View
84
Download
0
Category
Preview:
Citation preview
Ask, Share, Learn – Within the Largest Community of Corporate Finance Professionals
Identify and Avoid the Top 5 Data Breach Costs
• Develop effective controls to help identify an incident early and correct the issue before damage is done
• Develop an effective data breach response plan to minimize damages if they occur
• Discover common mistakes made by companies in responding to a data breach
Learning Objectives
After attending this event you will be able to:
Welcome to Proformative
Proformative is the largest and fastest growing online resource for senior level corporate finance, treasury, and accounting professionals.
A resource where corporate finance and related professionals excel in their careers through: • Uniquely valuable, online Peer Network
• Direct subject-matter-expert advice
• Valuable Features and Resources
All of it completely noise-freeCheck it out at www.proformative.com
Ask, Share, Learn – Within the Largest Community of Corporate Finance Professionals
Identify and Avoid the Top 5 Data Breach CostsDaimon Geopfert, National Leader, Security and Privacy Consulting Technology Risk Advisory Services, McGladrey LLP
• What is a data breach?
• Actual release or disclosure of information to an unauthorized individual/entity that relates to a person and that:
– May cause the person inconvenience or harm (financial/reputational)
• Personally Identifiable Information (PII)
• Protected Healthcare Information (PHI)
– May cause your company inconvenience or harm (financial/reputational)
• Customer data, applicant data
• Current/former employee data, applicant data
• Corporate information/intellectual property
Breach Overview
Breach Overview
Handling the Long-Term Consequences
Managing the Short-Term
Crisis
Evaluation of the Event
Discovery of an Event
Notification from internal or external sources:Internal Monitoring
EmployeesLaw Enforcement
Third-Parties
Forensic investigation and legal review
Direct Response Costs and Losses
Response and Legal Experts
Bank Accounts
Notification and credit monitoring
Lawsuits
Regulatory fines, penalties, and consumer redress
Public relations
Reputational damage
Income loss
• What does a breach look like?
• We still hear quotes today that lost materials (laptops, hard drives, tapes, paper, etc.) are the largest source of data loss but this stopped being true around 2008
• Lost materials often have significant single incident expenses and are caused by low-complexity factors
• External attacks have become the bulk, consistent source of data loss
• Hacking, malware, and social engineering attacks will account for 80%-90% of breaches– aka. “The big three”
Breach Overview
• More about that “big 3”
• Hacking:– “Traditional” hacking is used post-breach not as the original entry point
– Current methods focus on web apps and browser plugins
• Client side and drive-by attacks
• Malware:– Finding and purchasing non-detectable malware in the underground market
is trivial
– Modern anti-virus is an 80-20 proposition at best
• Social Engineering– Why bother to do all the heavy lifting involved with “hacking” when you can
just ask someone to do something for you?
– While there is a technical component the attack is against human nature
Breach Overview
Thank you for your interest in this presentation.
View the on-demand webinar or download the full presentation at:
www.Proformative.com
Identify and Avoid the Top 5 Data Breach Costs
Recommended