Presentation is loading. Please wait.

Presentation is loading. Please wait.

Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.

Published byGeoffrey Walker Modified over 8 years ago

Similar presentations

Presentation on theme: "Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan."— Presentation transcript:

1 Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan

2 2 Agenda Security Hack 2FA Security Concerns Case Studies Security Process Security Preparation Examples Prevention Recent Breaches Costs of a Breach Cyber Insurance

3 3 Security Hack Security Demo

4 2FA – what is it and why you should use it everywhere you can

5 5 Security Concerns Broad security concerns for businesses For remote users For home users For firms that hold client data (legal implications) In an Information Age, Information is Power How much is your info worth to hackers? A LOT! Info is saved, stored, and flows freely Mobility BYOD Some employees have a tendency to be careless – it takes only one!

6 6 Case Studies Law firm and insurance company Security issues Risk? TJX, Home Depot, Target, JP Morgan, Anthem Vermont Country Store, other smaller companies HIPAA

7 7 Security is a Process of Prevention Security is an ongoing process and there is no such thing as being completely secure!!! The criminals work at this all day, every day, and so must your security team. You must have a team working together to enforce security and comprised of….. Management Legal Communications IT/Security

8 What can small/mid-size businesses do specifically to reduce their risk of exposure to a security breach? Manage IT from a security standpoint Behavior modification – passwords, remote logins, training Ongoing monitoring, Two-factor authentication, employment policies Distrust & Caution are the Parents of Security (Ben Franklin) Security protocols, Vigilance, etc….

9 9 Security Preparation 30% of small business get hacked each year - of them, 60% close within in a year

10 Security Preparation (2) Take a proactive approach Have a written plan in place on how to protect before, during, and after an attempt to breach Developed by your IT, Security and Legal teams Put a C-level person on it Risk management Shift risk (& make yourself a good risk – see yourself through the lens of an insurer) Cycle, Prevent, Detect, Respond, Recover

11 Elements of a Plan Treat company information like the crown jewels Understand what you have, why/how you store & secure it, why you keep it. You cannot lose data you don’t have. Risk cannot be managed after a breach occurs when panic and confusion have set in. Calm communication of facts shows a company in control of itself, its systems, and the story.

12 12 Cyber Insurance Cyber insurance Policy for the business Policy for client data Coverage? Are all policies the same? Expense? Directors & Officers? Class actions? Is there a standard of care for negligence? All are good questions – get your insurance broker involved and ask the questions !!

13 13 Examples How small business data get hacked What has been seen out in the field and how was it handled. Law Firm Manufacturer Entertainment Company Start up

14 14 Recent Breaches Why are large companies like Target and Home Depot breached? What could have been done better? What lessons we take from those events that can be implemented for any business, of any size? Board of Directors, Corporate Officers How much and when to disclose/notify Penalties vs. harm to the corporate image

15 15 Costs of a Breach IT Costs Investigation Remediation Business Interruption Recovery & Prevention Management & P R Costs Notification (Regulatory Compliance) of Affected Parties External Communications (P R)/Loss of Reputation/Share Price Legal advise & counseling Legal Team Litigation Costs (Defense and Indemnity), Class Actions The Forensic point of view – if data needs to be analyzed as to who did what, when, how

16 16 Top 10 Breaches (that were published as of October 2014)

17 Thank You! Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan

Download ppt "Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan."

Similar presentations

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Travelers CyberRisk for Insurance Companies

Travelers CyberRisk for Insurance Companies
Freshfields Bruckhaus Deringer LLP Global investigations What to advise your board Marius Berenbrok Edward Braham Matthew Herman Melissa Thomas 29 February.

Freshfields Bruckhaus Deringer LLP Global investigations What to advise your board Marius Berenbrok Edward Braham Matthew Herman Melissa Thomas 29 February.
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
1 TOP TEN LEGAL OVERSIGHTS THAT CAN SHUT DOWN YOUR WEBSITE © 2007 Brett J. Trout www.bretttrout.com.

1 TOP TEN LEGAL OVERSIGHTS THAT CAN SHUT DOWN YOUR WEBSITE © 2007 Brett J. Trout
HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.

HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Recent Trends and Insurance Considerations March 2015

Recent Trends and Insurance Considerations March 2015
Password District Data Breach Exercise [District Name] [Date] [Logo]

Password District Data Breach Exercise [District Name] [Date] [Logo]
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting.

© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
October 2013. The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.

October The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Business Continuity from an Insurance Perspective Presented by Jim Carter Manager, Risk & Insurance.

Business Continuity from an Insurance Perspective Presented by Jim Carter Manager, Risk & Insurance.
Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.

Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.
CUNA Mutual Group Proprietary Reproduction, Adaptation or Distribution Prohibited © 2014 CUNA Mutual Group, All Rights Reserved. Understanding Cyber Insurance.

CUNA Mutual Group Proprietary Reproduction, Adaptation or Distribution Prohibited © 2014 CUNA Mutual Group, All Rights Reserved. Understanding Cyber Insurance.
AUGUST 25, 2015 Cyber Insurance:

AUGUST 25, 2015 Cyber Insurance:
Security considerations for mobile devices in GoRTT

Security considerations for mobile devices in GoRTT
Georgia Department of Human Services Division of Aging Services (DAS): Data Breach Presenter:Harold Johnson Acting General Counsel Presentation to: Board.

Georgia Department of Human Services Division of Aging Services (DAS): Data Breach Presenter:Harold Johnson Acting General Counsel Presentation to: Board.

Similar presentations

Ads by Google