Educate users: • Teach IT users how to identify cyber threats and how to respond. • Share security information with all users of IT in the organisation. • Read up on the latest ways hackers create phishing scams to gain access to your personal information. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 22
  • 23. In summary • Organisations need to realise the true value of information. • Cyber criminals steal information. • We can only effectively combat cybercrime if we share information and collaborate. • Know your opponent. • Be pro-active and not re-active. • Implement good information governance principles in your organisation. • Educate all IT users. • Protect your information with the same vigour as you protect physical property, brand names, money, etc! Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation March 2011 PwC 23
  • 24. “Success in preventing cyber attacks depends as much on knowing what to look for as it does on rolling out the right security.” (Howard Schmidt, ComputerWeekly.com 27 March 2009) This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PwC, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2011 PricewaterhouseCoopers (“PwC”), the South African firm. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers in South Africa, which is a member firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity and does not act as an agent of PwCIL.