the only way to prevent incidents is to make your colleagues … · the only way to prevent...

The only way to prevent incidentsis to make your colleagues aware of Cybersecurity

Philip VerbeeckEnterprise Account Manager

The data is not optimized

Analysis struggles

Tuning and best practices falter

Firewall – Next Generation

Unified threat management

Intrusion detection and prevention

Anti-virus

Next-generation-X

Host intrusion detection and protection

Secure web gateway

E-mail

Web application firewall

Security information and event management (SIEM)

Cloud, mobile and “Internet of Things”

Bring Your Own Device - BYOD

User awareness

RansomwareAccess to Data always and

everywhere

Lost mobile devices and data on it

Security Operations Center SOC

Recruiting and keeping the right staff “Are we secure?”

Enterprise Mobile Management

Visibility struggles without global validation

Security Challenges

Increased

threats to Mac

machines

Exponential

growth of mobile

malware

Continued exploitation

of vulnerabilities

in 3rd party software

Targeted attacks

and malware

campaigns

323 000New Endpoint Threats

per day

Dramatically

increase of

Ransomware

What we see today

€ 70 million loss**Source: l’Echo – Jan 2016

What companies faced

€ 250 million loss**Source: Financial Times – Aug 2017

What companies faced

€ 110 million loss**Source: Financial Times – Jul 2017

What companies faced

80% of cyber incidents starts

with a human mistake

The weakest link

average financial impact of a

single data breach and

attack vector*

up to € 340 per employee per year

€ 73.400per SMB company

€ 730.500per enterprise

* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016.

** “Business Perception of IT Security: In The Face of an Inevitable Compromise”, Kaspersky Lab, 2016.

*** Calculations based on Ponemon Institute, “Cost of Phishing and Value of Employee Training”, August 2015.

average cost of phishing

attacks alone***average financial impact of a

single data breach and

attack vector*

€ 734.000per breach

average financial impact of an

incident involving careless

actions of employees**

Human mistakes as a big cyber risk

(Despite of traditional awareness programs in place)

Cybersecurity Awareness Program

Senior managers

Line of business managers

All employees

Security staff

Simulationgame

(KIPS)

Cyber Security games

E-learning

Cyber Securityfor IT

Company simulation game

Personal motivation trainings

On-access computer trainings

Reports & trainings

Cybersecurity Awareness Program

Scenarios for all Verticals

• Understanding “why is security so

important for each of us?”

• Distinction “what is safe and unsafe

behaviour?”

• Positive examples approach “How

to do", instead of only “Do not”

• Conceiving ”how are cybercriminals

looking at us?”

Game format for motivation purposes

22 Online modules:

• Anti-phishing

• Privacy protection• Social media • Physical security

• Security for mobile devices• Safe internet use• Security outside the office

• Social engineering• URL-training• E-mail security

• Passwords• ...

Cyber Safety E-Learning

Cyber Safety E-learning

• Initial assessment for a clear starting point

• Periodic recurrence provides insights in the

employees’ development

• Prioritizing sub-programs based on measurement

results

• Individual development and trends visible in the

management console

Measurable

Cyber safety games.. Education and fun combined

Continuous training methodology

Assess• Knowledge assessment

• Simulated attacks

Educate• Interactive skills training

modules

• CyberSafety Management Games

• KIPS

Reinforce• Line managers support

• Awareness materials (Leading to the Light)

Measure• Knowledge tracking,

benchmarking, reporting

• Safety Culture Assessment

Continue during the year, cycle by cycle

Best Practice Guide and technical support

Cumulative effect – each training supports the other

Licensed Training providers

Kaspersky Security Awareness – our clients

• 93% likelihood to apply knowledge

• 90% decrease in the number of incidents

• 50-60% reduction* of the cyber risk

monetary volume

• Measurable security awareness program resultsTechnical training programs for IT Security professionals are also available

The Value

• E-learning platform built on “Wombat Security Technologies”

• Qualified as “Leader” in the Gartner Magic Quadrant for “Security Awareness Computer Based Trainings” for 3 consecutive years

• Guaranteed effective results for major organizations:reduction of more than 90% observed for successful phishing attacks and malware infections

• Supplemented with the specialized cyber security knowledge and experience of Kaspersky Lab

Proven high quality model

https://www.kaspersky.com/enterprise-security/cybersecurity-

awareness/demo/#trainingModules

A free interactive demo of Kaspersky Employee Skills Training Platform

https://www.kaspersky.com/enterprise-security/security-awareness

More on our Security Awareness products

Try out the interactive demo

The data is not optimized

Analysis struggles

Tuning and best practices falter

Firewall – Next Generation

Unified threat management

Intrusion detection and prevention

Anti-virus

Next-generation-X

Host intrusion detection and protection

Secure web gateway

E-mail

Web application firewall

Security information and event management (SIEM)

Cloud, mobile and “Internet of Things”

Bring Your Own Device - BYOD

User awareness

RansomwareAccess to Data always and

everywhere

Lost mobile devices and data on it

Security Operations Center SOC

Recruiting and keeping the right staff “Are we secure?”

Enterprise Mobile Management

Visibility struggles without global

validation

Cyber Security Overview

WE PROTECTWHAT MATTERS MOST