brown cyber-security 2019 county auditors no notes · so why bother” “ don’t fix what isn’t...
TRANSCRIPT
4/19/19
1
CYBERCRIMEONE OF THE GREAT CHALLENGES TO THIS DECADE
FACTS
ACCORDING TO THE 2019 CYBER SECURITY ALMANAC COMPILED AND PUBLISHED BY CISCO AND CYBERSECURITY VENTURES,
“CYBERCRIMINAL ACTIVITY IS ONE OF THE BIGGEST CHALLENGES THAT HUMANITY WILL FACE IN THE NEXT TWO DECADES. ”
HTTPS://CYBERSECURITYVENTURES.COM/CYBERSECURITY-ALMANAC-2019/
4/19/19
2
A PROBLEM
WITH GLOBAL SCOPE
1989
The World Wide Web was invented in 1989. The first-ever website went live in 1991. Today there are more than 1.9 billion websites.
2020
The world’s digital content is expected to grow to 96 zettabytes by 2020,up from 4 zettabytes just 3 years ago.
2022
by 2022, more IP traffic will cross global networks than in all prior “Internet years.” In other words, more traffic will be created in 2022 than in the 32 years since the Internet started.
4/19/19
3
NEARLY ALL OF
HUMANITY AFFECTED
There were nearly 4 billion Internet users in 2018, up from 2 billion in 2015. Cybersecurity Ventures predicts that there will be 6 billion Internet users by 2022 — and more than 7.5 billion Internet users by 2030.
2015
In 2004, the global cybersecurity market was worth $3.5 billion — and in 2017 it was worth more than $120 billion. The cybersecurity market grew by roughly 35X during that 13-year period
2017
EXPONENTIAL GROWTH,
EXPONENTIAL RISK
CYBERSECURITY VENTURES ESTIMATES THERE ARE 111 BILLION LINES OF NEW SOFTWARE CODE BEING PRODUCED EACH YEAR.
ZERO-DAY EXPLOITS ALONE ARE PREDICTED TO REACH ONE PER DAY BY 2021, UP FROM ONE PER WEEK IN 2015.
HACKING TOOLS AND KITS FOR CYBERATTACKS HAVE BEEN AVAILABLE IN ONLINE MARKETPLACES FOR SEVERAL YEARS — AT PRICE POINTS STARTING AS LOW AS $1 — WHICH MAKES THE COST OF ENTRY TO A LIFE OF CYBERCRIME NEARLY FREE.
4/19/19
4
DEEP WEBS, DARK
MARKETS
THE DEEP WEB IS INTENTIONALLY HIDDEN AND ESTIMATED TO BE AS MUCH AS 5,000 TIMES LARGER THAN THE SURFACE WEB, AND GROWING AT A RATE THAT DEFIES QUANTIFICATION.
THE DEEP WEB HOSTS OPEN MARKETS WHERE PRIVATE HEALTH AND OTHER RECORDS SELL FOR AS LITTLE AS PENNIES PER RECORD.
CYBERCRIME HAS HIT THE U.S. SO HARD THAT THE FEDERAL BUREAU OF INVESTIGATION TOLD THE WALL STREET JOURNAL THAT EVERY AMERICAN CITIZEN SHOULD EXPECT THAT ALL OF THEIR DATA (PERSONALLY IDENTIFIABLE INFORMATION) HAS BEEN STOLEN AND IS NOW ON THE DARK WEB.
HTTPS://WWW.CSOONLINE.COM/ARTICLE/3189869/HEALTHCARE-RECORDS-FOR-SALE-ON-DARK-WEB.HTML
TOP CYBERCRIMINAL
TARGETS
The 5 most cyber-attacked industries over the past 5 years are healthcare, manufacturing, financial services, government, and transportation.
Cybersecurity Ventures predicts that retail, oil and gas / energy and utilities, media and entertainment, legal, and education (K-12 and higher ed), will round out the top 10 targeted industries for 2019 to 2022
4/19/19
5
CyberCriminal Tools and Techniques
BUSINESS EMAIL
COMPROMISE
The FBI reported that Business Email Compromise (BEC),— a scam aimed at intercepting wire transfer payments — has cost more than $12.5 billion in losses over the past 4.5 years (as of its last tally through May 2018).
Security researchers have exposed a thriving deep-web market with hackers offering access to business email addresses to crooks who then attempt to carry out frauds.
The email accounts are compromised via spam/phishing campaigns and sold for as little as $150 each
https://www.zdnet.com/article/this-dark-web-market-is-dedicated-to-compromising-your-emails/
4/19/19
6
Ransomware
Ransomware encrypts files on an infected computer and demands a ransom to decrypt and access the files.
Ransomware attacks saw a 350 percent increase in 2018
Global ransomware damage costs are predicted to hit $20 billion in 2021, up from $11.5 billion in 2019, $5 billion in 2017, and just $325 million in 2015
Phishing
emails crafted to lure their recipients to click a link, open a document or forward information to someone they shouldn’t.
It’s widely reported that more than 90 percent of successful hacks and data breaches stem from phishing scams
Training users how to detect and react to these threats is a critical ransomware deterrent.
4/19/19
7
CYBERCRIMINAL DAMAGES
CYBERCRIME
Cybercrime costs include damage and destruction of data, stolen money, lost productivity,
theft of intellectual property, theft of personal and financial
data, embezzlement, fraud, post-attack disruption to the normal course of business,
forensic investigation, restoration and deletion of
hacked data and systems, and reputational harm.
4/19/19
8
COST OF A DATA BREACH
This year, the Ponemon Institute calculated the average healthcare data breach costs to be $380 per record. The average global cost
per record for all industries is now $141.
The average global cost of a data breach now stands at $3.62 million
https://www.hipaajournal.com/healthcare-data-breach-costs-2017-8854/
FAMOUSBREACH
The Yahoo hack was recently recalculated to have affected 3 billion
user accounts, and the Equifax breachin 2017
— with 145.5 million customers affected —
exceeds the largest publicly disclosed
hacks ever reported.
4/19/19
9
CyberSecurity Trends
Training, Training, Training
Much of this training is centered on combating phishing scams and
ransomware attacks.
Global spending on security awareness training for employees — one of the
fastest growing categories in the cybersecurity industry — is predicted to
reach $10 billion by 2027, up from around $1 billion in 2014.
4/19/19
10
TAC Ahead Of The Curve
Texas Association of Counties uses an online Cyber Security Training program internally that sends occasional phishing tests and tracks the results.
As a result, our phishing tests show TAC users clicking on suspicious emails less and less
…AND OFFERING TRAINING
TO COUNTIES
TAC is offering online Cyber Security training to Texas Counties through MediaPro.
TAC is absorbing the cost of this service in an effort to help train county employees to think before they click and become human firewalls.
Counties can get more information about this training atwww.county.org/countycyber.
4/19/19
11
INSURE
NETWORK
SECURITY
Singapore announced the launch of
the world’s first commercial cyber
risk pool, a facility for providing
cyber insurance to corporate
buyers, as cyberattacks in the Asia
Pacific region become more
pervasive. The pool will commit up
to $1 billion (USD) in risk capacity
and will be backed by capital from
traditional insurance and
insurance-linked securities markets
to provide bespoke coverage.
CYBER INSURANCE
68 percent of U.S. businesses have not purchased any form of cyber liability or data-breach coverage, showing that businesses are not adopting cyber insurance at a rate that matches the risks they face.
Government is ahead of the curve with a majority of the 25 most populous U.S. cities now have cyberinsurance or are looking into buying it, according to a Wall Street Journal survey.
4/19/19
12
TAC CYBER
INSURANCE
Members of Public Officials’ Liability (POL) receive Privacy & Data Security Liability (Cyber Liability) at no additional cost
Members with Cyber coverage have cyber resources available via eRisk Hub
Members who have a covered cyber event have access to a data breach coach, forensic vendors and other resources to assist with possible cyber breaches
Members who have cyber coverage have 1st
party and 3rd party coverages for losses
SECURITY BEST
PRACTICES
Security is as topic that is not popular in the IT domain. For Customers it is often seen as a financial investment that brings no profit.
4/19/19
13
WE
DON’T
REALLY
NEED IT…
When bringing up the topic you inevitably hear things like:
“I haven’t been hacked so why bother”
“ Don’t fix what isn’t broken.”
WHAT IS WANNACRY?
The most common and effective hacking techniques rely on social engineering, aka tricking people.
One of the most effective security counter-measures is regular cyber security training to remind people of smart, skeptical internet practices.
4/19/19
14
HOW TO DEFEND?
User Awareness
Properly Configured Perimeter Firewall
Internal Firewall / VLAN Traffic
Patching
Anti-Virus
SHOULDN’T ANTIVIRUS
STOP EVERYTHING?
Most companies don’t implement Antivirus correctly
Are you willing to wait 5 minutes for Anti-virus to check every file before you accessed it?
4/19/19
15
HOW TO DEFEND?
User Awareness
Properly Configured Perimeter Firewall
Internal Firewall / VLAN Traffic
Patching
Anti-Virus
Locking Down Systems
BACKUPS: THE LAST LINE OF
DEFENSE3-2-1 Backup Strategy
Store the copies on
2different
media
Keep 1Backup Offsite
Have a robust backup strategy
Have at least 3
copies of your data
4/19/19
16
TO SUMMARIZE
THESE:
Regular security awareness training so users don’t open suspicious attachments
Secure the network by blocking unnecessary protocols and restrict network resource access to what is actually needed
Do regular patches and have a good patch strategy
Use anti-virus and lock down your systems
Do regular backups and have a good backup strategy