Daniel (Dan) DeBlasio, profile picture
Uploaded byDaniel (Dan) DeBlasio
403 views

Special report on security

This document discusses trends in data breaches and cybersecurity threats. It notes that data breaches have been doubling in cost year-over-year, now averaging over $5.5 million per breach and $200 per compromised record. While external agents were responsible for most breaches in 2011, retailers experienced many breaches in 2013. The document advocates for educating employees, implementing two-factor authentication, developing strong and changing passwords, having an incident response plan, and exploring new security technologies using machine learning to help limit organizations' risk and reduce costs from breaches.

Embed presentation

Is having your data and identity compromised the NEW NORMAL? Dan DeBlasio June 4th, 2015 IN AN INCREASINGLY DIGITAL WORLD CYBERSECURITY IS A SERIOUS PROBLEM
SNAPSHOT OF IDENTITY MANAGEMENT
BREACH TRENDS LOOKING BACK BEFORE DIVING AHEAD
IN A WORLD WHERE THE NORM IS CYBERSECURITY BREACHES …… IT IS IMPORTANT FOR ENTERPRISES TO HAVE MEASURES IN PLACE FOR PREVENTION AND CONTAINMENT OF AN ATTACK Not a question of “IF” but “WHEN”
2011 THREAT AGENTS OVER TIME BY PERCENT OF BREACHES 2011 continued the shift towards external agents’ involvement in a high percentage of data breaches. Though we have always seen an external majority, never before has any year been so one-sided.
2012 THREAT LANDSCAPE OVERVIEW
2013 THREAT SUMMARY 2013 may be remembered as the “year of the retailer breach,” but a comprehensive assessment suggests it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems.
2014 THREAT SUMMARY
Data breaches double YOY Average cost +$5.5 million / $200 per record Corporations are being sued for data loss (Sony) (Ponemon Institute) THE TRENDS: BREACHES ARE DOUBLING IN COST
COST PER RECORD VARIES IN HARD AND SOFT COSTS (NOT FACTORING TRUST / LOYALTY) At 100 records variance is between $357 / record to $12 / Record At 1,000,000 records variance is between $27.50 / record to $0.06 / Record Glass half full Glass half empty That is a LARGE Variance in my book!
IT’S IN THE CLOUD…..... But which Cloud…… Private (Iaas) Public (SaaS) Hybrid (PaaS) ….and is your data and identity safe and secure?
WHAT THE CLOUD BRINGS  Who owns the security?  Who is liable in a breach?  Who restores Trust?
FORMS OF STRONG IDENTITY TODAY
ACTUALLY, YOUR DIGITAL IDENTITY TYPICALLY LOOKS LIKE THIS:
PASSWORDS ARE A WEAK DEFENSE Verizon Data Breach Investigation 2013
SUMMARY  Educate employees on phishing attacks (e-mails)  Develop strong and changing passwords  Or better yet deploy two factor authentication, especially for external and mobile access  Have a post breach strategy and communications plan to limit damage to brand and customer trust  Investigate new security measures utilizing cutting-edge systems that use machine learning and, ironically, big data analysis may give a huge boost to the powers of corporate security teams. If you are looking to limit your risk of a security breach and cut the cost of the damage by more then half in real $$$:
REFERENCES  Verizon: Data breach investigations reports 2011, 2012, 2013, 2014 and 2015  BBC News: Cybersecurity: Defending 'unpreventable' cyber attacks, By Paul Rubens Technology reporter  Forbes: The Power And Problem Of Privilege In Cybersecurity, Tom Kemp, CEO of Centrify  Frost-Sullivan: Damballa Failsafe Review 4-14-2015  Gartner: Identity and Access Management Summit 2008
DAN DEBLASIO DDEBLASIO@COX.NET 949-413-7876 (MOBILE) HTTP://WWW.LINKEDIN.COM/IN/DANDEBLASIO/

More Related Content

PDF
You Are the Target
byEMC
 
PDF
Top 12 Cybersecurity Predictions for 2017
byIBM Security
 
PDF
2017 in Review: Infosec Pros Look Back on the Year
byTripwire
 
PDF
Countering Cyber Threats By Monitoring “Normal” Website Behavior
byEMC
 
PDF
Risky Business
bySamantha Park
 
PDF
IT Trends - Cyber Security
byDatix Consulting
 
DOCX
Nearly 80 billion dollars were spent in 2016 to fight cybercrime
byprcircle
 
PDF
Modern Adversaries (Amplify Partners)
byAndrew Manoske
 
You Are the Target
byEMC
 
Top 12 Cybersecurity Predictions for 2017
byIBM Security
 
2017 in Review: Infosec Pros Look Back on the Year
byTripwire
 
Countering Cyber Threats By Monitoring “Normal” Website Behavior
byEMC
 
Risky Business
bySamantha Park
 
IT Trends - Cyber Security
byDatix Consulting
 
Nearly 80 billion dollars were spent in 2016 to fight cybercrime
byprcircle
 
Modern Adversaries (Amplify Partners)
byAndrew Manoske
 

What's hot

PDF
Top 10 cyber crime stories of 2012
byPatricia Makaveli
 
PDF
1. security 20 20 - ebook-vol2
byAdela Cocic
 
PDF
CORMA-FW REPRINT-APR2015
byJörn Weber
 
DOCX
DBryant-Cybersecurity Challenge
bymsdee3362
 
PDF
Eset trends report_2018
bymalvvv
 
PDF
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
byCloudIDSummit
 
PDF
GWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
byGWAVA
 
PPTX
Cyber crime
byMubashir Iqbal
 
PDF
Top 6 things_small_businesses_q12015
byanpapathanasiou
 
PDF
Aveshka Brief - OA NYC Meetup
byOpen Analytics
 
PPTX
LifeLock Javelin Presentation
byLifeLockBusinessSolutions
 
PDF
Big or Small, it can happen to your business!
byWavecrest Computing
 
PDF
Russian and Worldwide Internet Security Trends 2015
byQrator Labs
 
PDF
Cyber In-Security II: Closing the Federal Gap
byBooz Allen Hamilton
 
PDF
The growing hacking threat to websites
byBee_Ware
 
PDF
Critical Update Needed: Cybersecurity Expertise in the Boardroom
byStanford GSB Corporate Governance Research Initiative
 
PDF
Investigating tips
byConnie Kesler
 
PPTX
Social Media Balancing Security & Authenticity without Controlling the Message
byCindy Kim
 
PDF
Detecting Frauds and Identifying Security Challenge | by Money2Conf
byMoney 2Conf
 
PDF
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
byEuropean Collaboration Summit
 
Top 10 cyber crime stories of 2012
byPatricia Makaveli
 
1. security 20 20 - ebook-vol2
byAdela Cocic
 
CORMA-FW REPRINT-APR2015
byJörn Weber
 
DBryant-Cybersecurity Challenge
bymsdee3362
 
Eset trends report_2018
bymalvvv
 
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
byCloudIDSummit
 
GWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
byGWAVA
 
Cyber crime
byMubashir Iqbal
 
Top 6 things_small_businesses_q12015
byanpapathanasiou
 
Aveshka Brief - OA NYC Meetup
byOpen Analytics
 
LifeLock Javelin Presentation
byLifeLockBusinessSolutions
 
Big or Small, it can happen to your business!
byWavecrest Computing
 
Russian and Worldwide Internet Security Trends 2015
byQrator Labs
 
Cyber In-Security II: Closing the Federal Gap
byBooz Allen Hamilton
 
The growing hacking threat to websites
byBee_Ware
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
byStanford GSB Corporate Governance Research Initiative
 
Investigating tips
byConnie Kesler
 
Social Media Balancing Security & Authenticity without Controlling the Message
byCindy Kim
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
byMoney 2Conf
 
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
byEuropean Collaboration Summit
 

Viewers also liked

DOCX
TRABAJO ONDAS
bycynthiamersch28
 
PDF
The origins of tungsten wire mesh
byHeanjia Nickel Wire Mesh Co.,
 
PDF
JanosFuzi-Reference_letter
byJanos F
 
PPTX
Ejercicio correlacion
byisabelmundt
 
PPTX
Presentación1
byisabelmundt
 
PPT
Milieu
byKybar
 
PPTX
Gg1 120815164713-phpapp02
byIETI SD
 
PPTX
CARECAGESA879812CET.3SRJGYARCH
byAlberto Cervantes
 
PPTX
Definición de problemas de salud en el primer
byHernán Couceiro
 
PDF
Lopd quironsalud
byServicio de Docencia - Hospital Universitari Sagrat Cor
 
PPTX
Expert Fridays - Сергей Укустов: "CRDT"
byProvectus
 
PDF
Itinerari formatiu radiodiagnostic 2015 2016
byServicio de Docencia - Hospital Universitari Sagrat Cor
 
PDF
life_estuarios_eu.pdf
byIrekia - EJGV
 
PDF
Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...
byIrekia - EJGV
 
PDF
Comstock City, Thomas-edits, ch.3
byRachel Holt
 
PPTX
Un futuro deseable
byazael01
 
TRABAJO ONDAS
bycynthiamersch28
 
The origins of tungsten wire mesh
byHeanjia Nickel Wire Mesh Co.,
 
JanosFuzi-Reference_letter
byJanos F
 
Ejercicio correlacion
byisabelmundt
 
Presentación1
byisabelmundt
 
Milieu
byKybar
 
Gg1 120815164713-phpapp02
byIETI SD
 
CARECAGESA879812CET.3SRJGYARCH
byAlberto Cervantes
 
Definición de problemas de salud en el primer
byHernán Couceiro
 
Lopd quironsalud
byServicio de Docencia - Hospital Universitari Sagrat Cor
 
Expert Fridays - Сергей Укустов: "CRDT"
byProvectus
 
Itinerari formatiu radiodiagnostic 2015 2016
byServicio de Docencia - Hospital Universitari Sagrat Cor
 
life_estuarios_eu.pdf
byIrekia - EJGV
 
Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...
byIrekia - EJGV
 
Comstock City, Thomas-edits, ch.3
byRachel Holt
 
Un futuro deseable
byazael01
 

Similar to Special report on security

PDF
Material de apoyo Un replanteamiento masivo de la seguridad.
byUniversidad Cenfotec
 
PDF
Why is Cybersecurity Important for Your Privacy | Digitdefence
byRosy G
 
PDF
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
byCA Technologies
 
PDF
Centrify rethink security brochure
byMark Gibson
 
PDF
L123
byBtyy121
 
PPTX
IT Security Essentials
bySkoda Minotti
 
PPTX
The Year Ahead in Cyber Security: 2014 edition
byStephen Cobb
 
PDF
5 Security Trends to Watch in 2020
byDharmendra Rama
 
PDF
CIS14: Identity Therapy: Surviving the Explosion of Users, Access and Identities
byCloudIDSummit
 
PDF
The Trust Paradox: Access Management and Trust in an Insecure Age
byEMC
 
PDF
Clear and Present Danger
byPing Identity
 
PPTX
Internet Security Threat Report (ISTR) Vol. 16
bySymantec APJ
 
PPTX
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
bySymantec APJ
 
PPTX
Cyber security
bySatbharai Sethar
 
PDF
Signacure Brochure
byDave Lloyd
 
PPT
Tips to Protect Your Organization from Data Breaches and Identity Theft
byCase IQ
 
PPTX
Iurii Garasym. The future crimes and predestination of cyber security. Though...
byIT Arena
 
PDF
Cyber risk reporting aicpa framework
byJames Deiotte
 
PPTX
2015: The year-ahead-in-cyber-security
byStephen Cobb
 
PDF
digital strategy and information security
byProf. Jacques Folon (Ph.D)
 
Material de apoyo Un replanteamiento masivo de la seguridad.
byUniversidad Cenfotec
 
Why is Cybersecurity Important for Your Privacy | Digitdefence
byRosy G
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
byCA Technologies
 
Centrify rethink security brochure
byMark Gibson
 
L123
byBtyy121
 
IT Security Essentials
bySkoda Minotti
 
The Year Ahead in Cyber Security: 2014 edition
byStephen Cobb
 
5 Security Trends to Watch in 2020
byDharmendra Rama
 
CIS14: Identity Therapy: Surviving the Explosion of Users, Access and Identities
byCloudIDSummit
 
The Trust Paradox: Access Management and Trust in an Insecure Age
byEMC
 
Clear and Present Danger
byPing Identity
 
Internet Security Threat Report (ISTR) Vol. 16
bySymantec APJ
 
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
bySymantec APJ
 
Cyber security
bySatbharai Sethar
 
Signacure Brochure
byDave Lloyd
 
Tips to Protect Your Organization from Data Breaches and Identity Theft
byCase IQ
 
Iurii Garasym. The future crimes and predestination of cyber security. Though...
byIT Arena
 
Cyber risk reporting aicpa framework
byJames Deiotte
 
2015: The year-ahead-in-cyber-security
byStephen Cobb
 
digital strategy and information security
byProf. Jacques Folon (Ph.D)
 

Recently uploaded

PPTX
Informed_Consent_Simulated_Environment.pptx
byRajkishorMeher3
 
PPTX
PPT-SCIENCE-5-Q4-W3-.pptx science science
byLhleaObedencioLibago
 
PPTX
StemAZINg-oRIENTATION.pptxaaaaaaaaaaaaaaa
byZechariahReiMangubat
 
PDF
bobbie-goods-coloring-book_book_2025.pdf
byViviFontanGonzalez
 
PPTX
European liberalism impact in the Philippines.pptx
byalmanpalti13
 
PPT
DSA 2nd Lecture-1.ppt msg kiya tha toh mn ny kaha k ni no Kuni a rhi hai sir ...
bymk50263456
 
PDF
Ingles Activity globalización, intercultural
bygiulianaarana30
 
PPTX
Guidence and counselling for students and misconception inthe guidence
byIndrayaniDurkar
 
PPTX
Cottontail vs. The Under-Bed Monsters Beat Board.pptx
byemilymainsgrace
 
PPT
adverbs-of-frequency-ppt-flashcards-fun-activities-games_42028.ppt
byShaimaaMoustafa17
 
PDF
Caravan Tales Beat board - a boy who ventures away to his mystical destiny
byKarenWilliams666119
 
PPTX
DLP Q4 L2 Techinical and Operational Definitions.pptx
byAndreaDimayuga
 
PPTX
post abortion care and MVA.pptx this is PPT on post abortion care and MVA
byMohammedAbdella14
 
PDF
NFA WITH EPSILON simple concept For TOC unit 1 .pdf
bySanjivani college of Engineering
 
PDF
This is an Ai wayground certified educator cert
byTejeissvaran Vicknessvaran
 
PDF
Bronze Age and Iron Age Senior Cycle Presentation.pdf
by08573425
 
PPT
Quarter 3 AP 8 Week 8 Mga Kilusan para sa Demokrasya.ppt
byKrisMeiVidad
 
PPTX
Defination, Causes, Sources and Types of Pollutions
byAbhijitMaity17
 
PDF
Cascades: a Vision of Humanity within Natural Wonders
byColin Perrott
 
PDF
Certified game Changer in wayground cert
byTejeissvaran Vicknessvaran
 
Informed_Consent_Simulated_Environment.pptx
byRajkishorMeher3
 
PPT-SCIENCE-5-Q4-W3-.pptx science science
byLhleaObedencioLibago
 
StemAZINg-oRIENTATION.pptxaaaaaaaaaaaaaaa
byZechariahReiMangubat
 
bobbie-goods-coloring-book_book_2025.pdf
byViviFontanGonzalez
 
European liberalism impact in the Philippines.pptx
byalmanpalti13
 
DSA 2nd Lecture-1.ppt msg kiya tha toh mn ny kaha k ni no Kuni a rhi hai sir ...
bymk50263456
 
Ingles Activity globalización, intercultural
bygiulianaarana30
 
Guidence and counselling for students and misconception inthe guidence
byIndrayaniDurkar
 
Cottontail vs. The Under-Bed Monsters Beat Board.pptx
byemilymainsgrace
 
adverbs-of-frequency-ppt-flashcards-fun-activities-games_42028.ppt
byShaimaaMoustafa17
 
Caravan Tales Beat board - a boy who ventures away to his mystical destiny
byKarenWilliams666119
 
DLP Q4 L2 Techinical and Operational Definitions.pptx
byAndreaDimayuga
 
post abortion care and MVA.pptx this is PPT on post abortion care and MVA
byMohammedAbdella14
 
NFA WITH EPSILON simple concept For TOC unit 1 .pdf
bySanjivani college of Engineering
 
This is an Ai wayground certified educator cert
byTejeissvaran Vicknessvaran
 
Bronze Age and Iron Age Senior Cycle Presentation.pdf
by08573425
 
Quarter 3 AP 8 Week 8 Mga Kilusan para sa Demokrasya.ppt
byKrisMeiVidad
 
Defination, Causes, Sources and Types of Pollutions
byAbhijitMaity17
 
Cascades: a Vision of Humanity within Natural Wonders
byColin Perrott
 
Certified game Changer in wayground cert
byTejeissvaran Vicknessvaran
 

Special report on security

  • 1.
    Is having yourdata and identity compromised the NEW NORMAL? Dan DeBlasio June 4th, 2015 IN AN INCREASINGLY DIGITAL WORLD CYBERSECURITY IS A SERIOUS PROBLEM
  • 2.
  • 3.
    BREACH TRENDS LOOKING BACKBEFORE DIVING AHEAD
  • 6.
    IN A WORLDWHERE THE NORM IS CYBERSECURITY BREACHES …… IT IS IMPORTANT FOR ENTERPRISES TO HAVE MEASURES IN PLACE FOR PREVENTION AND CONTAINMENT OF AN ATTACK Not a question of “IF” but “WHEN”
  • 7.
    2011 THREAT AGENTSOVER TIME BY PERCENT OF BREACHES 2011 continued the shift towards external agents’ involvement in a high percentage of data breaches. Though we have always seen an external majority, never before has any year been so one-sided.
  • 8.
  • 9.
    2013 THREAT SUMMARY 2013may be remembered as the “year of the retailer breach,” but a comprehensive assessment suggests it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems.
  • 10.
  • 11.
    Data breaches doubleYOY Average cost +$5.5 million / $200 per record Corporations are being sued for data loss (Sony) (Ponemon Institute) THE TRENDS: BREACHES ARE DOUBLING IN COST
  • 12.
    COST PER RECORDVARIES IN HARD AND SOFT COSTS (NOT FACTORING TRUST / LOYALTY) At 100 records variance is between $357 / record to $12 / Record At 1,000,000 records variance is between $27.50 / record to $0.06 / Record Glass half full Glass half empty That is a LARGE Variance in my book!
  • 13.
    IT’S IN THECLOUD…..... But which Cloud…… Private (Iaas) Public (SaaS) Hybrid (PaaS) ….and is your data and identity safe and secure?
  • 14.
    WHAT THE CLOUDBRINGS  Who owns the security?  Who is liable in a breach?  Who restores Trust?
  • 15.
    FORMS OF STRONGIDENTITY TODAY
  • 16.
    ACTUALLY, YOUR DIGITALIDENTITY TYPICALLY LOOKS LIKE THIS:
  • 17.
    PASSWORDS ARE AWEAK DEFENSE Verizon Data Breach Investigation 2013
  • 18.
    SUMMARY  Educate employeeson phishing attacks (e-mails)  Develop strong and changing passwords  Or better yet deploy two factor authentication, especially for external and mobile access  Have a post breach strategy and communications plan to limit damage to brand and customer trust  Investigate new security measures utilizing cutting-edge systems that use machine learning and, ironically, big data analysis may give a huge boost to the powers of corporate security teams. If you are looking to limit your risk of a security breach and cut the cost of the damage by more then half in real $$$:
  • 19.
    REFERENCES  Verizon: Databreach investigations reports 2011, 2012, 2013, 2014 and 2015  BBC News: Cybersecurity: Defending 'unpreventable' cyber attacks, By Paul Rubens Technology reporter  Forbes: The Power And Problem Of Privilege In Cybersecurity, Tom Kemp, CEO of Centrify  Frost-Sullivan: Damballa Failsafe Review 4-14-2015  Gartner: Identity and Access Management Summit 2008
  • 20.

Editor's Notes

  • #2 Problem statement: In an increasing digital world cybersecurity is a problem (Title) Positive principle. Positive principle: In a world where the norm is security breaches it is important for enterprises to have measures in place for prevention and containment of a security breach……….COST and business value. Huge losses in revenue beyond the cost of the record! What you invest in terms of business value is recoverable! For C Suite executives, for prevention and containment, this is your insurance policy.
  • #8 It’s not the whole story, however. Nor is it the most important one. The most significant change we saw in 2011 was the rise of “hacktivism” against larger organizations worldwide. For the Fiscal year 2010, the Secret Service arrested more than 1,200 suspects for cybercrime violations. These investigations involved over $500 million in actual fraud loss and prevented approximately $7 billion in additional losses.
  • #12 Input stats required
  • #15 We are often asked whether “the Cloud” factors into many of the breaches we investigate. The easy answer is “No—not really.” It’s more about giving up control of our assets and data (and not controlling the associated risk) than any technology specfic to the Cloud.