FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.

Slides:

Advertisements

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

Advertisements

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

PCI-DSS Erin Benedictson Information Security Analyst AAA Oregon/Idaho.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

Smart Payment Processing ™ Protecting Your Business from Card Data Theft Presenter: Lucas Zaichkowsky.

Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.

Mr C Johnston ICT Teacher

© Vendor Safe Technologies 2008 B REACHES BY M ERCHANT T YPE 70% 1% 9% 20% Data provided by Visa Approved QIRA November 2008 from 475 Forensic Audits.

Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations

PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.

Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?

Peter Brudenall & Caroline Evans- Simmons & Simmons Marsh Technology Conference 2005 Zurich, Switzerland. Managing the Security Landscape – Legal and Risk.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Government Databases and You or How I Learned to Stop Worrying and Love Information Loss. By Patrick Fahey Mis 304.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

Risk Management. Risk Categories Strategic Credit Market Liquidity Operational Compliance/legal/regulatory Reputation.

Why Comply with PCI Security Standards?

PCI's Changing Environment – “What You Need to Know & Why You Need To Know It.” Stephen Scott – PCI QSA, CISA, CISSP

Network security policy: best practices

PCI DSS The Payment Card Industry (PCI) Data Security Standard (DSS) was developed by the PCI Security Standards Council to encourage and enhance cardholder.

Payment Card Industry Data Security Standard (PCI DSS) By Roni Argetsinger

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =

Protecting Customer Websites and Web Applications Web Application Security.

Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

Securing Information Systems

An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.

(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,

PCI requirements in business language What can happen with the cardholder data?

Sensitive Data Accessibility Financial Management College of Education Michigan State University.

PCI COMPLIANCE Compliance is mandatory for all organizations that accept credit cards.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

SECURITY ENGINEERING 2 April 2013 William W. McMillan.

PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.

Introduction to Computer Security PA Turnpike Commission.

Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.

ThankQ Solutions Pty Ltd Tech Forum 2013 PCI Compliance.

Thomas E. Noonan President and Chief Executive Officer Issues in eBusiness Security.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

BUSINESS CLARITY ™ PCI – The Pathway to Compliance.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.

Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.

Standards in Use. EMV June 16Caribbean Electronic Payments LLC2.

By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit.

Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.

EIC – Jornada ciberatacs cyber risk outlook June 2016.

PCI COMPLIANCE Compliance is mandatory for all organizations that accept credit cards.

WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3  An acronym created by Europay ®, MasterCard ® and Visa ®  The global standard for the.

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

Payment Card Industry (PCI) Rules and Standards

Performing Risk Analysis and Testing: Outsource or In-house

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance

Team 1 – Incident Response

Compliance with hardening standards

Breaches by Merchant Type

BOMGAR REMOTE SUPPORT Karl Lankford

Today’s Risk. Today’s Solutions. Cyber security and

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance

Company Overview & Strategy

Curating an Effective Security Culture

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance

Securing the Threats of Tomorrow, Today.

Windows 10 Enterprise subscriptions in CSP – Messaging Summary

Presentation transcript:

FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS

“ The world is changing, and so too is the threat landscape. SMB to Large Enterprise are being targeted in unprecedented numbers. ” Target Breach 56% 200k 5M Increase of Attacks in 2014 Chick-fil-A Credit Cards SECURITY AND THE COST OF INTRUSION

TYPES OF CYBER ATTACKS

DO BUSINESSES REALLY FAIL AFTER A CYBER ATTACK? 60% of all targeted cyber attacks were directed at Enterprise 80% of Cyber Attacks resulted in PCI Compliance Fines 60% of Enterprise organizations see a 40% short term loss in revenue

WHAT CAN BE DONE TO MITIGATE THE RISK OF CYBERCRIME TO MY BUSINESS?

STEPS TO HELP YOU SECURE YOUR BUSINESS 1) Firewall Theory 2) Use stronger authentication 3) Diversify your network 4) Compliance audit 5) Educate your users

TASK #1 FIREWALL THEORY ! Firewall all ingress and egress points. Limit incoming and outgoing traffic. Limit BYOD devices. Take a defensive strategy. Audit users monthly.

SAMPLE FIREWALL CONFIGURATION

KNOWING YOUR SYSTEMS IS CRITICAL FOR MAINTAINING A REASONABLE DEGREE OF IT SECURITY If you don’t have a CSO, get one and have them report to the CEO.

TASK #2: USE STRONGER AUTHENTICATION Validating identities remains the key factor in security. Single Factor vs Multi Factor. Use random key generators. Establish multi-factor authentication for VPN and personal devices Change Password in 8 week intervals

TASK #3: DIVERSIFY YOUR NETWORK Making your account credentials dynamic. Lock up your WIFI Access points. Limit access to certain data. Allow access to specific parts of your network. Disable USB access and enable Cloud storage.

TASK #4: COMPLIANCE AUDIT Are you PCI Compliant and do you handle financial transaction's? Check for how many users are on your network. Semi Annual on-site assessment and quarterly off site scans. Check records against PCI compliance standards. Enable stricter access protocols for access..

TASK #5: EDUCATE YOUR USERS Educate your employees on Cyber Crime. Make sure your employees close the bank vault. Don’t allow installation of programs on office computers. Safeguards are meant to support.

PCI COMPLIANCE FINES

BREACH CONSEQUENCES Cardholder Breaches can result in the following losses for a merchant. $50-$90 fine per cardholder data compromised Suspension of credit card acceptance by a merchant’s credit card account provider Possible civil litigation from breached customers Loss of customer trust which effects future sales

CONTACT INFORMATION Sherman Crancer