robert zellers/director of it security · 30% of data breaches globally are caused by negligent end...
TRANSCRIPT
![Page 1: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/1.jpg)
![Page 2: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/2.jpg)
Robert Zellers/Director of IT Security
![Page 3: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/3.jpg)
IDG/CSO50 ParticipantsSpecial Thank You
For your assistance !!
![Page 4: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/4.jpg)
VisionariesCIO-Roderick Houpe &
DCIO-C. Curtis Timmons
Special Thank You for the guidance in the creation of the Security Department
![Page 5: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/5.jpg)
Department of Information Technology
![Page 6: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/6.jpg)
Security Division Members
Carlos Artagos VI Russell MonkJohn Erne Stacy Clark-Warren
Special Thank you to Micheale Eccleston
Payroll Department & Jerry Krane (Intellinet)
![Page 7: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/7.jpg)
Demographics
• 7500 Employees• 39,000 Students• 104 Buildings• 84.1 Square Miles• $1.5 Billion- Budget 2016-17
![Page 8: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/8.jpg)
Our Story
• December 2016- Launched Online Payroll System• January 2017- Data Breach (74 Employees-$100K)• February 2017- Creation of the Security Division• May 2017- Attended CSO50 Conference
![Page 9: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/9.jpg)
End users are the weakest link.
![Page 10: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/10.jpg)
Over 95% of all security incidents investigated recognized human error as a contributing error.2
Why do we still care about security training?
75%of large organizations and 31% of smaller organizations fell victim to a staff-related
security breach in the last year.1
of organizations’ worst breaches were the result of inadvertent human error.150%
Act
Now
Intruders are becoming more sophisticated and are using highly targeted social engineering attacks that
are difficult to defend against. If you don’t have a current security awareness and training program, it is
time to join the 72% of large organizations and 68% of small organizations that conduct security training
on an ongoing basis.1
Many employees have access to system networks that
in turn can access confidential and sensitive
information. It is important to educate these users on
the best practices needed for them to protect both
themselves and the organization from any potential
threats or attacks.
55% of companies indicated that they believe
privileged users were the biggest internal threat to
corporate data.3
30% of data breaches globally are caused by
negligent end users.4
Sources: 1 – PwC 2015 Information Security Breaches Report, 2 – IBM Security Services 2014 Cyber Security Intelligence Index,
3 – 2015 Vormetric Insider Threat Report, 4 – Ponemon Institute, 2014 Cost of a Data Breach Study
![Page 11: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/11.jpg)
Security Awareness Strategy
• CMSD Security Awareness Website
• Security Awareness Intervention
• Security Awareness Branding
• Security Hotline
• Security Email account
![Page 12: Robert Zellers/Director of IT Security · 30% of data breaches globally are caused by negligent end users.4 Sources: 1 –PwC 2015 Information Security Breaches Report, 2 –IBM Security](https://reader034.vdocuments.mx/reader034/viewer/2022043019/5f3bcab739ec3e43d05a3a32/html5/thumbnails/12.jpg)
Security Awareness Results
• Reduction of lost funds
• Reduction of Phishing incidents
• Improved Security Awareness knowledge
• Continued training needed