This webinar will explore and explain the basics of Cybercrimes and how they take place in your company. Further, the session will also present how criminals penetrate in your system and what you can do to prevent it. Main points covered: • How cybercriminals make money • 9 areas needed for true cover • A layered security approach Presenter: Our presenter for this webinar, Nick Ioannou is an IT professional, blogger, author and public speaker on cloud and security issues, with over 20 years’ corporate experience, including 14 years using cloud/hosted software as a service (SaaS) systems. As an early adopter of cloud systems, he has been paying for the privilege of bug testing them ever since, going through the pain points and making sure others don’t have to. He is also the author of “Internet Security Fundamentals” and contributing author of “Managing Cybersecurity Risk”. Link of the recorded session published on YouTube: https://www.youtube.com/watch?v=3E0eyDlhLro&feature=youtu.be

2. How cyber criminals make money

3. Fraud
Extortion
Theft
Unauthorized
Use
How cyber criminals make money

4.  No Legacy Apps
 Cloud First (where practical)
 No Front Facing Services
 Email In The Cloud
 Database In The Cloud
 Licencing In The Cloud
My IT strategy – know what you are defending

5. Backups
Antivirus
Patch
Mgt
Email
Filtering
Web
Filtering
Admin
Privilege
Access
Control
6 basic areas to cover

6. MonitoringForensics
9 areas for true cover

7. Are you buying this?
When you really need these!
Spend your security budget wisely

8. Office 365
Advanced Threat Protection
Exchange Server Rules
2 step verification logins
Our cyber defences cost £22 per person per month

9. Our Cyber Defences
EMAIL INTERNETEMAIL LINKATTACHMENT USERS COMPUTER
Sophos Intercept X
SERVER
Exchange Server Rules
Office 365
Advanced Threat Protection

10. EMAIL INTERNET
24%
LINK
31%
ATTACHMENT
28%
USB DEVICE /
MEMORY CARD 3%
YOUR COMPUTER
How Does Malware Arrive?
SOCIAL MEDIA
4%
Ransomware Infections
BUSINESS APPS 1%
UNKNOWN 9%

11. Our Cyber Defenses
EMAIL
INTERNET
LINK
ATTACHMENT
USERS COMPUTER
Layer 7 UTM Firewall
Web Proxy /
HTTP-HTTPS Filter
Hosted Email Filter
ADVANCED THREAT
PROTECTION
Safe Attachments Filter
Safe Links Real-time Filter
Compliance Archive
Reporting & Analytics
Ratcliffe Groves Partnership – August 2017 Sophos Intercept X
Endpoint Security Ancillary Anti-Ransomware
Least Privilege &
Application Control
Malware Prevention
DNS Filtering
Exchange Server Rules
Email & Internet Security Systems
ADVANCED THREAT
PROTECTION
SERVER
Managed Server
Endpoint Security

12. EMAIL
LINKATTACHMENT
Hosted Email Filter
Safe Attachments Filter Safe Links Real-time Filter
Compliance Archive Reporting & Analytics
Exchange Server Rules
ADVANCED THREAT
PROTECTION
ADVANCED THREAT
PROTECTION
INTERNETUSERS COMPUTER
Protecting email with layered security

13. Protecting internet access with layered security
USERS COMPUTER
INTERNET
Web Proxy / HTTP-HTTPS Filter
DNS Filtering
REMOTE USER
Layer 7 UTM Firewall

14. USERS COMPUTER
Sophos Intercept X
Endpoint Security
Ancillary Anti-Ransomware
Least Privilege &
Application Control
Malware Prevention
Protecting user’s computers with layered security

15. Protecting servers with managed security
SERVER
Managed Server
Endpoint Security

16. Stopping
EXTORTION
Payments you are forced into making


17. Application whitelisting & rights management

18. Multiple anti-ransomware systems
Sophos Intercept X

19. Emails are still the main infection route
Over 7742 emails blocked as spam
Over 11,658 emails rejected
So far in April 2017

20. Stopping
FRAUD
Payments you are tricked into making

21. attachments that include your full name in the filename
only your name in the To field
your name at the top of the email (e.g. FAO / Dear …)
a mix of genuine links as well as fake ones
unique and plausible reference numbers
an email footer from a real business
unsubscribe links
valid customer support numbers and email address
a hook that is relevant to you – something that needs
urgent action to convince you to open the attachment or
click the link
information about a recent personal event, e.g. holiday
location
information about a recent business event
the words urgent, private, confidential
Quarterly staff security awareness training

22. Filtering HTTP and HTTPS traffic

23. Stopping
THEFT
Your data transferred to the criminals

24. Passwords are not enough - enable two-step verification

25. Stopping
UNAUTHORISED USE OF
YOUR COMPUTER


26. Monitoring

27. IT WORKS TODAY
Doesn’t mean it’ll work tomorrow

28. National Vulnerability Database – May 2017
179 known vulnerabilities in last 3 months
927 73 20 49 1
2446 known vulnerabilities in last 3 years
232699 383 631 485 16
AUTOMATED EXPLOIT KITS
ARE SOLD AS A WEB
SERVICE BY CRIMINALS TO
OTHER CRIMINALS
40%
infection rate if clicked
We are still at risk due to software vulnerabilities

29. $30 a month to check malware with 35 antivirus engines
Free to use – reports findings
Pay to use – findings not reported

30. Compromising an update gives criminals total access

31. Forensics & remediation

32. Know what a file is really called
Tick Show/hide – File name extensions
John.SmithCV.pdf
Invoice-22102016.docx
Photos.zip
John.SmithCV.pdf.js
Invoice-22102016.docx.lnk
Photos.zip.exe
Don’t forget the basics

33.  Monthly security reviews
 Have a realistic per person budget
 Invest in staff awareness training
 Layer up solutions to make your budget go further
 Looks for gaps in your security
 Encourage a no blame culture
 Review the market for better products
Don’t stay still

34. ISO 27032 Training Courses
 ISO/IEC 27032 Introduction
1 Day Course
 ISO/IEC 27032 Foundation
2 Days Course
 ISO/IEC 27032 Lead Implementer
5 Days Course
 ISO/IEC 27032 Lead Auditor
5 Days Course
Exam and certification fees are included in the training price.
https://www.pecb.com/iso-iec-27032-training-courses| www.pecb.com/events

35. THANK YOU
?
nick.ioannou@rgp.uk.com
https://www.rgp.uk.com/
https://www.linkedin.com/in/nick-ioannou/
07803085249
Questions?