Lessons Learned from Cyber Incidents in 2016

1
Wendy’s The Attack: Unusual claims on Customer’s credit or debit cards. The Takeaway: Large corporations that operate multiple independent stores or franchises need to establish a base-line framework of data security guidelines that can be implemented at the individual store level. The Attack: Breach occurring in 2014 resulted in stolen personal information from at least 500 million user accounts. The Takeaway: It is important that confidential company information is never accessed or transmitted using a personal email account. Yahoo! Lessons Learned from Cyber Incidents in 2016 www.cbiz.com Snapchat The Attack: Hackers posing as the CEO convinced an employee to email them the personal information. The Takeaway: Every employee should be taught best practices, like how to create stronger passwords or how to spot suspicious emails. Premiere Healthcare The Attack: Breached after a laptop computer was stolen from the billing department of their headquarters. The Takeaway: Companies should encrypt data that contains personally-identifiable or protected health information in order to reduce their Data security risks. Dyn The Attack: A DDOS attack impaired normal services and resulted in massive outages affecting the Eastern US. The Takeaway: Designing and implementing an incident response strategy is a critical component of any cybersecurity program. www.cbiz.com

Transcript of Lessons Learned from Cyber Incidents in 2016

Page 1: Lessons Learned from Cyber Incidents in 2016

Wendy’sThe Attack: Unusual claims on Customer’s credit or debit cards.The Takeaway: Large corporations that operate multiple independent stores or franchises need to establish a base-line framework of data security guidelines that can be implemented at the individual store level.

The Attack: Breach occurring in 2014 resulted in stolen personal information from at least 500 million user accounts.The Takeaway: It is important that confidential company information is neveraccessed or transmitted using a personal email account.

Yahoo!

Lessons Learned from Cyber Incidents in 2016

www.cbiz.com

Snapchat

The Attack: Hackers posing as the CEO convinced an employee to email them the personal information. The Takeaway: Every employee should be taught best practices, like how to create stronger passwords or how to spot suspicious emails.

Premiere Healthcare

The Attack: Breached after a laptop computer was stolen from the billing department of their headquarters.The Takeaway: Companies should encrypt data that contains personally-identifiable or protected health information in order to reduce their Data security risks.

DynThe Attack: A DDOS attack impaired normal services and resulted in massive outages affecting the Eastern US.The Takeaway: Designing and implementing an incident response strategy is a critical component of any cybersecurity program.

www.cbiz.com

Propagation of cyber incidents in an insurance portfolio ...

Propagation of cyber incidents in an insurance portfolio ...

Costs of Cyber Incidents - OASIS · PDF fileCosts of Cyber Incidents. ... * Slide “Limitations” contains overview of the ROI analysis issues associated with estimating the baseline

Costs of Cyber Incidents - OASIS · PDF fileCosts of Cyber Incidents. ... * Slide “Limitations” contains overview of the ROI analysis issues associated with estimating the baseline

Global Investigations Review The Guide to Cyber Investigations · paring for and dealing with data breaches and other cyber incidents. These incidents can be challenging, to say the

Global Investigations Review The Guide to Cyber Investigations · paring for and dealing with data breaches and other cyber incidents. These incidents can be challenging, to say the

ATOS: Preparing your business to manage cyber incidents

ATOS: Preparing your business to manage cyber incidents

Interacting with the FBI Regarding Cyber Incidents

Interacting with the FBI Regarding Cyber Incidents

Cyber risk management, incident response and investigation ... · comprehensive cyber incident response plans and stress testing those plans by conducting simulated cyber incidents.

Cyber risk management, incident response and investigation ... · comprehensive cyber incident response plans and stress testing those plans by conducting simulated cyber incidents.

Lessons Learned from Sailing Incidents 2011-2015sailingleadership.org/wp-content/uploads/2016/2016-presentations/...Lessons Learned from Sailing Incidents 2011-2015 Chuck Hawley ...

Lessons Learned from Sailing Incidents 2011-2015sailingleadership.org/wp-content/uploads/2016/2016-presentations/...Lessons Learned from Sailing Incidents 2011-2015 Chuck Hawley ...

Cyber Risk Management - Homepage | Healthcare Insurance ... · Cyber Risk Management: A Guide for Healthcare Administrators and Risk Managers. Cyber security incidents in the healthcare

Cyber Risk Management - Homepage | Healthcare Insurance ... · Cyber Risk Management: A Guide for Healthcare Administrators and Risk Managers. Cyber security incidents in the healthcare

MITIGATE CYBER RISK BEFORE, DURING AND AFTER INCIDENTS · MITIGATE CYBER RISK BEFORE, DURING AND AFTER INCIDENTS ... VM2020 brings cutting-edge technology and cyber resilience content

MITIGATE CYBER RISK BEFORE, DURING AND AFTER INCIDENTS · MITIGATE CYBER RISK BEFORE, DURING AND AFTER INCIDENTS ... VM2020 brings cutting-edge technology and cyber resilience content

Analyzing Cyber Incidents from a Risk Assessment Perspectiveciri.illinois.edu/sites/default/files/Seminar Slides_Cyber... · Analyzing Cyber Incidents from a Risk Assessment Perspective

Analyzing Cyber Incidents from a Risk Assessment Perspectiveciri.illinois.edu/sites/default/files/Seminar Slides_Cyber... · Analyzing Cyber Incidents from a Risk Assessment Perspective

People Characteristics: A predictor of Cyber Security incidents?

People Characteristics: A predictor of Cyber Security incidents?

AAPA Recovery and Lessons Learned from Cyber Attacks

AAPA Recovery and Lessons Learned from Cyber Attacks

Lessons Learned from Dam Incidents and Failures …damfailures.org/wp-content/uploads/2015/07/Case-Study...Page 1 Lessons Learned from Dam Incidents and Failures Case Studies Identified

Lessons Learned from Dam Incidents and Failures …damfailures.org/wp-content/uploads/2015/07/Case-Study...Page 1 Lessons Learned from Dam Incidents and Failures Case Studies Identified

Private Sector Attribution of Cyber Incidents

Private Sector Attribution of Cyber Incidents

2015/16 Cyber Security Survey · PDF file2015/16 Cyber Security Survey Results ... The Australian Cyber Security Centre ... incidents involving financial institutions in Bangladesh,

2015/16 Cyber Security Survey · PDF file2015/16 Cyber Security Survey Results ... The Australian Cyber Security Centre ... incidents involving financial institutions in Bangladesh,

Cyber and Information Security - Legal Issues in relation to Cyber Incidents

Cyber and Information Security - Legal Issues in relation to Cyber Incidents

Strategies to Mitigate Cyber Security Incidents ... · Strategies to Mitigate Cyber Security Incidents publication. Additional information is provided in this document to help organisations

Strategies to Mitigate Cyber Security Incidents ... · Strategies to Mitigate Cyber Security Incidents publication. Additional information is provided in this document to help organisations

Cyber Incidents –Data leakage Case Study & Lesson Learnt · He focuses on Digital and Cyber forensics, Discovery and Corporate Investigation, Forensic Analytics, Cyber incident

Cyber Incidents –Data leakage Case Study & Lesson Learnt · He focuses on Digital and Cyber forensics, Discovery and Corporate Investigation, Forensic Analytics, Cyber incident

ISS Attribution of Cyber Incidents FINAL · The report evaluates existing information and academic literature regarding the attribution of cyber incidents. More precisely, it focuses

ISS Attribution of Cyber Incidents FINAL · The report evaluates existing information and academic literature regarding the attribution of cyber incidents. More precisely, it focuses

Analyzing Cyber Incidents from a Risk Assessment Perspective Slides_Cyber Insurance Risk... · Analyzing Cyber Incidents from a Risk Assessment Perspective Jay P. Kesan, Ph.D., J.D.

Analyzing Cyber Incidents from a Risk Assessment Perspective Slides_Cyber Insurance Risk... · Analyzing Cyber Incidents from a Risk Assessment Perspective Jay P. Kesan, Ph.D., J.D.