Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz Asia Pte Ltd
One of the biggest challenges facing IT professionals right now in any organisation is the complexity that resulted from the use of disconnected, problem-specific tools from multiple vendors, almost none of which work together.
Simplify and secure your network availability with eSentinel, a 'Plug & Play' Cloud-based security platform.
Website: https://www.netpluz.asia
Jason Smith shared cyber security trends from 2018 into the beginning of 2019 at the SCTBA Convention, how the threat actor model has changed, and what businesses should do.
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
Everyone should now understand that no bank or financial institution is immune from cyber risk. Many are now ready to move forward with improving their cyber risk posture but do not know what to do next or how to prioritize their resources. Recognizing that cybersecurity is an overall business risk issue that must be properly managed to comply with many laws and regulations governing banks and financial institutions, this presentation will provide a strategy for how to better understand and manage such risks by:
(1) Providing an overview of the legal and regulatory framework;
(2) Examining the most likely real-world risks; and
(3) Providing strategies for how to manage such risks, including cyber insurance and the development and implementation of an appropriate cyber risk management program (which is not as difficult as it sounds).
Shawn E. Tuma, cybersecurity and data privacy attorney at Spencer Fane, LLP, delivered the presentation titled Cybersecurity: Cyber Risk Management for Banks & Financial Institutions (and Attorneys Who Represent Them) at the Southwest Association of Bank Counsel 42nd Annual Convention on September 20, 2018 (formerly, Texas Association of Bank Counsel).
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
https://www.brighttalk.com/webcast/14723/234829?utm_source=Compliance+Engineering&utm_medium=brighttalk&utm_campaign=234829 :
With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.
Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.
Viewers will learn:
- The latest cybercrime trends and targets
- Trends in board involvement in cybersecurity
- How to effectively manage the full range of enterprise risks
- How to protect against ransomware
- Visibility into third party risk
- Data security metrics
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz Asia Pte Ltd
One of the biggest challenges facing IT professionals right now in any organisation is the complexity that resulted from the use of disconnected, problem-specific tools from multiple vendors, almost none of which work together.
Simplify and secure your network availability with eSentinel, a 'Plug & Play' Cloud-based security platform.
Website: https://www.netpluz.asia
Jason Smith shared cyber security trends from 2018 into the beginning of 2019 at the SCTBA Convention, how the threat actor model has changed, and what businesses should do.
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
Everyone should now understand that no bank or financial institution is immune from cyber risk. Many are now ready to move forward with improving their cyber risk posture but do not know what to do next or how to prioritize their resources. Recognizing that cybersecurity is an overall business risk issue that must be properly managed to comply with many laws and regulations governing banks and financial institutions, this presentation will provide a strategy for how to better understand and manage such risks by:
(1) Providing an overview of the legal and regulatory framework;
(2) Examining the most likely real-world risks; and
(3) Providing strategies for how to manage such risks, including cyber insurance and the development and implementation of an appropriate cyber risk management program (which is not as difficult as it sounds).
Shawn E. Tuma, cybersecurity and data privacy attorney at Spencer Fane, LLP, delivered the presentation titled Cybersecurity: Cyber Risk Management for Banks & Financial Institutions (and Attorneys Who Represent Them) at the Southwest Association of Bank Counsel 42nd Annual Convention on September 20, 2018 (formerly, Texas Association of Bank Counsel).
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
https://www.brighttalk.com/webcast/14723/234829?utm_source=Compliance+Engineering&utm_medium=brighttalk&utm_campaign=234829 :
With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.
Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.
Viewers will learn:
- The latest cybercrime trends and targets
- Trends in board involvement in cybersecurity
- How to effectively manage the full range of enterprise risks
- How to protect against ransomware
- Visibility into third party risk
- Data security metrics
M-Trends® 2013: Attack the Security GapFireEye, Inc.
Mandiant’s annual threat report reveals evolving trends, case studies and best practices gained from Mandiant observations to targeted attacks in the last year. The report, compiled from hundreds of Mandiant advanced threat investigations, also includes approaches that organizations can take to improve the way they detect, respond to, and contain complex breaches. For the latest M-Trends report, https://www.fireeye.com/mtrends.
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
Shawn Tuma, a professional "breach guide" (aka, breach quarterback, coach, privacy counsel, etc), is an attorney who has practiced in cyber law since 1999. His day job as Co-Chair of Spencer Fane LLP's Data Privacy and Cybersecurity Practice is leading companies through the cyber incident response and recovery process. In this presentation, he provides a virtual tabletop exercise explaining the lifecycle of responding to a typical ransomware attack through a detailed timeline.
The audio for this presentation, in podcast form, is here: https://www.secureworldexpo.com/resources/podcast-ransomware-attack-lifecycle
Cyber Security For Organization Proposal PowerPoint Presentation SlidesSlideTeam
If your company needs to submit a Cyber Security For Organization Proposal PowerPoint Presentation Slides look no further. Our researchers have analyzed thousands of proposals on this topic for effectiveness and conversion. Just download our template, add your company data and submit to your client for a positive response. https://bit.ly/31xeb6e
Do you know what brings cyber security risks to your organization? Are you ready to deal with cyber threats and the consequences of a cyber attack?
Find out what you should watch out for, no matter the size of your company!
Proatively Engaged: Questions Executives Should Ask Their Security TeamsFireEye, Inc.
Jim Aldridge from FireEye discusses what executives should ask their security teams. This is available on the FireEye Blog www.fireeye.com/blog/executive-perspective/2015/11/proactively_engaged.html
What trends will 2018 bring for Business Continuity Professionals?PECB
Many business continuity practitioners are perceiving a higher level of risk than ever before in their careers. Unfortunately, these risks are more often resulting in real incidents which require emergency response and continuity of operations. Being prepared may be the most important thing an organization can do in 2018. But what should we prepare for, and how should we prepare for it? This discussion will walk through some of the emerging threats concepts, tools, and techniques that business continuity professionals can expect to see more of in 2018.
Main points covered:
- What should we prepare for in 2018?
- How should we prepare?
- The emerging threats, concepts, tools, and techniques expected in 2018
- Emerging threats creating new risks
Presenter:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Organizer: Nevila Muka
Date: January 17, 2018
Link to the recorded webinar:
Do you know the internal signs of a compromise? This deck takes you through the process our Mandiant services teams go through to help discover if an organization has been compromised. You can also view the full webinar here: https://www.brighttalk.com/webcast/10703/187133?utm_source=SS
Strategies to combat new, innovative cyber threats in 2019SrikanthRaju7
We will focus on sharing our predictions for the big new changes we expect to see in cyber attacks and attack patterns in the coming year.
Before we dive into those, we will spend a little bit of time focusing on the five newest tactical attacks we expect to see a whole lot more of in 2019. After that, we will look into the big new shifts in targets and attack strategy that will dominate
Cyberwarfare over the coming year.
After we review the tactical and strategic threats you will need to look out for next year, We will provide a look at the primary defensive strategies you can deploy to combat tomorrow’ emerging threats.
That being said, while we feel confident that these represent some of the biggest new movements in the cybersecurity landscape in 2019, we also recognize that we are not the only experts here. And that there might be some big, effective attack and defense strategies that did not make it into our presentation.So, I welcome you to please share your own views on what you think will be the key threats in the comments here.
With that being said, let’s get started!
Here are my slides on "Board and Cyber Security" that I presented at the Just People Information Security breakfast this morning. Thanks Adam for arranging the session and those who attended.
When money is the at the top of the mind of cybercriminals, where do they turn their heads to? The Banking Sector. With countless operations including Wealth Management, Trading, and Revenue Management, Investor Accounting, it is no light matter when we say that cybersecurity threats keep banks up at night. With data breaches rampantly hitting all types of organizations across the world, the banking sector, for obvious reasons, stays under a constant and increased pressure for safekeeping of their customer's data and more importantly, their money.
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
Organizations today are vastly unprepared for the threat of modern cyber-attacks. At the same time, the attackers are becoming more sophisticated and the amount of resources at their disposal is increasing. It has become a lucrative business to hack, disrupt, and steal intellectual property from organizations of all sizes and in all business sectors.
While the attackers are becoming more sophisticated, organizations have their IT security positioned for threats from the past century, with poor password management techniques, simple ACL based file permissions, and basic firewall and zone-based containment techniques. This makes it easier for attackers to obtain access to critical intellectual property and makes career-ruining disruptions all the more common.
This session focuses on understanding what is currently wrong with IT security practices and how your organization can change processes, techniques, and tools to provide for a significantly higher level of IT security without necessarily having to implement expensive tools or obtrusive processes.
• Understand the pitfalls of current IT Security practices, including myths around password change policies, allowing logins without providing multiple factors, and the proliferation of ‘always-on’ admin rights.
• Examine how simple changes in IT strategy can greatly improve your overall IT posture, including providing for up to a 99% improvement in the likelihood of a data credential theft.
• Determine which easy to deploy tools and features which you may already be licensed for can be used to tighten up IT security within an environment, including solutions such as Microsoft Defender for Identity, Azure Sentinel, Microsoft Cloud App Security, next-generation firewalls, and more.
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.
Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.
Viewers will learn:
- The latest cybercrime trends and targets
- Trends in board involvement in cybersecurity
- How to effectively manage the full range of enterprise risks
- How to protect against ransomware
- Visibility into third party risk
- Data security metrics
The process for identifying existing flaws in the IT ecosystem that threatens the data and network security of an organization is called IT Risk Assessment.
Palestra do evento "Cybersecurity: a nova era em resposta a incidentes e auditoria de dados"
Sam Maccherola - VP and General Manager Public Sector Guidance Software Inc.
Brasília, 04 de agosto de 2010
M-Trends® 2013: Attack the Security GapFireEye, Inc.
Mandiant’s annual threat report reveals evolving trends, case studies and best practices gained from Mandiant observations to targeted attacks in the last year. The report, compiled from hundreds of Mandiant advanced threat investigations, also includes approaches that organizations can take to improve the way they detect, respond to, and contain complex breaches. For the latest M-Trends report, https://www.fireeye.com/mtrends.
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
Shawn Tuma, a professional "breach guide" (aka, breach quarterback, coach, privacy counsel, etc), is an attorney who has practiced in cyber law since 1999. His day job as Co-Chair of Spencer Fane LLP's Data Privacy and Cybersecurity Practice is leading companies through the cyber incident response and recovery process. In this presentation, he provides a virtual tabletop exercise explaining the lifecycle of responding to a typical ransomware attack through a detailed timeline.
The audio for this presentation, in podcast form, is here: https://www.secureworldexpo.com/resources/podcast-ransomware-attack-lifecycle
Cyber Security For Organization Proposal PowerPoint Presentation SlidesSlideTeam
If your company needs to submit a Cyber Security For Organization Proposal PowerPoint Presentation Slides look no further. Our researchers have analyzed thousands of proposals on this topic for effectiveness and conversion. Just download our template, add your company data and submit to your client for a positive response. https://bit.ly/31xeb6e
Do you know what brings cyber security risks to your organization? Are you ready to deal with cyber threats and the consequences of a cyber attack?
Find out what you should watch out for, no matter the size of your company!
Proatively Engaged: Questions Executives Should Ask Their Security TeamsFireEye, Inc.
Jim Aldridge from FireEye discusses what executives should ask their security teams. This is available on the FireEye Blog www.fireeye.com/blog/executive-perspective/2015/11/proactively_engaged.html
What trends will 2018 bring for Business Continuity Professionals?PECB
Many business continuity practitioners are perceiving a higher level of risk than ever before in their careers. Unfortunately, these risks are more often resulting in real incidents which require emergency response and continuity of operations. Being prepared may be the most important thing an organization can do in 2018. But what should we prepare for, and how should we prepare for it? This discussion will walk through some of the emerging threats concepts, tools, and techniques that business continuity professionals can expect to see more of in 2018.
Main points covered:
- What should we prepare for in 2018?
- How should we prepare?
- The emerging threats, concepts, tools, and techniques expected in 2018
- Emerging threats creating new risks
Presenter:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Organizer: Nevila Muka
Date: January 17, 2018
Link to the recorded webinar:
Do you know the internal signs of a compromise? This deck takes you through the process our Mandiant services teams go through to help discover if an organization has been compromised. You can also view the full webinar here: https://www.brighttalk.com/webcast/10703/187133?utm_source=SS
Strategies to combat new, innovative cyber threats in 2019SrikanthRaju7
We will focus on sharing our predictions for the big new changes we expect to see in cyber attacks and attack patterns in the coming year.
Before we dive into those, we will spend a little bit of time focusing on the five newest tactical attacks we expect to see a whole lot more of in 2019. After that, we will look into the big new shifts in targets and attack strategy that will dominate
Cyberwarfare over the coming year.
After we review the tactical and strategic threats you will need to look out for next year, We will provide a look at the primary defensive strategies you can deploy to combat tomorrow’ emerging threats.
That being said, while we feel confident that these represent some of the biggest new movements in the cybersecurity landscape in 2019, we also recognize that we are not the only experts here. And that there might be some big, effective attack and defense strategies that did not make it into our presentation.So, I welcome you to please share your own views on what you think will be the key threats in the comments here.
With that being said, let’s get started!
Here are my slides on "Board and Cyber Security" that I presented at the Just People Information Security breakfast this morning. Thanks Adam for arranging the session and those who attended.
When money is the at the top of the mind of cybercriminals, where do they turn their heads to? The Banking Sector. With countless operations including Wealth Management, Trading, and Revenue Management, Investor Accounting, it is no light matter when we say that cybersecurity threats keep banks up at night. With data breaches rampantly hitting all types of organizations across the world, the banking sector, for obvious reasons, stays under a constant and increased pressure for safekeeping of their customer's data and more importantly, their money.
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
Organizations today are vastly unprepared for the threat of modern cyber-attacks. At the same time, the attackers are becoming more sophisticated and the amount of resources at their disposal is increasing. It has become a lucrative business to hack, disrupt, and steal intellectual property from organizations of all sizes and in all business sectors.
While the attackers are becoming more sophisticated, organizations have their IT security positioned for threats from the past century, with poor password management techniques, simple ACL based file permissions, and basic firewall and zone-based containment techniques. This makes it easier for attackers to obtain access to critical intellectual property and makes career-ruining disruptions all the more common.
This session focuses on understanding what is currently wrong with IT security practices and how your organization can change processes, techniques, and tools to provide for a significantly higher level of IT security without necessarily having to implement expensive tools or obtrusive processes.
• Understand the pitfalls of current IT Security practices, including myths around password change policies, allowing logins without providing multiple factors, and the proliferation of ‘always-on’ admin rights.
• Examine how simple changes in IT strategy can greatly improve your overall IT posture, including providing for up to a 99% improvement in the likelihood of a data credential theft.
• Determine which easy to deploy tools and features which you may already be licensed for can be used to tighten up IT security within an environment, including solutions such as Microsoft Defender for Identity, Azure Sentinel, Microsoft Cloud App Security, next-generation firewalls, and more.
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.
Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.
Viewers will learn:
- The latest cybercrime trends and targets
- Trends in board involvement in cybersecurity
- How to effectively manage the full range of enterprise risks
- How to protect against ransomware
- Visibility into third party risk
- Data security metrics
The process for identifying existing flaws in the IT ecosystem that threatens the data and network security of an organization is called IT Risk Assessment.
Palestra do evento "Cybersecurity: a nova era em resposta a incidentes e auditoria de dados"
Sam Maccherola - VP and General Manager Public Sector Guidance Software Inc.
Brasília, 04 de agosto de 2010
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone UnderwearBob Wall
Presentation at the 2016 Big Sky Developers' Conference.
Overview of the dismal state of security on the Web, some suggestions for better app development processes to mitigate problems.
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveyQualys
As quickly as we learn to detect new threats, the threats change — like a game of Whack-a-Mole happening at an ever-increasing pace.
A new survey by the SANS Institute focuses on providing valuable intelligence into the types of threats most severely impacting organizations like yours, and how those threats are evolving.
In this webcast, Lee Neely, who teaches cyber security courses for SANS, Mark Butler, Chief Information Security Officer at Qualys, and other survey sponsors discuss what threat actors are currently up to and how they’re getting around existing defenses, so that you can anticipate attacks and get ahead of the attackers.
Key trends discussed include:
• Primary vectors attackers enter through
• Methods attackers use most effectively as part of their layered attacks
• Impacts of breaches and how to remediate
• Best places to apply defenses
• Lessons learned by those who have been breached
Watch the on-demand webcast: https://www.sans.org/webcasts/105430
Download the complete report: https://goo.gl/rP4KEs
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...Microsoft
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Technology Trends and the Economy of Cybercrime, By Chief Security Advisor Reto Haeni, Microsoft Western Europe
Tasked with creating a presentation from a Microsoft word document. Involved choosing images, writing copy (brand compliant) and creating the presentation for use at an industry wide teleconference for high level executives.
Global costs due to ransomware are projected to grow exponentially in the future. Read on to learn the damaging effects of ransomware attacks on your business and how to avoid them.
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...Symantec
Many law firms would suffer greatly from being breached due
to the extreme sensitive data they are handling on a daily basis.
Any cyber attack in this sector can be catastrophic so do lawyers
feel ready to stand against the rising tide of cybercrime?
With this in mind, Symantec, in conjunction with the law
publication Managing Partner, conducted a study into how law firms see cyber security.
Topics covered during the briefing include:
Key Privacy, Cybersecurity, IT Audit, and Compliance Challenges for Healthcare
Updates on New Privacy and Compliance Laws and What They Change/Impact
Trending Cybersecurity Threats in the Healthcare Industry Trending Best Practices
Real-World Examples of Recent Incidents and Key Takeaways from Each
Outlook to the Top Issues for 2022
2016 Scalar Security Study Executive Summarypatmisasi
Executive Summary of the 2016 Scalar Security Study. The study examines the cyber security readiness of Canadian organizations and the trends in dealing with growing cyber threats.
We surveyed 650+ IT and IT security practitioners in Canada , and found that organizations are experiencing an average of 40 cyber attacks per year and only 37% of organizations believe they are winning the cyber security war. We looked at average spend, cost of attacks, and technologies that are yielding the highest ROI. We also provide recommendations on how you can benchmark your own security posture and what you can do to improve.
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
Executive Summary of the 2016 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2016. The full report can be downloaded at: scalar.ca/security-study-2016/
El Informe Anual de Seguridad de Cisco 2016 publicado hoy y que examina la información sobre amenazas y tendencias de seguridad cibernética, revela que sólo el 45 por ciento de las organizaciones de todo el mundo confían en su postura de seguridad mientras los atacantes lanzan campañas más sofisticadas, audaces y resistentes.
No matter how good your multiple cybersecurity tools are, an attacker will eventually find a way into your network through vulnerabilities.
Once cybercriminals acquire unauthorised access, you can only depend on the speed and performance of your IT team, to identify the threats, to manage multiple platforms to mitigate the attack. However, the time to respond and mitigate could last for hours or even days.
Using a secured, cloud-delivered SD-WAN to transform your business networkNetpluz Asia Pte Ltd
For more information on Managed Software Defined Wide Area Network (SD-WAN) service, please visit https://www.netpluz.asia/services/data/sd-wan/
Website: www.netpluz.asia
Y5Zone Singapore, Managed by Netpluz, presence in various major countries allow us continuously
expanding our coverage to the hottest and popular places in the city.
As the largest Wi-Fi solution provider in Asia, we will continue to “Unwire the City”.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
2. 5,000 Respondents Across 26 Countries
2
Country # Respondents Country # Respondents Country # Respondents
Australia 200 India 300 Singapore 200
Belgium 100 Italy 200 South Africa 200
Brazil 200 Japan 200 Spain 200
Canada 200 Malaysia 100 Sweden 100
China 200 Mexico 200 Turkey 100
Colombia 200 Netherlands 200 UAE 100
Czech Republic 100 Nigeria 100 UK 300
France 300 Philippines 100 U.S. 500
Germany 300 Poland 100
4. Respondents from Multiple Sectors
4
Sector # respondents % respondents
IT, technology and telecoms 979 20%
Retail, distribution and transport 666 13%
Manufacturing and production 648 13%
Financial services 547 11%
Public sector 498 10%
Business and professional services 480 10%
Construction and property 272 5%
Energy, oil/gas and utilities 204 4%
Media, leisure and entertainment 164 3%
Other 542 11%
6. 6
1 in 2 Organizations Hit By Ransomware Last Year
2017
In the last year, has your organization been hit by ransomware? Base 5,000 (2020), 1,700 (2017).
54%
2020
51%
8. Attack Levels Vary Across the Globe
82%
65%
63%
60% 60% 59% 58% 57%
55%
53% 53% 52% 52%
49% 48% 48%
45% 44% 44%
42% 41% 40% 39%
30%
28%
24%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
% organizations hit by ransomware in the last year
Global Average
51%
In the last year, has your organization been hit by ransomware? Base 5,000
9. 60%
56% 55% 54%
50% 49% 49% 48%
46% 45%
0%
10%
20%
30%
40%
50%
60%
70%
Media, leisure,
entertainment
IT, technology,
telecoms
Energy, oil/gas,
utilities
Other Business and
professional
services
Construction and
property
Retail, distribution
and transport
Financial services Manufacturing and
production
Public sector
Public Sector Suffers Fewest Ransomware Attacks
Global
Average51%
In the last year, has your organization been hit by ransomware? Base 5,000
% respondents hit by ransomware in the last year
11. Criminals Succeed in Encrypting Data in 3 Out of 4 Attacks
11
Did the cybercriminals succeed in encrypting
your organization’s data in the most significant
ransomware attack?
Yes No
24% Attack stopped before the data could be encrypted
73% Cybercriminals succeeded in encrypting data
3% Data not encrypted but victim still held to ransom
12. Attacks Most Likely to Succeed in Japan
Global
Average
Percentage of respondents that answered ‘No, the attack was stopped before the data could be encrypted’ to: Did the
cybercriminals succeed in encrypting your organization’s data in the most significant ransomware attack? Base 2,538.
24%
5%
8% 8%
11%
17% 17% 17% 17%
19% 20%
22% 22% 22% 23% 24% 25% 26%
30% 31%
33%
35% 36%
38%
44%
51%
0%
10%
20%
30%
40%
50%
60%
Percentage of organizations that stopped the attack before
the data was encrypted
13. Data In the Public Cloud Is a Mainstream Target
13
On premises/ private
cloud data
41%
Data in the
public cloud
35%
Data in the public cloud and
on premises/ private cloud
24%
Includes data in
the public cloud59%
Did the cybercriminals succeed in encrypting your organization’s data in the most significant ransomware attack? Data only represents
respondents whose organization’s data had been encrypted in the most recent ransomware attack . Base 1,849
14. One in Four Victims Paid the Ransom to Get Their Data Back
Did your organization get the data back in the most significant ransomware attack? Question only seen by respondents whose
organization had a ransomware attack where data was encrypted. Base 1,849
26%
Pay the ransom
15. India and Sweden Most Likely to Pay the Ransom
15
Global Average
26%
Percentage of respondents that answered “Yes, we paid the ransom” to: Did your organization get the data back in the most significant
ransomware attack? Question only seen by respondents whose organization had a ransomware attack where data was encrypted. Base 1,849.
Percentage of organizations that paid the ransom to get their data back
0%
10%
20%
30%
40%
50%
60%
70%
16. Almost Everyone Gets Their Data Back
Did your organization get the data back in the most significant ransomware attack? Base 1,849
73%
Of attacks result in
data being
encrypted
94%
Of victims get their
data back
56%
Used backups to
get the data back
17. Ransomware Remediation Cost Varies By Size
17
What was the approximate cost to your organization to rectify the impacts of the most recent ransomware attack
(considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.)? Question only
seen by respondents whose organization had been hit by ransomware in the last year. Base 2,538
1,001-5,000
employees
US$505,827 US$981,140
100-1,000
employees
Global
average
US$761,106
18. Ransomware Costs Vary By Country
18
$ 0.00
$ 500,000.00
$ 1,000,000.00
$ 1,500,000.00
$ 2,000,000.00
$ 2,500,000.00
$ 3,000,000.00
Global Average
US$ 761,106
What was the approximate cost to your organization to rectify the impacts of the most recent ransomware attack
(considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.)? Question only
seen by respondents whose organization had been hit by ransomware in the last year. Base 2,538
19. Paying the Ransom Doubles the Cost
19
Did your organization get the data back in the most significant ransomware attack? Base 1,849. Paid the ransom combines responses
"Yes, we paid the ransom" and "No, even though we paid the ransom". Didn’t pay the ransom combines responses "Yes, we used
backups to restore the data", "Yes, we used other means to get our data back" and "No, we didn’t pay the ransom".
US$732,520
Didn’t pay
the ransom
Paid the
ransom
US$1,448,458
21. 1 in 5 Have Patchy Cybersecurity Insurance
21
have cybersecurity insurance
Does your organization have cybersecurity insurance that covers it if it is hit by ransomware? Base 5,000
84%
have cybersecurity insurance
that covers ransomware
64%
20%
Paying for cybersecurity insurance that
DOESN’T cover ransomware
22. Cybersecurity Insurance By Country
22
Has cybersecurity insurance
Has cybersecurity insurance that
covers ransomware
Does your organization have cybersecurity insurance that covers it if it is hit by ransomware? Base 5,000
94% 94% 93%
91% 90% 89% 89% 88% 88%
85% 85% 84% 83%
81% 81% 81% 81% 81% 80%
77% 77% 76%
74% 74%
71% 70%
80%
82%
57%
70%
75% 75%
57%
70%
68%
55%
68%
62%
70%
65%
61%
49%
61%
69%
48%
57%
50%
64%
58%
56%
44% 45%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
23. Public Sector Is Most Exposed to Ransomware Costs
23
72%
70%
68%
66%
63% 62% 62% 62% 61%
51%
0%
10%
20%
30%
40%
50%
60%
70%
80%
Financial
services
IT, technology,
telecoms
Business and
professional
services
Media, leisure,
entertainment
Manufacturing
and production
Energy, oil/gas,
utilities
Construction
and property
Retail,
distribution
and transport
Other Public sector
Global Average
64%
Does your organization have cybersecurity insurance that covers it if it is hit by ransomware? Base 5,000
Percentage of organizations with insurance against ransomware
24. Is Cybersecurity Insurance Fueling Ransom Payments?
24
The percentage of respondents that selected ‘Yes we paid the ransom’ and said the cybersecurity insurance paid the ransom.
26% 94%
Ransomware attacks
resulted in data being
encrypted
73%
Organizations whose
data was encrypted
paid the ransom
Organizations that paid
said the cybersecurity
insurance paid the ransom
26. 26
Attacks Use Multiple Tactics to Breach Your Defenses
How the ransomware got into the organization # %
Via a file download/email with malicious link 741 29%
Via remote attack on server 543 21%
Via email with malicious attachment 401 16%
Misconfigured public cloud instances 233 9%
Via our Remote Desktop Protocol (RDP) 221 9%
Via a supplier 218 9%
Via a USB/removable media device 172 7%
Other 0 0%
Don’t know 9 0%
Total 2,538 100%
How did the ransomware attack get into your organization? Question asked to respondents whose organization had been hit
by ransomware in the last year. Base 2,538
28. To Sum Up…
28
Ransomware remains a real risk Assume you WILL be hit
One in four victims stop the attack Invest in anti-ransomware technology
Data in the public cloud is at risk Protect data wherever it’s held
Backups work Keep them offsite and offline
Beware of patchy cyber insurance Get covered for ransomware
Attackers try and try again Deploy a multi-layered defense
29. 29
File download/email
with malicious link
Remote attack
on server
Email with malicious
attachment
Misconfigured public
cloud instances
Remote Desktop
Protocol
Supplier USB/ Removable
media
21% 9% 7%29% 16% 9% 9%
30. We notifyyouaboutthedetectionand providedetail
tohelpyouinprioritizationandresponse
Notify
We workwithyourinternalteamorexternal
point(s)ofcontacttorespondtothedetection
Collaborate
We handlecontainmentandneutralization
actionsandwillinformyou oftheaction(s)taken
Entrust
Response Methods
Automaticresponseto“strongsignals”
Automated
Aggregationandinvestigationof“weaksignals”
Lead-Driven
MethodologyHunting
Lead-Less
Threat Hunting
Expert-Led Threat Response Sophos Managed Threat Response (MTR) provides 24/7 threat hunting, detection,
and response capabilities delivered by an expert team as a fully-managed service.
Sophos MTR
34. Insurance Coverage Varies
35
Cost
#
respondents
%
respondents
Paid clean-up costs only 535 31%
Paid the ransom only 326 19%
Paid the ransom and clean-up costs 287 17%
Paid clean-up and other costs 209 12%
Paid other costs only 138 8%
Paid the ransom, clean-up and other costs 127 7%
Paid the ransom and other costs 23 1%
No only 84 5%
Don't know only 5 0%
Total 1734 100%
Did the cybersecurity insurance pay out to address the costs associated with the most significant ransomware attack that your
organization suffered? Base 1,734
35. Secure The Public Cloud with Sophos
Cloud Storage & Databases
Cloud Virtual Machines
Containers & Serverless
Network FirewallingVulnerability Analysis Identity Security Workload Protection
Editor's Notes
Stories of organizations crippled by ransomware regularly dominate the IT news headlines, and accounts of 6- and 7-figure ransom demands are commonplace. But do the news stories tell the full story?
To understand the reality behind the headlines, Sophos commissioned an independent survey of 5,000 IT managers across 26 countries. The findings provide brand new insight into what actually happens once ransomware hits. It reveals the percentage of attacks that successfully encrypt data; how many victims pay the ransom; how paying the ransom impacts the overall clean-up costs; and the role of cybersecurity insurance. Be prepared to be surprised.
Sophos commissioned independent research house Vanson Bourne to survey 5,000 IT managers on their experiences of ransomware. Sophos had no role in the selection of respondents and all responses were provided anonymously. The survey was conducted during January and February 2020.
Respondents came from 26 countries across six continents
Within each country, 50% of respondents were from organizations of between 100 and 1,000 employees, while 50% were from organizations of between 1,001 and 5,000 employees.
Respondents came from a range of sectors, both public and private.
Let’s start by looking at the level of ransomware attacks in the last year.
In the last year, has your organization been hit by ransomware? Base 5,000 (2020), 1,700 (2017).
51% of respondents said they had been hit by ransomware in the last year i.e. one in two of the 5,000 organizations surveyed. The big takeaway is that everyone should be prepared to be hit.
Organizations did report a slight drop in attacks compared with previous years. A previous Sophos-commissioned survey in 2017 (sample size 1,700 organizations) revealed that 54% of respondents had been hit by ransomware in the last year.
This drop, while welcome, is likely due to a change in tactics from the ransomware actors rather than a reduced focus on this type of attack. In 2017 mass-market ‘spray and pray’ desktop ransomware was very common. These attacks were spread widely and indiscriminately, resulting in a high number of organizations being hit.
Now, in 2020, the trend is for server-based attacks. These are highly targeted, sophisticated attacks that take more effort to deploy – hence the reduction in the number of attacks. However, they are typically far more deadly due to the higher value of assets encrypted and can cripple organizations with multi-million dollar ransom requests.
For subsequent survey questions, if the organization reported multiple ransomware attacks in the last year we asked them to respond for the most significant attack in the last year only.
.
In the last year, has your organization been hit by ransomware? Base 5,000
There was a small difference in ransomware attack rates based on organization size. While just under half of the smaller organizations (100-1000 employees) were hit (47%), just over half (54%) of larger organizations (1001-5000 employees) were hit.
In the last year, has your organization been hit by ransomware? Base 5,000
Looking at the level of ransomware attacks across the globe reveals interesting variations. This is likely due to criminals focusing their efforts where they see greatest opportunity for return, and also differing countries having differing levels of ransomware defenses.
India (300 respondents) tops the list with 82% of organizations reporting being hit by ransomware in the last year. This is not a huge surprise. Cyber hygiene is generally poor in India, and pirated technology abounds, creating weaknesses in cyber defenses and making organizations more vulnerable to attack.
The Philippines, Poland, and South Africa report the lowest levels of cyber attacks. As we discussed earlier, cybercriminals have moved from ‘spray and pray’ desktop ransomware attacks to more targeted server-based attacks that affect fewer organizations but with higher ransom demands. They geo-target their attacks to go after the most lucrative opportunities. The three countries at the bottom of the attack scale also have lower GDP than many of the other countries higher up the list which may be why they receive less focus from the cybercriminals.
The move from ‘spray and pray’ to targeted attacks focused on the most lucrative targets likely contributed to the noticeable reduction in ransomware in South Africa. In our previous survey (2017) 54% of respondents reported being hit by ransomware in the last year, but this is now down to 24%, a drop of over 50%.
Canada (200 respondents) reports surprisingly few ransomware attacks. As an advanced, Western country it would be considered a lucrative target, yet only 39% of respondents report being hit by ransomware. This is a full 20 percentage points lower than neighboring USA where 59% reported ransomware. It may be that it benefits from being in the attack shadow of the USA. At the same time, the Canadian respondents were very alert to the issue and expect it to come their way; 68% of the organizations NOT hit by ransomware anticipate being in the future.
In the last year, has your organization been hit by ransomware? Base 5,000
Yes, you read that correctly! The public sector reported fewer attacks than all other sectors. The media, leisure, and entertainment industries actually report the highest levels of attack (60%), closely followed by IT, technology and telecoms (56%).
At first glance this is surprising: the news is full of stories of hospitals and government organizations that have been held to ransom. However, the survey reveals that those headlines are creating a skewed picture of reality.
In many countries, public sector organizations are obliged to report ransomware attacks however the private sector often has no such requirements so can choose to keep the attack quiet, perhaps to avoid creating concern amongst customers, reputation damage, or being perceived as an easy target by other attackers.
These findings are backed up by Sophos’ own research into SamSam ransomware. Working with cryptocurrency monitoring organization Neutrino, Sophos followed the money and identified many ransom payments and victims that were previously unknown. Based on the much larger number of victims now known it seems that the private sector had actually borne the brunt of SamSam.
Let’s now look at the impact that ransomware had on those victims
Did the cybercriminals succeed in encrypting your organization’s data in the most significant ransomware attack? Base 2,538.
Traditionally, there are three main elements to a successful ransomware attack:
- encrypt the data
- get payment
- decrypt the data (essential otherwise people would very quickly realize it’s not worth paying up)
In three quarters of ransomware attacks (73%), the cybercriminals succeeded in encrypting the victims’ data – a pretty high hit rate.
It is however encouraging is that in just under a quarter of cases (24%) the attack was stopped before the data could be encrypted. . It seems that anti-ransomware is having an effect upon the success rates of these ransomware attacks.
One interesting finding from the survey is that 3% of organizations said their data was not encrypted but they were still held to ransom. This type of attack was particularly dominant in Nigeria, as well as Colombia, South Africa, China, Poland. Belgium and the Philippines.
You could argue that this is extortion rather than ransomware. Semantics aside, the most important take-away is this is an attack vector to be vigilant of as crooks look for ways to make money without the effort of encrypting and decrypting files.
https://nakedsecurity.sophos.com/2019/10/28/johannesburg-hit-by-second-malware-attack/
Percentage of respondents that answered ‘No’ to: Did the cybercriminals succeed in encrypting your organization’s data in the most significant ransomware attack? Question only seen by respondents whose organization had been hit by ransomware in the last year. Base 2,538.
Looking at a country level, Japan has least success at stopping attacks with 93% of attacks resulting in the encryption of data:
5% stopped the attack
1% said their data was not encrypted
1% don’t know
Conversely, in Turkey half of attacks (51%) were stopped before the data could be encrypted. Reasons for this global variation could include differing levels of awareness of both the prevalence of ransomware and the likelihood of being hit, which in turn could result in differing levels of anti-ransomware specific defenses.
Did the cybercriminals succeed in encrypting your organization’s data in the most significant ransomware attack? Data only represents respondents whose organization’s data had been encrypted in the most recent ransomware attack . Base 1,849
We asked the 73% of respondents that said their data had been encrypted in the most recent ransomware attack, what data was encrypted. 41% said just on premises data and/or data in the private cloud, while 35% said just data in the public cloud. 24% said a combination of the two. Adding this up, nearly 6 in 10 successful attacks (59%) include data in the public cloud.
A word of caution here: it is likely that the respondents took a broad interpretation of public cloud, including cloud-based services such as Google Drive and Drop Box and cloud backup such as Veem, rather than focusing solely on AWS, Azure, and Alibaba Cloud-type services. Nonetheless, there is a clear learning: no data is safe and you should ensure data stored in the cloud is as well protected and backed-up as data stored on premises.
Did your organization get the data back in the most significant ransomware attack? Question only seen by respondents whose organization had a ransomware attack where data was encrypted. Base 1,849
26% of those organizations whose data was encrypted got it back by paying the ransom. That’s one in four organizations. A further 1% paid the ransom but didn’t get their data back – so overall, 95% of organizations that paid the ransom had their data restored.
Percentage of respondents that answered “Yes, we paid the ransom” to: Did your organization get the data back in the most significant ransomware attack? Question only seen by respondents whose organization had a ransomware attack where data was encrypted. Base 1,849.
When it comes to paying the ransom, we see some noticeable regional variations. In India 2 in 3 (66%) paid the ransom to get the data back, while 29% used backups. Conversely in Spain just 4% paid the ransom while 72% restored the data from backups.
Note, we have removed the Philippines, South Africa, Poland and Turkey from this chart as they all had bases of 30 or fewer for this question.
As Turkey is 30 respondents exactly, it is robust enough to be included in this chart
Note, we have removed the Philippines, South Africa, Poland and Turkey from this chart as they all had bases of 30 organizations or fewer for this question.
Q1: In the last year, has your organization been hit by ransomware? Base 5,000
Q2: Did the cybercriminals succeed in encrypting your organization’s data in the most significant ransomware attack? Base 2,538
Q3: Did your organization get the data back in the most significant ransomware attack? Base 1,849
As we’ve seen, data was encrypted in 73% of ransomware attacks. The good news is that 94% of those organizations whose data was encrypted managed to get their data back.
We already know that 26% paid the ransom to get the data back. However more than double that – 56% - restored their data via backups. The remaining 12% said that they got their data back through other means.
The clear take away here is that backups work. We strongly recommend that you should prioritize regular backups that are stored offsite and offline (where possible).
What was the approximate cost to your organization to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.)? Base 2,538
The average cost to the organization to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.) is US$761,106. For smaller organizations of 100-1,001 employees the average cost was $505,827 and for 1,001 to 5,000 employee organizations the average cost was $981,140.
What was the approximate cost to your organization to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.)? Question only seen by respondents whose organization had been hit by ransomware in the last year. Base 2,538
When we look at the average cost to remediate a ransomware attack, the most startling finding is that Sweden and Japan report considerably higher costs than all other countries. At the other end of the scale, South Africa, Czech Republic and Poland have the lowest remediation costs.
One possible reason for this variation in cost is the labor costs in the different countries. Sweden and Japan are typically higher salary countries, so the human hours required to remediate the ransomware attack will add up. Conversely, South Africa, Czech Republic and Poland are typically lower labor cost areas.
We have already seen that Sweden has the second highest rate of ransom payment of all countries surveyed, second only to India. However, unlike India, it also has high labor costs which combine to deliver a financial double whammy when it comes to cleaning up after ransomware.
It’s important to note that both Poland and the Philippines have very low bases (Poland (28) and Philippines (30) ) so we should exercise a degree of caution with the data for these countries.
Did your organization get the data back in the most significant ransomware attack? Base 1,849.
Paid the ransom combines responses "Yes, we paid the ransom" and "No, even though we paid the ransom".
Didn’t pay the ransom combines responses "Yes, we used backups to restore the data", "Yes, we used other means to get our data back" and "No, we didn’t pay the ransom".
One of the most interesting findings from the survey is that paying the ransom almost doubles the overall remediation cost versus not paying or getting the data back by backups or other means. Not only does not paying the ransom generally make you feel better because you haven’t given money to criminals, the good news is that it also saves you money in the long run.
As we saw earlier, 26% pay the ransom. For them, the average remediation cost (so those who paid the ransom and got the data back and those who paid the ransom but didn’t get their data back) was $1,448,458.
The average remediation cost for those who didn’t pay the ransom (so those who used backups or other means to restore the data, or who didn’t pay and didn’t get the data back) was $732,520.
This may sound counter-intuitive: if you’ve paid the ransom, why does it cost more? Well even if you pay the ransom you still need to do a lot of work to restore the data. In fact, the costs to recover the data and get things back to normal are likely to be the same whether you get the data back from the criminals or from your backups. But if you pay the ransom, you’ve got another big cost on top.
Does your organization have cybersecurity insurance that covers it if it is hit by ransomware? Base 5,000
Cybersecurity insurance is now the norm, with 84% of organizations reporting that they have it.*
However only 64% have cybersecurity insurance that covers ransomware. This means up to one in five organizations (20%) are paying for cybersecurity insurance that doesn’t cover ransomware.
Given that, as we’ve seen, 51% of organizations experienced ransomware in the last year, and with average remediation costs of US$761,106, organizations should question the value of insurance that excludes ransomware.
* This is the sum of those who responded to the question “Does your organization have cybersecurity insurance that covers it if it is hit by ransomware” with:
"Yes, our cybersecurity insurance covers ransomware"
"No, our cybersecurity insurance does not cover ransomware"
"I don't know if our cybersecurity insurance covers a ransomware attack".
As we’ve seen, 84% of organizations have cybersecurity insurance, however only 64% have cybersecurity insurance that covers it against ransomware.
This table looks at those data points by country. The orange shows the % of organizations with cybersecurity insurance and the green shows the percentage with insurance that covers them for ransomware. What we need to look at here are both the absolute numbers for each column, and also the gap between the two bars for each country.
India tops the list of organizations with cybersecurity insurance, and also has the second highest level (80%) of organizations with insurance that covers ransomware. Given that India also reported the highest propensity to be hit by ransomware, this is a logical correlation.
Conversely, Turkey reported the 3rd rate of ransomware attacks. However, while it has the third highest rate of cybersecurity insurance (93% are covered), it also has one of the biggest gaps between bars with only 57% of organizations covered for ransomware.
Despite China having a below-average rate of ransomware attacks (45% hit in the last year), it has the joint-highest level of cybersecurity insurance (94%) as well the highest level of cybersecurity insurance that covers ransomware (82%). Indeed it has the smallest gap between columns of all 26 countries surveyed.
One interesting outlier here is Germany. It is surprising to see a developed economy that has such a low level of insurance (77%) and also one of the lowest levels of cybersecurity insurance that covers ransomware (50%). Germany reported above-average levels of ransomware (57% of organizations were hit in the last year) which makes the insurance data all the more surprising.
Does your organization have cybersecurity insurance that covers it if it is hit by ransomware? Base 5,000
Although the public sector dominates the ransomware headlines, they are also the most exposed to the full brunt of a ransomware attack.
On average, 64% of organizations have insurance that covers ransomware. Financial services has the highest rate of coverage (72%), which reflects the fact that the nature of their industry means they are perceived as a lucrative target. IT, telecoms and technology are not far behind on 70%.
Public sector organizations, however, lag considerably behind their private sector counterparts. Just 51% are covered by insurance for ransomware costs, a full 10 percentage points behind the next sector.
This low rate of protection could be due to costs. Tight public sector funding is commonplace across the globe and it may be that budgets don’t stretch to insurance.
The percentage of respondents that selected ‘Yes we paid the ransom’ (Q3) and said the cybersecurity insurance paid the ransom? (Q6)
Let’s now look at the role of cybersecurity in paying the ransom.
As we’ve seen, 73% of ransomware attacks result in the data being encrypted. Of those organizations whose data was encrypted, 26% said they paid the ransom to get the data back.
However, when we dive deeper, we discover that in almost all of the incidents when the ransom is paid – 94% - it’s the cybersecurity insurance that’s paying the ransom.
This leads to the question: is the cybersecurity insurance actually fuelling the ransomware industry? Virtually all ransom payments are made by the insurance company rather than the victim organization. As we’ve seen, paying the ransom doubles the overall clean-up costs.
How did the ransomware attack get into your organization? Base 2,538
We asked the organizations that said they had been hit by ransomware in the last year, how the attack got into their organization. File download/email with malicious attachments topped the list, accounting for 29% of attacks. Second was remote attacks on servers, accounting for 21% of attacks.
However what really stands out when we look at this data is that there is no single main attack vector. Rather attackers are using a range of techniques and whichever defense has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot.
This data demonstrates the need for an effective layered defense, that covers your endpoints, servers, public cloud instances, email, network gateway and supply chain. Just focusing on a single technology is a recipe for infection.
So let’s sum up now our findings – and what you should do about them.
1. Start with the assumption that you will be hit. Ransomware it doesn’t discriminate: every organization is a target regardless of size, sector, or geography. Plan your cybersecurity strategy based on the assumption that you will get hit.
2. Invest in anti-ransomware technology to stop unauthorized encryption. 24% of survey respondents that were hit by ransomware were able to stop the attack before the data could be encrypted.
3. Protect data wherever it’s held. Almost six in ten ransomware attacks that successfully encrypted data include data in the public cloud. Your strategy should include protecting data in the public cloud, private cloud, and on premises.
4. Make regular backups and store offsite and offline. 56% of organizations whose data was encrypted restored their data using backups last year. Using backups to restore your data considerably lowers the costs of dealing with the attack compared with paying the ransom. There really is no excuse not to have them.
5. Ensure your cyber insurance covers ransomware. Make sure that you’re fully covered if the worst does happen.
6. Deploy a layered defense. Ransomware actors use a wide range of techniques to get around your defenses; when one is blocked they move on to the next one until they find the chink in your armor. You need to defend against all vectors of attack.
We’ve already seen the many different ways that ransomware gets into organizations. The good news is that Sophos can help you protect against ransomware – however it gets in - with Intercept X. It’s packed with technologies to stop ransomware from holding them hostage.
21% of ransomware got in via a remote attack on a server. Intercept X for Server gives you the dedicated server-specific protection that you need.
We also see that nearly one in 10 attacks get in via RDP. Our EDR release in June 2020 enables customers to look for RDP exposure, so they can take action before it’s too late.
In addition, Intercept X includes a host of technologies that stop ransomware whatever the vector of attack
CryptoGuard rolls back the unauthorized encryption of files
The deep learning malware detection engine detects both known and unknown ransomware malware
While the anti-exploit capabilities block the delivery and installation techniques.
In addition, the Credential Theft feature stops privilege escalation, preventing hackers from moving round your system.
It’s a full layered defense in one product.
Learn more and start a no-obligation free trial at www.Sophos.com/interceptx
Did the cybersecurity insurance pay out to address the costs associated with the most significant ransomware attack that your organization suffered? Base 1,734
We’ve mentioned the public cloud a few times in this session and so I want to highlight briefly how Sophos can help with securing the public cloud.
Firstly, to secure your organization you need to know what you’ve got in the cloud. Sophos Cloud Optix provides a complete inventory of what you have running in the cloud (Virtual machines, storage etc). And then analyses it it for vulnerabilities so you can fix any security holes.
It also identifies over-privileged user IAM roles and access that can be compromised by attackers, as well as connecting disparate actions to identify unusual cloud account access patterns and login locations in near-real time to identify credential theft.
To secure cloud workloads we have Intercept X for Server. It protects virtual machines, the virtual desktops running on them for remote workers, as well as Auto Scaling groups - all from the latest threats including ransomware, fileless attacks, and server-specific malware.
It works exactly the same as it does on-premises, but also includes server-specific functionality including Server Lockdown, also known as whitelisting so when you have your virtual machine setup as you want you can lock it down with a single click.
And to protect the network edge from threats, we have XG Firewall. XG Firewall secures inbound and outbound traffic to your virtual desktop environments. And provide secure remote access for administrators and developers to private applications running on virtual machines in the cloud
And, as you’d expect from us - managed from a single console across – enabling you to protect, analyze and report on AWS, Azure and Google Cloud security posture from one place.