Presentation is loading. Please wait.

Presentation is loading. Please wait.

Friday, October 23, 2015. Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director.

Published byDale Webb Modified over 8 years ago

Similar presentations

Presentation on theme: "Friday, October 23, 2015. Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director."— Presentation transcript:

1 Friday, October 23, 2015

2 Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Kevin Bodell Systems and Infrastructure Manager City Creek Reserve, Inc. Kevin Bodell Systems and Infrastructure Manager City Creek Reserve, Inc. Smart Chick Megan Orser Smart Apartment Solutions Smart Chick Megan Orser Smart Apartment Solutions

3 TUESDAY, OCTOBER 20, 2015

4 Mark Stamford, OCCAMSEC

5 Symantec found that 17 percent of all android apps were actually malware in disguise. Ransomware attacks grew 113 percent in 2014, along with 45 times more crypto-ransomware attacks. 2015 INTERNET SECURITY THREAT REPORT, Symantec

6 Small Business A recent infographic by Towergate Insurance said that last year, 97 percent of smaller businesses neglected to prioritize online security improvement for future business growth. VS

7 It’s not IF, It’s WHEN! It’s not IF, It’s WHEN!

8 Social Engineering Phishing Hacking Ransomware

9 A non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures Social engineering is one of the most effective ways to circumvent established security protocol Targets human “vulnerabilities” (helpfulness, fear, insecurity)

10 10

11 Building Management Systems Energy Management Systems Emergency Notification Systems Customer Portals Integrated Work Management Systems Poor Password Protection Unmonitored Access Points Rudimentary Software

12 Midsize Businesses The most common causes were malicious or criminal attacks (44 percent), followed by employee negligence (31 percent) and system glitches (25 percent). The intent of the breach is usually information theft leading to financial gain, rather than so-called hacktivism,

13 Resident/Employees Files Social Security Number Drivers License Major Credit Cards Credit Report Address History Employment History Business Reputation

14 Prevent What is the risk? What is your exposure? Prepare What can you do to prepare for the inevitable? What practical approaches can you take to minimize exposure? Respond How do you minimize the impact to business as usual when it does happen? How do you mitigate risk once it’s happened?

15 Data Classification Level 1Level 2Level 3Level 4 Data that may be freely disclosed with the public. Internal data that is not meant for public disclosure. Sensitive internal data that if disclosed could negatively affect operations. Highly sensitive corporate and customer data that if disclosed could put the organization at financial or legal risk. Example: Contact information, price lists Example: Sales contest rules, organizational charts Example: Contracts with third-party suppliers, employee reviews Example: Employee social security numbers, customer credit card numbers Prevent Prepar e Respo nd

16 Network & Physical Security Controls Network, Computer, and Email Access Controls Encryption Anti-Virus/Anti-Spyware Firewall and Internet Connection Prevent Prepare Respond

17 General Security Controls Visitor Policy Social Engineering Third party network security checks Network and Computer Backups Prevent Prepare Respond

18 Prevent Prepare Respond

19 Respond CONSIDER THE NUMBERS Average Organizational Cost of a Data Breach $5.9 million Estimated Cost of a General Data Breach $201 per compromised record Identify source & stabilize Notify impacted parties Be detailed, consistent & diligent with your reporting Review business loss insurance Develop plan to protect the company brand Commence “Customer Loyalty” activities Implement protocols to prevent future breaches Be ready to adjust & adapt quickly as new threats arise Prevent Prepare Respond

20 New forms of blackmailing & extortion schemes Ransom ware for data theft Smart Machines Smart Offices or Business BMS Systems Increased threats at the power source (public utilities, old/outdated infrastructure, banking systems, financial institutions) Are you and your organization protected ? Prevent Prepare Respond

21 “Are You Sitting on a Cyber Security Bombshell?”, Joseph Dobrian, JPM Sept/Oct 2015 Before and After Disaster Strikes: Developing An Emergency Procedures Manual, 4th Edition, ©2012 IREM “What You Should Know About Cybersecurity Insurance,” © IREM Blog October 15, 2015

Download ppt "Friday, October 23, 2015. Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director."

Similar presentations

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Travelers CyberRisk for Insurance Companies

Travelers CyberRisk for Insurance Companies
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.

Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.

STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Protecting Customer Websites and Web Applications Web Application Security.

Protecting Customer Websites and Web Applications Web Application Security.
Securing Information Systems

Securing Information Systems
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
General Awareness Training

General Awareness Training
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Overview of Cybercrime

Overview of Cybercrime

Similar presentations

Ads by Google