· • 5% increase in recorded business email compromise (bec) attempts because the list of...
TRANSCRIPT
![Page 1: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/1.jpg)
![Page 3: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/3.jpg)
Goal of 5-Step Approach Is Resilience
Know the threats and Identify and
Protect your assets
Know what recoverylooks like and prepare
Detect problems and respond quickly
and appropriately
Thanks to ourNational Sponsors
![Page 4: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/4.jpg)
![Page 5: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/5.jpg)
1H 2018 Losses
• 30% increase in reported SCADA vulnerabilities
• 141% increase in cryptocurrency mining detections
• 67% increase in mega breaches
• 5% increase in recorded business email compromise
(BEC) attempts
Because the list of threats continues to grow, enterprises’ focus and security resources are split. They need to have the proper solutions and security policies in place to navigate this increasingly complicated threat landscape.
![Page 6: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/6.jpg)
Vendor 2H 2017 vs. 1H 2018
Apple 92% increase
Foxit 50% increase
Adobe 7% increase
602 reported vulnerabilities23 published without patches
The increase in vulnerabilities adds to the challenges InfoSec teams are facing: More advisories mean more difficulties patching, and enterprise operations may be affected.
![Page 7: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/7.jpg)
Cryptocurrency mining detections increase and ransomware remains an enterprise threat
Cryptocurrency mining detections New cryptocurrency-mining malware families
471H 2018
![Page 8: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/8.jpg)
Malicious activity affects enterprise and home routers
Mirai-like activity
• Scanning detected in China and Mexico
• Targeting specific router vulnerabilities
VPNFilter attack
• Multi-stage attack with a
spreading component, a
data harvester, and a
sniffer plugin
• Affected over half a million
routers in at least 54
countries
![Page 9: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/9.jpg)
Recorded BEC attempts
![Page 10: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/10.jpg)
Protection against threats
Change the
default
passwords on
IoT devices.
Install patches. Teach employees
about business
email scams.
Verify fund
transfer requests
and invoices.
![Page 11: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/11.jpg)
![Page 12: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/12.jpg)
![Page 13: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/13.jpg)
![Page 14: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/14.jpg)
![Page 15: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/15.jpg)
![Page 16: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/16.jpg)
![Page 17: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/17.jpg)
![Page 18: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/18.jpg)
Start with Security: A Guide for Business
Ftc.gov/startwithsecurity
![Page 19: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/19.jpg)
Lessons Learned - PROTECT
1. Start with security
2. Control access to data sensibly
3. Require secure passwords & authentication.
4. Store sensitive information securely & protect it during transmission.
5. Segment your network and monitor who is trying to get in and out.
6. Secure remote access to your network.
7. Apply sound security practices when developing new products,
8. Make sure service providers implement reasonable security measures.
9. Keep your security current & address vulnerabilities that may arise.
10. Secure paper, physical media, and
devices.
![Page 20: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/20.jpg)
![Page 21: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/21.jpg)
Identity Theft
![Page 22: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/22.jpg)
![Page 23: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/23.jpg)
![Page 24: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/24.jpg)
Colleen Huber, Director
e-Learning Design and Development
![Page 25: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/25.jpg)
Colleen Huber, M.Ed.Director, e-Learning Design and Development, MediaPRO
Creating an Employee Awareness Program on a Budget
![Page 26: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/26.jpg)
We Have Money
We Have Valuable Info
We’re More Vulnerable
![Page 27: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/27.jpg)
The Solution:• Depend on employees• Practice security everyday
The Problem:• Security costs are rising• Can't depend on IT
infrastructure
![Page 28: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/28.jpg)
Mission: Activate Employees
![Page 29: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/29.jpg)
Personal Data?• Conduct a Privacy Impact
Assessment
Survey to…• Discover what people
already know• Identify your biggest risks
Analyze
![Page 30: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/30.jpg)
Create a plan.
Which topics should receive focus?
Plan
![Page 31: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/31.jpg)
Remember:• Focus on behavior• Make it applicable
Deliver your training!
Train
![Page 32: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/32.jpg)
Some Ideas:• Phishing alerts• Team meetings• Tech blog• "Nice save" e-mails
Make time for regular check-ins and reminders.
Reinforce
![Page 33: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/33.jpg)
Champion a Security-Aware Culture
![Page 34: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/34.jpg)
https://www.mediapro.com/SMB
Thanks for joining!
![Page 35: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/35.jpg)
![Page 36: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/36.jpg)
![Page 37: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/37.jpg)
Use #CyberAware in all your tweets! Like us on Facebook (/StaySafeOnline) to view live segments with experts each week and follow us on Twitter (@StaySafeOnline) for the latest news, resources and more
Register yourself and/or your organization as a Champion to take action in support of NCSAM. It’s easy and FREE to sign up at https://staysafeonline.org/ncsam
Join our weekly Twitter discussion each Thursday in October at 3 p.m. EDT/Noon PDT.
![Page 38: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/38.jpg)
staysafeonline.org/ncsam/ncsaawards
![Page 39: · • 5% increase in recorded business email compromise (BEC) attempts Because the list of threats continues to grow, enterprises’ focus and security resources are split. They](https://reader033.vdocuments.us/reader033/viewer/2022050313/5f75514c2482be289615a219/html5/thumbnails/39.jpg)
National Cyber Security Alliance
www.staysafeonline.org/cybersecure-business