top 7 ways employees cause cybercrime infections
Post on 17-Jun-2015
Embed Size (px)
DESCRIPTIONDeploying an army of cyber-security solutions doesnt mean that your organizations data is safe. Despite all the information and security solutions out there, North American companies are still not fully aware of the dangers that hackers, social media, and insider threats pose on the organizations data and reputation. Truth is, the average user doesnt really know how to protect themselves... which is ironic, because employees are the #1 cause of security threats today. As the one in charge of your organizations IT security, it is on your shoulders to prevent and fix threats caused by the users you support. Join our panel of security experts on September 26th at 11am PDT and discover the top 7 ways employees cause cybercrime infections (plus learn best practices on how to fix them once and for all)!
- 1. The Top 7 (Latest) Ways Employees Cause Cybercrime Infections
2. Meet Our SpeakersJason Dettbarn Senior Technology AnalystCynthia James Director Business Development, CISSPAlex Brandt VP Americas 3. About Our Experts: Kaspersky Founded in 1997; largest private anti-malware company 100% focused on anti-malware Over $700M annual revenues Presence in 19 countries #1 vendor in Germany, France, Spain, Eastern Europe Protecting over 300 million end points Americas distribution: 12,000 outlets; top two vendors (revenue & units shipping) Top supplier to OEMs/ISVs of anti-malware worldwide 4. Todays Agenda Cybercrime Threatscape: Malware Growth Current Malware: Comprehension Gap The Top (Latest) 7 Ways Employees Cause Cyber Crime Infections Security Solution Overview 3 Tips for CyberSafety at Home Giveaway Questions & Answers 5. Cybercrime Threatscape: Malware Growth 200k unique malware samples PER YEAR were identified in 2006; 2M in 2007now its up to 200K malware samples PER DAY.The quality of malware improves every year. 6. Current Malware: Comprehension Gap Recent years have seen exponential growth in malware. Anyone can enter the cybercrime game. Cybercriminals earn over $100B a year.Over 200K Per DAYWhere most employees/end users think we still areWhere we really are today (2013)Cybercrime will never stop. 7. #1. Poor Password ManagementpresentThe Top 7 (Latest) Ways Employees Cause Cybercrime Infections 8. #1. Poor Password Management Same password, all sites and servers (personal and business)Easy to guess from Facebook 9. #2. Dont Bore Me With Safety Users ignore warningsUsers ignore usage policiesUsers dont inform IT of known security issues 10. #3. Promiscuous Use of WIFI On average we have 4.5 personal internet connected devices How many walk into work each day? How many WIFIs have we frequented in between? How secure are they? To get infected only takes ONE malicious participant from one network OR ONE device which the owner doesnt realize is infected 11. #4. Users DEMAND To be always on, always connectedTo all social mediaTo get the latest features regardless of the security issues 12. #5. They Are Easy APT Targets Cybercriminals target social media for clues The (new) defacto morals clause in employment agreements (dont hurt the brand) Behavior broadcasts over social media Dont upset hacktivists! 13. #6. Companies Under-Estimate The Insider Threat 1 incident of insider fraud per week per year 75% caused financial loss Its very easy to sell data these days 14. #7. Privileges Accumulate And Are Abused When employees change jobs, do rights to data change? Are passwords reset when employees leave? Are admin passwords or backdoors documented and closed? 15. Special Giveaway! Kaspersky CyberSecurity Digest - Free Security Bulletin Free Kaseya Security Bundle Trial Interested? Just respond to the Poll located on the right bottom corner of your Webex platform!Next: The Latest in Mobile Threats 16. The Latest in Mobile Threats Top infection vector infected apps Crackers are widely available: open app, insert malware, repost it Infected via adsMalware is downloaded for Windows or AndroidInfection via SMS or emailProfit model: 1.) SMS premium messaging; 2.) theft of assets (APTs); 3.) stealing authentication codes Advertisers receive the same information we provide the app (geolocation apps for example) Biggest problem: Android updates take 6 months to get 17. Remediation Recommendations Purchase apps from legitimate storefronts (Verify Apps) Use AV on smartphones to defend against APTs Help employees with their devices: Turn Bluetooth to undiscoverable Warn them about malicious apps Require them to register every mobile device which uses the corporate wifi Push data about cybersafety at home 18. 3 Tips for Cyber Safety at Home Go long longer passphrases are much more secure No online banking except over secured wifi Safety/privacy - tell kids & teens: How geolocators in photos work Privacy doesnt exist - dont share family details online 19. Poor Password ManagementPrivileges Accumulate And Are AbusedCompanies Under-Estimate the Insider ThreatDont Bore Me With SafetyThe Top SevenThey are Easy APT TargetsUsers DEMANDPromiscuous Use of WIFI 20. The Power of Layered Security 21. Kaseya Security Stack Endpoint Monitoring & HardeningAntivirusAntiMalwareRemediation Agent ProceduresMonitoringMonitoring Kaseya Antivirus PasswordsKaseya AntiMalwareService Desk & PSAUSB Block ProcessesScheduling & Management 22. Layered Security: Lets Take a Look 23. About Our Experts: KaseyaProviding Enterprise-Class IT Systems Management for Everybody www.kaseya.com 24. UNIFIED MANAGEMENT Discover the State of ITManage the State of ITAutomate the State of IT Scheduling Procedures API/Messaging Reporting Dashboards Interactive Data ViewsSystems Assets Mobile Devices Network DevicesIT Configuration Management Remote Management Software Deployment Power ManagementImage Deployment Desktop Migration Mobile Device ManagementBusiness Continuity Asset Management Network Discover & AD Hardware/Software Asset Management Virtual Machine ManagementAntiVirus AntiMalware Patch Management Software UpdatesFile & Folder BackupService Delivery Security Image Backup Image VirtualizationService Desk/Ticketing Policy Management Service Billing Policy Compliance Time TrackingSystems Monitoring Systems Checks & Alerts Agent Monitoring Enterprise Monitoring Agent-less Monitoring Log Monitoringwww.kaseya.com 25. www.kaseya.com 26. Q&A / Resources Discover: http://www.kaseya.com/resources/webi nars/en/kaseya-solution-overviewContact us: 1 (877) 926-0001 email@example.comTry Kaseya: http://www.kaseya.com/lps/global/lp/p roduct-preview.aspx Use Promo Code: security072013Visit us: www.kaseya.com www.kaseya.com