SlideShare a Scribd company logo

Cyber Threat Prevention in Todays World

D
Dave Thompson

Presentation to Fall 2016 Edmonton CAE Roundtable

Business
1 of 17
Download to read offline
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Cyber Threat Prevention in Today's World Shane Troyer, CPA, CISSP, CFE, CIA Partner Business Risk Services
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Network Perimeter Security 2
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Managed By 3 Information System Security Professional Yes No • Valid business communications • Authenticated staff and clients • File sharing • Malware and Malicious web sites • Spam and blacklisted sites • Perimeter attacks (DOS)
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd The Human Element 4 Social Engineering
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Social Engineering 5
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Types of Social Engineering 6 Cyber thieves perform reconnaissance, collect the personal information of company employees and attempt to get employees to take an action Baiting – offering an incentive in order to draw in a target (i.e. convincing a person to download malicious software onto his or her computer). Pretexting - using misrepresentation to gain access to privileged information. Phishing - an attacker attempts to obtain private information such as a social security number or authentication information. Spear-phishing - targeted at a specific person or role in an organization. Hackers leverage freely available information to craft an email likely to appeal to the target.
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd 7 So who is really protecting your organization?
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Him 8
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Her 9
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd and Him 10
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Cybercriminals are increasingly moving towards more complex email threats…….and scammers will seek to exploit what they perceive to be the weakest link in the chain: Humans Symantec Corporation – Internet Security Threat Report 2016 11
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd How Strong are These Controls? 12 0 10 20 30 40 50 60 70 No Response Email Opened Link clicked Multiple Clicks Employee Response Rate to Cyber Attack by Email
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Employee Enabled Threats 13 Fraudulent Fund Transfers Worms Ransomware (Crypto) Trojan Horses Botnets (DDOS)Spyware Viruses
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Ransomware 14
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd What do attacks look like? 15
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd What Can We Do? 16 • Employee Awareness Training – provide employees with the knowledge to understand how these attacks are perpetrated so that they have the ability detect potential attacks before they become victims. • Ongoing Monitoring of Awareness – don’t just trust that an employee's new found awareness will be taken to heart. Test them consistently! • PhishAlarm Tools – Enable real time reporting of suspected attacks via email so that feedback on the validity of the email can be determined. • Open Communications – promote an open dialogue between IT resources and employees to ensure that questions will be asked before they click suspicious links.
© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Discussion 17

Recommended

PCI forensic investigations
PCI forensic investigations PCI forensic investigations
PCI forensic investigations
European Merchant Services
 
Case-Study-Cyber-Investigations-8-5-2015
Case-Study-Cyber-Investigations-8-5-2015Case-Study-Cyber-Investigations-8-5-2015
Case-Study-Cyber-Investigations-8-5-2015
Timothy Nolan
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
A.T Multitech Corporation Ltd
 
Ransomware
RansomwareRansomware
Ransomware
DeepakKumar4980
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10
seadeloitte
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human
PhishLabs
 
Phishing
PhishingPhishing
Phishing
guicelacatalina
 
Bridge Cyber Crime_March_JB
Bridge Cyber Crime_March_JBBridge Cyber Crime_March_JB
Bridge Cyber Crime_March_JB
Bethan Weston MCIM DipCAM
 

Recommended

PCI forensic investigations
PCI forensic investigations PCI forensic investigations
PCI forensic investigations
European Merchant Services
 
Case-Study-Cyber-Investigations-8-5-2015
Case-Study-Cyber-Investigations-8-5-2015Case-Study-Cyber-Investigations-8-5-2015
Case-Study-Cyber-Investigations-8-5-2015
Timothy Nolan
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
A.T Multitech Corporation Ltd
 
Ransomware
RansomwareRansomware
Ransomware
DeepakKumar4980
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10
seadeloitte
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human
PhishLabs
 
Phishing
PhishingPhishing
Phishing
guicelacatalina
 
Bridge Cyber Crime_March_JB
Bridge Cyber Crime_March_JBBridge Cyber Crime_March_JB
Bridge Cyber Crime_March_JB
Bethan Weston MCIM DipCAM
 
Portret lidera polskiego biznesu - raport Grant Thornton i HSBC
Portret lidera polskiego biznesu - raport Grant Thornton i HSBCPortret lidera polskiego biznesu - raport Grant Thornton i HSBC
Portret lidera polskiego biznesu - raport Grant Thornton i HSBC
Grant Thornton
 
Executive analytics: Nine strategies to deliver digital solutions
Executive analytics: Nine strategies to deliver digital solutionsExecutive analytics: Nine strategies to deliver digital solutions
Executive analytics: Nine strategies to deliver digital solutions
Grant Thornton LLP
 
Strategically leveraging compliance activities: 2014 CAE Survey results
Strategically leveraging compliance activities: 2014 CAE Survey resultsStrategically leveraging compliance activities: 2014 CAE Survey results
Strategically leveraging compliance activities: 2014 CAE Survey results
Grant Thornton LLP
 
CIPFA Presentation - Security in a Virtualised Environment
CIPFA Presentation - Security in a Virtualised EnvironmentCIPFA Presentation - Security in a Virtualised Environment
CIPFA Presentation - Security in a Virtualised Environment
Chris Kenny
 
ACCA - Grant Thornton presentation template
ACCA - Grant Thornton presentation templateACCA - Grant Thornton presentation template
ACCA - Grant Thornton presentation template
ACCASG Community Manager
 
2016 AICPA Bank - CECL Governance
2016 AICPA Bank - CECL Governance2016 AICPA Bank - CECL Governance
2016 AICPA Bank - CECL Governance
Dorsey Baskin
 
ICAEW/Grant Thornton Business Confidence Monitor Q4 2013
ICAEW/Grant Thornton Business Confidence Monitor Q4 2013ICAEW/Grant Thornton Business Confidence Monitor Q4 2013
ICAEW/Grant Thornton Business Confidence Monitor Q4 2013
Grant Thornton UK LLP
 
Grant Thornton - global talkbook
Grant Thornton - global talkbookGrant Thornton - global talkbook
Grant Thornton - global talkbook
Grant Thornton Georgia
 
Infosys Consulting In 2006 Ba401
Infosys Consulting In 2006 Ba401Infosys Consulting In 2006 Ba401
Infosys Consulting In 2006 Ba401
Thammasat
 
Chester Growth Partnership: Young Professionals Drinks
Chester Growth Partnership: Young Professionals DrinksChester Growth Partnership: Young Professionals Drinks
Chester Growth Partnership: Young Professionals Drinks
Place North West
 
Infosys corporate presentation (it industry)
Infosys corporate presentation (it industry)Infosys corporate presentation (it industry)
Infosys corporate presentation (it industry)
gtvikram
 
Corporate finance project on infosys
Corporate finance project on infosysCorporate finance project on infosys
Corporate finance project on infosys
Neelutpal Saha
 
Challenges facing a new administration
Challenges facing a new administration Challenges facing a new administration
Challenges facing a new administration
Grant Thornton LLP
 
Infosys
InfosysInfosys
Infosys
Deepa Jacob
 
Crafting a talent analytics function and building strategic partnership
Crafting a talent analytics function and building strategic partnershipCrafting a talent analytics function and building strategic partnership
Crafting a talent analytics function and building strategic partnership
William Gaker
 
Grade 11 Earth & Life Science (Earth System & Subsystems)
Grade 11 Earth & Life Science (Earth System & Subsystems)Grade 11 Earth & Life Science (Earth System & Subsystems)
Grade 11 Earth & Life Science (Earth System & Subsystems)
Marileah Mendina
 
Infosys ppt.
Infosys ppt.Infosys ppt.
Infosys ppt.
Roshni17
 
The Future of Industry: Sector Convergence & 2017 Outlook
The Future of Industry: Sector Convergence & 2017 OutlookThe Future of Industry: Sector Convergence & 2017 Outlook
The Future of Industry: Sector Convergence & 2017 Outlook
Grant Thornton LLP
 
Oracle on premises and oracle cloud - how to coexist webinar
Oracle on premises and oracle cloud - how to coexist webinarOracle on premises and oracle cloud - how to coexist webinar
Oracle on premises and oracle cloud - how to coexist webinar
Panaya
 
Thai tech startup ecosystem report 2017
Thai tech startup ecosystem report 2017Thai tech startup ecosystem report 2017
Thai tech startup ecosystem report 2017
Techsauce Media
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
 
Security Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you knowSecurity Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you know
qmatheson
 

More Related Content

Viewers also liked

Portret lidera polskiego biznesu - raport Grant Thornton i HSBC
Portret lidera polskiego biznesu - raport Grant Thornton i HSBCPortret lidera polskiego biznesu - raport Grant Thornton i HSBC
Portret lidera polskiego biznesu - raport Grant Thornton i HSBC
Grant Thornton
 
CIPFA Presentation - Security in a Virtualised Environment
CIPFA Presentation - Security in a Virtualised EnvironmentCIPFA Presentation - Security in a Virtualised Environment
CIPFA Presentation - Security in a Virtualised Environment
Chris Kenny
 
2016 AICPA Bank - CECL Governance
2016 AICPA Bank - CECL Governance2016 AICPA Bank - CECL Governance
2016 AICPA Bank - CECL Governance
Dorsey Baskin
 
Infosys Consulting In 2006 Ba401
Infosys Consulting In 2006 Ba401Infosys Consulting In 2006 Ba401
Infosys Consulting In 2006 Ba401
Thammasat
 
Crafting a talent analytics function and building strategic partnership
Crafting a talent analytics function and building strategic partnershipCrafting a talent analytics function and building strategic partnership
Crafting a talent analytics function and building strategic partnership
William Gaker
 
Infosys ppt.
Infosys ppt.Infosys ppt.
Infosys ppt.
Roshni17
 

Viewers also liked (20)

Portret lidera polskiego biznesu - raport Grant Thornton i HSBC
Portret lidera polskiego biznesu - raport Grant Thornton i HSBCPortret lidera polskiego biznesu - raport Grant Thornton i HSBC
Portret lidera polskiego biznesu - raport Grant Thornton i HSBC
 
Executive analytics: Nine strategies to deliver digital solutions
Executive analytics: Nine strategies to deliver digital solutionsExecutive analytics: Nine strategies to deliver digital solutions
Executive analytics: Nine strategies to deliver digital solutions
 
Strategically leveraging compliance activities: 2014 CAE Survey results
Strategically leveraging compliance activities: 2014 CAE Survey resultsStrategically leveraging compliance activities: 2014 CAE Survey results
Strategically leveraging compliance activities: 2014 CAE Survey results
 
CIPFA Presentation - Security in a Virtualised Environment
CIPFA Presentation - Security in a Virtualised EnvironmentCIPFA Presentation - Security in a Virtualised Environment
CIPFA Presentation - Security in a Virtualised Environment
 
ACCA - Grant Thornton presentation template
ACCA - Grant Thornton presentation templateACCA - Grant Thornton presentation template
ACCA - Grant Thornton presentation template
 
2016 AICPA Bank - CECL Governance
2016 AICPA Bank - CECL Governance2016 AICPA Bank - CECL Governance
2016 AICPA Bank - CECL Governance
 
ICAEW/Grant Thornton Business Confidence Monitor Q4 2013
ICAEW/Grant Thornton Business Confidence Monitor Q4 2013ICAEW/Grant Thornton Business Confidence Monitor Q4 2013
ICAEW/Grant Thornton Business Confidence Monitor Q4 2013
 
Grant Thornton - global talkbook
Grant Thornton - global talkbookGrant Thornton - global talkbook
Grant Thornton - global talkbook
 
Infosys Consulting In 2006 Ba401
Infosys Consulting In 2006 Ba401Infosys Consulting In 2006 Ba401
Infosys Consulting In 2006 Ba401
 
Chester Growth Partnership: Young Professionals Drinks
Chester Growth Partnership: Young Professionals DrinksChester Growth Partnership: Young Professionals Drinks
Chester Growth Partnership: Young Professionals Drinks
 
Infosys corporate presentation (it industry)
Infosys corporate presentation (it industry)Infosys corporate presentation (it industry)
Infosys corporate presentation (it industry)
 
Corporate finance project on infosys
Corporate finance project on infosysCorporate finance project on infosys
Corporate finance project on infosys
 
Challenges facing a new administration
Challenges facing a new administration Challenges facing a new administration
Challenges facing a new administration
 
Infosys
InfosysInfosys
Infosys
 
Crafting a talent analytics function and building strategic partnership
Crafting a talent analytics function and building strategic partnershipCrafting a talent analytics function and building strategic partnership
Crafting a talent analytics function and building strategic partnership
 
Grade 11 Earth & Life Science (Earth System & Subsystems)
Grade 11 Earth & Life Science (Earth System & Subsystems)Grade 11 Earth & Life Science (Earth System & Subsystems)
Grade 11 Earth & Life Science (Earth System & Subsystems)
 
Infosys ppt.
Infosys ppt.Infosys ppt.
Infosys ppt.
 
The Future of Industry: Sector Convergence & 2017 Outlook
The Future of Industry: Sector Convergence & 2017 OutlookThe Future of Industry: Sector Convergence & 2017 Outlook
The Future of Industry: Sector Convergence & 2017 Outlook
 
Oracle on premises and oracle cloud - how to coexist webinar
Oracle on premises and oracle cloud - how to coexist webinarOracle on premises and oracle cloud - how to coexist webinar
Oracle on premises and oracle cloud - how to coexist webinar
 
Thai tech startup ecosystem report 2017
Thai tech startup ecosystem report 2017Thai tech startup ecosystem report 2017
Thai tech startup ecosystem report 2017
 

Similar to Cyber Threat Prevention in Todays World

Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Paige Rasid
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
kamranrazzaq8
 
Benford's Law: How to Use it to Detect Fraud in Financial Data
Benford's Law: How to Use it to Detect Fraud in Financial DataBenford's Law: How to Use it to Detect Fraud in Financial Data
Benford's Law: How to Use it to Detect Fraud in Financial Data
FraudBusters
 
Cyber for Counties Guidebook
Cyber for Counties Guidebook Cyber for Counties Guidebook
Cyber for Counties Guidebook
Kristin Judge
 
Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015
sarah kabirat
 

Similar to Cyber Threat Prevention in Todays World (20)

The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
 
Security Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you knowSecurity Breach: It's not if, it's not when, it's will you know
Security Breach: It's not if, it's not when, it's will you know
 
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar SeriesCyber Liability & Cyber Insurance - Cybersecurity Seminar Series
Cyber Liability & Cyber Insurance - Cybersecurity Seminar Series
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9
 
DATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali RangoliyaDATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali Rangoliya
 
Combating Cyber Fraud, Data Breaches & Corporate Espionage
Combating Cyber Fraud, Data Breaches & Corporate EspionageCombating Cyber Fraud, Data Breaches & Corporate Espionage
Combating Cyber Fraud, Data Breaches & Corporate Espionage
 
Cybersecurity - Webinar Session
Cybersecurity - Webinar SessionCybersecurity - Webinar Session
Cybersecurity - Webinar Session
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019
 
ACEDS-ACFCS Cybersecurity Webcast
ACEDS-ACFCS Cybersecurity WebcastACEDS-ACFCS Cybersecurity Webcast
ACEDS-ACFCS Cybersecurity Webcast
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 
Benford's Law: How to Use it to Detect Fraud in Financial Data
Benford's Law: How to Use it to Detect Fraud in Financial DataBenford's Law: How to Use it to Detect Fraud in Financial Data
Benford's Law: How to Use it to Detect Fraud in Financial Data
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
negative implications of IT
negative implications of ITnegative implications of IT
negative implications of IT
 
Consult Trojan Hunt India and Know How to Prevent Phishing.pptx
Consult Trojan Hunt India and Know How to Prevent Phishing.pptxConsult Trojan Hunt India and Know How to Prevent Phishing.pptx
Consult Trojan Hunt India and Know How to Prevent Phishing.pptx
 
Establishing an Organization Wide Fraud Policy
Establishing an Organization Wide Fraud PolicyEstablishing an Organization Wide Fraud Policy
Establishing an Organization Wide Fraud Policy
 
Cyber for Counties Guidebook
Cyber for Counties Guidebook Cyber for Counties Guidebook
Cyber for Counties Guidebook
 
Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
 
PA SB DC Cyber Brief
PA SB DC Cyber Brief PA SB DC Cyber Brief
PA SB DC Cyber Brief
 
Know Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
Know Your Adversary: Analyzing the Human Element in Evolving Cyber ThreatsKnow Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
Know Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
 

Recently uploaded

Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
Matteo Carbone
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Dipal Arora
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
kapoorjyoti4444
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
amitlee9823
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
dlhescort
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
lizamodels9
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Sheetaleventcompany
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 

Recently uploaded (20)

Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Phases of negotiation .pptx
Phases of negotiation .pptx Phases of negotiation .pptx
Phases of negotiation .pptx
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 

Cyber Threat Prevention in Todays World

  • 1. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd© Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Cyber Threat Prevention in Today's World Shane Troyer, CPA, CISSP, CFE, CIA Partner Business Risk Services
  • 2. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Network Perimeter Security 2
  • 3. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Managed By 3 Information System Security Professional Yes No • Valid business communications • Authenticated staff and clients • File sharing • Malware and Malicious web sites • Spam and blacklisted sites • Perimeter attacks (DOS)
  • 4. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd The Human Element 4 Social Engineering
  • 5. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Social Engineering 5
  • 6. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Types of Social Engineering 6 Cyber thieves perform reconnaissance, collect the personal information of company employees and attempt to get employees to take an action Baiting – offering an incentive in order to draw in a target (i.e. convincing a person to download malicious software onto his or her computer). Pretexting - using misrepresentation to gain access to privileged information. Phishing - an attacker attempts to obtain private information such as a social security number or authentication information. Spear-phishing - targeted at a specific person or role in an organization. Hackers leverage freely available information to craft an email likely to appeal to the target.
  • 7. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd 7 So who is really protecting your organization?
  • 8. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Him 8
  • 9. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Her 9
  • 10. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd and Him 10
  • 11. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Cybercriminals are increasingly moving towards more complex email threats…….and scammers will seek to exploit what they perceive to be the weakest link in the chain: Humans Symantec Corporation – Internet Security Threat Report 2016 11
  • 12. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd How Strong are These Controls? 12 0 10 20 30 40 50 60 70 No Response Email Opened Link clicked Multiple Clicks Employee Response Rate to Cyber Attack by Email
  • 13. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Employee Enabled Threats 13 Fraudulent Fund Transfers Worms Ransomware (Crypto) Trojan Horses Botnets (DDOS)Spyware Viruses
  • 14. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Ransomware 14
  • 15. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd What do attacks look like? 15
  • 16. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd What Can We Do? 16 • Employee Awareness Training – provide employees with the knowledge to understand how these attacks are perpetrated so that they have the ability detect potential attacks before they become victims. • Ongoing Monitoring of Awareness – don’t just trust that an employee's new found awareness will be taken to heart. Test them consistently! • PhishAlarm Tools – Enable real time reporting of suspected attacks via email so that feedback on the validity of the email can be determined. • Open Communications – promote an open dialogue between IT resources and employees to ensure that questions will be asked before they click suspicious links.
  • 17. © Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd Discussion 17