The document discusses cyber security issues for financial advisors. It notes that 45% of advisors experienced a cyber incident in the past year, which on average costs $275,000 per incident. The document provides definitions and explanations of common cyber threats like malware, ransomware, social engineering, and botnets. It also defines common cyber security terms and controls. The document shares results of a cyber security survey of financial advisors which found that over half do not feel prepared for a cyber attack and most lack confidence in staff security practices. It emphasizes the new mandatory data breach notification laws and educating clients on security best practices.

2. Peace of mind in a digital world
Julian Plummer

3. Who is Kamino?
We are your cyber security experts

4. Why we created Kamino
• The digital transformation of financial services has made
many aspects of running a business easier, but with this
also comes an increased risk with protecting your systems,
data and personal client information.
• However many financial advisers are not security savvy and
put themselves at unnecessary risk.
• This is the goal of Kamino - To help financial advisers
navigate safely in the cyber space.

5. Why cyber security matters
• 45% of financial advisers had experience a cyber incident last
year.
• Each incident costs an average of AUD$275,000.
• 62% of all cyber attacks are targeting SMEs.
• 60% of small companies that suffered a cyber attack are out
of business within six months.
• Regulatory fines of up to AUD$1.8M

6. Data breach notifications now mandatory
• All practices with an annual turnover of $3 million or higher will
be required to notify impacted individuals and the regulator
(OAIC) when cyber security incidents compromise personal
information.
– Where a suspected unauthorised access occurs, the practice must
undertake an assessment of whether the incident is an “eligible data
breach”.
– As part of that assessment process, the practice must decide whether
the incident is “likely to result in serious harm” to any individuals.
– If an “eligible data breach” has occurred then the practice must notify
the OAIC and take steps to notify affected individuals.

7. What does infosec mean? ..1

8. What does infosec mean? ..2
Information security ≠ hacking!

9. What does infosec mean? ..3
• Information Security is about protecting information
so that people who should not have access to it
cannot distribute, see, change, or delete it.
• It is governed, managed, and implemented through
a series of industry standards and processes.

10. What does infosec mean? ..4
It is a delicate
balance of
enabling the
business,
keeping the
business secure,
and cost.

11. What does infosec mean? ..5
Typical cyber security framework

12. What does infosec mean? ..6
Threats come in many forms!

13. What does infosec mean? ..7

14. Cyber buzzwords

15. Layered security controls

16. Vulnerability
A software
vulnerability is a
security flaw, glitch,
or weakness found
in software (or your
practice!)

17. Exploit
An exploit is a sequence of commands that takes advantage of a
bug or vulnerability to cause unintended or unanticipated
behaviour to occur on computer software

18. Malware
Malware stands for
'malicious software'. It is
any type of code or
program cyber attackers
use to perform malicious
actions.
• Virus is a form of
malware
• Worm is another
common form

19. Ransomware
Ransomware is a type of
malicious software that
threatens to publish the
victim's data or perpetually
block access to it unless a
ransom is paid.
• Most recently - WannaCry

20. Social engineering
Social engineering - the use
of deception to manipulate
individuals into divulging
confidential or personal
information that may be
used for fraudulent
purposes.
• Phishing is a digital form
of social engineering,
often through emails with
a seemingly harmful link.

21. Botnets and DDOS
• A botnet is a group of
computers connected to the
Internet that have been
compromised by a hacker.
• Denial-of-Service (DOS) attack
aim to bring down a web
server by overloading it with
access requests. DDOS stands
for Distributed Denial-of-
Service and is commonly
performed by botnets.

22. Advanced Persistent Threat (APT)
Because you aren’t going to tell your boss you got owned by a
“Simple Persistent Threat”. Are you?

23. Vulnerability Assessment
• It looks for known vulnerabilities in your
systems and reports potential exposure.
• It is often done as an automated scan
plus some manual verification.
• It is used to attain a prioritised list of
vulnerabilities in the environment so that
remediation can occur.
• It is often sold as penetration test.

24. Penetration Testing
• It is a simulated attack against the IT assets. It is
often goal-based, e.g. retrieve all credit card
information.
• It is a labour intensive, point-in-time exercise.
• It is used to determine whether an organisation
can withstand an intrusion attempt from an
advanced attacker with a specific goal.
• It is more suitable for security mature
organisation.

25. Incident Response (IR)
IR is the approach to address and manage the
aftermath of a security breach or attack

26. Firewall
• A security program that
filters inbound and
outbound network
connections. In addition,
firewalls can be
implemented as network
devices to filter traffic that
traverses through them.
– Automated attacks
– How long to scan the
internet?

27. Cryptography
Cryptography - The use of
mathematical techniques to
provide security services, such as
to encrypt a communications
channel or to authenticate a user.
• e.g. HTTPS is encrypted with
the TLS (Transport Layer
Security) protocol.

28. Intrusion Detection/Prevention
An alarm system for your network that too often works like the alarm
system for cars in parking garages.

29. Virtual Private Network (VPN)
• A remote access VPN
allows individual users
securely connect to a
private business
network from a
remote location using
a laptop or mobile
phone connected to
the Internet.

30. Logging and SIEM
• Security Information
and Event
Management System
(SIEM) collects logs.
• The logs are then
analysed for real time
alerts, or stored for
forensic purposes.

31. Kamino Cyber Survey Results
First Cyber Security Survey Created for Australian Financial Advisers
January 2018

32. How many cyber incidents did your business
experience in the past 12 months?
45% of the financial advisers
experienced at least one cyber
incident last year.
Financial services are hit harder
than other industries.
This result is similar to other cyber
security survey results in 2017 in
Australia.
20%
6%
55%
19%
2-5 times
More than five times
Never
Once

33. Types of cyber incidents experienced by financial
advisers
Malware infections and phishing emails are the biggest threats to financial advisers and accountants. It’s a little
surprising that ransomware is not higher than it is, but that being said, it is expected to increase over the next year. It’s
also worth noting that accidental cause by staff is one of the major causes of incidents.
0 5 10 15 20 25 30
data breach
denial of server
brute force attack
Email addresses or website(s) blacklisted
Malware/trojan infections
Phishing/targeted malicious emails
Ransomware
Theft/Loss of laptops or mobile devices
Unauthorised access to information by external user
Unauthorised access to information by internal user
Accidental cause by internal users
Website defacement
3
3
3
7
28
24
7
5
2
3
10
3
%

34. Do you feel your business is doing enough to protect
its systems from cyber threats?
Just over half of respondents believe they
are not prepared to deal with a potential
cyber attack.
This result is in-line with other industry
surveys. Research indicates there is
generally over-confidence and optimism
in handling an actual attack.
25%
29% 46%
No
Unsure
Yes

35. How much confidence do you have in your staff's
security hygiene?
When asked about their peers
and/or workers, most do not have
full confidence that there is enough
user education and awareness within
their organisation to withstand
attacks.
This is worth noting because human
error is one of the biggest
weaknesses in enterprise security
defense.
27%
9%
64%
Full confidence
No confidence
Some confidence

36. What are the most significant drivers behind your
investment in cyber security?
Most advisers have a very good understanding of what is at stake in the face of a cyber incident.
Client information is of the utmost importance, and they are aware that their brand must be
protected from being tarnished by cyber incidents, which could lead to direct revenue loss.
0 5 10 15 20 25 30
Protection of sensitive data
Regulatory compliance
Reducing incidents and breaches
Protection of intellectual property
Protecting brand reputation
End user education and awareness
Improving incident response
New, advanced threats and techniques
Reducing attack surface
Percentage

37. Are you aware of the new mandatory data breach
notification law and obligations?
At the time of survey, most respondents
were not familiar with the new
mandatory data breach notification laws
effective in February 2018.
This will have a big impact to the
businesses affected. This also reflects
that the general awareness in the
regulations area is quite low.
38%
30%
32%
No Somewhat Yes

38. 3 cyber security issues that will affect you in 2018
• Passwords
- using a password manager is a non negotiable (LastPass)
- staff education is key - one sloppy team member can topple an entire business
• Malware
- industry specific phishing emails have become the norm
- It will be essential that you and your team are trained to detect what is a genuine email /
attachment and what is a scam – one complacent click can send your company into chaos
• Know your obligations under the data breach notification laws which came into
effect in February 2018

39. How can you help to educate your clients?
When it comes to protecting their financial assets online, your clients will turn to you for guidance and
many of the cyber security processes you employ in your business should also apply to them
Ensure that you remain the centre of their financial universe by helping to educate them in cyber security protocols -
• Passwords
- Simple things like password hygiene, and using a password manager can make all the difference
• Malware
- Teach them how to detect and respond (or in most cases ignore and delete) potential malware /phishing
emails
• Have a plan in place
- Make sure your clients alert you immediately if or when they suffer a cyber attack

40. Questions you should be asking yourself
• What is your most critical information asset?
• What is the impact to your business if this information was stolen, modified, lost or made
public?
• Do you know how well this asset is protected from cyber security incidents?
• Have you prepared a plan for when a cyber incident occurs?
• Do you have a security framework in place and a dedicated person to manage security
concerns?
• Are you compliant with applicable laws and regulations in terms of information security?