5 ways to handle fraud & security issues for small businesses
DESCRIPTION
Fraud and security incidents occur more than you think and are very possible to happen to any size organization, not just the enterprise. Is your small business prepared to handle a breach if it happens to you? Do you have a security incident response plan ready? Please join Michelle Syc on November 14th for her presentation, “5 Ways to Handle Fraud & Security Issues for Small Businesses”. She will discuss what to do when fraud has hit your business and will share: • How to protect yourselves on a continued basis from fraud and security issues • The importance of employee security within the workplace, especially when there is no HR department • Patient Data Security for Employers and Employees Finally, Michelle will wrap up the presentation with the 5 key things to bring back to your offices in order to prevent any breaches.TRANSCRIPT
5 Ways to Handle Fraud & Security Issues for Small Businesses
Michelle D. Syc, CISSP, CEHSenior Analyst, Advisory & Assurance Services
Topics
Common Threats to Business Information Cybercrime Updates Cybersecurity: Preparedness, Assessments, Risk Mitigation Incident Response for the Small Business
Common Threats to Small Business Information
Hacking and Malware Lost or Stolen Physical Storage Media Insider Threat and Human Error Accidents and Natural Disasters
0
50,000
100,000
150,000
200,000
250,000
300,000
350,000
400,000
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Num
ber o
f Com
plaints (in th
ousand
s)
Years
Cybercrime Complaints by Year
Source: 2013 ICS Annual Report
Cybercrime U
pdate
$0
$100
$200
$300
$400
$500
$600
$700
$800
$900
2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Dollar Loss (in m
illions)
Years
Cybercrime Loss Snapshot
Source: 2013 ICS Annual Report
Cybercrime U
pdate
Cybercrime Com
mon Schem
es
34%
15%22%
2%2%
25%
Percentage Complaints by Scheme Type
Auto‐Auction Fraud Romance ScamsFBI Scams Hit Man ScamRansomware / Scareware Scams Real Estate Scam
Source: 2013 ICS Annual Report
Cyber Preparedness for the Small Business
Set up a secure system
Cyber Assessments for the Small Business
Information Type
Media type or storage location
Value (high,medium, low)
Risk Level (high, medium, low)
Notes
Personnel Records
My Desktop High High Needed for Payroll
Cyber Risk Mitigation for the Small Business
“The only defense against the world is a thorough knowledge of it.”
‐John Locke
Incident Response for the Small Business
Common Data Security Requirements / Standards
SEC Cybersecurity Disclosure Guidance Fair Credit Reporting Act (FCRA) State data breach notification laws Gramm‐Leach‐Bliley Act (GLBA) Health Insurance Portability and Accountability Act
(HIPAA) Payment Card Industry Data Security Standards (PCI
DSS)
Action Items
1. Set up a secure system2. Protect business data3. Train workforce4. Prepare to respond to incident5. STOP. THINK. CONNECT.
Resources IC3 Fraud Alerts:
o http://www.ic3.gov/media/default.aspx Federal Trade Commission Guide for Protecting Personal
Informationo http://www.ftc.gov/infosecurity
United States Computer Emergency Readiness Team (US‐CERT)o www.us‐cert.gov
HIPAAo www.hhs.gov
PCI DSS:o https://www.pcisecuritystandards.org/merchants/index.php
www.thinkADNET.com
@ADNETTech
@ADNETTechnologiesLLC
@ADNETTechnologiesLLC
@ADNETTech