WELCOME TO:

CYBER SECURITYAND THE IMPACT ON YOUR BUSINESS

HOW DO YOU CURRENTLY BACK UP YOUR DATA?

ADD YOUR RESPONSE AT WWW.SLI.DO

JOIN USING THIS CODE:#5660

WHO WE ARE

"Our mission is to make IT simple. Enabling our customers to succeed by delivering information technology services better than anyone else."

CYBER SCAMS

What were the most prevalent cyber scams of 2016?

How much damage did they cause?

Common frauds & scams in today’s digital marketplace

• Phishing• Vishing• Invoice Redirection• Bogus Boss• Overpayment Fraud

PHISHING

Bogus emails which appear authentic and from legitimate sources• High volume• Fake links, websites, attachments

Tips to protect• Antivirus, Trusteer Rapport, spam filters and firewalls• Https://• Do not respond• Do not click links• Forward suspect emails to: phishing@natwest.com

VISHINGVoice + Phishing = Vishing• Social engineering• Information jigsaws

Tips to protect• Question who is calling• Decline to provide personal information• Do not rely on Caller ID• Do not transfer money

INVOICE REDIRECTIONSpecifically aimed at businessesThey research your business• Suppliers’ details• Payment profile

They attempt to issue a revised payment location controlled by fraudsters.Tips to protect• May begin with post going missing• Validate any requests• Dual-authorise changes• Systems, processes and checks

CASE STUDY

BOGUS BOSS• Email or text reportedly from your ‘boss’• Requests an urgent transfer of funds due to a situation or in

a light-hearted conversation• Fakes/spoofs internal email appearances

Tips to protect• Question the request• Validate the request• Speak to the person

OVERPAYMENT FRAUD• Customer advises they have ‘mistakenly’ overpaid your bill

e.g. £40,000 instead of £4,000• Requests you keep the amount and return the difference• Original payment subsequently bounces

Tips to protect• Typically new clients• Do usual background and reference checks• Think about how you would treat a cheque• Strange type of payment - validate

REMEMBER• Do not share user accounts• Install Trusteer Rapport software• Have up to date antivirus• Never give out your pin/password

Useful contactsEmail: phishing@natwest.comNatWest Fraud: 0345 300 3986Actionfraud: 0300 123 2040

CRYPTOLOCKER

A type of Ransomware that stealthily encrypts all your files and deletes the originals, before demanding payment to reinstate your documents and data. Typically delivered via email or an insecure internet-enabled computer.

In 2016, 54% of UK businesses were hit by some form of Ransomware attack

CRYPTOLOCKER

HOW RANSOMWARE CAN IMPACT YOUR BUSINESS

IF YOU GET IT RIGHT…Hotel in BelfastEmployees: ~500Type of Backup: untested, internally managedWhat happened: AAG brought in when Cryptolocker hit for the 3rd time in 2 weeksResponse: Engineer deployed within 4 hoursRecovery time: <48 hours for all systems; no downtime to booking or critical systemsCost to business: £negligible

IF YOU GET IT WRONG…Company in RotherhamEmployees: 149Type of Backup: untested, externally managedWhat happened: Cryptolocker got onto their network via an infected emailRecovery time: 14 days for critical systemsLast viable Backup: May 2016 (lost five months’ worth of data)Cost to business: £35,000 lost revenue

WHY SHOULD I BACK UP?

• 6.2 million cyber attacks on UK businesses took place in 2015

• 33% of attacks were caused by an employee

• 3,200% - the increase in attack infrastructure used by cybercriminals in 2016

• 80% of CIOs and IT Directors surveyed had experienced a cyber attack

• 37% lost revenue

• 20% had to halt operations*

*540 individuals surveyed by Malwarebytes, 2016

WHY SHOULD I BACK UP?

The typical cost to SMEs of a cyber

attack(PWC IOC Report, 2015)

70%

70% of businesses who suffer a major data loss

fail within one year

(PWC IOC Report, 2015)

75%

75% of businesses fail to successfully execute an

untested Disaster Recovery plan (PWC IOC Report, 2015)

£75k - £311k

HOW SHOULD I BACK UP?

How do you back up? Let’s have a look at the results

Popular + unreliable

Less popular + more reliable

Becoming popular + most reliable

Optical Drive Disk-to-Disk Site-to-Site BackupTapes CloudUSB Hard Drive Site-to-Site + Cloud

How often do you test your Backup method?

HOW SHOULD I BACK UP?

Cloud vs. Site-to-Site vs. Disk

The recommended Backup method is always down to your business needs. Typically, Cloud and/or Site-to-Site Backup

gives the best value and peace of mind

Capacity Security ReliabilityCloud Unlimited Very secure 99.99% uptimeSite-to-Site Flexible Secure More reliableDisk/USB Hard Drive

Limited Easily corruptible

Less reliable

Tape Limited Easily corruptible

Unreliable

COST OF SECURING YOUR DATA

ANNUAL TURNOVER

MONTHLY REVENUE(21 WORKING DAYS)

£1 MILLION £82,677 £3 MILLION £248,031£5 MILLION £413,385£10 MILLION £826,770

CLOUD COST(DATA-DEPENDENT)

£150£250£350£500

% OF TURNOVER

0.007%0.001%0.0008%0.0006%

ANNUAL TURNOVER

COST OF 12 DAYS’ LOST BUSINESS

£1 MILLION £47,244£3 MILLION £141,732£5 MILLION £236,220£10 MILLION £472,440 *based on 254 working days per

year

BACKUP & DISASTER RECOVERY

Backup refers to the copying and archiving of computer data so it may be used to restore the original after a data loss event.

Backup is different to Disaster Recovery:

• Backup is simply making one or more copies of your data in case the original is lost or damaged

• Disaster Recovery is restoring that data in the instance that the original is lost or damaged.

Backup, Disaster Recovery and Cyber

Security

LEGAL ISSUES

INTRODUCTION• Shulmans LLP• One of the fastest growing Commercial law firms in the UK• Providing a national service from a cost effective base in

Leeds• Experienced team with a focus on compliance, risk

management, technology and good business practice• Risk and Regulation• Strategy and Risk Management• Business Process Advice• Crisis Management and Regulator Response

mlumley@shulmans.co.uk hgoldthorpe@shulmans.co.uk

CHANGING LANDSCAPE• Increasingly connected world• Obsolete or vulnerable technology• Increasingly complex attacks• Rise of the Super-Regulator• ICO• National Cyber Security Centre (or similar)• HSE• Sector-specific regulation e.g. Financial Services

RISK

What risks are we trying to avoid?• Injury• Financial Loss• Reputational Damage• IP & Confidential Information Loss• Regulatory Intervention/fines• Liability to third parties• Interference with operation/production• Maintaining services/data availability

REGULATION

• Any interruption to business could expose you to claims e.g. that you are unable to carry out contracted services• ALWAYS good business sense to protect against this risk• In some sectors there are also specific obligations to put security

in place:• Personal Data• Cyber Security Directive• Financial Services• Payment card information

PERSONAL DATA PROTECTION

• Specific regulation relating to personal data• Currently Data Protection Act 1998• General Data Protection Regulation in force 2018• Both contain obligations to have appropriate security measures“…the controller [and the processor] shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk…”• Stronger obligations for sensitive personal data• Stronger notification requirements in GDPR

CYBER SECURITY DIRECTIVE• Will take effect in UK by May 2018• Impacts on operators of essential services and digital service

providers• Online marketplace, online search engine, cloud computing service• NOT hardware manufacturers/software developers/micro or small enterprises

• Security requirements“appropriate and proportionate organisational risk management measures including measures to prevent and minimise the impact of incidents that affect security of networks and information systems”

• Incident notification• Will require

• Risk management systems• Reporting processes

• Enforcement - fines?

INCIDENT RESPONSE

• Legal obligations don’t just cover putting technical protection in place• Also cover how you respond to an incident – containment, recovery,

notification• Disasters do happen – need to plan ahead• Legal priorities

• Regulatory notification obligations• Contractual notification obligations• Potential liability to third parties• Are you able to pursue the perpetrator (especially for employee fraud) or

recover money/IP/assets?• Legal privilege

• Plan ahead so you can act fast!

DIRECTORS’ LIABILITY

• s61 DPA• Directors’ duties• Regulatory obligations• ICO may request undertakings from directors

CASE STUDY: EMPLOYMENT FRAUD

• Apparently loyal employees• Handed in notice, off sick• No apparent warning signs• But…

• Copied emails to home address• Used FTP File transfer software to transfer large files – difficult to

detect• Software, designs, clients, suppliers and pricing all copied

• Loss?• What did we do?

WHAT NEXT?• I’m too busy!• Schedule time to review risks and strategy• Understand your risk profile• Formulate an action plan• Fit into your “business year”

• Who needs to be involved?• Board, key managers, staff, consultants, key suppliers• Lawyers and specialist consultants

OUR SOLUTION• Data Protect Workshop with AAG and Shulmans

• A planned, time & cost controlled solution• Intro to other key business participants - high level summary of law and approach to risk assessment • Scoping questionnaire• Workshop:

• legal and technical • individual business needs• Board, management & operational

• Outputs – technical requirements, risk analysis & risk register, business knowledge, policies, procedures, training materials.

• Outputs - data protection policies, customer document and online policies, business continuity policy update, disaster recovery, cyber Incident response & cyber risk training. Delivered in physical and digital formats

• Outputs - high level summary for board, compliance protection & insurers/brokers • Layered approach to information, role specific (board, management and operational)• Annual review and access to ongoing technical and legal support.

• Available dates

SUMMARY• If your business is important to you, it is worth protecting it with a Backup

& Disaster Recovery strategy that you can have confidence in

• Educate your staff of the latest cyber scams and types of Ransomware attacks

• Test your current Backup

• Review your Disaster Recovery plan

• Implement a responsibilities chart

• Book your Data Protect Workshop with AAG and Shulmanssales@aagsystems.co.uk www.linkedin.com/company/aagsystems 0114 399 0995