Top Banner
Cyber Risk: Exposures, prevention, and solutions Presented by Paula Garrecht
19
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Cyber Risk: Exposures, prevention, and solutions

Cyber Risk:Exposures, prevention,

and solutions Presented by

Paula Garrecht

Page 2: Cyber Risk: Exposures, prevention, and solutions

“There are only two types of companies, those that have been hacked and those that will be”

-FBI Director Robert Muller (2012)

Page 3: Cyber Risk: Exposures, prevention, and solutions

1. The changing face of communication 2. Impact of breaches 3. By the numbers 4. Modes of attack 5. Common exposures 6. Examples of breaches7. Prevention8. Solutions 9. Questions

Agenda

Page 4: Cyber Risk: Exposures, prevention, and solutions

Communication is now married totechnology.

This makes us all extremely vulnerable to cyber risk

Changing Mediums of Communication

Page 5: Cyber Risk: Exposures, prevention, and solutions

The impact of data breaches are significant and multi-faceted:• Reputational harm• Employer/Employee relationships• Lost productivity when staff need to put aside

normal activities to respond to an incident• Notification Costs• Credit monitoring costs• Regulatory proceedings and fines

Impact of Data Breaches

Page 6: Cyber Risk: Exposures, prevention, and solutions

By the Numbers

• Of attacks were not highly difficult to undertake

• Of breaches happen in companies with fewer than 100 employees

• Stemmed from external agents (partners, suppliers, customers and criminals)

• Of data breaches were discovered by a third party and not by the company itself 92% 98%

96%72%

97% of incidents were avoidable

Page 7: Cyber Risk: Exposures, prevention, and solutions

70% of Canadian businesses experienced a cyber attack in a 12 month period.

$100 billion annual loss to the U.S. economy (US$445 billion to the world economy)

The average cost of a data breach to an organization in

2014 $5.85 million

By the Numbers

Page 8: Cyber Risk: Exposures, prevention, and solutions

Modes of Attack

Page 9: Cyber Risk: Exposures, prevention, and solutions

In Canada, the top cyber-attacker sources are:• Malicious code• Spam• Phishing Hosts• Bots• Network Attacking countries• Web Attacking countries

Modes of Attack

Page 10: Cyber Risk: Exposures, prevention, and solutions

Public Administration is the top targeted industry in Canada for malware and phishing, second highest behind the mining industry for

spam.

Targets

Page 11: Cyber Risk: Exposures, prevention, and solutions

• Bring Your Own Device (BYOD)

• Hard Drive Disposal

• Camera Phones

Exposures

Page 12: Cyber Risk: Exposures, prevention, and solutions

Uber (2014)

City of Los Angeles (2012)

University of Victoria

(2012)

Examples of Breaches

Page 13: Cyber Risk: Exposures, prevention, and solutions

Recent Guidance from the Privacy Commissioner • Getting accountability right with a Privacy

Management Program• Organizational commitment• Program controls• Effectiveness, compliance and accountability

Prevention Strategies

Page 14: Cyber Risk: Exposures, prevention, and solutions

Put Security Systems in place ie.

Alarms, surveillance

Use caution with mobile apps

Properly dispose of technology hardware.

When sending mass emails, hide the recipient list

Keep sensitive data out of

unauthorized reach

Require sign-in for non-employee

visitors

Screen all prospective employees

Don’t retain unnecessary data

Install anti-virus, anti-spyware and

firewalls.

Utilize password protection and

encryption

Ongoing education and training

Conduct a third party test to assess your vulnerabilities

Prevention Strategies

Page 15: Cyber Risk: Exposures, prevention, and solutions

Despite implementing best-practices for prevention, data and cyber security breaches can occur. Cyber Risk Insurance should form

part of your Risk Management plan.

Solutions

Page 16: Cyber Risk: Exposures, prevention, and solutions

• Privacy Liability & breach notification• Network security liability• Multimedia liability• System damage• System business interruption• Brand & reputation protection / crisis

management• Cyber crime

Solutions

Page 17: Cyber Risk: Exposures, prevention, and solutions

Privacy Liability & breach notification

• Violation of data protection and privacy legislation.

• Costs to assist you in dealing with a data breach including costs of notification and costs of credit monitoring.

• Regulatory fines and claims expenses that you become legally obligated to pay

Network security liability

• Your failure to protect against unauthorized access to or unauthorized use of or denial of services attack by a hacker.

Multimedia liability

• Covers media exposures such as defamation and breaches of intellectual property rights arising from your online publishing. Also described as content injury.

Solutions

Page 18: Cyber Risk: Exposures, prevention, and solutions

System damage

• Cover to assist you in dealing with the costs of handling/responding to a threat from a hacker to attack your information and electronic assets.

System business interruption

• Cover to assist you in dealing with the costs of replacing lost profit due to hacking attack on your computer system. Impaired access injury.

Brand & reputation protection / crisis

management

• Costs to assist you after a network compromise such as public relations costs. Reputational injury.

Cyber crime

• Electronic wire transfer fraud

• ID Theft• Cyber extortion• Telephone hacking• Phishing

Solutions

Page 19: Cyber Risk: Exposures, prevention, and solutions

Thank You,Questions?

“There are only two types of companies, those that have been hacked and those that will be.

Even that is merging into one category: those that have been hacked and will be again. ”

-FBI Director Robert Muller (2012)