Data Breach Prevention and Response: Front-End Detection an PowerPoint Presentation, PPT - DocSlides

Data Breach Prevention and Response: Front-End Detection an PowerPoint Presentation, PPT - DocSlides

2016-09-12 69K 69 0 0

Description

Today’s Moderator. Bruce MacDougall . Senior Vice President . WGA. “If we do not act, we leave our nation vulnerable to protect the technologies that have unleashed untold opportunities for people around the globe.”. ID: 465159

Direct Link: Embed code:

Download this presentation

DownloadNote - The PPT/PDF document "Data Breach Prevention and Response: Fro..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentations text content in Data Breach Prevention and Response: Front-End Detection an

Slide1

Data Breach Prevention and Response: Front-End Detection and Back-End Protection

Slide2

Today’s Moderator

Bruce MacDougall

Senior Vice President WGA

Slide3

“If we do not act, we leave our nation vulnerable to protect the technologies that have unleashed untold opportunities for people around the globe.”

Slide4

783 Data Breaches

hit U.S. Business in 2014,

a

27.5% increase over 2013.

Slide5

Known Attacks

2014-2015

Affecting 80

million

people

costs $8 to $16 billion

$1b bank hack

Slide6

Latest Hack

Earlier this month, Premera Blue Cross Security breach that exposed medical and financial information 11 million customers Most devastating cyber-attack in the health care industry to date

Slide7

Response takes center stagePreventionProtection

Cyber Threats: What to expect in 2015

Slide8

Today’s Featured Speakers

Paul Morville

John Doernberg

FounderVP Product Confer Technologies, Inc.

Vice

President Cyber Practice LeaderWGA

Slide9

Front End Prevention

Slide10

Reporter: “Willie, why do you rob banks?”Willie:“Because that’s where the money is.”

Slide11

Bank Robbers in 2015

Evgeniy

Bogachev$3M reward for his arrest Has stolen an estimated $100MRecently went into hidingUses Zeus malware to steal banking information

Slide12

Where is the money in 2015?

Slide13

Other motivations beyond money

Slide14

All Kinds of Businesses Targeted

45% of breaches in the private sector are of companies with less than 1,000 employees

Source:

2014 Verizon Breach Investigations Report

Slide15

How do they operate? Attack endpoint?

Slide16

Confer – What We Do

16

CROWDSOURCED BLACKLIST

Combined power of

50 antivirus engines

BEHAVIORAL ANALYTICS

Detect combinations of attacker techniques that all attacks share

APPLIED INTELLIGENCE

Apply

crowdsourced

threat

intelligence on endpoint

LIGHTWEIGHT SENSOR

MOBILE

PCS

SERVERS

WINDOWS, MAC, ANDROID

(IOS and LINUX Coming Soon)

The

Confer

Cloud

THREAT PREVENTION

Stop advanced and

zero day attacks

INCIDENT RESPONSE

Who, what, when, where,

a

nd how?

APPLIED INTEL

Automated threat sharing and

i

ntelligence-based protection

Slide17

Multi-Engine Approach Dramatically Improves Detection

Signatures

Static Behavioral

Dynamic Behavioral

Signatures

5%

Static Behavioral

20%

Confer has > 99% Detection Rates

Plus, incident

r

esponse and applied

i

ntelligence

p

rovide context and understanding

Slide18

Exceptionally Lightweight Sensor

CPU

Disk

Network

< 1% increaseover baseline CPUutilization< 1% increaseover baseline disk I/O utilization< 3.5MB datatransferred per day

In comparison, leaving the CNN web page open for 60 seconds results in 10MB data transferred and dramatically higher CPU utilization versus Confer

Slide19

Confer: Redefining Endpoint Security

Lightweight and cloud-based

: simple to deploy and use

Multiplatform

: Windows, Mac, Android,

iOS

, Linux

P

revents

advanced attacks

AND

simplifies incident response

Slide20

Back End Protection

Slide21

Board are showing more concern about cyber threats SEC pushing for board members to take greater responsibility for cyber risksNot all measures are technical (i.e. deciding which breach prevention measures should we adopt)Legal Compliance and Disclosure Issues

Governance Cyber Considerations

Slide22

Cyber Concern at Board Level – 74%

According to a 2014 NYSE Corporate Governance/FTI Consulting research study

Slide23

Generally fall into three major categories:Human ErrorSystem GlitchesCriminal Attack

Causes of a Breach

Most frequent cause

Most costly

Slide24

Current Cyber Trends

Sony Pictures breach a reminder that (1)

data loss

is a major exposure (the attackers wiped out much of the data on Sony’s network), and (2)

employee privacy

is a major exposure

Anthem breach a reminder that (1) attackers can penetrate a network months before an attack is discovered (thought to have broken into network in April 2014) and (2)

notification responsibilities

aren’t always clear

Renewed focus on healthcare and HIPAA/HITECH:

Breach notification requirement

State Attorney Generals can bring civil actions in federal court

Civil monetary penalties range from $50k-$100k per violation and $25k-$1.5M in a calendar year

Slide25

Cost of a breach in U.S. $5.9m average

Slide26

Cost of dealing with a breach

Forensic

costs -- can be significant

Data

loss -- Sony Pictures situation

Business

interruption exposures

Slide27

Thinking within the NIST Framework

What is

your

risk

W

hat

are your

cyber security practices

Where

do you want/need to be

Slide28

Risk Practices

Distinction between privacy breach and network security breach

Not all

losses are technical

Can

face significant cyber losses even if you don't have a lot of PII or PHI 

Slide29

The role of cyber insurance

Risk management and insurance drives behavioral change in the marketplace

Mitigates loss by forcing insureds to assess the potential risk and their cyber defense mechanisms

Slide30

Response Plan

Having

the right players as initial responders

Practicing

and revising 

Transfer

r

isk ​

Slide31

A look at the insurance marketplace

$2B estimated total premium for cyber insurance in 2014

Survey of insurance brokers finds:

61% say cyber is viewed in the top three most significant business threats to their clients

But just 18% of brokers say over 40% of their clients have some cyber liability coverage

Slide32

Insurance Trends

Some carriers are reasonably flexible on coverage terms, others more cautious

Some carriers increase or eliminate

sublimits

on first-party costs (forensics, notification, credit monitoring, legal)

Firming prices in industries where carriers see greater exposure (healthcare and especially retail)

Slide33

More information

Overwhelming amount of information out there when it comes to data security and privacy

No shortage of new Cyber Threats

WGA has launched an open-source online forum to collect data

C

yberRiskHub.com

Slide34

Contact Information

Paul Morville Conferpaul@confer.net617.821.1341

John DoernbergWGAjdoernberg@wgains.com617.646.0336

Bruce MacDougallWGA bmacdougall@wgains.com617.646.0279

Thank you for joining us today

Confer Technologies http://www.confer.net/

WGA

http://www.WGAins.com

Slide35

Slide36

Slide37

Slide38

Slide39

Slide40

Slide41

Slide42


About DocSlides
DocSlides allows users to easily upload and share presentations, PDF documents, and images.Share your documents with the world , watch,share and upload any time you want. How can you benefit from using DocSlides? DocSlides consists documents from individuals and organizations on topics ranging from technology and business to travel, health, and education. Find and search for what interests you, and learn from people and more. You can also download DocSlides to read or reference later.