View
0
Download
0
Category
Preview:
Citation preview
The Potential Economic Damageof Cyber Crime is Frightening
Over the past several months,the U.S. government’s Of�ce
of Personnel Management hasbeen the victim of two major
data breaches, which led to thetheft of more than 22 million
people (over 7% of Americans).
22.1MSocial Securitynumbers stolen
1.1M�ngerprints
stolen
Cyber attacks aren’t new to the government.
Cyber attacks on federal governmenthit a record high every year
5.5K
2006 2007 2008 2009 2010 2011 2012 2013 2014
0
20,000
40,000
60,000
80,000
11.9K
16.8K
29.9K
41.7K 42.8K
48.5K
61.2K
67.1K
Among industries, government has the weakest cybersecurity.
27%
43%
50%
52%
60%
65%
81%
0% 20% 40% 60% 80% 100%
Government
Healthcare
Technology
Other
Retail and Hospitality
Financial Services
Manufacturing
Percent of Cybersecurity Flaws Fixed by Industry
Compliance with OWASP Top 10 Policy
30%
30%
31%
32%
35%
42%
0% 20% 40% 60% 80% 100%
Government
Other
Retail and Hospitality
Healthcare
Technology
Manufacturing
Financial Services
24%
58%
65%
68%
69%
70%
70%
76%
Compliant Out of Compliance
The U.S.’s most potentially devastating target is the power grid.
The importance of the US
powergrid to the American
economy and society can’t
be overstated. Every major
infrastructure, from
communications to water,
is built on it.
What a catastrophic cyber attack on the U.S. Power grid looks like.
XXX-XXXX
• Major attacks on the U.S. power grid system are increasing according to a Congressional Research Service report
• In 2014, the Industrial Control System Cyber Emergency Response Team, reported that a third of its responses to cyber threats came in the energy sector
• In October 2014, ICS-CERT revealed that several industrial control systems have been infected by a virus capable of gathering information about how the grid system functions
Immediately afterthe attack
The aftermathof the attack
Cost of theattack
• Water supplies are impacted and become limited
• Stock market crashes
• A full year of investigation is required to understand the attack
• 93 million people are without power
• Phone systems, internet television, street lights and traf�c signals are down.
• Citizens are stuck underground, stranded on subway cars, workplaces are shut down
• Outbreaks of looting and stealing occur as the outage drags on
$1TTotal impact toUS economy
$71BInsurance industry
losses
Solutions for government entities to mitigate risk.
1 Share cyber attack data and collaborate across agencies.
2 Adopt cyber insurance to manage cyber risk.
3 Mandate stronger IT compliance and de�ne clear policies for access.
4 Identify threats and risks with security software and regular audits.
5 Train employees to understand policies, requirements and common cyber attacks.
keepersecurity.com | jltus.com
http://www.fas.org/sgp/crs/misc/R43989.pdfhttp://diplopundit.net/2015/06/18/snapshot-incidents-reported-to-us-cert-by-federal-agencies-fy2006-2014/ http://www.cnet.com/news/over-22-million-social-security-numbers-stolen-in-opm-hacks-agency-says/https://www.lloyds.com/~/media/files/news%20and%20insight/risk%20insight/2015/business%20blackout/business%20blackout20150708.pdf http://recode.net/2015/07/08/cost-of-a-potential-blackout-from-cyber-crime-1-trillion/
Sources
© 2015
6 Use an enterprise password manager to enforce strong passwords and 2FA.
Recommended