How to Stop Cyber- Attacks Tarnishing your Brand

3 0 t h N O V 2 0 1 6

P R E S E N T E D B Y :

Sean Ball, Forfusion

Community HashtagHow to Stop Cyber-Attacks Tarnishing your Brand

#CyberSecurityNE

Community hashtag to raise awareness of Cyber-Security in the North East.

The Risk of Being Left BehindHow to Stop Cyber-Attacks Tarnishing your Brand

Which one are you?How to Stop Cyber-Attacks Tarnishing your Brand

Newcastle Tops the Wrong LeagueHow to Stop Cyber-Attacks Tarnishing your Brand

93% of businesses with over 200 employees in Newcastle and the surrounding areas suffered a data breach in the last year.

What does a Hacker Look Like?How to Stop Cyber-Attacks Tarnishing your Brand

This is part of the problem. We’re not getting smart about cyber-security.

A Picture is Worth a Thousand WordsHow to Stop Cyber-Attacks Tarnishing your Brand

TalkTalk’s CEO trying to explain how a 15 year old was able to take down their IT systems – in front of a VCR machine…

Poor ResponseHow to Stop Cyber-Attacks Tarnishing your Brand

• First they reported ‘up to 4 million customer records’ had been stolen.

• Then it was only around 150,000.

• Incompetency led to a record fine of £400,000.

Share Price Plummet How to Stop Cyber-Attacks Tarnishing your Brand

Source: SC Magazine UK

• TalkTalk’s share price fell by 1/3.

• £80 million hit in costs and lost revenue

• 100,000 customers quit.

• Share of new customers in the home services market fall 4.4%.

Share Price Plummet How to Stop Cyber-Attacks Tarnishing your Brand

Source: Google Finance

In the context of 5 years, that’s pretty significant.

BrandIndex DipHow to Stop Cyber-Attacks Tarnishing your Brand

Source: YouGov

Bottom on a list of 28 of the UK’s biggest tablet and broadband providers for both ‘index’ and reputation’.

The Moment of RevelationHow to Stop Cyber-Attacks Tarnishing your Brand

20001990 1995 2005 2010 2015 2020

Viruses1990–2000

Worms2000–2005

Spyware and Rootkits2005–Today

APTs CyberwareToday +

Hacking Becomesan Industry

Sophisticated Attacks, Complex Landscape

Phishing, Low Sophistication

The Industrialisation of HackingHow to Stop Cyber-Attacks Tarnishing your Brand

Designed to evade and reconstitute

Exploit Server

User Proxy Server Status Server Master Server

Requests page

Referred toProxy server

Proxy server gets data from Exploit server

Exploit server sends HTTPrequests to status server

Rollup of logdata pushed to master serverStatus server tracks

HTTP requests/status

Professional Attack Infrastructure - RansomwareHow to Stop Cyber-Attacks Tarnishing your Brand

Check vuln 1

Check vuln 2

Vuln 3 success!✖✔✔

Patched?

User Exploit Server✖✔✔

Exploit KitsHow to Stop Cyber-Attacks Tarnishing your Brand

How Data Breaches HappenHow to Stop Cyber-Attacks Tarnishing your Brand

Cyber Crime in the UKHow to Stop Cyber-Attacks Tarnishing your Brand

Traditional crime went down, but overall crime went up because of cyber crime.

Stay on the Right TrackHow to Stop Cyber-Attacks Tarnishing your Brand

Cyber-Security is like accounting — there are well established ways of doing things, and for good reasons.

Classify DataHow to Stop Cyber-Attacks Tarnishing your Brand

Classify your data. Every organisation needs to rate all its documents, images, content according to sensitivity, or geography. Unmarked data is hard to police.

Health Check Your Supply ChainHow to Stop Cyber-Attacks Tarnishing your Brand

Secure your supply chain. Every business has a big role to play in helping downstream suppliers defend themselves and their trading partners. A chain is only a strong as its weakest link.

Draft and Regularly Update an Incident Response Plan (IRP)How to Stop Cyber-Attacks Tarnishing your Brand

To handle the situation in a way that limits damage, the PR / Crisis Communications and/or Brand Team must be involved the planning of an IRP for a variety of scenarios that may occur in order to limit the reputational and thus brand damage.

Get Visibility!How to Stop Cyber-Attacks Tarnishing your Brand

And most importantly, get visibility. You need tools that can give visibility of all of your network activity. You cannot protect against what you can’t see, and it’s a simple as that.

Typical Visibility

Cisco® Services

Basicvisibility

Thre

ats

User

s

Web

App

licat

ions

Appl

icatio

n Pr

otoc

olsFi

le Tr

ansf

ers

Mal

ware

Com

man

d an

d Co

ntro

l Ser

vers

Clie

nt A

pplic

atio

nsNe

twor

k Se

rver

sOpe

ratin

g Sy

stem

sRo

uter

s an

d Sw

itche

sM

obile

Dev

ices

Prin

ters

VoIP

Pho

nes

Virtu

al M

achi

nes

Superior Network VisibilityHow to Stop Cyber-Attacks Tarnishing your Brand

We are offering FREE Cyber-Security

Threat Scan Reports.

Free Threat Scan Risk AssessmentHow to Stop Cyber-Attacks Tarnishing your Brand

Network Report Attack Report Advance Malware Report

Contextual Visibility of your NetworkHow to Stop Cyber-Attacks Tarnishing your Brand

Thank YouGet a Free Threat Scan RiskAssessment www.forfusion.com/security