anatomy of a cyber attack - iacce€¦ · anatomy of a cyber attack a reality check for business...
TRANSCRIPT
![Page 1: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/1.jpg)
Helping you grow your business with
scalable IT services & solutionsfor today’s challenges & tomorrow’s vision.
© 2017 Peters & Associates, Inc. All rights reserved.
Anatomy of a Cyber AttackA Reality Check for Business Decision Makers including Executives, Directors, and Owners.
Bruce Ward, Vice President of Business StrategyDr. Rachael Narel, Solution StrategistAdam Gassensmith, Manager of Client Engagement
![Page 2: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/2.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsAgenda
![Page 3: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/3.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsChanges Keep Changing
![Page 4: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/4.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsChanges Keep Changing
2005 2013
![Page 5: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/5.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsBreaches Keep Breaching
www.hhs.gov/ocr/privacy/hipaa/enforcement/index.html https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
![Page 6: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/6.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
“Cyber crime only happens to large companies like Chase, Target and Home Depot.”
31% - incidents of losses at organizations with <100 employees
61% - incidents of losses at organizations with <250 employeesSource: Symantec Internet Threat Report
Common Misconceptions
![Page 7: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/7.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsCloud Shift only Shifts
![Page 8: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/8.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsLooming Risk Offset
Above The Surface
Below The Surface
• Customer Breach Notification• Technical Investigation
• Loss of Client Relationships• Reputation / Brand• Cost of Raising Capital• Loss of Intellectual Property• Impact on Operations• Insurance Sources:2017 Reports:
Ponemon and Deloitte
![Page 9: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/9.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsInformation Security Is Complex & Dynamic
DATA“A lot of moving parts”
![Page 10: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/10.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsInformation Security Industry
![Page 11: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/11.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsCyber Security Framework
Data Protection
![Page 12: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/12.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
People
Process
Technology
NIST CSF
![Page 13: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/13.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsCyber Security Framework
Data Protection1
![Page 14: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/14.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsSignificant Data
![Page 15: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/15.jpg)
Helping you grow your business with
scalable IT services & solutionsfor today’s challenges & tomorrow’s vision.
© 2017 Peters & Associates, Inc. All rights reserved.
Creating a Culture of Security and Effective Training Programs
Rachael NarelSolution Strategist
![Page 16: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/16.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
The security of systems is dependent on the people that use them. Effective institutional assessment of risks and implementation of secure practices rely on a shared understanding of the threats and challenges facing the institutions….
Lohrmann, 2014
![Page 17: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/17.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
• Time and budget for training
• Say one thing and do another
• Lack of buy-in
• Not organizationally mandated
• “I’m not a target” mindset
• History of failed programs
• Lack of communication or purpose
• Change is hard….
Some Challenges….
![Page 18: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/18.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsOrganizational Culture
Edgar Schein
![Page 19: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/19.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
• The leadership team needs to support and promote a security culture– Does the strategy support the realization of the goals? (do people
know the strategy?)
– Is the right structure in place?
– Do key business processes support the strategy?
– Are the outcomes and behaviors that are rewarded and recognized support the strategy?
– Does the current talent of the organization support the strategy?
It starts at the top…
![Page 20: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/20.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
• Security belongs to everyone
• Overall awareness
• Rewards and recognition for those who do the right thing
• Creation of a security community
• Fun and engaging
• Continual learning and improvement
• Communication
Key Elements of a Security Culture
![Page 21: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/21.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsEngage the entire system
![Page 22: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/22.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
• Security training ≠ cyber awareness program
• Ongoing, continuous, communication, reinforcement
• Go beyond compliance and ‘check the box’ mindset
• Keep it simple!
Cyber Security Awareness PROGRAM
![Page 23: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/23.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
• Just one piece of the program
• Not a point in time event
• Relevant to the audience and consistent with the values and goals of the organization
• Influence behavior changes that deliver measureable results
Training IS important!
![Page 24: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/24.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsUse a variety of approaches
![Page 25: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/25.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsMeasure and share results
![Page 26: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/26.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
• Is there a security policy that is enforced across the entire organization?
• Do employees know the policy?
• What are the practices and technologies in place that can detect a breach?
• Do employees know what to do if they detect a security violation?
Simple Assessment
![Page 27: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/27.jpg)
Sugar Rush: How to select an IT Managed Services and Cybersecurity Partner in a Crowded Marketplace
Adam Gassensmith – Manager of Client Engagement
This Photo by Unknown Author is licensed under CC BY-ND
![Page 28: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/28.jpg)
Happy (belated) Halloween!
This Photo by Unknown Author is licensed under CC BY-NC
This Photo by Unknown Author is licensed under CC BY-NC-ND
This Photo by Unknown Author is licensed under CC BY
![Page 29: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/29.jpg)
Partnering for Security
Average Salary of an IT Security Specialist
$120,000/year
Average Direct Cost of a Cyberattack on a Small Business
$9,000
The Cost of the Slow Burn
???
![Page 30: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/30.jpg)
Choosing your Candy
Beware of Dum Dums
Avoid Kit Kat’s Rigidity
Peanut Butter and Chocolate
– Better Together
![Page 31: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/31.jpg)
Are you Asking the Right Questions?
• Who is your ideal customer?
• What do you see as the greatest security threat to our business?
• How can you uniquely support our business?
Table Stakes• Security Expertise• Certification
This Photo by Unknown Author is licensed under CC BY-NC
![Page 32: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/32.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
IACCE Participant Entitlements Greater Chicago Area
Lunch and Learn - on-site
Security Review in a Day - on-site
Non-Profit Pricing
![Page 33: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/33.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsChamber Engagement 2016 …2017
![Page 34: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/34.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
The Right Mix Culture, Program, People, Process, and Technology
![Page 35: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/35.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
Successful Community Everyone Wins With The Right Cybersecurity Mix
![Page 36: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/36.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
Peters IL Chamber Program
•Connect•Engage•Measure•Evaluate
![Page 37: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/37.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
• Participated in 100 + Events Made 2000+ New Connections
• Chamber Cyber Security - 3 events and over 500 Participants
• 160 Cyber Community Businesses Educational Activities
• Results:• Improved Awareness Inquiries For Education lots more to do…..
Peters Community Programs 2017
![Page 38: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/38.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
Contact Tim O’Hara [email protected] to:
Set up your Community Awareness Program (CAP)
Learn About Microsoft Non-Profit Program
Chat about Risk
What Next – Chamber Challenge
![Page 39: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/39.jpg)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsKnowledge is Power
www.peters.com/blog
www.peters.com/event
![Page 40: Anatomy of a Cyber Attack - IACCE€¦ · Anatomy of a Cyber Attack A Reality Check for Business Decision Makers including Executives, Directors, and Owners. Bruce Ward, Vice President](https://reader035.vdocuments.us/reader035/viewer/2022081517/5f03c46f7e708231d40aab99/html5/thumbnails/40.jpg)
© 2015 Peters & Associates, Inc. All rights reserved.© 2016 Peters & Associates, Inc. All rights reserved.