powerpoint presentation · 6/13/2018 4 june 19th, 2018 san antonio, tx attacks: mostly present...

14
6/13/2018 1 June 19 th , 2018 San Antonio, TX Accidents, Attacks, & Liability A survey of risks and a workshop on cybersecurity designed for internet connected business. Bret Piatt, CEO of Jungle Disk June 19 th , 2018 San Antonio, TX Today’s Speaker: Bret Piatt 20 years of internet security, hands on through leadership [Bullet points about Bret] CEO of Jungle Disk, a data security software company for 2-250 employee businesses Host of Cyber Talk Radio, a weekly program on News Radio 1200 WOAI & iHeart Media Author of Data Security Download, a contributor column published by CSO Online (IDG Communications) Founder of OpenStack, member of the core team creating the project between Rackspace and NASA June 19 th , 2018 San Antonio, TX About Jungle Disk Software-as-a-Service Cybersecurity for 2-250 Employee Businesses Cloud backup, network security, & password management. Trusted by 25,000+ firms for a decade.

Upload: others

Post on 14-Aug-2020

1 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

1

June 19th, 2018 San Antonio, TX

Accidents, Attacks, & LiabilityA survey of risks and a workshop on cybersecurity designed for internet connected business.

Bret Piatt, CEO of Jungle Disk

June 19th, 2018 San Antonio, TX

Today’s Speaker: Bret Piatt20 years of internet security, hands on through leadership

[Bullet points about Bret]

CEO of Jungle Disk, a data security software company for 2-250 employee businesses

Host of Cyber Talk Radio, a weekly program on

News Radio 1200 WOAI & iHeart Media

Author of Data Security Download, a contributor column published by CSO Online (IDG Communications)

Founder of OpenStack, member of the core team creating the project between Rackspace and NASA

June 19th, 2018 San Antonio, TX

About Jungle DiskSoftware-as-a-Service Cybersecurity for 2-250 Employee Businesses

Cloud backup, network security, & password management.

Trusted by 25,000+ firms for a decade.

Page 2: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

2

June 19th, 2018 San Antonio, TX

Accidents: Not Quite in the Past

They still happen, just less frequently.

June 19th, 2018 San Antonio, TX

“43% of companies who experienced major loss of data never

reopened and only 6% survived in the long term.” – Dr. Stephen Haag,

University of Denver

Fire, Flood, and Other Accidents Still OccurOnce physical or digital books and records are lost, they’re lost

June 19th, 2018 San Antonio, TX

Component failure isn’t just

hardware. Software changes

break systems that cause

downtime. An IT component is

any piece of technology used

in a business process. In an

era of software-as-a-service

(SaaS) + interconnected

systems you can’t control all

the changes or fix all of the

failures on your schedule.

Component Failure: More than HardwareSome items are in your control, others are not, plan ahead

Page 3: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

3

June 19th, 2018 San Antonio, TX

Hardware Failure: More than Hard DrivesAge, environment, and initial quality are the biggest factors

Server Failure Rate by Device Age, data from 2010-2014

Source: Brendan Murphy, Microsoft Research

Server Component Failure Rates

June 19th, 2018 San Antonio, TX

Software Failures Follow “Bathtub Curve”Older and newly released applications fail more frequently

Refresh is not just for Hardware

While the code of your custom application may not

change, the World changes around it. This creates

failures and requires updates. In turn, updates

must introduce new code resulting in “infant

mortality” risk increases.

Example: PCI-DSS requires update from TLS 1.0

to TLS 1.1/1.2 (deadline June 30th, 2018)

Example: MD5, SHA-1 deprecated by OS

updates, requiring new hashes, ex. SHA-256

(2014-16).

June 19th, 2018 San Antonio, TX

Software relies on Hardware

Software-as-a-Service (SaaS)

providers often operate in

multiple Tier 4 data centers

with geographic redundancy

to prevent outages from

accidents or natural disasters.

Ask your providers today for

their 2017 uptime reports.

SaaS is More Affordable & ReliableEven with flawless software operations you’re not at 99.999%

Page 4: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

4

June 19th, 2018 San Antonio, TX

Attacks: Mostly Present & Future

For cyber criminals everyone is now fair game.

June 19th, 2018 San Antonio, TX

Spear Phishing is a highly targeted and context aware social engineering attack.

Set your mail client to show full address!

Spear Fishing

Why does the attacker put, “Sent from my iPad”?

It provides the person reading it a reason why the

signature doesn’t exactly match your normal one.

Phishing Attack Sophistication IncreasesWe’ll talk more about AI recon helping hackers spear phish

They tried Jungle Disk in December 2016!

June 19th, 2018 San Antonio, TX

58% of businesses rely on users to come up with their own passwords. Bad idea.

Pa$$w0rds Are Still A ProblemNot solved by biometrics; can be w/ MFA & password manager

Source: Software Advice by Daniel Humphries, 2015

Page 5: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

5

June 19th, 2018 San Antonio, TX

Increasing Rate of Automatic Attacks Frequent drive-by downloads & in-session JavaScript malware

Definition from Wikipedia:

• Drive-by download means two things, each concerning the unintended download of computersoftware from the Internet:

• Downloads which a person authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet) automatically.

• Any download that happens without a person's knowledge, often a computer virus, spyware, malware, or crimeware.[1]

Example from ExtremeTech Article

June 19th, 2018 San Antonio, TX

Hackers No Longer “Wasting Their Time”Artificial intelligence & automation is getting them in

Time consuming pre-ownership

activities now “outsourced”:

• Network/Application Scanning

• Social Engineering

• Exploit Discovery

Average attack discovery time > 180 days.

June 19th, 2018 San Antonio, TX

Cryptocurrency Powers New AttacksRansomware & coin mining malware are impacting everyone

Atlanta Spent $2.6M to Recover from Ransomware

Coin mining

malware 2017(Data from TrendMicro)

Bitcoin Chart ($) 2017

2014-17

Bitcoin (BTC) is less than $3,000

2017-18

Mining now more profitable than ransom

Page 6: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

6

June 19th, 2018 San Antonio, TX

Are AI, ML, and DL All the Same?No for researchers, yes for business people

June 19th, 2018 San Antonio, TX

Chess, Go, now DOTA2: AI Wins at GamesAI is now winning at games and developing new strategies

The International DOTA2 League

$18M USD Prize Pool!

June 19th, 2018 San Antonio, TX

Sunway Taihu• #1 in Top 500• 10,649,600 Cores• 15,371kW/hr• 93,014 TFlops/s

Is AI Going to Take Over?Not by out thinking the human brain anytime soon…

~1/11th of a human brain!

Page 7: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

7

June 19th, 2018 San Antonio, TX

Beyond Games, Where is AI going?Autonomous vehicles, tumor identification, and exploitation

June 19th, 2018 San Antonio, TX

Liability: Past, Present, FutureIt’s always here, with data gone digital, most is now online.

June 19th, 2018 San Antonio, TX

Downtime & Data LossHow much can your business afford?

Pressures to Deploy a Business Continuity and Disaster Recovery Initiative

Source: Aberdeen Group http://www.aberdeen.com

“Downtime for small business

costs $8,581 average per hour.” -Aberdeen Group

“Of all businesses that close

down following a disaster more

than 25% never open their doors

again.” -Insurance Information Institute

Page 8: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

8

June 19th, 2018 San Antonio, TX

Data Breach Costs Continue for YearsIncreased customer churn hits revenue and growth prospects

Root Cause of Data Breaches Cost per Customer Record (by Industry)Increased Churn Rates (by Industry)

$250,000+ to remediate a breach for a 1,500 client financial firm!

June 19th, 2018 San Antonio, TX

You Are Not Alone – The Struggle is RealSolo-practitioners & small firms cannot secure systems alone

Why are SMBs struggling with cybersecurity?• Most cannot afford their own dedicated IT security staff• Busy IT staff doesn’t have time beyond basic system updates• New rules and regulations difficult to implement

Yet, every firm has valuable data to steal:• Personal identifiable information (PII)

• Name, address, phone, SSN• Credit cards and bank information

• Intellectual property & work product

“Small firms cut security spending by 20%, in 2014, while medium & large firms increased security investments by 5%”– PwC Global State of Information Security Survey ‘15

June 19th, 2018 San Antonio, TX

A Cybersecurity Plan in 3 Steps

Accidents, attacks, and liability will always be here, how do we reduce the impact?

Page 9: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

9

June 19th, 2018 San Antonio, TX

3 questions you need to answer for your business to have continuity through a disaster:

1. Where is my safe second copy of all books and

records (including both digital IT data and physical

papers)?

2. How will I operate while my primary office location is

being rebuilt (or while I pick a new one)?

3. What types of losses does my insurance cover

(hardware replacement, IT services, data loss)?

What’s a disaster recovery plan?Set of steps you’ll take to get back online from a tragic event

June 19th, 2018 San Antonio, TX

Cybersecurity Plan in 3 steps:1. Separation of Control: 2 People, 2 Passwords

2. Data: Classify & Understand What to Protect

3. Risk Reduction: Process & Technology

What will I learn in this Workshop?Everyone can build a cybersecurity plan – we will today!

Most businesses make the mistake of tech = cybersecurity.

Technology is the final step after you know what to protect!

June 19th, 2018 San Antonio, TX

Cybersecurity Plan Step #2:

Separation of Control

Page 10: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

10

June 19th, 2018 San Antonio, TX

Risk All Figured Out?What about a hacker getting administrative access?

June 19th, 2018 San Antonio, TX

Critical Data = 2 Copies, 2 PeopleBusiness cannot afford one person having a bad day

June 19th, 2018 San Antonio, TX

Cybersecurity Plan Step #2:

Data Classification & Protection

Page 11: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

11

June 19th, 2018 San Antonio, TX

Step Outside – Look at the DataSome information is very difficult to replace and some is not

On a scale of 1 to 10….

…how sad would you be if your laptop was stolen?

..how sad would you be if your email was deleted?

June 19th, 2018 San Antonio, TX

Understanding the Data is FundamentalLearn to allocate risk and implement protection appropriately

Workshop Time:1. What are your 3 most

critical unique business data?

2. Where are those 3 data stored?

June 19th, 2018 San Antonio, TX

A Safe Second Copy of Critical DataOff-site with separation of control & custody from the primary

Source: https://online-backup.choosewhat.com/

Important: A separate admin from the primary data.

Considerations:

1. Which types of computers?

2. How long on retention period?

3. Do you have cloud storage?

4. Do you have SaaS

applications?

5. Do you have network storage?

Page 12: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

12

June 19th, 2018 San Antonio, TX

Cybersecurity Plan Step #3:

Risk Reduction: Process & Technology

June 19th, 2018 San Antonio, TX

Real Security Awareness TrainingIt can be as easy as sending an email to see how staff reacts

Stop using obvious tests to show false success.

9 out of 10 believe

training is worthwhile.

Only 1 in 3 have

received it (ever),

and only 1 in 10 over

the past 12 months!ESET poll (Conducted by Harris)

June 19th, 2018 San Antonio, TX

Automate Patching & System UpdatesThe days of 90 day patch tests in QA/QC are over to stay safe

Responsible vendors provide free security updates.

Vulnerability Timeline:

1 day from disclosure to POC

3 days to exploit in wild

8 days to kit plugin

10 days to .gov attacks

35 days to aerospace

Page 13: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

13

June 19th, 2018 San Antonio, TX

Dual-channel Verification of RequestMost attacks are still single channel today, this stops them

Ideally, verify major transactions or highly confidential data exchanges in person.

June 19th, 2018 San Antonio, TX

Closing / Q&A

June 19th, 2018 San Antonio, TX

1. Know what you need to protect & why.

2. Ensure dual-control for unique and critical information

.

3. Apply technology & process where needed for #1 &

#2.“It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness..” – Charles Dickens, a Tale of Two Cities

Three Steps to a Cybersecurity PlanEvery business can take these 3 steps towards a safer future

Page 14: PowerPoint Presentation · 6/13/2018 4 June 19th, 2018 San Antonio, TX Attacks: Mostly Present & Future For cyber criminals everyone is now fair game. June 19th, 2018 San Antonio,

6/13/2018

14

June 19th, 2018 San Antonio, TX

Bret Piatt: [email protected]

www.jungledisk.com

Questions?