Embed Size (px)
Citation preview
“The emerging battle between Cyber Defense and Cybercrime: How Technology is changing to keep Company and HR data safe”
™ © Copyright 2017 Protocol 46, Inc.
All Rights Reserved
™ © Copyright 2017 Protocol 46, Inc.
All Rights Reserved
AGENDA
TM
BRIEF Update on Cyber Threat Landscape
HR Involvement
Solutions
Q&A
TM
Do we treat cybersecurity as:
an IT duty?an Operations duty?
or HR duty?
eCellarSystems, LLC
R.I.P. 201?
TM
TM
“If you have integrity,
….nothing else matters.
If you do NOT have integrity,
….nothing else matters.”
Mobile Threat
Data is now mobile and connected devices are the target
Commercial/Military UAVs
Artificial intelligence
Mobile payment
Networked telematics
Internet of things DDoS
Mirai Botnet
EVOLUTION OF THE CYBER THREATImpact of attacks growing as technology becomes more inter-connected
Unsophisticated Attacks
Exploration and Experimentation (Damage normally caused by accident)
Hacks conducted for Notoriety
1987 Christmas Tree Exec Worm
Attacks with a Purpose
Hackers identifying how to exploit weaknesses. Damage and Disruption done on purpose
Distinction between Script Kiddies and Hackers develops
Emergence of commercial internet (Web 1.0)
1992 – 1260 Virus (1st
Polymorphic Virus
1996- Cryptoviralogy is born
Age of Email
Hackers utilize email as the delivery system for worms and viruses
Criminal organizations start building infrastructure to exploit cyber crime.
Most activity is web defacement/network break-ins with limited data theft.
2002 – Web 2.0
Advent of BOT Attacks
RISE OF THE ELITE HACKER
Cyber Crime becomes monetized. (Data sales and Ransomware)
Widespread state sponsored attacks
Hackers start utilizing tertiary networks to breach the target.
Cyber Activism become commonplace
2010 – Operation Aurora revealed
June 2010 – Stuxnetreleased
Low
1990s 2000s1980s
High
Cyber terrorism
Insecure codes
Cyber crime
Identity theft
Hackers
Data breach
Network attacks
Malware
Critical infrastructure attacks
Foreign state sponsored cyber espionage
Cyber warfare
FUTURE2010-2016
BU
SIN
ES
S IM
PA
CT
Cybersecurity 2017 Trends• 'Malware’ as a precision tool to breach
an organization’s defenses
• Ransomware
• Phishing
0
50
100
150
200
250
Q1 2015 Q2 2015 Q3 2015 Q4 2015 Q1 2016 Q2 2016 Q3 2016 Q4 2016 Q1 2017
Volume of Spam 2015 - 2017In Excess of 205 Billion email per DAY
™
0
100,000
200,000
300,000
400,000
500,000
600,000
700,000
800,000
900,000
1,000,000
2007 2008 2009 2010 2011 2012 2013 2014 2015 2016
Volume of Malware 2007-20161 Million New Incidents Per DAY
Cyber Crime• Is Big Business for
Hackers
• Easy and Profitable to Sell Data
© Copyright Protocol 46 2017. All Rights Reserved.
• “Monetized” their activity
• More sophistication
• Smaller organizations targeted
™
Hacker ActivityPast to CurrentHacker ActivityPast to Current
Cost to any organization of a cyber-attack can literally destroy a
business.
- 2016 Ponemon Institute Cost of Data Breach Study
$Healthcare
$245Financial
$123Transportation
$71Public
$200Education
$149Industrial
$154Retail
$137Energy
$450
$400
$350
$300
$250
$200
$150
$100
$ 50
$0
Per-Record Data Breach Costs
by Industry
Norton / Symantec Corp: July 2016
Cost / Profit from Crime
• Global black market in marijuana, cocaine and heroin COMBINED: $288 billion
• Cost of global cybercrime: $388 billion and growing
Information from:
2016: • 1,093 data breaches in U.S. (TRACKED)
- almost half of World breaches
• 900,000,000 Records Stolen
Information from:
• Average consolidated cost of a data breach in 2016 was $17.36 million.
• Average small size company breach cost was $454,000
Information from:
Minimum Cost of Breach:• Small Company was
$300,000
• Medium size company was $6.7 million
• Large size company was
$73.75 million
“Economic cost”and
Reputational Costs
are Significant.
Only 6% of Companies will Survive Longer than 2
Years after a Data Breach.Gartner Research
™
A FIREWALL
AND
ANTI-
MALWARE
SOFTWARE
ARE NOTADEQUATE
PROTECTION!
You MIGHT be THINKING...
...But we have
our IT guys
protecting us
• Break / Fix
• Install Software
• Keep machines working
• Re-active
IT Department
CRITICAL TO UNDERSTAND DIFFERENCES
Works to:
• Detect
• Analyze
• Defend
• Proactive
Cyber Security
Your HR and IT Department’s Best Friend™
• Break / Fix
• Install Software
• Keep machines working
• Re-active
IT Department
CRITICAL TO UNDERSTAND DIFFERENCES
Prevents Bad Guys from:
• Gaining access to Company records
• Holding Company Hostage
Cyber Security
Your HR and IT Department’s Best Friend™
Nationally, the time elapsed from the initial breach to when the breach is detected exceeds 200 days- Accenture
Time from the detection of a new vulnerability by
to client notification is under 24 Hours
The Alliance NetworkJanuary 2016
TheSOLUTION
Military Grade Cyber Security Prevention and Protection
Best Defense is often Prevention85% of All Cyber
Security Attacks Can be Stopped by
Implementing
5 Cyber Security Tools
OUR SUITE of PRODUCTS
NimbleFeather™
Picket Fence™
RazorWire™
Stonewall Aegis™
TitaniumCastle
• We assess and rank a company’s vulnerabilities to hacking. This gives the Company’s IT department the ability to fix these weaknesses.
• Remember the IT department can't fix what it doesn’t know about.
• Your HR and IT Department’s Best Friend™
Cyber Security Protection
Cyber Security ProtectionEffective Security Strategies to Fortify and Thwart Threats
Cyber Security ProtectionEffective Security Strategies to Fortify and Thwart Threats
© Copyright 1997, 2009 Protocol 46, Inc.
Cyber Security ProtectionEffective Security Strategies to Fortify and Thwart Threats
© Copyright 1997, 2009 Protocol 46, Inc.
Cyber Security ProtectionEffective Security Strategies to Fortify and Thwart Threats
© Copyright 1997, 2009 Protocol 46, Inc.
Cyber Security ProtectionEffective Security Strategies to Fortify and Thwart Threats
© Copyright 1997, 2009 Protocol 46, Inc.
Cyber Security ProtectionEffective Security Strategies to Fortify and Thwart Threats
© Copyright 1997, 2009 Protocol 46, Inc.
Cyber Security ProtectionEffective Security Strategies to Fortify and Thwart Threats
© Copyright 1997, 2009 Protocol 46, Inc.
True Cyber Security Protection
Defense in Depth
Protocol 46 Bitdefender
Nimble Feather
Stonewall Aegis
Picket Fence
Razor Wire
True Cyber Security Protection
TRUE CYBERSECURITY
PROTECTION
PROTOCOL46
PROTECTION
OUR COMPANY ADVANTAGE
COMPETITION
AFFORDABILITY
™
Ease of UsePlug and Play
ReportsPull All Information Together
OUR COMPANY ADVANTAGE
COMPETITION
Military and 3 Letter Agency Cyber Security Expertise and
Experience
Fighting an A-Typical War
™
OUR COMPANY ADVANTAGE
COMPETITION
Our Solutions
are PRO-ACTIVE
™
rather than
REMEDIAL
™
OUR COMPANY ADVANTAGE
COMPETITION
We get AHEAD of the Breach
™
Not Clean up the Mess After
™
OUR COMPANY ADVANTAGE
COMPETITION
PRO-ACTIVE
™
Multi device/sensor concept make us different / better than the competition
All Protocol 46 tools work in concert to provide continuous scanning and multiple layers of proactive
protection.
™
OUR COMPANY ADVANTAGE
COMPETITION
PRO-ACTIVEOur solutions are monitored and updated in
response to the cyber threat-scape.
Competitors or other products do not update, do not upgrade or have the ability to change like we do.
™
TM
Do we treat cybersecurity as:
an IT duty?An Operations duty?
or HR duty?
Q and A
CYBER SECURITY CHECKLIST
Can you answer
How much is the issue of security integrated into your business?
Is our security clear and consistent?
How do we monitor our systems and prevent breaches?
How often do we verify the effectiveness of our security?
Do our security goals align with business priorities?
Do we have the basic rights for security measures?
What is our plan to respond to a data breach? Are we adequately insured?
Are third parties really securing our most valuable information?
Have we identified and protected our most valuable processes and information?
Do we treat cybersecurity as an IT, an Operations, or a HR duty?
Cybersecurity
checklistCan you answer these questions about your
business?
• Inventory of Authorized and Unauthorized
Devices• Inventory of Authorized and Unauthorized
Software• Secure Configurations for Hardware and
Software• Continuous Vulnerability Assessment and
Remediation
• The one we don’t do is:• Controlled Use of Administrative Privileges
• Bitdefender
• Nimble Feather
• Stonewall Aegis
• Picket Fence
• Razor Wire
True Cyber Security ProtectionEffective Security Strategies to Fortify and Thwart Threats
Proud to be Veteran owned
™
Over 150 years of Military Intelligence and Cyber Security Experience.
