![Page 1: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/1.jpg)
3 Unspoken Truths to Know about Security for 2017February 9, 2017
Today’s Speaker:
Todd DeCapua
Senior Director of Technology and
Product Innovation
Corporation Service Company
Mark Flegg
Global Product Director
Domains & Security
Corporation Service Company
![Page 2: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/2.jpg)
3 Unspoken Truths to Know
about Security for 2017
February 9, 2017
![Page 3: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/3.jpg)
Brought to you by Vivit’s
Security and Privacy SIG Leaders
Kevin May Dominic J. Listermann
![Page 4: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/4.jpg)
Hosted By
Dominic Listermann
Managing Partner
Pyrafractal
Security and Privacy SIG Leader
![Page 5: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/5.jpg)
Today’s Speakers
Todd DeCapua
Senior Director of Technology and Product Innovation
Corporation Service Company
Mark Flegg
Global Product Director
Domains & Security
Corporation Service Company
![Page 6: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/6.jpg)
Webinar Housekeeping
• This “LIVE” session is being
recorded
• Recordings are available to
all Vivit members
• To enlarge the presentation
screen, click on the rectangle
in the upper right hand
corner of the Presentation
pane
![Page 7: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/7.jpg)
Webinar Control Panel
• Session Q&A:
Please type questions in the Q&A pane
and click on “Ask”
• Choose the language in which you would like to ask your questions
![Page 8: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/8.jpg)
3 Unspoken Truths
to Know About Security
for 20179 February 2016
Todd DeCapua and Mark Flegg
![Page 9: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/9.jpg)
Page 9
Poll
What priority does security have in your organization? [select
one]
Top Priority
Top 5 Priority
Top 10 Priority
Below Top 10 Priority
![Page 10: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/10.jpg)
Page 10
What’s in a Digital Brand?
DIGITAL ASSETS
Domains
DNS
Digital
Certificates
SocialMedia
Handles
Mobile
Apps
DIGITAL
BRAND
![Page 11: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/11.jpg)
Page 11
Digital Brand – Cyber Threats
DDoS ATTACKS
Cyber Criminals
“Hacktivists”
DIGITAL
ASSETS
MALWARE
PHISHING
SQL INJECTION
SOCIAL HIJACKING
DOMAIN HIJACKING
![Page 12: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/12.jpg)
Page 12
Digital Assets
Who has a company issued laptop or cell phone?
Does it have a serial number that is logged?
Would you agree the business sees that as an asset and documents it appropriately?
Do you treat your digital assets the same way?
![Page 13: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/13.jpg)
Page 13
Unspoken Truthto Know About Security
for 2017
#1
![Page 14: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/14.jpg)
Page 14
POTENTIAL THREATSMALWAREESPIONAGE
SSLs
![Page 15: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/15.jpg)
Page 15
of Global 2,000 companies
admit to not having an
accurate accounting of
their SSL certificates
*Source: Ponemon Institute, “2013 Annual Cost of Failed Trust Report: Threats and Attacks”
51%
![Page 16: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/16.jpg)
Page 16
SSL Risks – Expired Certificates
If you don’t have a grasp of what you own,
along with a tight management and
renewal process, this can happen:
![Page 17: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/17.jpg)
Page 17
Expired Certificates – Impact
“The average Global 5,000 company
spends about $15 million to recover from the loss of business due to
a certificate outage—and faces another
$25 million in potential compliance impact.”
Source: CSOonline.com
![Page 18: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/18.jpg)
Page 18
Unspoken Truthto Know About Security
for 2017
#2
![Page 19: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/19.jpg)
Page 19
POTENTIAL THREATSDDoS ATTACKS(Distributed Denial of Service)
MALWARE
DNS
![Page 20: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/20.jpg)
Page 20
DDoS Attacks – Examples
Source: BBC
![Page 21: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/21.jpg)
Page 21
DNS/DDoS Attacks – The Impact
18 hoursAverage network outage/disruption timeSource: CIO Insight
$105,710Average cost of 1 hour of down timeSource: CIO Insight
Estimated average annualcost to businesses from DDoS attacks
Source: The Ponemon Institute
$126,153
![Page 22: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/22.jpg)
Page 22
50%of businesses worldwide
have no countermeasures
against DDoS attacksSource: IT Pro
![Page 23: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/23.jpg)
Page 23
Unspoken Truthto Know About Security
for 2017
#3
![Page 24: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/24.jpg)
Page 24
POTENTIAL THREATSPHISHINGMALWAREFRAUDSPOOFING
![Page 25: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/25.jpg)
Page 25
Poll
Who is responsible for Digital Asset Security in your
organization? [select one]
CIO (Information Officer)
CISO (Information Security)
CMO (Marketing Officer)
COO (Operating Officer)
Each Business Unit Executive
Do not know
![Page 26: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/26.jpg)
Page 26
Email Fraud – The Impact
Phishing costs brands worldwide
$4.5 billion each yearSource: The Economics of Spam," Journal of Economic Perspectives
Customers are 42% less likelyto do business with you after a phishing attack,
regardless of whether they were actually fooled.
Source: http://www.magillreport.com/Phishing-Threatens-Your-Brand-More-than-You-Think-Return-Path/
82 secondsmedian time from email received to first clickSource: https://info.wombatsecurity.com/blog/infographic-what-impact-does-phishing-have-on-your-business
![Page 27: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/27.jpg)
Page 27
Phishing Attacks - Examples
![Page 28: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/28.jpg)
Page 28
In a survey of more than 1,000
global brands across 33 countries,
Source: ReturnPath
only 22%of companies were publishing
a DMARC record
![Page 29: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/29.jpg)
Page 29
Unspoken Truthsto Know About Security
for 2017
In Summary
![Page 30: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/30.jpg)
Page 30
Why Does Security Matter to You?
You are often making decisions that will impact your brand!
We are now managing digital assets, which are valuable, and bad actors want to exploit them.
Your business (and customers) needs your help!
Question: Who thinks security is just the job of IT?
![Page 31: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/31.jpg)
Page 31
Poll
What happens when Digital Asset Security risks impact your
organization? [select as many as needed]
Revenue
Brand Value
Customer (Acquisition & Retention)
Competitive Advantage
![Page 32: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/32.jpg)
Page 32
Who Makes the Decisions?
Advent of domains
IT Increase in infringements
Legal
Growth in
eCommerce
MarketingIncrease in cyber attacks
CISO
FUTURE:Multi-stakeholder approach
![Page 33: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/33.jpg)
Page 33
Poll
Which of the Digital Asset Security risks we discussed are of
most concern to your organization? [select one]
SSL’s and Certificates
DNS and DDoS
Email Phishing and Malware
None of the above
All of the above
![Page 34: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/34.jpg)
Page 34
How can I reduce the risk?
The CSC Digital Optimization Plan
![Page 35: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/35.jpg)
Page 35
CSC Solutions
![Page 36: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/36.jpg)
Page 36
Be Proactive
Monitor for threats and
enforce your rights
Protecting your brands online
means detecting and removing
threats. CSC Digital Brand
Services helps you monitor your
brand across the digital
channels, prioritize results, and
take action against the most
serious infringements.
Consolidate and secure your
digital assets
Centralizing your digital assets
puts you in control. CSC® Digital
Brand Services helps you
manage your domain names,
social media usernames,
SSL/TLS certificates, and DNS
more efficiently to secure them
against cyberattacks.
Optimize and promote your
digital portfolio
Developing a connected digital
brand strategy ensures your
digital portfolio is working
hard. CSC helps you find the
optimum mix of assets—including
.brands—to drive traffic and
support your campaigns while
minimizing online brand abuse.
![Page 38: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/38.jpg)
Page 38
3 Unspoken Truths about Security for 2017
SSLs DNS Email
![Page 39: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/39.jpg)
Page 39
Thank You & Questions
@AppPerfEng
HPE Blogs
SD Times
iSixSigma
YouTube
Google+
TechBeacon
O’Reilly
Application Developer Magazine
100 Software Testing Quotes [checkout #44]
cscdigitalbrand.services
bit.ly/CSC-DASA
![Page 41: 3 Unspoken Truths to Know about Security for 2017 · 2018. 4. 4. · Unspoken Truth to Know About Security for 2017 #1. Page 14 POTENTIAL THREATS MALWARE ESPIONAGE SSLs. Page 15 of](https://reader036.vdocument.in/reader036/viewer/2022071410/61055a22fffd4c56c334dc33/html5/thumbnails/41.jpg)
Thank You