Upload
gareth-evans
View
85
Download
0
Embed Size (px)
Citation preview
Cyber Exposure:
The not so hidden threat
Gareth Evans
Contents
The Hollywood Myth
Dealing with the word “Cyber”
It’s data, Jim, but not as we know it
The Human problem
Online Exposure
Teach a man to Phish…
What can we do?
The Hollywood Myth
“It will never happen to us”
Major (US) brands get the headlines
Breach data is hard to come by
“We’ve not been hacked, our defenses are fine”
Dealing with the word “Cyber”
From the Greek kubernan ‘to steer’
“I’m not techie, don’t talk to me about Cyber”
Business risk, not technical problem Disclosure of confidential information
Compliance failures and associated fines
Reputation damage
Contract negotiation failures
Loss of intellectual property
It is not going away
It’s data, Jim, but not as we know it
Step away from the 1’s and 0’s
Critical Information / assets:
Component designs
Financial data
Personnel information (payroll etc.)
Project documentation
Emails
Understand the risk and defend accordingly
Social Engineering – The Human Problem
Big data search tools
False Flag social media accounts
Password compromise / recycling
Emotional attacks
Trust
Curiosity
Fear
Teach a man to Phish…
Don’t believe what you read
Attachments are not the only threat. Click here to find
out more
Targeted attacks can be hard to spot
So… What do we do?
Ask the right questions
Are the IT teams security goals aligned with current risk?
Educate
How can you be suspicious of something you don’t know is even possible?
Defend what is important
Resources are limited, understand you critical data and align defenses accordingly