Cyber Exposure:

The not so hidden threat

Gareth Evans

Contents

The Hollywood Myth

Dealing with the word “Cyber”

It’s data, Jim, but not as we know it

The Human problem

Online Exposure

Teach a man to Phish…

What can we do?

The Hollywood Myth

“It will never happen to us”

Major (US) brands get the headlines

Breach data is hard to come by

“We’ve not been hacked, our defenses are fine”

Dealing with the word “Cyber”

From the Greek kubernan ‘to steer’

“I’m not techie, don’t talk to me about Cyber”

Business risk, not technical problem Disclosure of confidential information

Compliance failures and associated fines

Reputation damage

Contract negotiation failures

Loss of intellectual property

It is not going away

It’s data, Jim, but not as we know it

Step away from the 1’s and 0’s

Critical Information / assets:

Component designs

Financial data

Personnel information (payroll etc.)

Project documentation

Emails

Understand the risk and defend accordingly

Social Engineering – The Human Problem

Big data search tools

False Flag social media accounts

Password compromise / recycling

Emotional attacks

Trust

Curiosity

Fear

Teach a man to Phish…

Don’t believe what you read

Attachments are not the only threat. Click here to find

out more

Targeted attacks can be hard to spot

So… What do we do?

Ask the right questions

Are the IT teams security goals aligned with current risk?

Educate

How can you be suspicious of something you don’t know is even possible?

Defend what is important

Resources are limited, understand you critical data and align defenses accordingly