RECOGNIZING CYBER THREATS: HOW TO PROTECT YOUR … · 2020-05-28 · © 2019 RSM Canada Consulting LP. All Rights Reserved. Cyber Incident –attack types 2019 Business Email Compromise

© 2019 RSM Canada Consulting LP. All Rights Reserved. © 2019 RSM Canada Consulting LP. All Rights Reserved.

RECOGNIZING CYBER THREATS:HOW TO PROTECT YOUR COMPANY DATA

RYAN DUQUETTEPARTNER – RSM CANADA - SECURITY AND PRIVACY RISK CONSULTING

May 28, 2020

ESSA | Environmental Services Association of Alberta

© 2019 RSM Canada Consulting LP. All Rights Reserved.

Agenda

• Cyber Incident Stats (just a few!)

• How are you being targeted

• Defining Cybersecurity

• Why SMEs

• What can be done and how to build a corporate culture of

security


Cyber Incident – attack types 2019

Business Email Compromise

58%

Ransomware / Malware

21%

Litigation7%

Other11%

WebApp Compromise3%


Cyber incidents – sectors (all) 2014–2019

21.5%

19.3%

9.6%8.8%

7.9%

5.7%

5.5%

4.7%

4.5%

3.2%

2.9% 1.8% 1.1% 0.8% 0.8%

0.7%

0.7% 0.3%

Professional Services Healthcare Retail Financial Services

Manufacturing Technology Education Nonprofit

Other Public Entity Hospitality Transportation

Energy Media Restaurant Entertainment

Telecommunications Gaming & Casino

Source: https://rsmus.com/what-we-do/services/risk-advisory/cybersecurity-data-privacy/the-real-cost-of-a-data-breach.html


Company Size – 2019

Source: Netdilligence 2019 report


Cyber incident – costs


NPO Breach Costs

Min 1K Max

1.6M

Average 72K


Cyber incident – costs


Professional Services

Min 1K Max

3.6M

Average 90K


What it sells for?

Social Insurance

Number

Online Payment

Services

Driver’s Licence Loyalty Accounts

Diplomas Passports

Credit or Debit Cards

Non-Public Financial General Logins

$1 $20 - $200

$20 $20

With CCV #

$5

With Bank Info

$15

Full Info

$30

$1 - $10 $1

$100 - $400 $1000 +

Subscription Services Medical Records

$1 - $10 $1 - $1000


How are you being targeted? Social Engineering


How are you being targeted? Reused Creds


A blend of technologies, processes, and

practices designed to protect networks,

devices, programs, and data from attack,

damage, or unauthorized access.

Defining cybersecurity

”

“


• Cybersecurity is a business issue, not a technical problem

The facts

• Business enhancing actions can quickly lead to disruption

• The landscape is complex, and competing drivers are

common

• Complex controls can hamper success


“Why isn’t this easier?”

• Regulatory obligations

• Evolving technology

• People


Ransomware

• Victims: 2019 - Average $84,116

• 6,300 dark web marketplaces selling ransomware

• 45,000 products – averaging $10.50

• $6+ million in ransomware sales – well over 1+ billion in

payoutshttps://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html


1. A vulnerability will be exploited

2. Everything is vulnerable, somehow

3. We trust, even when we shouldn’t

4. Innovation leads to exploitation

5. When in doubt, see #1

Key points


Mature processes,

methods, tools and

skills, working in

unison, with a

common goal.

The objective

Resulting in:

Well trained people, following

well developed procedures, using

well implemented technology


The (simplified) Approach

Identify ‘Crown Jewels’

Protect Assets

Detect Problems

Incident Response

Navigation


Why SMEs?

SMEs often collect sensitive

PII, including donor

information, health

information, social insurance

numbers, confidential emails,

employee records, and billing

information.

SMEs often have multiple

locations (working from home),

BYOD, and might not have

resources to spend on large

scale cybersecurity initiatives.

+


Information

Protection

Considerations

Choices

1. Very secure

2. Very functional3. Low cost

You can only pick two


Risks

loss

reputation

clients

employees

financial


Risks

Time


Things to think about

Understand the data

Be sure of your obligations

Think of the risks

Introduce appropriate controls

Consider the technology

Do you need it?

22


Things to do

Back upInsider Threat ProgramHave a planTest your environmentTrain you staffHave a teamConsider cyber coverage

23


Remote Workforce Considerations

24

• Where is your data being stored? On cloud services? Employees’ personal computers? Mobile devices?

• How is your data being transmitted?

• Are there any weaknesses that could allow attackers to compromise your employees’ remote networks or personal systems, potentially granting VPN access to the internal network?

• Have your business processes been updated to account for remote operations (e.g., accounts payable/receivable, payroll)

• Are you capturing more private data (e.g., home environments, geolocation data)? How does this affect compliance with privacy regulations?


In closing

Source:http://www.antifraudcentre-centreantifraude.ca/features-vedette/10-frauds-fraudes-eng.htm

Fraud Type Reports

Extortion 10,278

Personal Information 7,642

Phishing 5,053

Top 3 frauds of 2019

The following are the top 3 reported frauds in Canada in 2019, ranked by number of reports


Thank you – Questions and Answers?

[email protected]

416-706-2273

LI: RyanDuquetteMSC

Twitter: @RyanDuquette4n6

Documents

RECOGNIZING CYBER THREATS: HOW TO PROTECT YOUR … · 2020-05-28 · © 2019 RSM Canada Consulting LP. All Rights Reserved. Cyber Incident –attack types 2019 Business Email Compromise