Torbay Business Forum with the South West Cyber Security Cluster

SouthWestCSC.org@SouthWestCSC

4 Simple Steps to Cyber Security

Torbay Business Forum 12th Jan 2016

Geoff Revill – Krowdthink LtdPeter Jones - Dynamiq

SouthWestCSC.org


Who we are

Organisations and stakeholders in the South West of England who are actively engaged in, or dependent on, cyber and digital security

Our membership includes academia, the police, businesses and enterprises from across the region that either:

•supply cyber security services•rely on cyber security for the provision of other services•have a public service interest in cyber, or•are engaged in cyber training, education or research


What do we provide?

• Access to cyber skills and knowledge• Share latest cyber thinking and best practice• Help make your business more resilient• Cyber Careers advice • Cyber Professional development • Learn how to protect yourself online

Be part of a cyber resilient future!


• Securious are passionate about getting the message out to SMEs that they need to build resilience against the cyber threats.

• The only Cyber Essentials Certification Body in the South West• Pete Woodward PCI QSA|CISSP|CEH|CCNP|CCDP - a highly qualified and very

experienced cyber security consultant.• PCI QSA - Payment Card Industry Qualified Security Assessor• CISSP - Certified Information Systems Security Professional• CEH - Certified Ethical Hacker• CCNP, CCDP - CISCO Certified Network and Design Professional


• Cyber Security solutions provider.

• Data Recovery.

• Digital Forensics.

• IT Support Services.

• Installations, Development and Support.

• Secure Cloud Storage.

• Website Development.

• ISO 9001 / 14001 / 27001 Auditors.

• Cyber Essentials Auditors.

0800 069 9788

@dynamiqthinking

www.dynamiq.co

SAFER, SMARTER, BETTER - TOGETHER


• Addressing the Human Factor• Resilience and crisis response for military & commercial

clients• Combatting the cyber threat:– Cyber strategy development– Board-level engagement– Business risk and value analysis– Awareness training– Incident response planning– Scenario analysis– Table-top and simulated exercising


Supporting the Privacy Perspective of Security

• Provide guidance on individual digital identity management

• Help people online maintain their privacy• Help you develop privacy preserving systems

• In SWCSC – Contact Geoff Revill for Event & Marketing co-operation or support– [email protected]

mailto:[email protected]


Anthony OdhamsSecureSearch

• 15 years expertise Search & Placement of Information Security, Risk Management, Digital Forensics, e-Discovery specialists

• Clients – Banks, Advisory & Consultancies, Solicitors, Retailers, Vendors & Academia

• Role Levels – Director, Partner, Manager & Technical with > 6 years cyber experience

• Membership Secretary SWCSC


• Protect: against current and future threats of internet related crime

• Prepare: by increasing awareness and resilience to enable communities and businesses to do more for themselves.

• Prevent: people from engaging in crime and from continuing in crime whilst supporting communities and partners to be more effective in stopping crime.

• Pursue: The criminals


The DARK WEB

The Threats


3.5Bn OnlineHow Many Have Been Hacked?

1.2 Billion login details 0.5 Billion email addresses

Reported for sale in 2014 on the Dark Web byOne Russian Cyber Gang

76M Bank Account user detailshacked at JP Morgan Bank

38% growth in cyber security incidents 2014->2015

Only 12% are reported!


Business Consequences

•breach of privacy law obligations•regulatory fines•individual loss claims

Loss of personal data

•breach of contract•loss of commercial advantage•breach of regulatory obligations•regulatory fines

Loss of confidential information

•financial fraud•extortion•breach of regulatory obligations•regulatory fines

Financial systems

•denial of service•physical damage to plant and machinery•industrial accidents

Operational control systems


Who is accountable?

• Managing Directors blame:– 57% hold themselves

accountable for major cyber security breaches

– Some MDs also hold IT accountable for major cyber security breaches

• Financial Directors blame:– mainly hold IT contractors

accountableWho do MD’s blame apart from themselves?


The Weakest link


4 Simple Steps to Cyber Security1 Basic Principle to Understand

Basic Principle

If unauthorised code cannot run you are protected from 85% of cyber threats


4 Simple Steps to Cyber Security

①Patch your Operating Systems regularly②Patch your key Applications regularly– Browser, Java, Flash, PDF Viewer, Office apps

③Restrict Administrator Privileges to those that really need them

④WhiteList the Applications you use


Lost?


That is what we are here for

SecureSearch


Technology

Torbay Business Forum with the South West Cyber Security Cluster