The Potential Economic Damageof Cyber Crime is Frightening

Over the past several months,the U.S. government’s Of�ce

of Personnel Management hasbeen the victim of two major

data breaches, which led to thetheft of more than 22 million

people (over 7% of Americans).

22.1MSocial Securitynumbers stolen

1.1M�ngerprints

stolen

Cyber attacks aren’t new to the government.

Cyber attacks on federal governmenthit a record high every year

5.5K

2006 2007 2008 2009 2010 2011 2012 2013 2014

0

20,000

40,000

60,000

80,000

11.9K

16.8K

29.9K

41.7K 42.8K

48.5K

61.2K

67.1K

Among industries, government has the weakest cybersecurity.

27%

43%

50%

52%

60%

65%

81%

0% 20% 40% 60% 80% 100%

Government

Healthcare

Technology

Other

Retail and Hospitality

Financial Services

Manufacturing

Percent of Cybersecurity Flaws Fixed by Industry

Compliance with OWASP Top 10 Policy

30%

30%

31%

32%

35%

42%

0% 20% 40% 60% 80% 100%

Government

Other

Retail and Hospitality

Healthcare

Technology

Manufacturing

Financial Services

24%

58%

65%

68%

69%

70%

70%

76%

Compliant Out of Compliance

The U.S.’s most potentially devastating target is the power grid.

The importance of the US

powergrid to the American

economy and society can’t

be overstated. Every major

infrastructure, from

communications to water,

is built on it.

What a catastrophic cyber attack on the U.S. Power grid looks like.

XXX-XXXX

• Major attacks on the U.S. power grid system are increasing according to a Congressional Research Service report

• In 2014, the Industrial Control System Cyber Emergency Response Team, reported that a third of its responses to cyber threats came in the energy sector

• In October 2014, ICS-CERT revealed that several industrial control systems have been infected by a virus capable of gathering information about how the grid system functions

Immediately afterthe attack

The aftermathof the attack

Cost of theattack

• Water supplies are impacted and become limited

• Stock market crashes

• A full year of investigation is required to understand the attack

• 93 million people are without power

• Phone systems, internet television, street lights and traf�c signals are down.

• Citizens are stuck underground, stranded on subway cars, workplaces are shut down

• Outbreaks of looting and stealing occur as the outage drags on

$1TTotal impact toUS economy

$71BInsurance industry

losses

Solutions for government entities to mitigate risk.

1 Share cyber attack data and collaborate across agencies.

2 Adopt cyber insurance to manage cyber risk.

3 Mandate stronger IT compliance and de�ne clear policies for access.

4 Identify threats and risks with security software and regular audits.

5 Train employees to understand policies, requirements and common cyber attacks.

keepersecurity.com | jltus.com

http://www.fas.org/sgp/crs/misc/R43989.pdfhttp://diplopundit.net/2015/06/18/snapshot-incidents-reported-to-us-cert-by-federal-agencies-fy2006-2014/ http://www.cnet.com/news/over-22-million-social-security-numbers-stolen-in-opm-hacks-agency-says/https://www.lloyds.com/~/media/files/news%20and%20insight/risk%20insight/2015/business%20blackout/business%20blackout20150708.pdf http://recode.net/2015/07/08/cost-of-a-potential-blackout-from-cyber-crime-1-trillion/

Sources

© 2015

6 Use an enterprise password manager to enforce strong passwords and 2FA.