Upload
cbiz-inc
View
505
Download
3
Embed Size (px)
Citation preview
umb.com | © 2015 UMB | p. 6
• Job Growth
• US Consumer
• Corporate Earnings
• Interest Rates/Yield Curve /
• Inflation • Geopolitical Risks
Scorecard of Broad Indicators
Current Read
2015 Broad Scorecard
umb.com | © 2015 UMB | p. 9
Problematic
Marginally Employed
umb.com | © 2015 UMB | p. 19
Contagion risk is “contained”
1. ECB accommodative policies 2. EU economy stronger
10 Year Yields
umb.com | © 2015 UMB | p. 23
Core Inflation (PCE)
Currently below 2% Fed Target
umb.com | © 2015 UMB | p. 29
2015 -16 Forecast
2013 2014 2015 2016 GDP 1.5% 2.4% 2.5% 2.5 - 2.8% S&P 500 32% 14% 3-6% 6-10% 10-yr Treasury 3.00% 2.17% 2.50% 2.75% Fed Funds Rate 0.25% 0.25% 0.75% 1.50% Unemployment 6.7% 6.0% 5.1% 4.8%
2015 Cautiously Optimistic
umb.com | © 2015 UMB | p. 30
DISCLOSURE AND IMPORTANT CONSIDERATIONS UMB Investment Management is a division within UMB Bank, n.a. that manages active portfolios for employee benefit plans, endowments and foundations, fiduciary accounts and individuals. UMB Financial Services, Inc.* is a wholly owned subsidiary of UMB Financial Corporation and an affiliate of UMB Bank, n.a. UMB Bank, n.a., is an affiliate within the UMB Financial Corporation. This report is provided for informational purposes only and contains no investment advice or recommendations to buy or sell any specific securities. Statements in this report are based on the opinions of UMB Investment Management and the information available at the time this report was published. All opinions represent our judgments as of the date of this report and are subject to change at any time without notice. You should not use this report as a substitute for your own judgment, and you should consult professional advisors before making any tax, legal, financial planning or investment decisions. This report contains no investment recommendations and you should not interpret the statements in this report as investment, tax, legal, or financial planning advice. UMB Investment Management obtained information used in this report from third-party sources it believes to be reliable, but this information is not necessarily comprehensive and UMB Investment Management does not guarantee that it is accurate. All investments involve risk, including the possible loss of principal. Past performance is no guarantee of future results. Neither UMB Investment Management nor its affiliates, directors, officers, employees or agents accepts any liability for any loss or damage arising out of your use of all or any part of this report. “UMB” – Reg. U.S. Pat. & Tm. Off. Copyright © 2015. UMB Financial Corporation. All Rights Reserved. * Securities offered through UMB Financial Services, Inc. Member FINRA, SIPC or the Investment Banking Division of UMB Bank, n.a. Insurance products offered through UMB Insurance Inc. You may not have an account with all of these entities. Contact your UMB representative if you have any questions.
Securities and Insurance products are:
Not FDIC Insured * No Bank Guarantee * Not a Deposit * Not Insured by any Government Agency * May Lose Value
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
WADE KERRIGAN, PARTNER KRIS KAPPEL, PARTNER
DEBORAH JUHNKE, DIRECTOR OF INFORMATION GOVERNANCE CONSULTING CHRISTOPHER BUDKE, SPECIAL INVESTIGATOR
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Cybersecurity is in large part an “Anthropology Issue”
The U.S. Navy will graduate its first class in 40 years in how to use the sextant
What will we do if our information is not trustworthy?
Mike Rogers, former Chair, House Intelligence Committee
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
You are an IT Organization by Default
“If you went to bed last night as an industrial company, you’re going to wake up this morning as a software and analytics company.”
Jeffery Immelt, Chairman & CEO, General Electric
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
What is the Reach of Your Network?
Unknown Depth and Scope
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
5 to 10 Times the Impact of the Internet*
*John Chambers, Executive Chairman, Cisco Systems
Forbes
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Massive Global Malicious Exploitation
“There are two types of big companies in the U.S., those that have been hacked….and those who don’t know they have been hacked.”
James Comey, FBI Director
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Fairly Ugly Reality Malicious traffic is visible on 100% of corporate networks
Cisco, 2014 Annual Security Report
93% of employees knowingly violate cyber security policies Corporate Executive Board
23% of cyber security incidents are purposely caused by insiders Carnegie Mellon University 2013 State of U.S. Cybercrime Survey
Average time to discovery of a cyber breach is now 205 days Mandiant M-Trends Report 2015
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Ready Corp.
• $500M annual revenue • Manufacturing company • Domestic & overseas import/export • 2500 employees
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Exploration and Risk Assessment
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Security
Legal
Forensic
Law Enforcement
Regulators
Insurance Coverage
Public Relations
Stakeholders
Notifications
Personnel Management
10 Activity Channels for Breach Response
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Security Issues in Third-party Contracting
Next Steps
Understand what you have
Examine your risks
Plan for the inevitable breach
Ensure third-party contractors comply
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
1 in 3. That’s the odds of a manufacturing company being targeted for a cyber attack.
*Symantec 2014 Internet security threat report
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Agenda • Introduction • Types of attacks • Recent Attacks • A false sense of security • Vulnerabilities • Prevention/Mitigation
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Introduction
Cyber attacks cost companies $400 billion every year across the globe. * Fortune January 23, 2015
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
What is Cybersecurity?
Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Recent Attacks
• Target Breach – Cost to Target > $500 million – Gained access via vendor – Email Phishing attack used
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Recent Attacks • German Steel Mill
– Blast furnace lockdown and takeover causing significant damage
– Targeted control systems within facility – Email Phishing attack used
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Recent Attacks
– 80 million records compromised, included Social Security Numbers, address, name, date of birth and much more.
– Email Phishing attack used to obtain credentials for administrator accounts.
– Records not encrypted within the database. – Cost to Anthem so far well over $100 million just to notify
customers.
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Recent Attacks • Office of Personnel Management (OPM)
– 21.5 million records compromised, included Social Security Numbers and other sensitive information.
– Stolen credentials allowed hackers to install malware.
– Evidence possibly points to a state sponsored attack.
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
A false sense of security • I am too small to be attacked. The smaller the business
is, the easier it is to hack. Smaller companies might not have the technological sophistication and have become prime targets.
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
A false sense of security • Why would someone attack our ERP, CRM, SCM or HR
systems? – Because of the Information they store - Manufacturing
recipes, HR data, credit cards, financial results, etc. • As holders of the world’s leading intellectual property,
including designs, patents, and trade secrets, manufacturers are consistently targeted by cyber thieves.
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Risk of Falling for Social Engineering Attack
60%
44%
38%
33% 32%
23%
New employeesContractorsExecutive assistantsHuman resourcesBusiness leadersIT personnel
Vulnerabilities • > 325 Industrial Control
System (ICS) cyber incidents in 2014.
• Ranged from significant discharges to significant equipment damage to even deaths.
• Very few ICS specific cyber security technologies, trainings and policies.
• > 1,000,000 ICS devices directly connected to the internet ( as of 2013)
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Prevention/Mitigation
• Don’t let an attack drive change • Vendor Security • Business Continuity and Disaster
Preparedness • Cyber Liability Insurance • Network Vulnerability Assessments
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Prevention/Mitigation
1. Maintain an accurate inventory of control system devices and eliminate any exposure of the equipment to external networks.
2. Implement network segmentation and apply firewalls.
3. Use secure remote access methods.
4. Establish role-based access controls and implement system logging.
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Prevention/Mitigation
5. Use only strong passwords, change default passwords, and consider other access controls.
6. Maintain awareness of vulnerabilities and implement necessary patches and updates.
7. Develop and enforce policies on mobile devices.
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Prevention/Mitigation
8. Implement an employee cybersecurity training program
9. Involve executives in cybersecurity.
10. Implement measures for detecting compromises and develop a cybersecurity incident response plan.
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Next Steps • Valuable resources
– The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
• https://ics-cert.us-cert.gov/ – NIST - Computer Security Resource Center
(CSRC) • http://csrc.nist.gov/
Sponsored By: CBIZ & Mayer Hoffman McCann P.C. Husch Blackwell LLP UMB Bank
Questions?
Michael Hannan, CISA Manager – CBIZ MHM, LLC 700 W. 47th Street, Suite 1100 Kansas City, MO 64112 Direct: (816) 945-5668 Email: [email protected]