At what price?

How much can a security incident cost you?

Jason Appel, CISSP, MCSE, MCSA, MCT A

Project Manager | Security Practice ManagerADNET Technologies jappel@thinkADNET.comlinkedin.com/in/jappel

www.thinkADNET.com

Perspective: What is InfoSec?

How much was that?

Direct losses

Productivity

Notifications

Opportunity

Reputation

Other

HackingBreach

Outage

What happened?

Attacks involving:

Malware

Remote access

Ransom

Drive by browsing

Phishing

Social Engineering

HackingBreach

Outage

What happened?

2014 - $445 Billion Annually

Home

SMB

Enterprise

Mobile

http://www.usnews.com/news/articles/2014/06/09/study-hackers-cost-more-than-445-billion-annually

http://money.cnn.com/2015/10/08/technology/cybercrime-cost-business/

HackingBreach

Outage

What happened?

CEO Fraud

BEC - Business Email Compromise

Actual theft

Usually targeted social engineering

Spear phishing or whaling

o Similar to legit source email

o Targeted destination

o Targeted organization

HackingBreach

Outage

What happened?

CEO Fraud

http://www.ic3.gov/media/2015/150827-1.aspx

CEO Fraud 270% increase: Jan. to Aug

Total U.S.

o 7,066

o $747,659,840.63

Total non-U.S.

o 1,113

o $51,238,118.62

Combined $798,897,959.25

With other int’l. LEOs: $1.2 Billion (estimate)

HackingBreach

Outage

What happened?

http://www.ic3.gov/media/2015/150827-1.aspx

Hacking

BreachOutage

What happened?

Loss of Protected Information

PII/PHI/etc.

Regulated: Industry, State, and Federal

State breach notification laws

Positive control

Proving the negative

Guilty until proven innocent

Hacking

BreachOutage

What happened?

2015 Average Breach:

$3.8 million each

$217 per record

Of the $217:

o $74 direct costs

o $143 indirect costs

http://www-03.ibm.com/security/data-breach/

https://securityintelligence.com/cost-of-a-data-breach-2015/

Hacking

BreachOutage

What happened?

Hacking

Breach

Outage

What happened?

Service or info not available

Technical problems

Malicious activity

Disasters

Infrastructure outages

Services – Cloud?

Hacking

Breach

Outage

What happened?

http://www.cnbc.com/2015/04/24/starbucks-hit-with-apparent-nationwide-

outage.html

April 24 2015

No Breach

Cloud CRM, table in DB was deleted, POS cannot log in

4 pm to 9:30 pm

Estimate $4 million lost

Hacking

Breach

Outage

What happened?

http://www.cnbc.com/2015/04/24/starbucks-hit-with-apparent-nationwide-

outage.html

http://www.geekwire.com/2015/starbucks-back-in-business-internal-report-blames-deleted-database-table-indicates-

outage-was-global/

Just a normal day, April 19th

What happened?

04/19/2016 Problems at Twitch

04/19/2016 Problems at Snapchat

04/19/2016 Problems at Amtrak

04/19/2016 Problems at Telepacific

04/19/2016 Problems at Youtube

04/19/2016 Problems at AOL

04/19/2016 Problems at Facebook

04/19/2016 Problems at Vimeo

04/19/2016 Problems at Mediacom

Hacking

Breach

Outage

What were we just talking about?

Perspective

What incurs the cost?

Hacking

Breach

Outage

Questions?

jappel@thinkADNET.comlinkedin.com/in/jappel

Our PartnersADNET proudly partners with leading technology and business solution providers to help our clients find the best possible fit for their needs. We encourage you to visit our partners' websites to learn more about their services.

@ADNETTech

@ADNETTechnologiesLLC

@ADNETTechnologiesLLC

www.thinkADNET.com

@ADNETTech

@ADNETTechnologiesLLC

@ADNETTechnologiesLLC

www.thinkADNET.com

@MarcumLLP

@Marcum-LLP

@MarcumLLP

www.marcumllp.com