convincing the ceo to budget for cyber security
TRANSCRIPT
www.CyberRescue.co.uk Page: 1
Convincing the CEO to budget for security -making it personal
Tallinn, [email protected] +44 79 20 76 65 3015th November 2016
www.CyberRescue.co.uk Page: 2
Cyber Rescue works in 9 countries
Executive Simulations
Crisis Response Plan
Coach for Cyber Attack Response
Protect & TestYour Suppliers
Protect & Test Your Staff
Protect & TestYour Network
Lead Recovery
Learn from those who suffered major attacks.
Prepare your team to make key decisions.
Reduce HarmMitigate vulnerabilities that can hurt reputation and revenues.
They’re not just in IT…
www.CyberRescue.co.uk Page: 3
Option 1: Show market data
Typical Executive Response:“OK, the market must fix the problem”
www.CyberRescue.co.uk Page: 4
Option 2: Show company data
Client
Typical Executive Response:OK, the IT Director must fix the problem
www.CyberRescue.co.uk Page: 5
Option 3: Simulate a Breach
Typical Executive Response:OK, WE must work together on this
www.CyberRescue.co.uk Page: 6
CENSOREDThe short, very basic simulation of a cyber attack used at this event in in Estonia is available only to Members of Cyber Rescue.
For the public, in this censored version, we are happy to share some of the information points and images used during the workshop.
www.CyberRescue.co.uk Page: 7
Colleagues: Who gets told about their worst cyber security incident? CEO = 45%, HR =32%, Legal =28%, PR =24%. (Jan ‘16)
Police: 82% of companies don’t report breaches to police (May ‘16)68% of Directors unaware how to report cyber crime (March ‘16)
Pay Ransom: 91% of Executives say they won't pay a cyber ransom.But 64% do (June ‘16)
www.CyberRescue.co.uk Page: 8
Consumer’s stated reactions to a data breach•91% say "24 hours or less" is acceptable for notification (May’16) •62% “would lose trust” if company didn’t communicate (Jan ‘16)•32% “would have diminished loyalty after a breach” (May ‘16)•11% “would quit doing business with hacked company” (April ‘16)
46% of Irish companies say they would not disclose a data breach to impacted third parties (July ‘16)
Among causes of a breach, the least harmful to consumer loyalty is Human Error (May ‘16)
www.CyberRescue.co.uk Page: 9
Time: How long for IT specialists to respond to Breach (June ‘16)•201 days to identify a breach (range = 20 to 569 days)•70 days to contain a breach (range = 11 to 126 days)
Missing Info: Log Files “often” poorly configured or unavailable (Oct ‘16)
Capability: 45% of IT security staff say they “can determine scope of a breach” (Jan ‘16)
www.CyberRescue.co.uk Page: 10
Insurance: 52% of British CEOs think their company is insured for cyber risks. Just 2% of large businesses actually have stand alone cyber insurance in UK (March ‘15)
“The market for cyber insurance isn’t sustainable” (Sept ‘15)
Why businesses say they do not have insurance (Nov ‘15) “Premiums too expensive” (52%) “Too many exclusions” (44%)
Companies with cyber insurance but not claimed = 81% (March ‘16)
$1m cyber policy costs $5 - 25k pa for “average” company (April ‘16)
www.CyberRescue.co.uk Page: 11
$4 million USD is the average total cost of data breach (up 29% since 2013): more in Healthcare, Education & Finance.
Abnormal churn following a breach ranges from 6.2% in Finance and 5.3% in Health to 0.1% in Public Sector.
Cost is reduced most by: Incident Response Team (-10%), Encryption (-8%), Training (-6%).
$158 USD is the average cost per lost or stolen record (up 15% since 2013). (June 2016)
53% of Breach Notifications included an offer of Credit Monitoring, which was taken up by 10% of those consumers. – March 2016
www.CyberRescue.co.uk Page: 12
55% pa increase in spear-phishing attacks on employees (April ‘16)
52% of IT professionals re-use personal passwords for business apps
41% of Millennials install apps on work PC without consulting IT
30% of Millennials email company info to a personal email address
30% of phishing messages are opened (April ‘16)
29% of companies with mandatory data protection training give an exception to CEOs (May ‘16)
Cause of breach (March ‘16): - 48% Current Employee - 31% Outside Perpetrator - 17% Related Third Party - 4% Former Employee.
www.CyberRescue.co.uk Page: 13
CENSOREDThe short, very basic simulation of a cyber attack used at this event in in Estonia is available only to Members of Cyber Rescue.
For the public, in this censored version, we are happy to share some of the information points and images used during the workshop.
www.CyberRescue.co.uk Page: 14
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 15
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 16
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 17
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 18
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 19
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 20
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 21
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 22
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 23
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 24
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 25
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 26
For source of these quotes http://www.cyberrescue.co.uk/library/response
www.CyberRescue.co.uk Page: 27
Simulation Follow-up
Executive Simulations
Crisis Response Plan
Coach for Cyber Attack Response
Protect & TestYour Suppliers
Protect & Test Your Staff
Protect & TestYour Network
Lead Recovery
Learn from those who suffered major attacks.
Prepare your team to make key decisions.
Reduce HarmMitigate vulnerabilities that can hurt reputation and revenues.
They’re not just in IT… Call +44 20 7859 4320, [email protected]
www.CyberRescue.co.uk Page: 28
Cyber Rescue works in 9 countries
Executive Simulations
Crisis Response Plan
Coach for Cyber Attack Response
Protect & TestYour Suppliers
Protect & Test Your Staff
Protect & TestYour Network
Lead Recovery
Learn from those who suffered major attacks.
Prepare your team to make key decisions.
Reduce HarmMitigate vulnerabilities that can hurt reputation and revenues.
They’re not just in IT…