DATA BREACH INCIDENTS ARE DEVASTATING … › images › SeminarKD › 2018 › Slide...WAN ZULHAMLI...

Copyright © 2018 CyberSecurity Malaysia

DATA BREACH INCIDENTS ARE DEVASTATING

WAN ZULHAMLI WAN ABDUL RAHMANKETUA JABATAN KAJIAN STRATEGIK DAN NASIHAT,

CYBERSECURITY MALAYSIA

11 OCTOBER 2018

2

OUR CYBER WORLD TODAY

3

4.17B i l l i o nDigital citizens

worldwideby 2020

( e M a r k e t e r , 2 0 1 6 )

55%

Digital citizensin Asia

Source: Internet World Stats

(As of June 2018)

4 ,021,000,000

Source: We Are Social (A global agency that collects data from Google, Ericsson, Akamai, GlobalWebIndex & Stat counter)

Digital citizens worldwide( A s o f A p r i l 2 0 1 7 )

25,080,000Digital citizens

(As of January 2018)

Source: We Are Social , Hootsuite

in Malaysia

HIGHLY CONNECTEDT h e W o r l d To d a y i s

2,062,136,472

EXPANSION OF NEW TECHNOLOGIES INTO CYBERSPACE- More Exposure to Growing Cyber Risks In Digital Environment

5

WE ARE MOVING INTO A MORE INTERCONNECTED CYBERSPACE

TOP 5 RISKS LIKELIHOOD IN 2018

7

GLOBAL CYBER SECURITY LANDSCAPE

RISK OF ECONOMIC LOSS DUE TO CYBERCRIMES

9

RISING TREND OF CYBER ATTACKS ON CRITICAL SYSTEMS

RISING TREND ON CYBERCRIMES - REPLACING TRADITIONAL CRIMES

• Total financial losses could be as a high as $1 billion

• Spyware let the group learn how money was processed, sent and received – the spyware gave attackers the ability to gain remote control of the bank's computer.

12

RISING TREND OF DARKNET PLATFORM TO BUY AND SELL STOLEN DATA

- CHEAPER, EASIER & LESS RISK FOR THE CYBER CRIMINALS TO CONDUCT CRIME

13

RISING TREND ON ATTACK SOPHISTICATION- Cyber Attack Uses Structured Process

Source : http://amosval.com

GLOBALDATA BREACH SCENARIO

DATA BREACH IS A GLOBAL PROBLEM

Underpinning Data Breach Issue- Is Cyber Espionage

RISING TREND OF DATA BREACHES

https://breachlevelindex.com/

https://breachlevelindex.com/

TRENDS OF CYBER THREATS IN MALAYSIA

19

20

MALAYSIA IS DRIVEN BY DIGITAL TECHNOLOGY- Bringing Along New Technologies That Come With New Security Issues

FinTech - technologies that are disrupting traditional financial services i.e. mobile payments, money transfers, loans“….investment in Fintech around the world has increased dramatically from $930 million in 2008 to more than $12 billion by early 2015” - Accenture Source: https://www.forbes.com/sites/bernardmarr/2017/02/10/a-complete-

beginners-guide-to-fintech-in-2017/#2f6414393340.

MALAYSIANS ARE STILL VULNERABLE TO CYBER FRAUDS

3358

NEW TARGET OF CYBER CRIMINALS -DATA MEANS MONEY

KNOWN MALAYSIA DATA BREACH IN NUMBERS

46.2 Million

Malaysia Telco

10.5 Million

Ministry of Education

220,000

Malaysian organ donors and their next-of-kin

110,000

Astro

81,309

Malaysia Medical Association and Malaysia Dental Association

3.88 Million

Jobstreet

JOBSTREET DATA BREACH

MALAYSIA MEDICAL ASSOCIATION DATA BREACH

TELCO DATA BREACH

SAMPLE OF THE SELLING THREAD

• Diversion of employees from strategic initiatives to work on damage control

• Cybersecurity improvement

• Operational Disruption

• Diversion of employees from strategic initiatives to work on damage control

• Post-Breach customer protection

• Detection and escalation• Notification• Lost business / contract• Response costs• Competitive

disadvantage• Insurance premium cost

• Sensitive media scrutiny

• Public Relation• Loss of intellectual

Property / Asset

Brand Financial

OperationalRegulatory

28

INSECURITY CAUSES DEVASTATING IMPACTS - Cyber Risks and Impacts of Data Breach

Approach

Data loss prevention should not be an afterthought.

Data breaches can result in:

Loss or compromise of Personally Identifiable Information (PII)records;

Theft of classified information, valuable intellectual property andtrade secrets(financial impact); and

Compromise of critical information infrastructure that canthreaten national security and societal well-being.

Pro-active and comprehensive approach is necessary for:

Early detection and prevention of cyber incidents; Stringent Access Control Policy Data classification Mitigation of the risks of cyber incident. Incident Management including Breach Notification

30

Key Take Away ;

PROPOSED WAY FORWARD

31

Adopting innovative measures to address evolving cyberthreats;

o Assess your internal risk culture - reveal how well an

organization and its leaders support a cyber risk culture

o Prioritise targeted training - to tailor ongoing training

initiatives to different employee groups.

o Rethink your skills strategies - assess skills gaps at regular

intervals and determine how to best fill those gaps

Copyright © 2017 CyberSecurity Malaysia