Post on 26-Dec-2015
UNDERSTANDING THE RISKS & CHALLENGES OFCyber SecurityDAVID NIMMO InDepth IT SolutionsDAVID HIGGINS WatchGuardNEIL PARKER BridgePoint Group
A BridgePoint Group Special Business Briefing for SMEs June 2015
HOW DO YOU KNOW IF YOU REALLY ARE A TARGET?
“If you’re on the internet – if you use email & you have a bank account…you’re a target”
DAVID HIGGINSWatchGuard
Every singleminute
A COMPUTER ACCESSES A MALICIOUS WEBSITE
Source: Protecting Your Business from Cyber Attacks in only 10 minutes a dayBoaz Fischer
Every 3minutes
AN INFECTED COMPUTER IS COMMUNICATING WITH ITS ATTACKER
Source: Protecting Your Business from Cyber Attacks in only 10 minutes a dayBoaz Fischer
Every 10 minutesA MALWARE IS BEING
DOWNLOADED
Source: CheckPoint Security Report 2014Protecting Your Business from Cyber Attacks in only 10 minutes a dayBoaz Fischer
DID YOU KNOW
20% of Small Businesses fall victim to CyberCrime each year…
60% of those go out of business within six months of an attack
Source: National CyberSecurity AllianceProtecting Your Business from Cyber Attacks in only 10 minutes a dayBoaz Fischer
Businesses with less than 250 employees are increasingly targeted
2013 – Target US – 80 million customer email addresses & payment details were hacked and stolen via a trusted small business supplier’s IT infrastructure & their link into Target systems
Ransomware:A software that denies you access into your files until you pay a ransom
Often targeting small & medium business
Ransomware seeks to get a small amount of money from a large number of people – often between $600 - $3000
IDENTIFYING SPECIFIC THREATS
Have you ever received an email reminder about a traffic offence?
No … That’sCryptoLocker
An email about a late speeding fine payment?
Clicking on any attachment or link will install MALWARE on your computer and data can be ENCRYPTED – until you pay the RANSOM
one of the most common types of ransomware
PROTECT AGAINST RANSOMWARE
Ensure you have a regularBACK-UP of all data
SME CYBER SECURE TIP
& know how to restore it.
It’s a good idea to test your capability to restore from back-up before you really need to do it.
Ensure you & all staff “patch” your system regularly
A patch is a piece of software designed to update a computer program or its supporting data, to fix or improve it. This includes fixing security vulnerabilities and other bugs, and improving the usability or performance.
By not applying a patch you might be leaving the door open for malware to come in.
SME CYBER SECURE TIP
CLOUD COMPUTING SECURITY
Do you store business data on the cloud
Is it ENCRYPTED?Or can anybody read it if
there’s a breach?
PROTECTING YOUR DATA
SME CYBER SECURE TIP
Encrypt data you store on the cloud
CLOUD COMPUTING
Know WHEREyour data is&
HOW it is protected
SME CYBER SECURE TIP
REMOTE ACCESS
Protect “data in motion” by using a Virtual Private Network to encrypt the traffic between two points.
SME CYBER SECURE TIP
A PC connecting to your company network, to access applications or data, should be connected by a Virtual Private Network, or VPN.
PRIVACY ACT 2014
The 2014 Privacy Act brings significant changes to the way businesses handle personal data.
DO YOU COMPLY?
SME CYBER SECURE TIP
If you have Private Data that you don’t need – get rid of it!
WHAT CAN YOU DO TO IMPROVE CYBER SECURITY & DECREASE THE RISK IN 10 MINUTES A DAY
Ensure your PC operating system, applications & anti-virus software are all regularly updated
Turn your PC firewall on
Back-up your key data today
IMPROVE CYBER SECURITY 10 MINUTES A DAY
Use strong & unique passwords
Only download applications from trusted websites
Lock or shutdown your PC when not in use
IMPROVE CYBER SECURITY 10 MINUTES A DAY
Log onto your PC without admin privileges
Treat all emails as suspicious
Practice “safe” web browsing
IMPROVE CYBER SECURITY 10 MINUTES A DAY
Do NOT respond to requests with personal information
Never post personal information online
Never leave personal information lying around – including passwords
The biggest threat we face is ourselves…
TOP SME CYBER SECURE TIP
MOST breaches can be PREVENTED by
Employee education & training
WHAT TO DO IF YOU ARE BREACHED
Unplug computer from the internet
KEY CONTACTS
www.acorn.gov.auwww.acsc.gov.auwww.indepthit.com.au
Determine the extent of breach & isolate affected computers
Begin repair process
Restore data from most recent back-up
Watch video highlightsfrom our business briefing
DAVID HIGGINS WATCHGUARD
Contact us for the next steps inmanaging Cyber Security & Riskin your business
NEIL PARKER BRIDGEPOINT GROUP
DAVID NIMMO INDEPTH IT SOLUTIONS
www.bridgepointgroup.com.au
Ph 1300 656 141