California has always been a king of innovation - from the earliest ventures in filmmaking to today’s Silicon Valley technologies. So it's not surprising that California has been at the vanguard of cybersecurity, being the first state to enact a breach data notification law in 2003. Laws don't stop cybercriminals, though - and California has seen a sharp rise in breaches the last 4 years, according to The California Data Breach Report. Consider these chilling realities: • There were 657 data breaches involving more than 500 records from 2012-2015 - impacting a total of more than 49 million records of Californians. • In 2012, 2.6 million records were impacted; by 2015, that number rose to 24 million. • Nearly 3 out of 5 California residents were victims of a data breach last year. According to the report, every industry is affected: schools, hospitals, restaurants, retailers, banks, hotels, government agencies and more. Any of them can suffer severe consequences, such as brand damage, class action lawsuits, lost business and regulatory fines. Their users and consumers see their social security numbers, payment card data, medical information, driver's license numbers and other personal data fall into criminal hands; according to Javelin Strategy & Research, 67 percent of 2014 breach victims in the U.S. were also victims of fraud.

1. The Rise of
California
Cybercrime
PROTECTING CUSTOMERS WITH
ADAPTIVE AUTHENTICATION

2. The Statistics
Since 2012, businesses and government agencies have been required to notify the
Attorney General on breaches affecting more than 500 Californians.
+ In the past four years:
– 657 Data breaches
– Affect 49 million records of Californians
– 2012: 131 breaches – 2015: 178 breaches (36% increase)
– 2012: 2.6M records at risk – 2015: 24M records at risk (Over a 900% increase)
• 24M records = nearly 3 in 5 Californians were victim of data breach in 2015 alone
+ All parts of economy are affected!
– Retailers, Banks, healthcare providers, spas, hotels, restaurants, gov’t agencies,
schools, and more!
+ Read for yourself
Cybercrime Storm Clouds
Brewing in California
From 2012 – 2015:
• 36% increase in breaches
• 900% increase in records impacted
• 657 Data breaches & 49 million records of
Californians
Nearly 3 out of 5 California residents were
victims of a data breach last year.

3. What’s Getting Stolen?
67% of U.S. breach
victims in 2014 were
also victims of fraud.
Social
Security
Numbers
Birthdates
Driver
License
Data
Payment Card
Numbers
Insurance
& Income
Data

4. Emerging Trends = Higher Risk
Internet of Things
BYOD
Cloud Apps
Big Data

5. IT teams are struggling to keep
up with new technologies &
sophisticated cybercriminals.

6. Malware & Hacking:
Cybercrime Kings
+ 54% of breaches
+ 90% of all records impacted
+ ALL breaches impacting more than
1 million records

7. Passwords alone can’t keep hackers out.

8. Why don’t passwords work?
• Weak and guessable
• Identical across multiple accounts
• Not changed often enough
• Open the door to portals across the Internet

9. #1 California Recommendation:
• Secure Configurations for Hardware and Software on Mobile Devices, Laptops,
Workstations, and Servers
• Controlled Use of Administrative Privileges
• Maintenance, Monitoring, and Analysis of Audit Logs
• Email and Web Browser Protections
• Boundary Defense
• Data Protection
• Controlled Access Based on the Need to Know
• Application Software Security
SecureAuth solutions meet almost half the 20 controls
Center for Internet Security’s Critical Security Controls

10. #2 California Recommendation:
“Organizations should make multi-factor authentication available on consumer-
facing online accounts that contain sensitive personal information. This stronger
procedure would provide greater protection than just the username-and-password
combination for personal accounts such as online shopping accounts, health care
websites and patient portals, and web-based email accounts.”
- Attorney General Kamala D. Harris
“something you know” + “something you have” + “something you are”
(password or PIN) (cellphone or token) (keystroke pattern)
Multi-factor Authentication

11. SecureAuth IdP stops hackers in their
tracks – even when they have valid
passwords.
SecureAuth delivers secure, flexible, adaptive two-factor
authentication. Organizations can offer a swift and convenient user
experience while monitoring user behavior to identify suspicious
actors in network - protecting their resources and data.

12. SecureAuth IdP: Multi-factor Authentication
• Over 20 two-factor authentication methods
• SMS
• telephony and e-mail OTPs
• push notification
• OATH tokens
• social network IDs
• device fingerprints
• traditional smartcards and tokens
• Works seamlessly with workflow and user experience
• Deploys right into your current infrastructure

13. SecureAuth IdP: Adaptive Authentication
+ Validates user identity behind the scenes
+ Uses device fingerprinting, geo-velocity, geo-location
and geo-fencing or comparing IP addresses
+ Takes security to a higher level without adding friction

14. SecureAuth IdP: Behavioral Biometrics
+ Measure & record user nuances & microbehaviors
+ Compares those patterns to approve or deny
authentication
+ Almost impossible for a hacker to duplicate

15. Protect your California business with
secure access solutions that stop
criminals and safeguard your reputation,
your data and your customers.
Request a SecureAuth IdP demo today.