creating awareness: how to prevent security breaches ...* report: “measuring the financial impact...
TRANSCRIPT
![Page 1: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/1.jpg)
www.kaspersky.com/awareness
www.k-asap.com
Philip Verbeeck – Enterprise Account Manager
18th November 2019
Creating awareness: how to prevent security breaches within your organization
![Page 2: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/2.jpg)
Expertise2
Our Global Research and Analysis Team of security experts constantly explores and fights the most advanced cyberthreats
new malicious files are
detected by Kaspersky Lab
every day360,0001/3 of our employees are
R&D specialists 50+world-leading
security experts:
our elite group
About Kaspersky
![Page 3: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/3.jpg)
See how easy it is …
![Page 4: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/4.jpg)
€ 250 million loss**Source: Financial Times – Aug 2017
What companies faced
![Page 5: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/5.jpg)
€ 640.000 loss**Source: De Tijd – April 2018
What companies faced
![Page 6: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/6.jpg)
What SMB - companies faced
€ 4.940,- / minute downtime loss**Source: Gartner – Nov 2018
CCB: “in 2017, 60% of the cyber attacks were addressed to SMB’s, 95% of Belgian companies are SMB’s....”
![Page 7: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/7.jpg)
What public institutions faced
24 out of 28 municipalities lacking adequate protection**Source: Computable – September 2018
![Page 8: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/8.jpg)
80% of cyber incidents starts
with a human mistake
The weakest link
![Page 9: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/9.jpg)
average financial impact of a
single data breach and
attack vector*
up to € 340 per employee per year
€ 73.400per SMB company
€ 730.500per enterprise
* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016.
** “Business Perception of IT Security: In The Face of an Inevitable Compromise”, Kaspersky Lab, 2016.
*** Calculations based on Ponemon Institute, “Cost of Phishing and Value of Employee Training”, August 2015.
average cost of phishing
attacks alone***average financial impact of a
single data breach and
attack vector*
€ 734.000per breach
average financial impact of an
incident involving careless
actions of employees**
Human mistakes as a big cyber risk
(despite of traditional awareness programs in place)
![Page 10: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/10.jpg)
Kaspersky’s approach to Cyber Safety Awareness
![Page 11: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/11.jpg)
Different training formats for different organizational levels
![Page 12: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/12.jpg)
Kaspersky Interactive Protection Simulation
![Page 13: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/13.jpg)
• Understanding “why is security so
important for each of us?”
• Distinction “what is safe and unsafe
behaviour?”
• Positive examples approach “How
to do", instead of only “Do not”
• Conceiving ”how are cybercriminals
looking at us?”
Game format for motivation purposes
![Page 14: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/14.jpg)
22 Online modules:
• Anti-phishing
• Privacy protection• Social media • Physical security
• Security for mobile devices• Safe internet use• Security outside the office
• Social engineering• URL-training• E-mail security
• Passwords• GDPR• ...
Cyber Safety E-Learning
![Page 15: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/15.jpg)
Continuous training methodology
Assess• Knowledge assessment
• Simulated attacks
Educate• Interactive skills training
modules
• CyberSafety Management Games
• KIPS
Reinforce• Line managers support
• Awareness materials (Leading to the Light)
Measure• Knowledge tracking,
benchmarking, reporting
• Safety Culture Assessment
Continue during the year, cycle by cycle
Best Practice Guide and technical support
![Page 16: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/16.jpg)
� Effective
Employees develop strong cyber security
skills with short lessons and continuous
trainings.
� Focus on ease of use
Fully automated platform which is configured
and managed in a few minutes.
Free trial with 5 users.
K-ASAP: a simple and effective solution
www.k-asap.com
On-line free trial :
![Page 17: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/17.jpg)
Educational schedule
![Page 18: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/18.jpg)
Target levels depending on the position of the employee and the need to be protected against certain types of attacks
Target Level… …which normally allows to withstand against…
… recommended for (examples)…
I – Beginner Mass (cheap and easy) attacks Juniors, factory workers
II – Elementary Mass attacks on a specific victim
profileMarketing, engineers,
administrative employees
III – Intermediate Well-prepared focused attacks on a
chosen group of victims HR, non-executive
accountants
IV – Advanced Targeted attacksIT (admins), personal assistants, executives
![Page 19: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/19.jpg)
Progress monitoring and sending recommendations automatically
� ASAP monitors progress of each student.
� Every week employee receives a letter with a progress report.
� The employee receives personal recommendations on how to improve results: on which dates they should target to
study according to the schedule
This saves the administrator’s many hours of tracking progress and sending reminders without sacrificing the quality of training.
![Page 20: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/20.jpg)
Kaspersky Automated Security Awareness Platform (K-ASAP) in practice
![Page 21: Creating awareness: how to prevent security breaches ...* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016. ** “Business Perception](https://reader035.vdocuments.site/reader035/viewer/2022070803/5f0319f07e708231d4078a6f/html5/thumbnails/21.jpg)
Stay aware.
www.kaspersky.com/awareness