Not too small to be overlooked by cyber-criminals

877.550.2568 info@cloudaccess.com www.cloudaccess.com

company focused on delivering a

comprehensive security platform in the

cloud or on-premise. CloudAccess

REACT is a unique security offering that

analyses patterns of behavior, identifies

anomalous behavior and takes action in

real-time to protect enterprise assets.

REACT can integrate with any security

product, database, directory and other

sources to correlate identities, access

rights, network security information,

user behavior, application behavior and

other events to establish a pattern.

REACT compares patterns of behavior

at any point in time with the historical

patterns to identify the anomalous

behavior.

TM

CloudAccess is an award-winningcloud-based security-as-a-service...

REACT at a glance: Extending SIEM’s capabilities-identify anomolous behavior, take action in real time

• Integrates SIEM, IDM, AM, Log • Creates predictive analytic intelligence

• Analyze patterns of behavior • Correlates detailed metrics of devices, users, apps

• Recognize threats in real-time • Centralize mutliple silos of security

• Connect to any security solution • Manage from the cloud OR on-premise

TM

50% of small businesses have been the target of a cyber attack

If you’re a business, there’s a target on your back, or your data to be more precise. Cyber criminals

have developed a lucrative, black market enterprise that will rival some major companies when it

comes to valuing information that’s been hacked from legitimate sources.

Hardly a week goes by without a release about a high-profile cyber attack against a company. At

a presentation entitled, “Hacked: The Realities of a Cyber Event” hosted by Travelers in Washington,

D.C., recently, a panel of experts discussed the impact of cyber crime on small to medium-sized

businesses. “One in two companies report being the target of a cyber attack,” stated Tim Francis,

enterprise leader for cyber insurance for Travelers. “Sixty percent of attacks last year struck small

to medium-sized businesses.” He said there are 34,529 known computer incidents each day and

the goal for the bad guys is to “make money as easily as possible.”

All of the information stolen has value on the Dark Web, where names, social security numbers,

credit cards and other data are available for sale. Credit cards can be purchased for $10 to $35 per

name. Social security numbers are worth significantly more because they can allow users to open

bank accounts, credit cards, rent apartments and basically create a new identity.

Purveyors of information on the Dark Web are extremely sophisticated, even providing credit card

return policies if the cards purchased don’t work, and customer service to help criminals use their

stolen information effectively said Francis. “You can purchase specialized information, like credit

card numbers for 30-35-year-olds who live in lower Manhattan,” he added.

TM

TM

Just last week, T-Mobile announced that approximately 15 million customers who had applied for credit with the

mobile carrier had their information stolen by hackers who accessed a database run by credit monitoring firm,

Experian. Hackers accessed names, addresses and social security numbers.

Commenting on the breach, Francis said, “Cyber threats are increasing, but businesses can take action. Hackers

have evolved and are now more sophisticated than ever.”

He said that the industry is seeing more state affiliated hackers coming out of countries like China, North Korea

and Russia. And some hackers attack companies because they don’t agree with their ideology or what their

business does as in the case with Ashley Madison. “An industry or outspoken CEO can cause a company to

become a target,” Francis explained.

Data breaches still cause the largest losses for companies, and frequently the breach is due to vulnerabilities

from within the company such as an employee who works from home and has his or her computer hacked, or

somehow loses a computer with unencrypted information.

Small businesses are particularly vulnerable because they may not have the resources to prevent an attack or

they may believe they would never be a target. Chris Hauser, second vice president with Travelers Investigative

Services said that small businesses also may not vet their new employees as carefully as larger companies with

more resources and may hire the wrong person such as an employee who skims credit cards.

Hauser said, “Sometimes employees don’t act maliciously, but they may do something wrong unknowingly.”

He gave an example involving social engineering, a sophisticated attack where the hacker poses as a company

executive who sends an employee what looks like a legitimate email instructing the employee to transfer money

from one account to another. The reality is that the wire transfer goes into the hacker’s offshore account and

the money will never be recovered.

In another scenario, an employee may click on a link that puts a Trojan program on the server that allows

hackers to gain access to the company’s database. Other hacks may allow someone to access a company’s

social media credentials so they can take over the firm’s social media sites and post information that will

harm the business in some manner.

CloudAccess CEO Kevin Nikkhoo said that many companies post the wrong information on social media or

they outsource data to a vendor who doesn’t protect the information being shared. It’s still an issue for the

company that outsourced the data management because they are responsible for the information.When

companies reach out to his firm, Nikkhoo said the priority is to get a sense of what transpired.

He asks questions such as:

• Was customer information hacked?

• Were employee records impacted?

• When was the last time the company purged the data?

• Did they get into your payment processes and access credit cards?

• How far back do the records go?

877.550.2568 info@cloudaccess.com www.cloudaccess.com

He doesn’t expect the company to have all of the answers, but since there are deadlines for federal regulators,

understanding what kind of information is in play is critical. “We need to deal with provable facts, bring in a

forensic company, develop a scope of work and come up with a plan of attack,” he explained. “We need to know

how many records were touched, what burned and what didn’t burn.”

Managing the Message

Once the scope of the breach has been identified, the company must develop a plan to share that information

with customers, regulators if they are publicly held, the media and the public in general. How the details of the

breach are explained and the information conveyed to all of these constituents is vital in repairing the damage

to the company’s reputation.

Melanie Dougherty, CEO and managing director at public relations firm, Inform said, “The natural response is

to shut the door to the media, but many times you are obliged to respond for legal or regulatory reasons.”

Since many breaches stem from human error, companies need to be prepared for this eventuality and work on

messages that will help them recapture their customers and their reputations. “It’s not the breach, it’s the

perception of a cover-up that can cost a company,” she added.

“For a small company, a data breach can force them to shut their doors forever,” said Francis. He shared that

one Travelers customer spent around $300,000 to find out they didn’t have a breach, but it was still important

information for the company to have and it allowed them to see how their processes would work in the event

of an actual breach.

Four common weak spots for companies were identified:

• Intrusion detection software – this raises a red flag when a system has been breached. It’s important to

have someone in the company monitor this and respond immediately when a breach is detected.

• Encryption of private data – encrypting data can turn a lost laptop into a paperweight, although a sticky

note with the password on the computer can undo an expensive encryption program

• Patch management – companies have to apply them to patch vulnerabilities in programs and keep

software up to date

• Vendor mismanagement – vendors have to be trustworthy and protect the information they are

entrusted with for a company

All companies are vulnerable, regardless of their size and insurers are now tailoring policies to meet

the needs of all businesses. “Less than 20% of companies have cyber insurance now,” said Francis.

With the reality becoming more of a “when” scenario as opposed to an “if” possibility, companies

will need to be proactive in managing this emerging risk. “Once a data breach happens, the

biggest problem is that no one knows who to call,” added Francis. “It’s important for businesses

to create clear action plans to help manage the data breach.”

877.550.2568 info@cloudaccess.com www.cloudaccess.com