SlideShare a Scribd company logo

Special report on security

Daniel (Dan) DeBlasio
Daniel (Dan) DeBlasio

This document discusses trends in data breaches and cybersecurity threats. It notes that data breaches have been doubling in cost year-over-year, now averaging over $5.5 million per breach and $200 per compromised record. While external agents were responsible for most breaches in 2011, retailers experienced many breaches in 2013. The document advocates for educating employees, implementing two-factor authentication, developing strong and changing passwords, having an incident response plan, and exploring new security technologies using machine learning to help limit organizations' risk and reduce costs from breaches.

1 of 20
Is having your data and identity compromised the NEW NORMAL? Dan DeBlasio June 4th, 2015 IN AN INCREASINGLY DIGITAL WORLD CYBERSECURITY IS A SERIOUS PROBLEM
SNAPSHOT OF IDENTITY MANAGEMENT
BREACH TRENDS LOOKING BACK BEFORE DIVING AHEAD
IN A WORLD WHERE THE NORM IS CYBERSECURITY BREACHES …… IT IS IMPORTANT FOR ENTERPRISES TO HAVE MEASURES IN PLACE FOR PREVENTION AND CONTAINMENT OF AN ATTACK Not a question of “IF” but “WHEN”
2011 THREAT AGENTS OVER TIME BY PERCENT OF BREACHES 2011 continued the shift towards external agents’ involvement in a high percentage of data breaches. Though we have always seen an external majority, never before has any year been so one-sided.
2012 THREAT LANDSCAPE OVERVIEW
2013 THREAT SUMMARY 2013 may be remembered as the “year of the retailer breach,” but a comprehensive assessment suggests it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems.
2014 THREAT SUMMARY
Data breaches double YOY Average cost +$5.5 million / $200 per record Corporations are being sued for data loss (Sony) (Ponemon Institute) THE TRENDS: BREACHES ARE DOUBLING IN COST
COST PER RECORD VARIES IN HARD AND SOFT COSTS (NOT FACTORING TRUST / LOYALTY) At 100 records variance is between $357 / record to $12 / Record At 1,000,000 records variance is between $27.50 / record to $0.06 / Record Glass half full Glass half empty That is a LARGE Variance in my book!
IT’S IN THE CLOUD…..... But which Cloud…… Private (Iaas) Public (SaaS) Hybrid (PaaS) ….and is your data and identity safe and secure?
WHAT THE CLOUD BRINGS  Who owns the security?  Who is liable in a breach?  Who restores Trust?
FORMS OF STRONG IDENTITY TODAY
ACTUALLY, YOUR DIGITAL IDENTITY TYPICALLY LOOKS LIKE THIS:
PASSWORDS ARE A WEAK DEFENSE Verizon Data Breach Investigation 2013
SUMMARY  Educate employees on phishing attacks (e-mails)  Develop strong and changing passwords  Or better yet deploy two factor authentication, especially for external and mobile access  Have a post breach strategy and communications plan to limit damage to brand and customer trust  Investigate new security measures utilizing cutting-edge systems that use machine learning and, ironically, big data analysis may give a huge boost to the powers of corporate security teams. If you are looking to limit your risk of a security breach and cut the cost of the damage by more then half in real $$$:
REFERENCES  Verizon: Data breach investigations reports 2011, 2012, 2013, 2014 and 2015  BBC News: Cybersecurity: Defending 'unpreventable' cyber attacks, By Paul Rubens Technology reporter  Forbes: The Power And Problem Of Privilege In Cybersecurity, Tom Kemp, CEO of Centrify  Frost-Sullivan: Damballa Failsafe Review 4-14-2015  Gartner: Identity and Access Management Summit 2008
DAN DEBLASIO DDEBLASIO@COX.NET 949-413-7876 (MOBILE) HTTP://WWW.LINKEDIN.COM/IN/DANDEBLASIO/

Recommended

You Are the Target
You Are the TargetYou Are the Target
You Are the Target
EMC
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
IBM Security
 
2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year
Tripwire
 
Countering Cyber Threats By Monitoring “Normal” Website Behavior
Countering Cyber Threats By Monitoring “Normal” Website BehaviorCountering Cyber Threats By Monitoring “Normal” Website Behavior
Countering Cyber Threats By Monitoring “Normal” Website Behavior
EMC
 
Risky Business
Risky BusinessRisky Business
Risky BusinessSamantha Park
 
IT Trends - Cyber Security
IT Trends - Cyber SecurityIT Trends - Cyber Security
IT Trends - Cyber Security
Datix Consulting
 
Nearly 80 billion dollars were spent in 2016 to fight cybercrime
Nearly 80 billion dollars were spent in 2016 to fight cybercrimeNearly 80 billion dollars were spent in 2016 to fight cybercrime
Nearly 80 billion dollars were spent in 2016 to fight cybercrime
prcircle
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)
Andrew Manoske
 

Recommended

You Are the Target
You Are the TargetYou Are the Target
You Are the Target
EMC
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
IBM Security
 
2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year
Tripwire
 
Countering Cyber Threats By Monitoring “Normal” Website Behavior
Countering Cyber Threats By Monitoring “Normal” Website BehaviorCountering Cyber Threats By Monitoring “Normal” Website Behavior
Countering Cyber Threats By Monitoring “Normal” Website Behavior
EMC
 
Risky Business
Risky BusinessRisky Business
Risky BusinessSamantha Park
 
IT Trends - Cyber Security
IT Trends - Cyber SecurityIT Trends - Cyber Security
IT Trends - Cyber Security
Datix Consulting
 
Nearly 80 billion dollars were spent in 2016 to fight cybercrime
Nearly 80 billion dollars were spent in 2016 to fight cybercrimeNearly 80 billion dollars were spent in 2016 to fight cybercrime
Nearly 80 billion dollars were spent in 2016 to fight cybercrime
prcircle
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)
Andrew Manoske
 
Top 10 cyber crime stories of 2012
Top 10 cyber crime stories of 2012Top 10 cyber crime stories of 2012
Top 10 cyber crime stories of 2012
Patricia Makaveli
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2Adela Cocic
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015Jörn Weber
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
malvvv
 
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CloudIDSummit
 
GWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
GWAVACon 2015: Netbox Blue - GWAVA & Netbox BlueGWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
GWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
GWAVA
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeMubashir Iqbal
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
anpapathanasiou
 
Aveshka Brief - OA NYC Meetup
Aveshka Brief - OA NYC MeetupAveshka Brief - OA NYC Meetup
Aveshka Brief - OA NYC MeetupOpen Analytics
 
LifeLock Javelin Presentation
LifeLock Javelin PresentationLifeLock Javelin Presentation
LifeLock Javelin Presentation
LifeLockBusinessSolutions
 
Big or Small, it can happen to your business!
Big or Small, it can happen to your business!Big or Small, it can happen to your business!
Big or Small, it can happen to your business!
Wavecrest Computing
 
Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015
Qrator Labs
 
Cyber In-Security II: Closing the Federal Gap
Cyber In-Security II: Closing the Federal GapCyber In-Security II: Closing the Federal Gap
Cyber In-Security II: Closing the Federal Gap
Booz Allen Hamilton
 
The growing hacking threat to websites
The growing hacking threat to websitesThe growing hacking threat to websites
The growing hacking threat to websitesBee_Ware
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Stanford GSB Corporate Governance Research Initiative
 
Investigating tips
Investigating tipsInvestigating tips
Investigating tips
Connie Kesler
 
Social Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageSocial Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the Message
Cindy Kim
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Money 2Conf
 
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
European Collaboration Summit
 
TRABAJO ONDAS
TRABAJO ONDASTRABAJO ONDAS
TRABAJO ONDAS
cynthiamersch28
 
The origins of tungsten wire mesh
The origins of tungsten wire meshThe origins of tungsten wire mesh
The origins of tungsten wire mesh
Heanjia Nickel Wire Mesh Co.,
 

More Related Content

What's hot

Top 10 cyber crime stories of 2012
Top 10 cyber crime stories of 2012Top 10 cyber crime stories of 2012
Top 10 cyber crime stories of 2012
Patricia Makaveli
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2Adela Cocic
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015Jörn Weber
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
malvvv
 
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CloudIDSummit
 
GWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
GWAVACon 2015: Netbox Blue - GWAVA & Netbox BlueGWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
GWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
GWAVA
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
anpapathanasiou
 
Aveshka Brief - OA NYC Meetup
Aveshka Brief - OA NYC MeetupAveshka Brief - OA NYC Meetup
Aveshka Brief - OA NYC MeetupOpen Analytics
 
LifeLock Javelin Presentation
LifeLock Javelin PresentationLifeLock Javelin Presentation
LifeLock Javelin Presentation
LifeLockBusinessSolutions
 
Big or Small, it can happen to your business!
Big or Small, it can happen to your business!Big or Small, it can happen to your business!
Big or Small, it can happen to your business!
Wavecrest Computing
 
Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015
Qrator Labs
 
Cyber In-Security II: Closing the Federal Gap
Cyber In-Security II: Closing the Federal GapCyber In-Security II: Closing the Federal Gap
Cyber In-Security II: Closing the Federal Gap
Booz Allen Hamilton
 
The growing hacking threat to websites
The growing hacking threat to websitesThe growing hacking threat to websites
The growing hacking threat to websitesBee_Ware
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Stanford GSB Corporate Governance Research Initiative
 
Investigating tips
Investigating tipsInvestigating tips
Investigating tips
Connie Kesler
 
Social Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageSocial Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the Message
Cindy Kim
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Money 2Conf
 
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
European Collaboration Summit
 

What's hot (20)

Top 10 cyber crime stories of 2012
Top 10 cyber crime stories of 2012Top 10 cyber crime stories of 2012
Top 10 cyber crime stories of 2012
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challenge
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
 
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
 
GWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
GWAVACon 2015: Netbox Blue - GWAVA & Netbox BlueGWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
GWAVACon 2015: Netbox Blue - GWAVA & Netbox Blue
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
 
Aveshka Brief - OA NYC Meetup
Aveshka Brief - OA NYC MeetupAveshka Brief - OA NYC Meetup
Aveshka Brief - OA NYC Meetup
 
LifeLock Javelin Presentation
LifeLock Javelin PresentationLifeLock Javelin Presentation
LifeLock Javelin Presentation
 
Big or Small, it can happen to your business!
Big or Small, it can happen to your business!Big or Small, it can happen to your business!
Big or Small, it can happen to your business!
 
Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015
 
Cyber In-Security II: Closing the Federal Gap
Cyber In-Security II: Closing the Federal GapCyber In-Security II: Closing the Federal Gap
Cyber In-Security II: Closing the Federal Gap
 
The growing hacking threat to websites
The growing hacking threat to websitesThe growing hacking threat to websites
The growing hacking threat to websites
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
 
Investigating tips
Investigating tipsInvestigating tips
Investigating tips
 
Social Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageSocial Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the Message
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2Conf
 
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats
 

Viewers also liked

TRABAJO ONDAS
TRABAJO ONDASTRABAJO ONDAS
TRABAJO ONDAS
cynthiamersch28
 
The origins of tungsten wire mesh
The origins of tungsten wire meshThe origins of tungsten wire mesh
The origins of tungsten wire mesh
Heanjia Nickel Wire Mesh Co.,
 
JanosFuzi-Reference_letter
JanosFuzi-Reference_letterJanosFuzi-Reference_letter
JanosFuzi-Reference_letterJanos F
 
Ejercicio correlacion
Ejercicio correlacionEjercicio correlacion
Ejercicio correlacionisabelmundt
 
Milieu
MilieuMilieu
Milieu
Kybar
 
Gg1 120815164713-phpapp02
Gg1 120815164713-phpapp02Gg1 120815164713-phpapp02
Gg1 120815164713-phpapp02IETI SD
 
CARECAGESA879812CET.3SRJGYARCH
CARECAGESA879812CET.3SRJGYARCHCARECAGESA879812CET.3SRJGYARCH
CARECAGESA879812CET.3SRJGYARCHAlberto Cervantes
 
Definición de problemas de salud en el primer
Definición de problemas de salud en el primerDefinición de problemas de salud en el primer
Definición de problemas de salud en el primer
Hernán Couceiro
 
Lopd quironsalud
Lopd quironsaludLopd quironsalud
Lopd quironsalud
Servicio de Docencia - Hospital Universitari Sagrat Cor
 
Expert Fridays - Сергей Укустов: "CRDT"
Expert Fridays - Сергей Укустов: "CRDT"Expert Fridays - Сергей Укустов: "CRDT"
Expert Fridays - Сергей Укустов: "CRDT"
Provectus
 
Itinerari formatiu radiodiagnostic 2015 2016
Itinerari formatiu radiodiagnostic 2015 2016Itinerari formatiu radiodiagnostic 2015 2016
Itinerari formatiu radiodiagnostic 2015 2016
Servicio de Docencia - Hospital Universitari Sagrat Cor
 
life_estuarios_eu.pdf
life_estuarios_eu.pdflife_estuarios_eu.pdf
life_estuarios_eu.pdfIrekia - EJGV
 
Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...
Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...
Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...
Irekia - EJGV
 
Comstock City, Thomas-edits, ch.3
Comstock City, Thomas-edits, ch.3Comstock City, Thomas-edits, ch.3
Comstock City, Thomas-edits, ch.3Rachel Holt
 
Un futuro deseable
Un futuro deseableUn futuro deseable
Un futuro deseable
azael01
 

Viewers also liked (16)

TRABAJO ONDAS
TRABAJO ONDASTRABAJO ONDAS
TRABAJO ONDAS
 
The origins of tungsten wire mesh
The origins of tungsten wire meshThe origins of tungsten wire mesh
The origins of tungsten wire mesh
 
JanosFuzi-Reference_letter
JanosFuzi-Reference_letterJanosFuzi-Reference_letter
JanosFuzi-Reference_letter
 
Ejercicio correlacion
Ejercicio correlacionEjercicio correlacion
Ejercicio correlacion
 
Presentación1
Presentación1Presentación1
Presentación1
 
Milieu
MilieuMilieu
Milieu
 
Gg1 120815164713-phpapp02
Gg1 120815164713-phpapp02Gg1 120815164713-phpapp02
Gg1 120815164713-phpapp02
 
CARECAGESA879812CET.3SRJGYARCH
CARECAGESA879812CET.3SRJGYARCHCARECAGESA879812CET.3SRJGYARCH
CARECAGESA879812CET.3SRJGYARCH
 
Definición de problemas de salud en el primer
Definición de problemas de salud en el primerDefinición de problemas de salud en el primer
Definición de problemas de salud en el primer
 
Lopd quironsalud
Lopd quironsaludLopd quironsalud
Lopd quironsalud
 
Expert Fridays - Сергей Укустов: "CRDT"
Expert Fridays - Сергей Укустов: "CRDT"Expert Fridays - Сергей Укустов: "CRDT"
Expert Fridays - Сергей Укустов: "CRDT"
 
Itinerari formatiu radiodiagnostic 2015 2016
Itinerari formatiu radiodiagnostic 2015 2016Itinerari formatiu radiodiagnostic 2015 2016
Itinerari formatiu radiodiagnostic 2015 2016
 
life_estuarios_eu.pdf
life_estuarios_eu.pdflife_estuarios_eu.pdf
life_estuarios_eu.pdf
 
Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...
Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...
Lehendakariaren hitzaldia - VANGUARD EKIMENA - “Industria erronkak eta teknol...
 
Comstock City, Thomas-edits, ch.3
Comstock City, Thomas-edits, ch.3Comstock City, Thomas-edits, ch.3
Comstock City, Thomas-edits, ch.3
 
Un futuro deseable
Un futuro deseableUn futuro deseable
Un futuro deseable
 

Similar to Special report on security

Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firms
Jake Weaver
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
Core Security
 
10 Things to Watch for in 2016
10 Things to Watch for in 201610 Things to Watch for in 2016
10 Things to Watch for in 2016
Courion Corporation
 
The 2014 Data Breach Investigations Report
The 2014 Data Breach Investigations ReportThe 2014 Data Breach Investigations Report
The 2014 Data Breach Investigations Report
- Mark - Fullbright
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
CMR WORLD TECH
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data Problem
Bernard Marr
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks
- Mark - Fullbright
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Rishi Singh
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016
thinkASG
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
Matthew Pascucci
 
Alert logic cloud security report
Alert logic cloud security reportAlert logic cloud security report
Alert logic cloud security report
Gabe Akisanmi
 
Reasons to be secure
Reasons to be secureReasons to be secure
Reasons to be secure
Meg Weber
 
11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger
Copper Mobile, Inc.
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government Sector
Symantec
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Ernst & Young
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
NishantSisodiya
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Booz Allen Hamilton
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprises
Taranggg11
 

Similar to Special report on security (20)

Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firms
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
 
10 Things to Watch for in 2016
10 Things to Watch for in 201610 Things to Watch for in 2016
10 Things to Watch for in 2016
 
The 2014 Data Breach Investigations Report
The 2014 Data Breach Investigations ReportThe 2014 Data Breach Investigations Report
The 2014 Data Breach Investigations Report
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data Problem
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
 
Alert logic cloud security report
Alert logic cloud security reportAlert logic cloud security report
Alert logic cloud security report
 
Reasons to be secure
Reasons to be secureReasons to be secure
Reasons to be secure
 
11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government Sector
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
 
Get Prepared
Get PreparedGet Prepared
Get Prepared
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprises
 

Recently uploaded

ashokathegreat project class 12 presentation
ashokathegreat project class 12 presentationashokathegreat project class 12 presentation
ashokathegreat project class 12 presentation
aditiyad2020
 
Codes n Conventionss copy (2).pptx new new
Codes n Conventionss copy (2).pptx new newCodes n Conventionss copy (2).pptx new new
Codes n Conventionss copy (2).pptx new new
ZackSpencer3
 
2137ad - Characters that live in Merindol and are at the center of main stories
2137ad - Characters that live in Merindol and are at the center of main stories2137ad - Characters that live in Merindol and are at the center of main stories
2137ad - Characters that live in Merindol and are at the center of main stories
luforfor
 
Memory Rental Store - The Chase (Storyboard)
Memory Rental Store - The Chase (Storyboard)Memory Rental Store - The Chase (Storyboard)
Memory Rental Store - The Chase (Storyboard)
SuryaKalyan3
 
acting board rough title here lolaaaaaaa
acting board rough title here lolaaaaaaaacting board rough title here lolaaaaaaa
acting board rough title here lolaaaaaaa
angelicafronda7
 
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
zvaywau
 
ART FORMS OF KERALA: TRADITIONAL AND OTHERS
ART FORMS OF KERALA: TRADITIONAL AND OTHERSART FORMS OF KERALA: TRADITIONAL AND OTHERS
ART FORMS OF KERALA: TRADITIONAL AND OTHERS
Sandhya J.Nair
 
Caffeinated Pitch Bible- developed by Claire Wilson
Caffeinated Pitch Bible- developed by Claire WilsonCaffeinated Pitch Bible- developed by Claire Wilson
Caffeinated Pitch Bible- developed by Claire Wilson
ClaireWilson398082
 
A Brief Introduction About Hadj Ounis
A Brief Introduction About Hadj OunisA Brief Introduction About Hadj Ounis
A Brief Introduction About Hadj Ounis
Hadj Ounis
 
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单如何办理
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单如何办理一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单如何办理
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单如何办理
zeyhe
 
IrishWritersCtrsPersonalEssaysMay29.pptx
IrishWritersCtrsPersonalEssaysMay29.pptxIrishWritersCtrsPersonalEssaysMay29.pptx
IrishWritersCtrsPersonalEssaysMay29.pptx
Aine Greaney Ellrott
 
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
luforfor
 
一比一原版(DU毕业证)迪肯大学毕业证成绩单
一比一原版(DU毕业证)迪肯大学毕业证成绩单一比一原版(DU毕业证)迪肯大学毕业证成绩单
一比一原版(DU毕业证)迪肯大学毕业证成绩单
zvaywau
 
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
iraqartsandculture
 
Inter-Dimensional Girl Boards Segment (Act 3)
Inter-Dimensional Girl Boards Segment (Act 3)Inter-Dimensional Girl Boards Segment (Act 3)
Inter-Dimensional Girl Boards Segment (Act 3)
CristianMestre
 
Fed by curiosity and beauty - Remembering Myrsine Zorba
Fed by curiosity and beauty - Remembering Myrsine ZorbaFed by curiosity and beauty - Remembering Myrsine Zorba
Fed by curiosity and beauty - Remembering Myrsine Zorba
mariavlachoupt
 
Memory Rental Store - The Ending(Storyboard)
Memory Rental Store - The Ending(Storyboard)Memory Rental Store - The Ending(Storyboard)
Memory Rental Store - The Ending(Storyboard)
SuryaKalyan3
 
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
taqyed
 
一比一原版(UniSA毕业证)南澳大学毕业证成绩单如何办理
一比一原版(UniSA毕业证)南澳大学毕业证成绩单如何办理一比一原版(UniSA毕业证)南澳大学毕业证成绩单如何办理
一比一原版(UniSA毕业证)南澳大学毕业证成绩单如何办理
zeyhe
 

Recently uploaded (19)

ashokathegreat project class 12 presentation
ashokathegreat project class 12 presentationashokathegreat project class 12 presentation
ashokathegreat project class 12 presentation
 
Codes n Conventionss copy (2).pptx new new
Codes n Conventionss copy (2).pptx new newCodes n Conventionss copy (2).pptx new new
Codes n Conventionss copy (2).pptx new new
 
2137ad - Characters that live in Merindol and are at the center of main stories
2137ad - Characters that live in Merindol and are at the center of main stories2137ad - Characters that live in Merindol and are at the center of main stories
2137ad - Characters that live in Merindol and are at the center of main stories
 
Memory Rental Store - The Chase (Storyboard)
Memory Rental Store - The Chase (Storyboard)Memory Rental Store - The Chase (Storyboard)
Memory Rental Store - The Chase (Storyboard)
 
acting board rough title here lolaaaaaaa
acting board rough title here lolaaaaaaaacting board rough title here lolaaaaaaa
acting board rough title here lolaaaaaaa
 
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
 
ART FORMS OF KERALA: TRADITIONAL AND OTHERS
ART FORMS OF KERALA: TRADITIONAL AND OTHERSART FORMS OF KERALA: TRADITIONAL AND OTHERS
ART FORMS OF KERALA: TRADITIONAL AND OTHERS
 
Caffeinated Pitch Bible- developed by Claire Wilson
Caffeinated Pitch Bible- developed by Claire WilsonCaffeinated Pitch Bible- developed by Claire Wilson
Caffeinated Pitch Bible- developed by Claire Wilson
 
A Brief Introduction About Hadj Ounis
A Brief Introduction About Hadj OunisA Brief Introduction About Hadj Ounis
A Brief Introduction About Hadj Ounis
 
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单如何办理
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单如何办理一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单如何办理
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单如何办理
 
IrishWritersCtrsPersonalEssaysMay29.pptx
IrishWritersCtrsPersonalEssaysMay29.pptxIrishWritersCtrsPersonalEssaysMay29.pptx
IrishWritersCtrsPersonalEssaysMay29.pptx
 
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
 
一比一原版(DU毕业证)迪肯大学毕业证成绩单
一比一原版(DU毕业证)迪肯大学毕业证成绩单一比一原版(DU毕业证)迪肯大学毕业证成绩单
一比一原版(DU毕业证)迪肯大学毕业证成绩单
 
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
 
Inter-Dimensional Girl Boards Segment (Act 3)
Inter-Dimensional Girl Boards Segment (Act 3)Inter-Dimensional Girl Boards Segment (Act 3)
Inter-Dimensional Girl Boards Segment (Act 3)
 
Fed by curiosity and beauty - Remembering Myrsine Zorba
Fed by curiosity and beauty - Remembering Myrsine ZorbaFed by curiosity and beauty - Remembering Myrsine Zorba
Fed by curiosity and beauty - Remembering Myrsine Zorba
 
Memory Rental Store - The Ending(Storyboard)
Memory Rental Store - The Ending(Storyboard)Memory Rental Store - The Ending(Storyboard)
Memory Rental Store - The Ending(Storyboard)
 
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
 
一比一原版(UniSA毕业证)南澳大学毕业证成绩单如何办理
一比一原版(UniSA毕业证)南澳大学毕业证成绩单如何办理一比一原版(UniSA毕业证)南澳大学毕业证成绩单如何办理
一比一原版(UniSA毕业证)南澳大学毕业证成绩单如何办理
 

Special report on security

  • 1. Is having your data and identity compromised the NEW NORMAL? Dan DeBlasio June 4th, 2015 IN AN INCREASINGLY DIGITAL WORLD CYBERSECURITY IS A SERIOUS PROBLEM
  • 2. SNAPSHOT OF IDENTITY MANAGEMENT
  • 3. BREACH TRENDS LOOKING BACK BEFORE DIVING AHEAD
  • 4.
  • 5.
  • 6. IN A WORLD WHERE THE NORM IS CYBERSECURITY BREACHES …… IT IS IMPORTANT FOR ENTERPRISES TO HAVE MEASURES IN PLACE FOR PREVENTION AND CONTAINMENT OF AN ATTACK Not a question of “IF” but “WHEN”
  • 7. 2011 THREAT AGENTS OVER TIME BY PERCENT OF BREACHES 2011 continued the shift towards external agents’ involvement in a high percentage of data breaches. Though we have always seen an external majority, never before has any year been so one-sided.
  • 9. 2013 THREAT SUMMARY 2013 may be remembered as the “year of the retailer breach,” but a comprehensive assessment suggests it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems.
  • 11. Data breaches double YOY Average cost +$5.5 million / $200 per record Corporations are being sued for data loss (Sony) (Ponemon Institute) THE TRENDS: BREACHES ARE DOUBLING IN COST
  • 12. COST PER RECORD VARIES IN HARD AND SOFT COSTS (NOT FACTORING TRUST / LOYALTY) At 100 records variance is between $357 / record to $12 / Record At 1,000,000 records variance is between $27.50 / record to $0.06 / Record Glass half full Glass half empty That is a LARGE Variance in my book!
  • 13. IT’S IN THE CLOUD…..... But which Cloud…… Private (Iaas) Public (SaaS) Hybrid (PaaS) ….and is your data and identity safe and secure?
  • 14. WHAT THE CLOUD BRINGS  Who owns the security?  Who is liable in a breach?  Who restores Trust?
  • 15. FORMS OF STRONG IDENTITY TODAY
  • 16. ACTUALLY, YOUR DIGITAL IDENTITY TYPICALLY LOOKS LIKE THIS:
  • 17. PASSWORDS ARE A WEAK DEFENSE Verizon Data Breach Investigation 2013
  • 18. SUMMARY  Educate employees on phishing attacks (e-mails)  Develop strong and changing passwords  Or better yet deploy two factor authentication, especially for external and mobile access  Have a post breach strategy and communications plan to limit damage to brand and customer trust  Investigate new security measures utilizing cutting-edge systems that use machine learning and, ironically, big data analysis may give a huge boost to the powers of corporate security teams. If you are looking to limit your risk of a security breach and cut the cost of the damage by more then half in real $$$:
  • 19. REFERENCES  Verizon: Data breach investigations reports 2011, 2012, 2013, 2014 and 2015  BBC News: Cybersecurity: Defending 'unpreventable' cyber attacks, By Paul Rubens Technology reporter  Forbes: The Power And Problem Of Privilege In Cybersecurity, Tom Kemp, CEO of Centrify  Frost-Sullivan: Damballa Failsafe Review 4-14-2015  Gartner: Identity and Access Management Summit 2008

Editor's Notes

  1. Problem statement: In an increasing digital world cybersecurity is a problem (Title) Positive principle. Positive principle: In a world where the norm is security breaches it is important for enterprises to have measures in place for prevention and containment of a security breach……….COST and business value. Huge losses in revenue beyond the cost of the record! What you invest in terms of business value is recoverable! For C Suite executives, for prevention and containment, this is your insurance policy.
  2. It’s not the whole story, however. Nor is it the most important one. The most significant change we saw in 2011 was the rise of “hacktivism” against larger organizations worldwide. For the Fiscal year 2010, the Secret Service arrested more than 1,200 suspects for cybercrime violations. These investigations involved over $500 million in actual fraud loss and prevented approximately $7 billion in additional losses.
  3. Input stats required
  4. We are often asked whether “the Cloud” factors into many of the breaches we investigate. The easy answer is “No—not really.” It’s more about giving up control of our assets and data (and not controlling the associated risk) than any technology specfic to the Cloud.