![Page 1: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/1.jpg)
ADNETTechnologiesIncADNETTechADNETTechnologiesInc
WorkSmart 2011
ADNETTechnologiesIncADNETTechADNETTechnologiesInc
Cyber Risky Business (Just Take Those Old Records Off the Shelf)Michelle Syc, Xhemil KolianiMichelle Syc, Xhemil Koliani
• Infrastructure Services – Infrastructure design– Managed Services– Virtualization– Unified
communications– Backup & Disaster
Recovery– Security & Risk
Management– IT
Management/Strategy
• Learning Services– Learning path
development and strategy
– Technical training
– Desktop applications
– Professional development
– Recordings
– Goal‐oriented learning
– Certification preparation and testing
– Instructor led, Distance delivery, and e‐Learning
ADNET is proud
to offe
r:
![Page 2: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/2.jpg)
Outline
The current state of data security
Thinking Like a Criminal
Predicting the data loss: risk mitigation steps
![Page 3: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/3.jpg)
![Page 4: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/4.jpg)
Records Breached in US Since 1/1/2011
22,202,232
EQUALS:~ 7 Gigabytes of Data
~600 Feet of paper
‐ OR ‐
Source: PrivacyRights.org
![Page 5: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/5.jpg)
Pre‐internet Security Threats
Eavesdropping
Source: Scheiener, B. Risk, Complexity, and Network Security. Counterpane Internet Security Inc., April 2001
![Page 6: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/6.jpg)
Internet Security is Complex
Social Engineering Attacks
Social Engineering Attacks
Integrity Attacks Identity Theft Domain Name
(DNS) attacks“Launching Pad” for attacks
Misconfigurations, Software Errors, Social Engineering
Denial of Service (DOS) Attacks
Eavesdropping (Masquerading, Web‐based attacks, etc., etc.)
Insider Attack
Viruses, Trojans, back doors, etc.
Source: Scheiener, B. Risk, Complexity and Network Security. Counterpane Internet Security Inc., April 2001
![Page 7: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/7.jpg)
Moving On…..
The current state of data security
Thinking Like a Criminal
Predicting the data loss: risk mitigation steps
![Page 8: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/8.jpg)
Front Door Break‐In
The Living Room Window?
The Second Floor Bedroom Window?
The key under the plant out back?
The Kitchen Window?
The Back Door
![Page 9: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/9.jpg)
Risks
1. Guessable Passwords2. Default Credentials3. Poor Alerting4. Unknown / Rogue Devices5. Malicious Applications6. Poorly Trained Users7. Poorly Managed Remote Access Services8. Rogue remote access applications9. Outdated virus definitions / virus software
![Page 10: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/10.jpg)
The story continues…..
The current state of data security
Thinking Like a Criminal
Predicting the data loss: risk mitigation steps
![Page 11: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/11.jpg)
Risks
1. Guessable Passwords2. Default Credentials3. Poor Alerting4. Unknown / Rogue Devices5. Malicious Applications6. Poorly Trained Users7. Poorly Managed Remote Access Services8. Rogue remote access applications9. Outdated virus definitions / virus software
Know and train your usersAccess Control
PasswordsEncryptionPrivileged Users
Log and AuditNetwork Management Procedures
Scan for Rogue Devices / ServicesSecure Remote AccessFilter egress network traffic
Incident Management Procedures
Controls
![Page 12: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/12.jpg)
The Cloud ….. briefly ☺
Picture Source: http://www.theiia.org/intAuditor/five‐emerging‐trends‐in‐technology‐slide‐show/
![Page 13: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/13.jpg)
Source: Verizon Business 2011 Data Breach Investigations Report
2011 Data Breach Investigations Report
96% of breaches were avoidable through simple or intermediate controls
![Page 14: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/14.jpg)
Functionality Security
![Page 15: Cyber Risky Business (Just Take Those Old Records Off the Shelf)](https://reader034.vdocument.in/reader034/viewer/2022051512/5446f54dafaf9f55178b4819/html5/thumbnails/15.jpg)
Kostin Ruffkess & Company, LLC76 Batterson Park RoadFarmington, CT 06032
860‐678‐6000www.kostin.com
Xhemil (John) Koliani, CPA / ABVMember of the [email protected]
Michelle Syc, CISSP, [email protected]
Disclaimer: The materials presented are for training purposes only. We are not rendering legal or professional advice.