Kroll, profile picture
Uploaded byKroll
PPTX, PDF632 views

SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices

The document outlines Kroll's cyber security services, focusing on SEC cybersecurity guidance and best practices for managing cyber risk. Key areas of emphasis include risk assessments, incident response planning, and compliance with SEC regulations, alongside insights into the evolving cyber threat landscape. It highlights the importance of maintaining robust cybersecurity policies, employee training, and preparation against data breaches for organizations of all sizes.

Embed presentation

Downloaded 28 times
Proprietary and Confidential — External Use Only 1 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only SEC OCIE Cybersecurity Focus Areas, Guidance, and Best Practices Gregory Michaels Terry Mason Managing Director, Cyber Risk Director, Cyber Risk November 2018
Proprietary and Confidential — External Use Only 2 Kroll Cyber Security & Breach Notification  1 2 3 4 5 Kroll Overview Agenda SEC Cybersecurity Guidance SEC Enforcement Cyber Threat Landscape Cybersecurity Best Practices
Proprietary and Confidential — External Use Only 3 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  Kroll Overview 1
Proprietary and Confidential — External Use Only 4 Kroll Cyber Security & Breach Notification  Extensive cyber expertise worldwide  Kroll works on more than 1000 cyber events every year for clients ranging from Fortune 100 to small and medium-sized organizations.  Experts with extensive technical and executive expertise in Information Technology, Cybersecurity, Risk Management, Penetration Testing, Physical Security, Compliance, and Software Development.  Experts with unique experience from former law enforcement, e.g. FBI, DOJ, U.K. Intelligence, Europol, SEC, U.S. Secret Service, among others.  Kroll experts hold more than 30 types of industry certifications, including CIPP/US, CISSP, CRISC, CISA, CISM, GCIH, OSCP, GWAPT, GAWN, GPEN, GCED, CBCP, MCSE, QSA, AWS-CSAA, CEH. Duff & Phelps / Kroll has offices in 28 countries
Proprietary and Confidential — External Use Only 5 Kroll Cyber Security & Breach Notification  Prepare Detect Respond Restore • Cyber Risk Assessments (NIST, SEC, HIPAA, NY-DFS, GDPR, etc.) • Cyber Policy Review & Design • Interim CISO & Data Protection Officer for GDPR • Incident Response Planning • Penetration Testing • Social Engineering Exercises • Vulnerability Scanning • Third Party Cyber Reviews and Due Diligence • QSA/PCI Services • Training & Awareness • Malware and Advanced Persistent Threat Detection • PCI Forensic Investigator (PFI) • CyberDetectER ® • Endpoint powered by Red Canary • DarkWeb • SurfaceWeb • BINWatch • Computer Forensics • Incident Response Management • Data Collection & Preservation • PCI Forensic Investigator (PFI) • Data Recovery & Forensic Analysis • O365 Witness Tool • Cyber Litigation Support • B2B Breach Response • Notification Letters • Call Center Services • Credit Monitoring (Kroll Branded) • Identity Theft Restoration (Kroll Branded) • Identity Monitoring (Kroll Branded) • B2B2C: Consumer ID Theft Protection Services Kroll Cyber Security End-to-End Services
Proprietary and Confidential — External Use Only 6 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  SEC Cybersecurity Guidance 2
Proprietary and Confidential — External Use Only 7 Kroll Cyber Security & Breach Notification  SEC OCIE – Cyber Focus Areas The SEC Office of Compliance Inspections and Examinations (OCIE) issues risk alerts on cybersecurity to keep registered broker-dealers, investment advisers, and investment companies up to date regarding SEC focus areas for cyber. OCIE examinations have focused on firms’ written policies and procedures regarding cybersecurity, including validating and testing that such policies and procedures were implemented and followed. Examinations have helped the SEC to develop a catalog of good practices. Maintenance of an inventory of data, information, and vendors Policies and procedures should include a complete inventory of data and information, along with classifications of the risks, vulnerabilities, data, business consequences, and information regarding each service provider and vendor, if applicable. Security Risk Assessments  Matching policies with security controls and processes  Assessing risk: people, process, technology  Remediation
Proprietary and Confidential — External Use Only 8 Kroll Cyber Security & Breach Notification  SEC OCIE Guidance on Cyber Maintenance of prescriptive schedules and processes for testing data integrity and vulnerabilities  Vulnerability scans of core IT infrastructure  Patch management policies Detailed cybersecurity-related instructions. Some examples:  Penetration tests  Security monitoring and system auditing  Access rights  Reporting
Proprietary and Confidential — External Use Only 9 Kroll Cyber Security & Breach Notification  SEC OCIE Guidance on Cyber Established and enforced controls to access data and systems  Acceptable Use policies  Restrictions and controls for mobile devices  Logs of third-party access on firm networks  Robust procedures for employee terminations Mandatory employee training Engaged senior management (e.g., cyber risk committee) Incident response plan
Proprietary and Confidential — External Use Only 10 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  SEC Enforcement 3
Proprietary and Confidential — External Use Only 11 Kroll Cyber Security & Breach Notification  SEC Cyber Enforcement in 2018  In FY 2018, the SEC’s Enforcement Division’s Cyber Unit became fully operational  First case against a public company for failing to properly inform investors about a cyber breach  First action against a firm for violations of the Identity Theft Red Flags Rule  In FY 2018, the SEC brought 20 cyber-related standalone cases, including those involving ICOs and digital assets  At the end of the fiscal year, the Division had more than 225 cyber- related investigations ongoing
Proprietary and Confidential — External Use Only 12 Kroll Cyber Security & Breach Notification  SEC Examination Priorities
Proprietary and Confidential — External Use Only 13 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  Cyber Threat Landscape 4
Proprietary and Confidential — External Use Only 14 Kroll Cyber Security & Breach Notification  Threat landscape Deep web: anything not accessible through a typical search engine (e.g., content behind a subscription wall, academic or governmental databases, medical records, financial records, etc.) Surface web: anything that can be indexed and accessed through a search engine (e.g., Google, Yahoo, Bing) Dark web: Using anonymity tools such as Tor and I2P, the dark web enables criminal activity as well as whistleblowing and uncensored political protests
Proprietary and Confidential — External Use Only 15 Kroll Cyber Security & Breach Notification  2018 Cyber Stats  56% of 1,379 incidents with specific malware functionality were ransomware (Verizon Data Breach Investigations Report)  668 breaches compromised 22,408,258 records between January 1 and July 2, 2018 (Identity Theft Resource Center Report)  The average total cost of a data breach is $3.86 million (Ponemon Report)  Early containment (less than 30 days) saved $1.16 million on average in 2018 and $94,000 in 2017 (Ponemon Report)
Proprietary and Confidential — External Use Only 16 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  Cybersecurity Best Practices 5
Proprietary and Confidential — External Use Only 17 Kroll Cyber Security & Breach Notification  Cybersecurity Best Practices • Training and Awareness – Social Engineering • Encryption • Patch Management – System/Network/Application • Multi-factor Authentication – Remote Access • Local Admin Rights / Local Administrator Acct • Mobile Device and Media Controls
Proprietary and Confidential — External Use Only 18 Kroll Cyber Security & Breach Notification  Cybersecurity Best Practices • Third Party Security Management • Access Controls – Minimum Necessary • Access Reviews and Monitoring • Email Filtering Controls • Wire Request/Authorization Processes • Retention and Destruction
Proprietary and Confidential — External Use Only 19 Kroll Cyber Security & Breach Notification  Gregory Michaels Kroll Cyber Risk Managing Director 201-978-1546 gregory.michaels@kroll.com Terry Mason Kroll Cyber Risk Director 917-583-1931 terry.mason@kroll.com

More Related Content

PPTX
Information Security vs IT - Key Roles & Responsibilities
byKroll
 
PPTX
The Science and Art of Cyber Incident Response (with Case Studies)
byKroll
 
PPTX
New York Department of Financial Services Cybersecurity Regulations
byShawn Tuma
 
PPT
Top 10 Security Challenges
byJorge Sebastiao
 
PDF
Vulnerability management - beyond scanning
byVladimir Jirasek
 
PDF
The Legal Case for Cybersecurity
byShawn Tuma
 
PDF
Practical approach to combating cyber crimes
byChinatu Uzuegbu
 
PPTX
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
byKroll
 
Information Security vs IT - Key Roles & Responsibilities
byKroll
 
The Science and Art of Cyber Incident Response (with Case Studies)
byKroll
 
New York Department of Financial Services Cybersecurity Regulations
byShawn Tuma
 
Top 10 Security Challenges
byJorge Sebastiao
 
Vulnerability management - beyond scanning
byVladimir Jirasek
 
The Legal Case for Cybersecurity
byShawn Tuma
 
Practical approach to combating cyber crimes
byChinatu Uzuegbu
 
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
byKroll
 

What's hot

PPTX
CYBER SECURITY FOR LAW FIRMS
byScott Suhy
 
PPTX
Cyber Threat Intelligence
byPrachi Mishra
 
PDF
Flight East 2018 Presentation–Data Breaches and the Law
bySynopsys Software Integrity Group
 
PDF
SingHealth Cyber Attack (project)
byJames Neo
 
PDF
CCA study group
byIIBA UK Chapter
 
PDF
True Cost of Data Breaches
byMatthew Rosenquist
 
PDF
Emerging Trends in Information Security and Privacy
bylgcdcpas
 
PPTX
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
byTechSoup Canada
 
PDF
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
byShawn Tuma
 
PDF
Hunting for cyber threats targeting weapon systems
byFidelis Cybersecurity
 
PDF
Understanding Identity Management and Security.
byChinatu Uzuegbu
 
PPTX
Cyber Crime Threat Landscape - A Focus on the Financial Industry
byWilliam McBorrough
 
PDF
Information Security Intelligence
byguest08b1e6
 
PPTX
A Brave New World of Cyber Security and Data Breach
byJim Brashear
 
PPTX
How your nonprofit can avoid data breaches and ensure privacy
byTechSoup Canada
 
PDF
Improve Cybersecurity Education Or Awareness Training
byTriskele Labs
 
CYBER SECURITY FOR LAW FIRMS
byScott Suhy
 
Cyber Threat Intelligence
byPrachi Mishra
 
Flight East 2018 Presentation–Data Breaches and the Law
bySynopsys Software Integrity Group
 
SingHealth Cyber Attack (project)
byJames Neo
 
CCA study group
byIIBA UK Chapter
 
True Cost of Data Breaches
byMatthew Rosenquist
 
Emerging Trends in Information Security and Privacy
bylgcdcpas
 
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
byTechSoup Canada
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
byShawn Tuma
 
Hunting for cyber threats targeting weapon systems
byFidelis Cybersecurity
 
Understanding Identity Management and Security.
byChinatu Uzuegbu
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
byWilliam McBorrough
 
Information Security Intelligence
byguest08b1e6
 
A Brave New World of Cyber Security and Data Breach
byJim Brashear
 
How your nonprofit can avoid data breaches and ensure privacy
byTechSoup Canada
 
Improve Cybersecurity Education Or Awareness Training
byTriskele Labs
 

Similar to SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices

PPTX
Cyber security
byTanu Basoiya
 
PPTX
Cybersecurity note for students reference
bysitihajar250855
 
PDF
Cybersecurity-Protecting-Our-Digital-World (1).pdf
byJitendraGupta187
 
PPTX
Cyberattacks.pptx
bySonakshiMundra
 
PPTX
Lec 1- Intro to cyber security and recommendations
byBilalMehmood44
 
PDF
introduction cyber security and CIA Triad
byshaunakkulkarni2005
 
PPTX
The Evolution of Cybercrime
byStephen Cobb
 
PPTX
Cybersecurity-Protecting-Our-Digital-World (1).pptx
byJitendraGupta187
 
PDF
Cyber Security Services in India - DigitDefence
byyams12611
 
PPTX
Cybersecurity Training For Sales People.pptx
bysubodh258201
 
PPTX
Unit 1.pptx
byMsVaishaliKumar
 
PPTX
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
PPTX
Cybersecurity: Definition, Importance, and Best Practices.pptx
byCloudavize
 
PPTX
Presentation for FPANJ Spring 2015 Conference
byBill Despo
 
PPTX
ACEDS-ACFCS Cybersecurity Webcast
byLogikcull.com
 
PDF
NTXISSACSC1 Conference - Cybersecurity 2014 by Andrea Almeida
byNorth Texas Chapter of the ISSA
 
PPTX
Introduction-to-Cybersecurit57hhfcbbcxxx
byzahraomer517
 
PPTX
Abhishek kurre.pptx
byDolchandra
 
DOCX
Task 3
byBIBEKCHAUDHARYBScHon
 
PDF
Information Securityfind an article online discussing defense-in-d.pdf
byforladies
 
Cyber security
byTanu Basoiya
 
Cybersecurity note for students reference
bysitihajar250855
 
Cybersecurity-Protecting-Our-Digital-World (1).pdf
byJitendraGupta187
 
Cyberattacks.pptx
bySonakshiMundra
 
Lec 1- Intro to cyber security and recommendations
byBilalMehmood44
 
introduction cyber security and CIA Triad
byshaunakkulkarni2005
 
The Evolution of Cybercrime
byStephen Cobb
 
Cybersecurity-Protecting-Our-Digital-World (1).pptx
byJitendraGupta187
 
Cyber Security Services in India - DigitDefence
byyams12611
 
Cybersecurity Training For Sales People.pptx
bysubodh258201
 
Unit 1.pptx
byMsVaishaliKumar
 
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
Cybersecurity: Definition, Importance, and Best Practices.pptx
byCloudavize
 
Presentation for FPANJ Spring 2015 Conference
byBill Despo
 
ACEDS-ACFCS Cybersecurity Webcast
byLogikcull.com
 
NTXISSACSC1 Conference - Cybersecurity 2014 by Andrea Almeida
byNorth Texas Chapter of the ISSA
 
Introduction-to-Cybersecurit57hhfcbbcxxx
byzahraomer517
 
Abhishek kurre.pptx
byDolchandra
 
Task 3
byBIBEKCHAUDHARYBScHon
 
Information Securityfind an article online discussing defense-in-d.pdf
byforladies
 

Recently uploaded

PDF
Buy Twitter Accounts and Platforms account in 2026.,..pdf
byh3lfp4332e3gctbnm22w
 
PDF
When Paychecks Stop: Are We Financially Ready
byAurumCapital
 
PDF
growth-approach-pm-letter-december-2025 (1).pdf
byHenry Tapper
 
PDF
Institute for Public Relations 2025 Year in Review
byMariumAbdulhussein
 
DOCX
Guide to Safely Buy a Verified Binance Account Today.docx
byh55oga0kd25m12iaza2
 
PDF
J Hamilton - Pensions Playpen 16.12.2025 (1).pdf
byHenry Tapper
 
PPTX
CMMI Consulting & Implementation Services.pptx
bySunil Yadav
 
PDF
Step-by-Step Guide to Buying LinkedIn Accounts in 2026.pdf
byasikurrhmanxyzit
 
PDF
how to Buy linkedin Accounts in 2026 .pdf
bywc0fr9qf43i5qo5kn3
 
PDF
How to Buy Twitter Accounts in 2026 (1).pdf
bywc0fr9qf43i5qo5kn3
 
PDF
The Easiest Way to Buy Snapchat Accounts (1).pdf
byidc1w3adizw383go
 
PDF
Chris Elwell Woburn - A Seasoned IT Executive
byChris Elwell Woburn
 
PDF
How to Buy a USA Facebook Accounts Safely.pdf
byyl62ghphl9tyxn3q8lv5
 
PDF
Dubai Multi Commodities Centre (DMCC) – Supplier Code of Conduct Policy
byDubai Multi Commodity Centre
 
PDF
ASD SCO Introduction December 2025 (1).pdf
byHenry Tapper
 
PDF
How to Buy Snapchat Account A Step-by-Step Guide..pdf
byidc1w3adizw383go
 
PDF
Olga Grom: Presale та комерційні моделі (UA)
byLviv Startup Club
 
PDF
Pengelolaan SDM Terintegrasi Berbasis Manajemen Risiko 2025
bySeta Wicaksana
 
PDF
Back to the future - the return of DB surpluses (slides) - 9 December 2025.pdf
byHenry Tapper
 
PDF
LCP-Pension-Submisson-CDC-Superfund-December-2025.pdf
byHenry Tapper
 
Buy Twitter Accounts and Platforms account in 2026.,..pdf
byh3lfp4332e3gctbnm22w
 
When Paychecks Stop: Are We Financially Ready
byAurumCapital
 
growth-approach-pm-letter-december-2025 (1).pdf
byHenry Tapper
 
Institute for Public Relations 2025 Year in Review
byMariumAbdulhussein
 
Guide to Safely Buy a Verified Binance Account Today.docx
byh55oga0kd25m12iaza2
 
J Hamilton - Pensions Playpen 16.12.2025 (1).pdf
byHenry Tapper
 
CMMI Consulting & Implementation Services.pptx
bySunil Yadav
 
Step-by-Step Guide to Buying LinkedIn Accounts in 2026.pdf
byasikurrhmanxyzit
 
how to Buy linkedin Accounts in 2026 .pdf
bywc0fr9qf43i5qo5kn3
 
How to Buy Twitter Accounts in 2026 (1).pdf
bywc0fr9qf43i5qo5kn3
 
The Easiest Way to Buy Snapchat Accounts (1).pdf
byidc1w3adizw383go
 
Chris Elwell Woburn - A Seasoned IT Executive
byChris Elwell Woburn
 
How to Buy a USA Facebook Accounts Safely.pdf
byyl62ghphl9tyxn3q8lv5
 
Dubai Multi Commodities Centre (DMCC) – Supplier Code of Conduct Policy
byDubai Multi Commodity Centre
 
ASD SCO Introduction December 2025 (1).pdf
byHenry Tapper
 
How to Buy Snapchat Account A Step-by-Step Guide..pdf
byidc1w3adizw383go
 
Olga Grom: Presale та комерційні моделі (UA)
byLviv Startup Club
 
Pengelolaan SDM Terintegrasi Berbasis Manajemen Risiko 2025
bySeta Wicaksana
 
Back to the future - the return of DB surpluses (slides) - 9 December 2025.pdf
byHenry Tapper
 
LCP-Pension-Submisson-CDC-Superfund-December-2025.pdf
byHenry Tapper
 

SEC OCIE - Cybersecurity Focus Areas, Guidance, and Best Practices

  • 1.
    Proprietary and Confidential— External Use Only 1 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only SEC OCIE Cybersecurity Focus Areas, Guidance, and Best Practices Gregory Michaels Terry Mason Managing Director, Cyber Risk Director, Cyber Risk November 2018
  • 2.
    Proprietary and Confidential— External Use Only 2 Kroll Cyber Security & Breach Notification  1 2 3 4 5 Kroll Overview Agenda SEC Cybersecurity Guidance SEC Enforcement Cyber Threat Landscape Cybersecurity Best Practices
  • 3.
    Proprietary and Confidential— External Use Only 3 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  Kroll Overview 1
  • 4.
    Proprietary and Confidential— External Use Only 4 Kroll Cyber Security & Breach Notification  Extensive cyber expertise worldwide  Kroll works on more than 1000 cyber events every year for clients ranging from Fortune 100 to small and medium-sized organizations.  Experts with extensive technical and executive expertise in Information Technology, Cybersecurity, Risk Management, Penetration Testing, Physical Security, Compliance, and Software Development.  Experts with unique experience from former law enforcement, e.g. FBI, DOJ, U.K. Intelligence, Europol, SEC, U.S. Secret Service, among others.  Kroll experts hold more than 30 types of industry certifications, including CIPP/US, CISSP, CRISC, CISA, CISM, GCIH, OSCP, GWAPT, GAWN, GPEN, GCED, CBCP, MCSE, QSA, AWS-CSAA, CEH. Duff & Phelps / Kroll has offices in 28 countries
  • 5.
    Proprietary and Confidential— External Use Only 5 Kroll Cyber Security & Breach Notification  Prepare Detect Respond Restore • Cyber Risk Assessments (NIST, SEC, HIPAA, NY-DFS, GDPR, etc.) • Cyber Policy Review & Design • Interim CISO & Data Protection Officer for GDPR • Incident Response Planning • Penetration Testing • Social Engineering Exercises • Vulnerability Scanning • Third Party Cyber Reviews and Due Diligence • QSA/PCI Services • Training & Awareness • Malware and Advanced Persistent Threat Detection • PCI Forensic Investigator (PFI) • CyberDetectER ® • Endpoint powered by Red Canary • DarkWeb • SurfaceWeb • BINWatch • Computer Forensics • Incident Response Management • Data Collection & Preservation • PCI Forensic Investigator (PFI) • Data Recovery & Forensic Analysis • O365 Witness Tool • Cyber Litigation Support • B2B Breach Response • Notification Letters • Call Center Services • Credit Monitoring (Kroll Branded) • Identity Theft Restoration (Kroll Branded) • Identity Monitoring (Kroll Branded) • B2B2C: Consumer ID Theft Protection Services Kroll Cyber Security End-to-End Services
  • 6.
    Proprietary and Confidential— External Use Only 6 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  SEC Cybersecurity Guidance 2
  • 7.
    Proprietary and Confidential— External Use Only 7 Kroll Cyber Security & Breach Notification  SEC OCIE – Cyber Focus Areas The SEC Office of Compliance Inspections and Examinations (OCIE) issues risk alerts on cybersecurity to keep registered broker-dealers, investment advisers, and investment companies up to date regarding SEC focus areas for cyber. OCIE examinations have focused on firms’ written policies and procedures regarding cybersecurity, including validating and testing that such policies and procedures were implemented and followed. Examinations have helped the SEC to develop a catalog of good practices. Maintenance of an inventory of data, information, and vendors Policies and procedures should include a complete inventory of data and information, along with classifications of the risks, vulnerabilities, data, business consequences, and information regarding each service provider and vendor, if applicable. Security Risk Assessments  Matching policies with security controls and processes  Assessing risk: people, process, technology  Remediation
  • 8.
    Proprietary and Confidential— External Use Only 8 Kroll Cyber Security & Breach Notification  SEC OCIE Guidance on Cyber Maintenance of prescriptive schedules and processes for testing data integrity and vulnerabilities  Vulnerability scans of core IT infrastructure  Patch management policies Detailed cybersecurity-related instructions. Some examples:  Penetration tests  Security monitoring and system auditing  Access rights  Reporting
  • 9.
    Proprietary and Confidential— External Use Only 9 Kroll Cyber Security & Breach Notification  SEC OCIE Guidance on Cyber Established and enforced controls to access data and systems  Acceptable Use policies  Restrictions and controls for mobile devices  Logs of third-party access on firm networks  Robust procedures for employee terminations Mandatory employee training Engaged senior management (e.g., cyber risk committee) Incident response plan
  • 10.
    Proprietary and Confidential— External Use Only 10 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  SEC Enforcement 3
  • 11.
    Proprietary and Confidential— External Use Only 11 Kroll Cyber Security & Breach Notification  SEC Cyber Enforcement in 2018  In FY 2018, the SEC’s Enforcement Division’s Cyber Unit became fully operational  First case against a public company for failing to properly inform investors about a cyber breach  First action against a firm for violations of the Identity Theft Red Flags Rule  In FY 2018, the SEC brought 20 cyber-related standalone cases, including those involving ICOs and digital assets  At the end of the fiscal year, the Division had more than 225 cyber- related investigations ongoing
  • 12.
    Proprietary and Confidential— External Use Only 12 Kroll Cyber Security & Breach Notification  SEC Examination Priorities
  • 13.
    Proprietary and Confidential— External Use Only 13 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  Cyber Threat Landscape 4
  • 14.
    Proprietary and Confidential— External Use Only 14 Kroll Cyber Security & Breach Notification  Threat landscape Deep web: anything not accessible through a typical search engine (e.g., content behind a subscription wall, academic or governmental databases, medical records, financial records, etc.) Surface web: anything that can be indexed and accessed through a search engine (e.g., Google, Yahoo, Bing) Dark web: Using anonymity tools such as Tor and I2P, the dark web enables criminal activity as well as whistleblowing and uncensored political protests
  • 15.
    Proprietary and Confidential— External Use Only 15 Kroll Cyber Security & Breach Notification  2018 Cyber Stats  56% of 1,379 incidents with specific malware functionality were ransomware (Verizon Data Breach Investigations Report)  668 breaches compromised 22,408,258 records between January 1 and July 2, 2018 (Identity Theft Resource Center Report)  The average total cost of a data breach is $3.86 million (Ponemon Report)  Early containment (less than 30 days) saved $1.16 million on average in 2018 and $94,000 in 2017 (Ponemon Report)
  • 16.
    Proprietary and Confidential— External Use Only 16 Kroll Cyber Security & Breach Notification  Proprietary and Confidential — External Use Only Kroll Cyber Security & Breach Notification  Cybersecurity Best Practices 5
  • 17.
    Proprietary and Confidential— External Use Only 17 Kroll Cyber Security & Breach Notification  Cybersecurity Best Practices • Training and Awareness – Social Engineering • Encryption • Patch Management – System/Network/Application • Multi-factor Authentication – Remote Access • Local Admin Rights / Local Administrator Acct • Mobile Device and Media Controls
  • 18.
    Proprietary and Confidential— External Use Only 18 Kroll Cyber Security & Breach Notification  Cybersecurity Best Practices • Third Party Security Management • Access Controls – Minimum Necessary • Access Reviews and Monitoring • Email Filtering Controls • Wire Request/Authorization Processes • Retention and Destruction
  • 19.
    Proprietary and Confidential— External Use Only 19 Kroll Cyber Security & Breach Notification  Gregory Michaels Kroll Cyber Risk Managing Director 201-978-1546 gregory.michaels@kroll.com Terry Mason Kroll Cyber Risk Director 917-583-1931 terry.mason@kroll.com