Sign up for our weekly C-Suite Snacks webinars here: https://www.citrincooperman.com/infocus/c-suite-snacks
Our C-Suite Snacks webinar series provides the middle market with brief, strategic, and tactical business improvement information for 30 minutes every week. Join Citrin Cooperman live every Thursday at noon for snack-sized insights for business executives.
It’s no secret that companies around the world are under attack. Prior to COVID-19, breach rates were on the rise, but now hackers have only become more aggressive in their attempt to steal or hijack your data to try to extort money and do irreparable harm to your company’s reputation.
In this C-Suite Snacks webinar, we covered how to combat these attacks by understanding the risks and preparing to respond.
Key Takeaways:
- An overview of the latest breach statistics and trends
- Knowledge on the methods hackers are using to infiltrate organizations
- Methods to prepare your organization for attack and response
2. Welcome &
Introduction
MICHAEL CAMACHO, CPA, CIA
Partner, Technology, Risk Advisory & Cybersecurity (TRAC) Practice
Citrin Cooperman
mcamacho@citrincooperman.com
401-742-0478
3. AGENDA
B r each Stats an d F acts
01
FAQs an d R eal -L i fe Exam pl es 02
B e Pr ep ar ed . B e Ver y Pr ep ar ed ! 03
Qu esti o ns? 04
4. On the Brink:
Age of the Hackers!
“Cybercrime is the greatest threat to
every company in the world.”
-Ginni Rometty, IBM Chairman,President& CEO
“77% of organizations do not have an
incident response plan.”
-Cybint
5. Breach Stats – The Facts
Global Average Cost per
Breach: $3.86M
Average Cost per Record
Compromised: $146
43% of Cyber Attacks Target
Small Businesses
91% of Breaches are the
Result of Phishing Attacks
Average cost of a breach is
39.6% higher if a company is
not prepared
Average Days to Detect a
Breach: 207
Average Days to Contain a
Breach: 73
Sources: Ponemon Institute/IBM Cost of a Data Breach Report -2020 & Verizon 2020 Data Breach Investigation Report
6. And the Threat Continues…
Since COVID-19, the FBI
reported a 300% increase in
Cybercrimes
(IMC Grupo)
Remote workers have caused
a security breach in 20% of
organizations
(Malwarebytes)
9.7 Million healthcare records
were compromised in
September 2020 alone
Data breaches in healthcare
industry up 58% in 2020
Approximately $6 trillion is
expected to be spent globally
on cybersecurity by 2021
(Cybersecurity Ventures)
Average ransomware
payment rose 33% in 2020
over 2019, to $111,605
(Fintech News)
7. Remote Workforce Stats
78% of CEOs agree remote
collaboration is here to stay
86% of users have never
updated their home router’s
firmware
20% of organizations have
experienced a breach as a
result of remote work
92% of all businesses store
data in the cloud
Average cost of downtime is
$11,600 per minute
8. Once More into the Breach
• Hackers are industry agnostic
• COVID-19increased the likelihood of a data
breach at a time when companies are ill-
equipped to deal with the repercussions
• WFH distractions combined with 18,000,000
spear-phishing emails per day is creating a
perfectstorm
• The recessioncreated by COVID-19makes it
more difficultfor companies to recoverfrom an
attack
9. Incidents/Breaches TRAC has been involved with by year:
• Compared to 3 in 2017 and 2018 combined
• 17 in 2019
• 19 in 2020
• 4 to date in 2021
Breaches are more sophisticated, on a large scale, and
have greater impact
Average business downtime during a breach:
• One to two weeks (longest just over a month)
Average cost of breach response:
• Incident/breach response for small business range from $10,000 -
$100,000+
• Exponentially higher for downtime, legal fees, tech expenditures,
etc.
TRAC Experience
10. FAQ: Why Now?
IMPACT OF COVID-19
• Focus switchedto remote workforce and ensuring connectivity and sustained operations
▪ VPN networks setup “in a rush” to allow employeesto work from home – little
enhancement since
▪ Vulnerabilities from the usage of unsecured personal computers and home networks
▪ A remote workforce can make it more difficultfor IT staff to monitor and contain threats
▪ Potential distractions increase likelihood of successfulspear-phishing and malware
attacks
▪ Pandemic fatigue setting in with blurred lines between work and home
• IT Departments Trading Security for Convenience
▪ Free pass on password security
▪ Increased use of mobile devices and IoT
▪ Privacy concerns (e.g., Family, Amazon Echo, Unsecured video conferencing,Ad hoc
remote access)
▪ More focus on remote employeesreducing time for monitoring
11. FAQ: How?
•Accounts for morethan 80% of all reported incidents
•Primarily driven by malwaredelivered by email
•Increased sophistication of attacks making them
harder to identify
•Employees aren’t sufficiently trained to identify
Phishing
•95% of all breaches aredue to human error
•Increased useof mobile devices for business use,
plus
•1 in 36 mobile devices havehigh risk apps installed
Human Error
• Deficient security policies
• Over 60% of companies have over 500 accounts with
non-expiring password
• Lack of log monitoring / detection controls
Lack of Effective IT
Policies and
Monitoring
12. TRAC Experience - Cyber Threat
Landscape
Office 365 Exploit Morphs into
an Internal Control Deficiency
The Quiet Observer
A Phishing Tale
Seek and Destroy
“I Can’t Believe I Clicked It
…Again”
The Weakest Link
COMMON THEMES:
• Almost all of the breaches were avoidable
▪ Log Reviews
▪ Automated Tools
▪ Employee Education
13. STEP 1: UNDERSTAND THE DIFFERENCE BETWEEN
A SECURITY INCIDENT AND A BREACH:
• SECURITY INCIDENT: An event that leads to a violation
of an organization’s security policies and puts sensitive
data at risk of exposure.
• Examples: Malware infection, destructive attacks,
loss or theft of equipment
• DATA BREACH: A security incident that results in
unauthorized access to data.
in the Hacker’s Playground
Preparing Your Company
• Each event has differentrequirements
• Important to understanddifferent
definitions by industry and state
14. in the Hacker’s Playground
Preparing Your Company
STEP 2: PREPARE A PLAN FOR RESPONDING TO
ALL SECURITY INCIDENTS:
• Incident Identification & Response:
▪ Resources - Who do you contact first?
▪ Roles and Responsibilities
▪ Don’t forget third-party providers
• Detection and Analysis
• Containment, Eradication and Recovery
• Incident/ Breach Communications
• Remediation & Post Incident Activities
• Plan should be comprehensive& inclusive
• Plan should be tested
15. in the Hacker’s Playground
STEP 3: PERIODICALLY TEST AND RE-EVALUATE
YOUR PLAN
• Ensure all team members understand the plan
▪ Approach and timing can make the difference
between a successful and unsuccessful response
• Perform table-top test of Incident Response Plan:
▪ An Untested Plan Can Lead to Unidentified Risks
• Review plan annually
▪ Solutions that were good a year ago may no
longer be viable
Preparing Your Company
21. 6
Vulnerability Management Services
• Simulated “Bad-guy”
• Testyour network and system controls beforethe Hackers do
• Search for vulnerabilities which can allow forpotential attack
vectors (penetration testing and vulnerability assessments)
• Average rate per hour: $150 - $300
• Incidentor breach response:
▪ Detection,forensics and analysis
▪ Containment, eradication and recovery
▪ Postincident remediation
▪ Average rate per hour: $350 - $500+
22. CyberSecure
EASE YOUR MIND WITH CYBERSECURE:
• No cost incident response engagement letter with
terms, conditions and rates to expedite incident
response times
• 24/7/365 incident response team at your service
• Discount on standard rates if paired with a SCORE
Report, Penetration/Phishing Tests, or vCISO
Services
▪ Being aware of your environment pre-incident
will reduce response time
23. Questions?
MICHAEL CAMACHO, CPA, CIA
Partner, Technology, Risk Advisory & Cybersecurity
(TRAC) Practice
Citrin Cooperman
mcamacho@citrincooperman.com
401-742-0478
24. Thank You
F or W at c hi ng & Li s t eni ng
UPCOMING C-SUITE SNACKS WEBINARS:
CONTAINING COSTS AND WINNING THE TALENT WAR: BEST PRACTICES ON
MANAGING EMPLOYEE BENEFITS
April 15, 2021 | 12:00 PM ET/9:00 AM PT
Featuring: Shaun Gagnon, Partner at Camlife
REDUCING RISK AND COST IN THE GLOBAL SUPPLYCHAIN
April 22, 2021 | 12:00 PM ET/9:00 AM PT
Featuring: John Giordano, Partner, and Tom Cook, CEO of Blue Tiger International