Download - Securing Bermuda businesses from the storm of cybersecurity threats - John Christly | Secure Bermuda - 2016

Transcript

John Christly is the Chief Information Security Officer for Netsurion, a leading provider of remotely-managed data and network security services for multi-location businesses. He is also a security blogger, threat researcher, and has participated in regional and national events as a speaker and panelist.

He is an MSI Senior Fellow™ and has many years of experience in technical and cybersecurity management both domestically and internationally.

He holds various certifications including the ISC2 CISSP, Certified Fraud Examiner, AccessData Certified Examiner, PMP, HIPAA Security Specialist, Lean Six Sigma Master Black Belt, and is a Florida Licensed Private Investigator. His experience includes several industry regulations including HIPAA, HITECH, GLBA, FERPA, FCPA, FIPA, and PCI.

The type of cybersecurity events being experienced today are very different from the threats of 20 years ago.

There is no business or vertical that is immune to cyber threats.

While the threats are great and varied, you can navigate this storm by being prepared.

Brain, the first known MS-DOS computer virus, was released on the Internet by Herbert Zinn

UNIX virus infected 6,000 systems. That’s 1/3 of the computers at the time!

The “I Love You” virus was released causing $10 billion of damages and computer downtime

More than 130 million credit/debit card numbers were stolen from companies including TJX, Barnes & Nobles, and Office Max.

1987

1988

2000

2006

Heartland Payment Systems had its computer network compromised which cost them 2.8 Billion

Target’s breach cost $252 million and affected 70 million customers

Target’s breach cost $252 million and affected 70 million customers

As of 7/19/06, there have been 538 breaches across various verticals that have exposed 12,993,474 individuals, as tracked and reported by the Identity Theft Resource Center

2009

2013

2015

2016

We need to ensure that our systems are as locked down and secure as possible. That will take an effort to ensure that proper security is applied and maintained across all systems and applications.

All businesses need to face the reality that it’s not a matter of “if” they will get breached, it’s simply a matter of “when” it will happen, and how bad it will be for their business and for their customers.

The best offense is a good defense. In the cybersecurity world, it is possible to secure yourselves against many of the modern threats,

Anti-Virus Patch Management Web FilterMobile Device Management Next Generation Firewall Wireless Security

Data Backup Data Loss Prevention SIEM

Cyber Insurance Event Logging Role Based Access Control

2 Factor Authentication OS Lockdown Strong Passwords

In order to be prepared to the cybersecurity threats of today’s world, you must be prepared – you have to have the right tools on your tool belt.

Many of these tools require specialized skills to run, which may not be found easily. Specialists may not stay long as they are usually in high demand.

Some of these tools require constant monitoring and attention. If you take your eyes off of the alerts for just a minute, you could be in trouble.

Vendors can help. Security vendors have the expertise, the staff, and the resources to watch, engage, respond, and alert to issues that you may have otherwise missed.

The costs for some of these tools could be outside your ability to buy and maintain on your own budget. A vendor can license them at an MSP level and charge you less.

If you decide to setup a Security Operations Center and monitor these tools on your own, be sure to empower your staff with the appropriate training, tools, and time to watch and respond to issues.

Don’t take on more than you can handle. There is plenty of help available from experienced vendors that do this daily for many customers like you.