breach report analysis · 2018. 4. 2. · breach report analysis today’s moderator: michael...
TRANSCRIPT
![Page 1: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/1.jpg)
Breach Report Analysis May 23, 2017
![Page 2: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/2.jpg)
Breach Report Analysis
Today’s Moderator:
Michael Angelo Chief Security Architect at Micro
Focus
Chair of ISSA International Web
Conference Committee
To ask a question:
Type in your question in the
Questions area of your screen.
#ISSAWebConf
![Page 3: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/3.jpg)
Speaker Introduction
Today’s Speakers
Larry Ponemon Chairman and Founder of the Ponemon Institute
Bhavesh Chauhan Principal Client Partner and Security Evangelist at the Verizon CTO Organization
Yolonda Smith Director of Product Management at Pwnie Express
![Page 4: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/4.jpg)
Speaker Introduction
Larry Ponemon
• Founder and Chairman at Ponemon
Institute • Served on the Advisory Committee for
Online Access & Security for the United States Federal Trade Commission and the Data Privacy and Integrity Advisory Committee for the DHS.
• Served as founding member of the Certified Information Privacy Professional (CIPP) Advisory Board
![Page 5: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/5.jpg)
Sponsored by Carbonite
May 23, 2017
The Rise of Ransomware
![Page 6: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/6.jpg)
Purpose of the study
The purpose of this research is to understand how organizations are preparing for and dealing with ransomware infections. As of September 2016, the Justice Department reported there have been 4,000 ransomware attacks since January 1, 2016. This is a 300 percent increase over the approximately 1,000 attacks per day seen in 2015.
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 6
![Page 7: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/7.jpg)
Sample response Freq Pct%
Sampling frame 15,580 100.0%
Total returns 685 4.4%
Rejected or screened surveys 67 0.4%
Final sample 618 4.0%
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 7
![Page 8: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/8.jpg)
The ransomware prevention gap 1 = low to 10 = high, 7+ responses reported
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 8
66%
13%
0%
10%
20%
30%
40%
50%
60%
70%
Ransomware is very serious Our company can prevent ransomware
![Page 9: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/9.jpg)
Impact of a ransomware attack
Companies experienced an average of 4 ransomware attacks and paid an average of $2,500 per attack.
If companies didn’t pay ransom it was because they had full and accurate backup. Respondents also believe full and accurate backup is the best defense.
Companies suffered such financial consequences as the need to invest in new technologies, the loss of customers and lost money due to downtime.
Cyber criminals were most likely to use phishing/social engineering and insecure websites to unleash ransomware. Respondents believe the cyber criminal specifically targeted their company.
Compromised devices infected other devices in the network. Very often data was exfiltrated from the device.
Companies were reluctant to report the incident to law enforcement because of concerns about negative publicity.
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 9
![Page 10: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/10.jpg)
Ponemon Institute RIM Council Presentation Private and
Confidential Page 10
Ransomware threat response readiness
![Page 11: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/11.jpg)
Perceptions about ransomware Strongly agree and Agree responses combined
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 11
46%
47%
57%
59%
0% 10% 20% 30% 40% 50% 60% 70%
Prevention of ransomware attacks isa high priority for our company
My company would never pay ransomeven if we lost the data
My company believes it is too small tobe the target of ransomware
A ransomware attack would haveserious financial consequences for
our company
![Page 12: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/12.jpg)
The difficulty in dealing with the risk of ransomware Strongly agree and Agree responses combined
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 12
58%
27%
0%
10%
20%
30%
40%
50%
60%
70%
Our company’s use of IoT connected devices will increase our risk of ransomware
We are confident our current antivirus software willprotect our company from ransomware
![Page 13: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/13.jpg)
In the typical month, how many ransomware infections go undetected?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 13
27% 28%
10%
6%
29%
0%
5%
10%
15%
20%
25%
30%
35%
Less than 1 1 to 5 6 to 10 Greater than 10 Cannot determine
![Page 14: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/14.jpg)
How vulnerable do you feel your company is to a ransomware attack over the next 12 months?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 14
30%
38%
20%
6% 6%
0%
5%
10%
15%
20%
25%
30%
35%
40%
Very vulnerable Vulnerable Not vulnerable Will never happen Do not know
![Page 15: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/15.jpg)
How has the volume and severity of ransomware infections changed over the past 12 months?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 15
22%
38%
26%
10%
3%
18%
39%
28%
13%
3%
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
Significant increase Increase Stayed the same Decrease Significant decrease
The volume or frequency of ransomware infection over the past 12 months
The severity of ransomware infection over the past 12 months
![Page 16: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/16.jpg)
Ponemon Institute RIM Council Presentation Private and
Confidential Page 16
Employees are the weakest link in the
defense against ransomware
![Page 17: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/17.jpg)
How confident are you that your employees can detect risky links or sites that could result in a ransomware attack?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 17
9%
20%
17%
36%
18%
0%
5%
10%
15%
20%
25%
30%
35%
40%
Very confident Confident Somewhat confident Not confident No confidence
![Page 18: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/18.jpg)
How employees put companies at risk for a ransomware infection Very likely and Likely responses combined
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 18
57%
58%
59%
60%
0% 10% 20% 30% 40% 50% 60% 70%
Use business computers to access personalaccounts on social media or email during
working hours
Fall prey to a phishing/social engineeringscam that looks like an everyday business
request
Click on a website or advertisement forpersonal reasons knowing the link may not
be secure
Use third-party applications like Dropbox,Slack or Spotify on business computers
![Page 19: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/19.jpg)
Ponemon Institute RIM Council Presentation Private and
Confidential Page 19
The consequences of a ransomware infection:
the experiences of targeted companies
![Page 20: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/20.jpg)
Have you or your company experienced ransomware?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 20
49%
6%
10%
17%
18%
0% 10% 20% 30% 40% 50% 60%
No
Yes, more than 12 months ago
Yes, within the past 12 months
Yes, within the past 6 months
Yes, within the past 3 months
![Page 21: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/21.jpg)
What were the consequences of the ransomware attack? Two choices permitted
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 21
3%
15%
16%
22%
23%
24%
32%
32%
33%
0% 5% 10% 15% 20% 25% 30% 35%
Other
We had to postpone plans to expand ourbusiness
No consequences
We had to replace equipment
Lost customer data
Our reputation was diminished
We lost customers
Lost money from downtime
We had to invest in new securitytechnologies
![Page 22: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/22.jpg)
How was the ransomware unleashed?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 22
43%
30%
15%
8%
4%
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
Phishing/socialengineering
Insecure or spoofedwebsite
Malvertisements Social media Other
![Page 23: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/23.jpg)
Did the compromised device infect other devices in the network and data stored in the cloud?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 23
42%
58%
21%
79%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
Yes No
Did the compromised device infect other devices in the network (e.g., lateral infection)?
Did the compromised device infect data stored in the cloud?
![Page 24: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/24.jpg)
How did your company pay the ransom?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 24
33%
25%
20%
14%
9%
0%
5%
10%
15%
20%
25%
30%
35%
Bitcoin Cash Other virtual currency Wired funds Other
![Page 25: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/25.jpg)
Did the ransomware place a time limit for payment?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 25
46%
28%
11%
16%
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
Yes, less than 2 days Yes, 2 to 5 days Yes, more than 5 days No
![Page 26: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/26.jpg)
Did the ransomware exfiltrate data from the compromised device(s)?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 26
6%
17%
32%
30%
6%
9%
0%
5%
10%
15%
20%
25%
30%
35%
Yes, with certainty Yes, very likely Yes, likely Not likely No Unsure
![Page 27: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/27.jpg)
Why was ransom not paid?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 27
3%
10%
14%
15%
16%
42%
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
Other
Law enforcement told us not to pay it
Compromised data was not critical for ourbusiness
We did not believe the bad guys wouldprovide the decryption cypher
Company policy is not to pay ransom
We had a full backup
![Page 28: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/28.jpg)
Why did your company not report the incident to law enforcement?
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 28
21%
10%
17%
51%
0% 10% 20% 30% 40% 50% 60%
Other
Did not want the attackers toretaliate
Did not feel the extortion wasexorbitant
Did not want to publicize incident
![Page 29: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/29.jpg)
Key takeaways
Many companies think they are too small to be a target.
Current technologies are not considered sufficient to prevent ransomware infections.
Inability to detect all ransomware infections puts companies at risk.
One or more ransomware attacks are believed to be possible in the next 12 months.
The severity and volume of ransomware infections have increased over the past 12 months.
Negligent and uninformed employees put companies at risk.
To prevent ransomware infections, employees need to become educated on the ransomware threat.
Most companies experience encrypting ransomware.
The consequences of ransomware are costly.
By far, most ransomware incidents are unleashed as a result of phishing and insecure websites.
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 29
![Page 30: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/30.jpg)
Ponemon Institute RIM Council Presentation Private and
Confidential Page 30
Methods
![Page 31: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/31.jpg)
Position level within the organization
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 31
12%
9%
19%
17%
18%
8%
11%
2% 2% 1%
Business owner Executive/VP
Director Manager
Supervisor Technician
Staff Consultant
Contractor Other
![Page 32: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/32.jpg)
The primary person reported to within the organization
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 32
37%
22%
18%
8%
4%
4% 3% 2% 3%
Chief Information Officer
CEO/Business Owner
Chief Information Security Officer
Chief Financial Officer
Chief Security Officer
Data Center Management
General Counsel
Compliance Officer
Other
![Page 33: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/33.jpg)
Primary industry focus
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 33
14%
10%
10%
8%
8% 8%
7%
6%
5%
5%
5%
4%
4% 2% 2% 2%
Financial services
Health & pharmaceuticals
Services
Retail
Technology & software
Industrial
Consumer products
Public sector
Energy & utilities
Education & research
Entertainment & media
Transportation
Hospitality
Communications
Agriculture & food services
Other
![Page 34: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/34.jpg)
Worldwide headcount of the organization
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 34
11%
19%
21% 19%
21%
10%
Less than 100
100 to 200
201 to 300
301 to 400
401 to 500
More than 500
![Page 35: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/35.jpg)
Caveats
There are inherent limitations to survey research that need to be carefully considered before drawing inferences from findings. The following items are specific limitations that are germane to most web-based surveys.
Non-response bias: The current findings are based on a sample of survey returns. We sent surveys to a representative sample of individuals, resulting in a large number of usable returned responses. Despite non-response tests, it is always possible that individuals who did not participate are substantially different in terms of underlying beliefs from those who completed the instrument.
Sampling-frame bias: The accuracy is based on contact information and the degree to which the list is representative of individuals who have responsibility for containing ransomware infections within their organization. We also acknowledge that the results may be biased by external events such as media coverage. Finally, because we used a Web-based collection method, it is possible that non-Web responses by mailed survey or telephone call would result in a different pattern of findings.
Self-reported results: The quality of survey research is based on the integrity of confidential responses received from subjects. While certain checks and balances can be incorporated into the survey process, there is always the possibility that a subject did not provide a truthful response.
April 20, 2017 Ponemon Institute RIM Council Presentation Private and
Confidential 35
![Page 36: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/36.jpg)
Ponemon Institute RIM Council Presentation Private and
Confidential Page 36
Questions?
Ponemon Institute
Toll Free: 800.887.3118
Michigan HQ: 2308 US 31 N.
Traverse City, MI 49686 USA
![Page 37: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/37.jpg)
Speaker Introduction
Bhavesh Chauhan
• Principal Client Partner – Security Evangelist
within Verizon CTO organization • Previously led the Security Engineering and
Professional services for the North East Region
• Serves as a board member of the local ISACA chapter
• Holds a Masters of Science Degree in Physics and certifications such as CISSP, CISA and CISM
![Page 38: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/38.jpg)
![Page 39: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/39.jpg)
![Page 40: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/40.jpg)
![Page 41: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/41.jpg)
![Page 42: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/42.jpg)
![Page 43: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/43.jpg)
![Page 44: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/44.jpg)
![Page 45: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/45.jpg)
![Page 46: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/46.jpg)
![Page 47: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/47.jpg)
![Page 48: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/48.jpg)
![Page 49: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/49.jpg)
![Page 50: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/50.jpg)
![Page 51: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/51.jpg)
![Page 52: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/52.jpg)
![Page 53: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/53.jpg)
![Page 54: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/54.jpg)
![Page 55: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/55.jpg)
![Page 56: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/56.jpg)
![Page 57: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/57.jpg)
![Page 58: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/58.jpg)
![Page 59: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/59.jpg)
![Page 60: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/60.jpg)
![Page 61: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/61.jpg)
![Page 62: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/62.jpg)
![Page 63: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/63.jpg)
![Page 64: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/64.jpg)
![Page 65: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/65.jpg)
![Page 66: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/66.jpg)
![Page 67: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/67.jpg)
Speaker Introduction
Yolonda Smith
• Director of Product Management at Pwnie
Express • Spent 8 years in the United States Air Force
as a Cyberspace Operations Officer
• Developed and orchestrated the first Department of Defense Cyber Hunting missions
![Page 68: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/68.jpg)
![Page 69: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/69.jpg)
![Page 70: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/70.jpg)
![Page 71: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/71.jpg)
![Page 72: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/72.jpg)
![Page 73: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/73.jpg)
![Page 74: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/74.jpg)
![Page 75: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/75.jpg)
![Page 76: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/76.jpg)
![Page 77: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/77.jpg)
![Page 78: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/78.jpg)
![Page 79: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/79.jpg)
79
Open Discussion & Q&A
• Michael Angelo - Moderator
• Larry Ponemon
• Bhavesh Chauhan
• Yolonda Smith
To ask a question:
Type in your question in the Questions
area of your screen.
You may need to click on the double
arrows to open this function.
#ISSAWebConf
![Page 80: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/80.jpg)
80
Building Security in a Business Culture
2-Hour Live Event: Tuesday, June 27th, 2017 Start Time: 9:00 a.m. US-Pacific/ 12:00 noon US-Eastern/ 5:00 p.m. London
Overview: Everyone knows security is critical to our organizations survival, but yet we all seem to bolt on our security culture after the fact. This session will provide insight into why and how you can build your security culture and leverage the role of change management & behavioral change in making security programs more effective. Culture is an outcome of values, behaviors and communications. Many of us are faced with cultures and management structures that seem hostile to a successful security program. We're going to talk about how to identify those cultures that make it difficult to be successful and how to make a decision about what you should do: fish or cut bait. Can you make a difference or is it time to move on?
Next International Web Conference:
![Page 81: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/81.jpg)
81
A recording of the conference and a link to the survey to get CPE credit for attending the May ISSA International Web Conference will soon be available at: https://www.issa.org/page/May2017 and check out previous web conferences at https://www.issa.org/?OnDemandWebConf If you or your company are interested in becoming a sponsor for the monthly ISSA International Web Conferences, please visit: https://www.issa.org/?page=BecomeASponsor
Web Conference Survey
![Page 82: Breach Report Analysis · 2018. 4. 2. · Breach Report Analysis Today’s Moderator: Michael Angelo Chief Security Architect at Micro Focus Chair of ISSA International Web Conference](https://reader036.vdocuments.us/reader036/viewer/2022071014/5fcc690470cd2716a63c1ec2/html5/thumbnails/82.jpg)
Join ISSA
Webinar attendees can join ISSA at a 20% discount by using the code WEBCON42 during the checkout process The discount is available for all memberships except Students, and can also be used to renew your membership