ibm vciso sunderland
TRANSCRIPT
![Page 1: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/1.jpg)
@1davidclarke Email [email protected] for list of links
• IBM Interconnect26th March 2015Sunderland Software Centre
"Thank You to the IBM Team for puttng this event together.“http://www.slideshare.net/IBMInterconnect/inter-connect-sunderland-agenda?
qid=cbafb915-e826-4d62-9e21-b1f837afc3fa&v=&b=&from_search=5
Th
![Page 2: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/2.jpg)
@1davidclarke Email [email protected] for list of links
David Clarke• Created CERT on a Financial Intranet trading $3.5
Trillion a day ,CPNI Member 10 Years.
• Managed Global Managed Security Services with a $100-$300 million Global install base 500 + Customers with $3.4 Billion dollar Contracts.
• Created , maintained and improved regulatory and compliance commitments including Global PCI-DSS, ISO 27001 (10,000+ Security Devices/Systems ).
![Page 3: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/3.jpg)
@1davidclarke Email [email protected] for list of links
"The 7 Most Important Steps to Cyber protection for SME's -"
![Page 4: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/4.jpg)
@1davidclarke Email [email protected] for list of links
• "....that can cost less than a Latte and
could get you Enterprise Level
Cyber Security !..."
• Updated List of Software /Service vciso.co/lattesecurity
![Page 5: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/5.jpg)
@1davidclarke Email [email protected] for list of links
Cost Of Latte Around the world
Grande latte in Oslo cost jolting $9.83
![Page 6: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/6.jpg)
@1davidclarke Email [email protected] for list of links
![Page 7: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/7.jpg)
@1davidclarke Email [email protected] for list of links
How does this affect Small Business
• Cyber attacks third biggest risk for UK firms, as supply chain disruption remains top concern - See more at: Jan 15th 2015
• http://www.supplymanagement.com/news/2015/cyber-attacks-third-biggest-risk-for-uk-firms-as-supply-chain-disruption-remains-top#sthash.iHZoSvDS.dpuf
![Page 8: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/8.jpg)
@1davidclarke Email [email protected] for list of links
Impact for Small Business• To Supply IT services to HMG Compliant
with Cyber Essentials.• Potentially Suppliers to suppliers will need
to demonstrate cyber security practices• Suppliers to larger compnanies are
already being asked.
![Page 9: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/9.jpg)
@1davidclarke Email [email protected] for list of links
What can Small business do to level The playing field.
![Page 10: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/10.jpg)
@1davidclarke Email [email protected] for list of links
1. System Misconfiguration2. Patch Management3. Default Passwords4. Easy to Guess Passwords5. Lost Devices6. Disclosure of info via incorrect email address7. Double Clicking Attachment/URL
![Page 11: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/11.jpg)
@1davidclarke Email [email protected] for list of links
Re- Arrange this List1. Easy to Guess Passwords2. Default Passwords3. Disclosure of info via incorrect email address4. Patch Management5. Lost Devices6. Double Clicking Attachment/URL7. System Misconfiguration
![Page 12: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/12.jpg)
@1davidclarke Email [email protected] for list of links
PasswordsTwo Main Types Types
• Master PasswordsAccess to PC's and Servers and Appliances <10• Constant Use PasswordsEmail,Ebay,Dropbox etc >100's
![Page 13: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/13.jpg)
@1davidclarke Email [email protected] for list of links
Master Passwords
If you have this Card nothing to remember Cost One Time <£5.00
https://www.qwertycards.com/
![Page 14: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/14.jpg)
@1davidclarke Email [email protected] for list of links
Constant Use Passwords
If you have this Software nothing to remember Cost Yearly $12.00
Auto FillCreates Password Saves SiteFree$12/Year for Mobile
![Page 15: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/15.jpg)
@1davidclarke Email [email protected] for list of links
If you have a Large Team
If you have this Software nothing to remember Cost Monthly about $10
Auto FillCreates Password Saves Site$10/A month
![Page 16: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/16.jpg)
@1davidclarke Email [email protected] for list of links
Email Passwords• Gmail 2 Stage Authentication• Password and a text
• Yahoo On time password • They will text you new password
• If you have this Software nothing to remember FREE
![Page 17: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/17.jpg)
@1davidclarke Email [email protected] for list of links
List 11. Easy to Guess Passwords2. Default Passwords3. Disclosure of info via incorrect email address4. Patch Management5. Lost Devices6. Double Clicking Attachment/URL7. System Misconfiguration
![Page 18: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/18.jpg)
@1davidclarke Email [email protected] for list of links
Disclosure of Information• https://www.prot-on.com/tryIt.html
Basic Version is FreeEasy to use ,QuickCreate a list of people allowed to see document.
![Page 19: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/19.jpg)
@1davidclarke Email [email protected] for list of links
List 31. Easy to Guess Passwords2. Default Passwords3. Disclosure of info via incorrect email address4. Patch Management5. Lost Devices6. Double Clicking Attachment/URL7. System Misconfiguration
![Page 20: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/20.jpg)
@1davidclarke Email [email protected] for list of links
Patch Managment• http://secunia.com/products/
![Page 21: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/21.jpg)
@1davidclarke Email [email protected] for list of links
List 41. Easy to Guess Passwords2. Default Passwords3. Disclosure of info via incorrect email address4. Patch Management5. Lost Devices6. Double Clicking Attachment/URL7. System Misconfiguration
![Page 22: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/22.jpg)
@1davidclarke Email [email protected] for list of links
Lost Devices• Mobile Phones• Apple Icloud • Lock/Phone/Track Phone
• Android • Lock/Phone/Track Ring, Lock, or Erase AVG/Google• https://www.avgmobilation.com/
![Page 23: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/23.jpg)
@1davidclarke Email [email protected] for list of links
Lost PC's
• Dropbox• Sugarsync• Google Drive
• Real Time Back Up • Use Cloud encryption
PerfectCloud.io to Encrypt Free Account
![Page 24: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/24.jpg)
@1davidclarke Email [email protected] for list of links
List 51. Easy to Guess Passwords2. Default Passwords3. Disclosure of info via incorrect email address4. Patch Management5. Lost Devices6. Double Clicking Attachment/URL7. System Misconfiguration
![Page 25: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/25.jpg)
@1davidclarke Email [email protected] for list of links
Double Clicking Attachment/URL• Use Gmail/Yahoo to filter out the Worst.• Panda Security Plugin warns against sites• http://www.pandasecurity.com/homeusers/downloads/wot/ • Chrome Safe Browsing enabled
![Page 26: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/26.jpg)
@1davidclarke Email [email protected] for list of links
Who are You Going To Call?• https://www.cert.gov.uk/what-we-do/
responding-to-a-cyber-issue/getting-help/
![Page 27: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/27.jpg)
@1davidclarke Email [email protected] for list of links
What Are you Going to do?• https://www.malwarebytes.org/• http://housecall.trendmicro.com/uk/
Am I really Vulnerable?https://breachalarm.comBreachAlarm monitors the Internet for your passwords being compromised and posted online.
![Page 29: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/29.jpg)
@1davidclarke Email [email protected] for list of links
Bonus Slide• Kids, Controlling Access.• http://www.netgenie.net/global/ Around £100
• Free SIEM Security Incident Event Managment• https://siemless.com/
• Take Credit Cards with Free CC Reader• https://www.izettle.com/gb/service
• Free Invoicing on The Web• https://www.waveapps.com/
![Page 30: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/30.jpg)
@1davidclarke Email [email protected] for list of links
• Breach Legislation, IT or Legal?
• " the proposed regulation of up to 5% of annual worldwide turnover, or €100"
![Page 31: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/31.jpg)
@1davidclarke Email [email protected] for list of links
• Information Sharing , Who,When, How• "The ICO has imposed a monetary penalty
of £200000 on the British Pregnancy Advice Service (BPAS) for exposing thousands of personal"
![Page 32: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/32.jpg)
@1davidclarke Email [email protected] for list of links
• Compliance is the best protection?• "Resistance is futile" Gartner• "Brighton and Sussex University Hospitals NHS
Trust fined £325k after hard drives with highly-sensitive patient data were sold on eBay, - "
![Page 33: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/33.jpg)
@1davidclarke Email [email protected] for list of links
• Best Practice or is this Compliance ?• "The ICO can issue fines of up to
£500,000 for serious breaches of the Data Protection Act and Privacy and Electronic Communications Regulations." ICO
![Page 34: Ibm vciso sunderland](https://reader036.vdocuments.mx/reader036/viewer/2022062401/58efa5e61a28ab7e388b45e5/html5/thumbnails/34.jpg)
@1davidclarke Email [email protected] for list of links
• Incident Response,Strategy
• "There are two kinds of big companies in the U.S. Those who’ve been hacked by the Chinese and those who don’t know they’ve been hacked.”
FBI