SlideShare a Scribd company logo

Cyber Security Planning 101

Welch LLP
Welch LLP

To view more great content and the corresponding webinar, please visit www.welchllp.com

Technology
1 of 31
Download to read offline
CYBER SECURITY PLANNING 101
ANDRE W LOSCHM ANN M A RK G A U DE T RYAN VALLE E PANELISTS BRYAN HARALOVICH Partner, Welch LLP President & CTO, Field Effect Software Product Line Manager, CIRA Senior VP, Fully Managed
Cyber Security and SMEs Andrew L os ch ma n n
3 messages for SMEs in 2019: You can do something You are important You have cyber security responsibilities
Message #1 You are important. • Threat actors (“attackers”) are not individuals, they’re organizations. • The motivation is almost always financially motivated. • Like most organizations, they adapt. In 2019, this means automation and scale: Data theft and resale, Credential sales, Ransomware, Financial Redirection… what’s next? If you have any assets, or have the potential to have an asset, you are a target.
Message #2 You have cyber security responsibilities. • Customers • Stakeholders • Regulatory, Industry and other authorities
Message #3 You can do something. • It is not an impossible problem. • Cyber Security threats are well understood at this point, as are effective defence strategies. • This technology, knowledge and process needed to make a real difference is not out of reach. • Believe it or not, the basics matter, and making a mistake on the basics are what will get you into trouble.
Measuring Success Cyber Security is measurable and should: • Be continuous • Improve your network • Lower your risk (and costs)
D-Zone Cybersecurity MARK GAUDET
Organizations have implemented a multiple security tools.
Of organizations reported being compromised last year. This number approaches 100% in larger organizations. 43%
Canadians understand the importance of layers.
DNS as a Layer of Defense Use of DNS Firewalls Could Reduce 33% of All Cybersecurity Breaches.
DNS Firewall as layer of defense
Of malicious data breaches came from a form of cyber-attack that leverages emails, texts, phone calls or even in- person visits. 93%
Only 54 per cent of small businesses provide cybersecurity training for their employees even though the most common form of malware seen by our respondents, phishing attacks (42 per cent), directly exploit employees as a point of weakness. 54% The Human Layer of Defense
Reduction in users clicking on phishing emails after implementing D-Zone Cybersecurity Awareness Training. 3x Transform your users into a human firewall
The most integrated training, phishing simulation, gamification and measurement tool available. D-Zone Cybersecurity Awareness Training Score and measure Ongoing and Remedial Training “Turned cyber risk from something to lose sleep about into something we effectively manage” C-Therm Technologies Awareness Survey Phishing simulation End user training modules and risk analysis
CIRA delivers a family of cybersecurity services to Canadian organizations. D-Zone Anycast DNS Authoritative DNS for your domains  Improve performance with a global footprint  Protect from DNS DDoS and DNS hijacking D-Zone DNS Firewall Recursive DNS with threat blocking  100,000 new threats blocked daily  Stops malware command-and- control D-Zone Cybersecurity Awareness Training Phishing and training for end-users  Most integrated platform available  Reduce user clicks on malware links by 3X
Summary • Defense in Depth • Leverage additional layers • DNS • Staff
Fully Managed – Cyber Security RYAN VAL L EE
Current threats and who they are targeting The Continued Increase in Ransomware. • In 2016, a business fell victim to ransomware every 40 seconds. • 70% of all malware attacks last year were ransomware. • 91% of cyberattacks begin with spear phishing email, which are commonly used to infect organizations with ransomware. Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021, up from $3 trillion in 2015. Ransomware is expected to worsen and make up a proportionately larger share of total cybercrime by 2021.
Weaponization of Artificial Intelligence • Security companies are using AI to protect environments and users, therefore it is certain that the hackers are following suit in their attack methodologies. • Hackers leverage AI in spear phishing exploits to create carefully targeted messages that trick people into sharing sensitive data and installing malware. • AI is used to collect information about a target organization from across the internet, to instigate detailed and targeted exploits, and crack passwords.
Who Are They Targeting? • 71% of ransomware attacks in 2018 targeted small businesses, with an average ransom demand of $116,000 USD. • Consumer-targeted ransomware attacks have declined by 33% since the end of 2018. • Ransomware attacks on business targets have seen a substantial increase in the first quarter of 2019, up by 195 percent since the fourth quarter of 2018. • 16% of cyber-attacks target public sector entities, 15% focus on healthcare organizations, and 10 % of attacks target the financial industry. • • • • • • • • •
Who Are They Targeting? - Continued • As can be seen from the data, public administrations are a very large target and this has been seen with the number of public municipalities which have suffered breaches recently. • “There's over two thousand municipalities in Canada ... they hold a lot of sensitive information on individuals ... on properties, on a lot of transactions. They're very vulnerable.” Dan Mathieson, mayor of Stratford … in a CBC news report after the municipality was hit with ransomware on 14th April 2019.
Best practices in Risk Mitigation (Financial, public and brand damage) HAVE A PLAN CYBERSECURITY INSURANCE CYBERSECURITY PARTNER
Disclosure issues surrounding the Personal Information Protection and Electronic Documents Act (PIPEDA) PIPEDA applies to private-sector organizations across Canada that collect, use or disclose personal information in the course of a commercial activity. As of 1st November 2018, it is mandatory to report to the Privacy Commissioner of Canada breaches of security safeguards involving personal information that pose a real risk of significant harm to individuals. Failure to report such a breach can lead to fines of up to $100,000. (source: Government of Canada & Global News) • • •
W R I T T E N P L A N S Prevention Policy Essential steps for preventing attacks S E C U R I T Y H Y G I E N E B E T T E R A U T H E N T I C A T I O N 2 - F A C T O R A U T H E N T I C A T I O N E D U C A T I O N
Call for help! Business Continuity Plan Steps to take after a cyber attack Disconnect the internet Isolate the Servers Call Insurance Company Execute DR Plan Find Patient Zero Clean the Environment Restore Data and Servers Report the Breach Ongoing impact
ANDRE W LOSCHM ANN M A RK G A U DE T RYAN VALLE E PANELISTS BRYAN HARALOVICH Partner, Welch LLP bharalovich@welchllp.com 613.236.9191 President & CTO, Field Effect Software aloschmann@fieldeffect.com 613.686.6342 Product Line Manager, CIRA mark.gaudet@cira.ca 613.237.5335 Senior VP, Fully Managed Ryan.vallee@fullymanaged.com 613.591.9800
THANK YOU

Recommended

Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceCollege Development Network
 
6 Defence-In-Depth Security Tactics as Recommended by the National Cyber Secu...
6 Defence-In-Depth Security Tactics as Recommended by the National Cyber Secu...6 Defence-In-Depth Security Tactics as Recommended by the National Cyber Secu...
6 Defence-In-Depth Security Tactics as Recommended by the National Cyber Secu...Ivanti
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uaeRishalHalid1
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecuritysommerville-videos
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
Career in cyber security
Career in cyber securityCareer in cyber security
Career in cyber securityManjushree Mashal
 
Cyber-Security in Education
Cyber-Security in EducationCyber-Security in Education
Cyber-Security in EducationTyrone Grandison
 

Recommended

Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceCollege Development Network
 
6 Defence-In-Depth Security Tactics as Recommended by the National Cyber Secu...
6 Defence-In-Depth Security Tactics as Recommended by the National Cyber Secu...6 Defence-In-Depth Security Tactics as Recommended by the National Cyber Secu...
6 Defence-In-Depth Security Tactics as Recommended by the National Cyber Secu...Ivanti
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uaeRishalHalid1
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecuritysommerville-videos
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
Career in cyber security
Career in cyber securityCareer in cyber security
Career in cyber securityManjushree Mashal
 
Cyber-Security in Education
Cyber-Security in EducationCyber-Security in Education
Cyber-Security in EducationTyrone Grandison
 
Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Kinetic Potential
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
2019 Cyber Security Trends
2019 Cyber Security Trends2019 Cyber Security Trends
2019 Cyber Security TrendsInternetwork Engineering (IE)
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCBIZ, Inc.
 
Cybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsCybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsBryan Len
 
Bl cybersecurity z_dooly
Bl cybersecurity z_doolyBl cybersecurity z_dooly
Bl cybersecurity z_doolyzdooly
 
The Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security CertificationsThe Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security CertificationsMercury Solutions Limited
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Eliminating the Confusion Surrounding Cyber Insurance
Eliminating the Confusion Surrounding Cyber InsuranceEliminating the Confusion Surrounding Cyber Insurance
Eliminating the Confusion Surrounding Cyber InsuranceInternetwork Engineering (IE)
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityEdwin A. Opare
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistMatthew Rosenquist
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsinLabFIB
 
Cyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsCyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsINKPPT
 
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Netpluz Asia Pte Ltd
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
Navigating Cybersecurity
Navigating CybersecurityNavigating Cybersecurity
Navigating CybersecuritySegun Ebenezer Olaniyan
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securitySAHANAHK
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackkamranrazzaq8
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise The Economist Media Businesses
 

More Related Content

What's hot

Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Kinetic Potential
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCBIZ, Inc.
 
Cybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsCybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsBryan Len
 
Bl cybersecurity z_dooly
Bl cybersecurity z_doolyBl cybersecurity z_dooly
Bl cybersecurity z_doolyzdooly
 
The Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security CertificationsThe Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security CertificationsMercury Solutions Limited
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Eliminating the Confusion Surrounding Cyber Insurance
Eliminating the Confusion Surrounding Cyber InsuranceEliminating the Confusion Surrounding Cyber Insurance
Eliminating the Confusion Surrounding Cyber InsuranceInternetwork Engineering (IE)
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistMatthew Rosenquist
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsinLabFIB
 
Cyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsCyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsINKPPT
 
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Netpluz Asia Pte Ltd
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securitySAHANAHK
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 

What's hot (20)

Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
 
2019 Cyber Security Trends
2019 Cyber Security Trends2019 Cyber Security Trends
2019 Cyber Security Trends
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measures
 
Cybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsCybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity laws
 
Bl cybersecurity z_dooly
Bl cybersecurity z_doolyBl cybersecurity z_dooly
Bl cybersecurity z_dooly
 
The Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security CertificationsThe Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security Certifications
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Eliminating the Confusion Surrounding Cyber Insurance
Eliminating the Confusion Surrounding Cyber InsuranceEliminating the Confusion Surrounding Cyber Insurance
Eliminating the Confusion Surrounding Cyber Insurance
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutions
 
Cyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsCyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 mins
 
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security Governance
 
Navigating Cybersecurity
Navigating CybersecurityNavigating Cybersecurity
Navigating Cybersecurity
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 

Similar to Cyber Security Planning 101

Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise The Economist Media Businesses
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks- Mark - Fullbright
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionEMC
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
The State of Endpoint Security Today
The State of Endpoint Security Today The State of Endpoint Security Today
The State of Endpoint Security Today Justine Shaffer
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Tracey Ong
 
2017 Scalar Security Study Summary
2017 Scalar Security Study Summary2017 Scalar Security Study Summary
2017 Scalar Security Study SummaryScalar Decisions
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationEric Reehl
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkRichard Common
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
DATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali RangoliyaDATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali RangoliyaNSConclave
 
Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019SrikanthRaju7
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...Invincea, Inc.
 

Similar to Cyber Security Planning 101 (20)

Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Sel03129 usen
Sel03129 usenSel03129 usen
Sel03129 usen
 
The State of Endpoint Security Today
The State of Endpoint Security Today The State of Endpoint Security Today
The State of Endpoint Security Today
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
 
2017 Scalar Security Study Summary
2017 Scalar Security Study Summary2017 Scalar Security Study Summary
2017 Scalar Security Study Summary
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and Preparation
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
 
Cyber security
Cyber securityCyber security
Cyber security
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
DATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali RangoliyaDATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali Rangoliya
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
 

More from Welch LLP

Investment Management for Intergenerational Wealth
Investment Management for Intergenerational WealthInvestment Management for Intergenerational Wealth
Investment Management for Intergenerational WealthWelch LLP
 
Financial Planning for Intergenerational Wealth
Financial Planning for Intergenerational WealthFinancial Planning for Intergenerational Wealth
Financial Planning for Intergenerational WealthWelch LLP
 
How to Interview Candidates with Military Precision
How to Interview Candidates with Military PrecisionHow to Interview Candidates with Military Precision
How to Interview Candidates with Military PrecisionWelch LLP
 
Tax Compliance in an Era of Change
Tax Compliance in an Era of ChangeTax Compliance in an Era of Change
Tax Compliance in an Era of ChangeWelch LLP
 
Hiring Top Global Talent: The Opportunity for Canada's Tech Sector
Hiring Top Global Talent: The Opportunity for Canada's Tech SectorHiring Top Global Talent: The Opportunity for Canada's Tech Sector
Hiring Top Global Talent: The Opportunity for Canada's Tech SectorWelch LLP
 
Cannabis in the Workplace 101: What you need to know as an employer
Cannabis in the Workplace 101: What you need to know as an employerCannabis in the Workplace 101: What you need to know as an employer
Cannabis in the Workplace 101: What you need to know as an employerWelch LLP
 
Tax on Split Income: How Do the New Rules Impact You?
Tax on Split Income: How Do the New Rules Impact You?Tax on Split Income: How Do the New Rules Impact You?
Tax on Split Income: How Do the New Rules Impact You?Welch LLP
 
Advanced Negotiating: Finding the Win-Win
Advanced Negotiating: Finding the Win-Win Advanced Negotiating: Finding the Win-Win
Advanced Negotiating: Finding the Win-Win Welch LLP
 
A New Look on Investing
A New Look on Investing A New Look on Investing
A New Look on Investing Welch LLP
 
NPO Governance Bootcamp: Financial Reporting Basics
NPO Governance Bootcamp: Financial Reporting BasicsNPO Governance Bootcamp: Financial Reporting Basics
NPO Governance Bootcamp: Financial Reporting BasicsWelch LLP
 
3 Essentials for Canadian Companies Doing Business in the U.S.
3 Essentials for Canadian Companies Doing Business in the U.S.3 Essentials for Canadian Companies Doing Business in the U.S.
3 Essentials for Canadian Companies Doing Business in the U.S.Welch LLP
 
Survivor's Guide to Restructuring and the Related Tax Issues
Survivor's Guide to Restructuring and the Related Tax IssuesSurvivor's Guide to Restructuring and the Related Tax Issues
Survivor's Guide to Restructuring and the Related Tax IssuesWelch LLP
 
5 Pillars of Creating Customer Loyalty
5 Pillars of Creating Customer Loyalty5 Pillars of Creating Customer Loyalty
5 Pillars of Creating Customer LoyaltyWelch LLP
 
The Art of Structuring Your Deal
The Art of Structuring Your DealThe Art of Structuring Your Deal
The Art of Structuring Your DealWelch LLP
 
The Business Owner's Roadmap to Succession Planning
The Business Owner's Roadmap to Succession Planning The Business Owner's Roadmap to Succession Planning
The Business Owner's Roadmap to Succession Planning Welch LLP
 
Information Technology in the Cloud
Information Technology in the CloudInformation Technology in the Cloud
Information Technology in the CloudWelch LLP
 
Top 10 Tax Issues for Charities
Top 10 Tax Issues for CharitiesTop 10 Tax Issues for Charities
Top 10 Tax Issues for CharitiesWelch LLP
 
Bookkeeping 101: What You Need to Know
Bookkeeping 101: What You Need to KnowBookkeeping 101: What You Need to Know
Bookkeeping 101: What You Need to KnowWelch LLP
 
Fundraising Tips for Techs
Fundraising Tips for TechsFundraising Tips for Techs
Fundraising Tips for TechsWelch LLP
 
Welch 2016 Private Enterprise Accounting Updates
Welch 2016 Private Enterprise Accounting UpdatesWelch 2016 Private Enterprise Accounting Updates
Welch 2016 Private Enterprise Accounting UpdatesWelch LLP
 

More from Welch LLP (20)

Investment Management for Intergenerational Wealth
Investment Management for Intergenerational WealthInvestment Management for Intergenerational Wealth
Investment Management for Intergenerational Wealth
 
Financial Planning for Intergenerational Wealth
Financial Planning for Intergenerational WealthFinancial Planning for Intergenerational Wealth
Financial Planning for Intergenerational Wealth
 
How to Interview Candidates with Military Precision
How to Interview Candidates with Military PrecisionHow to Interview Candidates with Military Precision
How to Interview Candidates with Military Precision
 
Tax Compliance in an Era of Change
Tax Compliance in an Era of ChangeTax Compliance in an Era of Change
Tax Compliance in an Era of Change
 
Hiring Top Global Talent: The Opportunity for Canada's Tech Sector
Hiring Top Global Talent: The Opportunity for Canada's Tech SectorHiring Top Global Talent: The Opportunity for Canada's Tech Sector
Hiring Top Global Talent: The Opportunity for Canada's Tech Sector
 
Cannabis in the Workplace 101: What you need to know as an employer
Cannabis in the Workplace 101: What you need to know as an employerCannabis in the Workplace 101: What you need to know as an employer
Cannabis in the Workplace 101: What you need to know as an employer
 
Tax on Split Income: How Do the New Rules Impact You?
Tax on Split Income: How Do the New Rules Impact You?Tax on Split Income: How Do the New Rules Impact You?
Tax on Split Income: How Do the New Rules Impact You?
 
Advanced Negotiating: Finding the Win-Win
Advanced Negotiating: Finding the Win-Win Advanced Negotiating: Finding the Win-Win
Advanced Negotiating: Finding the Win-Win
 
A New Look on Investing
A New Look on Investing A New Look on Investing
A New Look on Investing
 
NPO Governance Bootcamp: Financial Reporting Basics
NPO Governance Bootcamp: Financial Reporting BasicsNPO Governance Bootcamp: Financial Reporting Basics
NPO Governance Bootcamp: Financial Reporting Basics
 
3 Essentials for Canadian Companies Doing Business in the U.S.
3 Essentials for Canadian Companies Doing Business in the U.S.3 Essentials for Canadian Companies Doing Business in the U.S.
3 Essentials for Canadian Companies Doing Business in the U.S.
 
Survivor's Guide to Restructuring and the Related Tax Issues
Survivor's Guide to Restructuring and the Related Tax IssuesSurvivor's Guide to Restructuring and the Related Tax Issues
Survivor's Guide to Restructuring and the Related Tax Issues
 
5 Pillars of Creating Customer Loyalty
5 Pillars of Creating Customer Loyalty5 Pillars of Creating Customer Loyalty
5 Pillars of Creating Customer Loyalty
 
The Art of Structuring Your Deal
The Art of Structuring Your DealThe Art of Structuring Your Deal
The Art of Structuring Your Deal
 
The Business Owner's Roadmap to Succession Planning
The Business Owner's Roadmap to Succession Planning The Business Owner's Roadmap to Succession Planning
The Business Owner's Roadmap to Succession Planning
 
Information Technology in the Cloud
Information Technology in the CloudInformation Technology in the Cloud
Information Technology in the Cloud
 
Top 10 Tax Issues for Charities
Top 10 Tax Issues for CharitiesTop 10 Tax Issues for Charities
Top 10 Tax Issues for Charities
 
Bookkeeping 101: What You Need to Know
Bookkeeping 101: What You Need to KnowBookkeeping 101: What You Need to Know
Bookkeeping 101: What You Need to Know
 
Fundraising Tips for Techs
Fundraising Tips for TechsFundraising Tips for Techs
Fundraising Tips for Techs
 
Welch 2016 Private Enterprise Accounting Updates
Welch 2016 Private Enterprise Accounting UpdatesWelch 2016 Private Enterprise Accounting Updates
Welch 2016 Private Enterprise Accounting Updates
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Cyber Security Planning 101

  • 2. ANDRE W LOSCHM ANN M A RK G A U DE T RYAN VALLE E PANELISTS BRYAN HARALOVICH Partner, Welch LLP President & CTO, Field Effect Software Product Line Manager, CIRA Senior VP, Fully Managed
  • 3. Cyber Security and SMEs Andrew L os ch ma n n
  • 4. 3 messages for SMEs in 2019: You can do something You are important You have cyber security responsibilities
  • 5. Message #1 You are important. • Threat actors (“attackers”) are not individuals, they’re organizations. • The motivation is almost always financially motivated. • Like most organizations, they adapt. In 2019, this means automation and scale: Data theft and resale, Credential sales, Ransomware, Financial Redirection… what’s next? If you have any assets, or have the potential to have an asset, you are a target.
  • 6. Message #2 You have cyber security responsibilities. • Customers • Stakeholders • Regulatory, Industry and other authorities
  • 7. Message #3 You can do something. • It is not an impossible problem. • Cyber Security threats are well understood at this point, as are effective defence strategies. • This technology, knowledge and process needed to make a real difference is not out of reach. • Believe it or not, the basics matter, and making a mistake on the basics are what will get you into trouble.
  • 8. Measuring Success Cyber Security is measurable and should: • Be continuous • Improve your network • Lower your risk (and costs)
  • 11. Of organizations reported being compromised last year. This number approaches 100% in larger organizations. 43%
  • 13. DNS as a Layer of Defense Use of DNS Firewalls Could Reduce 33% of All Cybersecurity Breaches.
  • 14. DNS Firewall as layer of defense
  • 15. Of malicious data breaches came from a form of cyber-attack that leverages emails, texts, phone calls or even in- person visits. 93%
  • 16. Only 54 per cent of small businesses provide cybersecurity training for their employees even though the most common form of malware seen by our respondents, phishing attacks (42 per cent), directly exploit employees as a point of weakness. 54% The Human Layer of Defense
  • 17. Reduction in users clicking on phishing emails after implementing D-Zone Cybersecurity Awareness Training. 3x Transform your users into a human firewall
  • 18. The most integrated training, phishing simulation, gamification and measurement tool available. D-Zone Cybersecurity Awareness Training Score and measure Ongoing and Remedial Training “Turned cyber risk from something to lose sleep about into something we effectively manage” C-Therm Technologies Awareness Survey Phishing simulation End user training modules and risk analysis
  • 19. CIRA delivers a family of cybersecurity services to Canadian organizations. D-Zone Anycast DNS Authoritative DNS for your domains  Improve performance with a global footprint  Protect from DNS DDoS and DNS hijacking D-Zone DNS Firewall Recursive DNS with threat blocking  100,000 new threats blocked daily  Stops malware command-and- control D-Zone Cybersecurity Awareness Training Phishing and training for end-users  Most integrated platform available  Reduce user clicks on malware links by 3X
  • 20. Summary • Defense in Depth • Leverage additional layers • DNS • Staff
  • 21. Fully Managed – Cyber Security RYAN VAL L EE
  • 22. Current threats and who they are targeting The Continued Increase in Ransomware. • In 2016, a business fell victim to ransomware every 40 seconds. • 70% of all malware attacks last year were ransomware. • 91% of cyberattacks begin with spear phishing email, which are commonly used to infect organizations with ransomware. Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021, up from $3 trillion in 2015. Ransomware is expected to worsen and make up a proportionately larger share of total cybercrime by 2021.
  • 23. Weaponization of Artificial Intelligence • Security companies are using AI to protect environments and users, therefore it is certain that the hackers are following suit in their attack methodologies. • Hackers leverage AI in spear phishing exploits to create carefully targeted messages that trick people into sharing sensitive data and installing malware. • AI is used to collect information about a target organization from across the internet, to instigate detailed and targeted exploits, and crack passwords.
  • 24. Who Are They Targeting? • 71% of ransomware attacks in 2018 targeted small businesses, with an average ransom demand of $116,000 USD. • Consumer-targeted ransomware attacks have declined by 33% since the end of 2018. • Ransomware attacks on business targets have seen a substantial increase in the first quarter of 2019, up by 195 percent since the fourth quarter of 2018. • 16% of cyber-attacks target public sector entities, 15% focus on healthcare organizations, and 10 % of attacks target the financial industry. • • • • • • • • •
  • 25. Who Are They Targeting? - Continued • As can be seen from the data, public administrations are a very large target and this has been seen with the number of public municipalities which have suffered breaches recently. • “There's over two thousand municipalities in Canada ... they hold a lot of sensitive information on individuals ... on properties, on a lot of transactions. They're very vulnerable.” Dan Mathieson, mayor of Stratford … in a CBC news report after the municipality was hit with ransomware on 14th April 2019.
  • 26. Best practices in Risk Mitigation (Financial, public and brand damage) HAVE A PLAN CYBERSECURITY INSURANCE CYBERSECURITY PARTNER
  • 27. Disclosure issues surrounding the Personal Information Protection and Electronic Documents Act (PIPEDA) PIPEDA applies to private-sector organizations across Canada that collect, use or disclose personal information in the course of a commercial activity. As of 1st November 2018, it is mandatory to report to the Privacy Commissioner of Canada breaches of security safeguards involving personal information that pose a real risk of significant harm to individuals. Failure to report such a breach can lead to fines of up to $100,000. (source: Government of Canada & Global News) • • •
  • 28. W R I T T E N P L A N S Prevention Policy Essential steps for preventing attacks S E C U R I T Y H Y G I E N E B E T T E R A U T H E N T I C A T I O N 2 - F A C T O R A U T H E N T I C A T I O N E D U C A T I O N
  • 29. Call for help! Business Continuity Plan Steps to take after a cyber attack Disconnect the internet Isolate the Servers Call Insurance Company Execute DR Plan Find Patient Zero Clean the Environment Restore Data and Servers Report the Breach Ongoing impact
  • 30. ANDRE W LOSCHM ANN M A RK G A U DE T RYAN VALLE E PANELISTS BRYAN HARALOVICH Partner, Welch LLP bharalovich@welchllp.com 613.236.9191 President & CTO, Field Effect Software aloschmann@fieldeffect.com 613.686.6342 Product Line Manager, CIRA mark.gaudet@cira.ca 613.237.5335 Senior VP, Fully Managed Ryan.vallee@fullymanaged.com 613.591.9800