Information Security The issue, why you should care and how you can help keep

your data safe.

•Data breaches cost companies millions if not billions of dollars each year.

•With more than 50,000 new threats emerging each day, it can be challenging to keep your organization protected.

April 8, 2023

Why is data security an important issue?

of these attacks were attributed to external agents

81% of attacks involved some sort of digitalhacking

174 million records were compromised

There were

data breaches

in 2011 alone

There were

data breaches

in 2011 alone

855

were targets of opportunity

of victims

Security by the Numbers

79%

April 8, 20233 Source: 2012 Data Breach Investigations Report

98%

Fraud

These attacks are after credit card numbers, bank accounts, pass-words … anything they can use themselves or sell for profit.

Industrial Espionage

This is the most difficult motive to protect yourself against because specific proprietary information is targeted.

Activism

Activists disagree with a particular political or social stance you take, and want only to create chaos and embarrass your company until you’ve learned your lesson.

Why are you being attacked?

April 8, 2023 4

Top Three Security Threats

Once you’re able to identify your organization’s potential targets, it’s important to understand the most common types of attacks could face.

• Malware

• Internet-facing applications

• Social engineering

April 8, 2023

Social Engineering: You Are the Weakest Link

For a company with more than 30 employees, one expert puts the success rate of social engineering at 100%.

Social engineering is the art of deceptively influencing a person face to face, over the phone, via email, etc., to get the information you want.

For example:Convincing an employee to share a company

password over the phoneTricking someone into opening a malicious

email attachmentSending a company “free” hardware that’s

been pre-infected

There is a bright side . . .

“Criminals are lazy and don’t want to work, so they go after the low-hanging fruit. Companies need to think about this so their baseline of security is above the level of low-hanging fruit.”

—Kevin Mitnick, the world’s most famous former hacker

April 8, 2023 Xerox Internal Use Only 8

How can you help keep your organization safe?

• Educate and train your staff on the dangers of social engineering.

• Perform a security audit to find and fix any glaring vulnerabilities.

• Ask yourself (or whoever is in charge of IT) five simple questions . . .

April 8, 20238

“What security controls and processes are set up in the organization to prevent and detect security breaches?”

“What is the response capability if a security incident is detected?”

“Do we test our security posture on an annual basis (called pen testing)?”

“Are we able to handle our security requirements in-house or do we need to outsource them?”

April 8, 2023 9

“If we need to outsource it, how do we find the best provider?”54321

1. Establish a VPN connection when using free Wi-Fi. This keeps bad guys from eavesdropping on your internet usage.

2. Use Google Chrome as your default browser. This isn’t a plug for Google—Internet Explorer is the most frequently targeted browser.

3. Make sure all of your software is up to date. Enable automatic update settings and frequently check for newer versions of software.

4. Be wary of peer-to-peer sharing. Downloading certain file-sharing utilities can open up your entire hard drive to the world.

5. Diversify your passwords. If you’re having trouble keeping them straight, use a free, downloadable password manager.

April 8, 2023 10

Follow These Everyday Rules of Thumb

For more valuable insights, visit GetOptimistic.com

Presented by Xerox