action - fujitsu · 2014-06-19 · training comms skills governance policies controls network...
TRANSCRIPT
Start with Secure Thinking.Ask for a Fujitsu Information Security
and Risk Assessment.Contact the team at Fujitsu on:
0870 242 7998or visit
uk.fujitsu.com/securethinking
Keep up-to-date on everything! Cyber threats are constantly evolving, meaning it’s not adequate to simply ‘fit and forget’. It’s essential to keep
all defences up to date.Many organisations fail to refer to security risk assessments
to identify the people, processes or technology that need to be brought up-to-speed. The result is that gaps start to creep in.
5
ACTIONKnow your risks and ensure your security matches your
organisation’s data protection obligations.
Invest the time to recognise your risks Cyber criminals target complacency.
An organisation might not understand the full risks or think there is nothing worth targeting. It is this mindset that leaves it
vulnerable to attack from a range of vectors:
ADVANCEDPERSISTENT
THREATS
MAlwARE
lOSSOF DATA
CYBERSTAlKING
PHISHING SCAMS
IDENTITY& ACCESS
MANAGEMENT
FRAUD OR IDENTITY
THEFTCOMPUTER
VIRUSES
DENIAl- OF-SERVICE
ATTACKS
1
ACTIONGet a complete risk assessment of your Cyber Security
to understand the risk of every potential attack.
Know precisely what needs protecting Once you know the risks you will know what you need to protect.
This does not have to be a costly process. It is all about developing a plan that covers cyber security across
every area of your organisation: from your people and your processes to your technology.
INFORMATION SECURITY AND RISK
ASSESSMENT
PEOPlE PROCESSES TECHNOlOGY
TRAINING COMMS SKIllS GOVERNANCE POlICIES
CONTROlS NETwORK DATACENTRE STORAGE APPlICATION
2
ACTIONAnalyse your infrastructure through an audit and
allocate a sliding scale of resources according to the potential impact on the organisation.
Be clear what you are protecting against Anti-virus and URL filtering used to be sufficient protection
from cyber attacks. Not anymore.The increasing sophistication of targeted attacks has changed
everything. Today’s advanced attacks occur in seven stages that can result in the theft of your data.
But are your defences ready?
3
ACTIONLook for evidence of advanced threats or data theft
and take preventative measures to protect the organisation from future attacks.
RECONGather online information to build targeted lures
1
lURETwo Types: email and web
2
CAll HOMECalls home for more malware to expand attack
6
DATA THEFTCybercrime reaches outinto internal systems for data to steal.
7
DROPPER FIlEIf vulnerability exists, malware dropper file is delivered.
5
ExPlOIT KITUser’s system is inspected for an open vulnerability
4
REDIRECTFunnels and sends the user to a hidden server.
3
FREE GIFTS
CYBERCRIMEOPERATIONS
FREE GIFTS
CYBERCRIMEOPERATIONS
FREE GIFTS
CYBERCRIMEOPERATIONS
FREE GIFTS
CYBERCRIMEOPERATIONS
FREE GIFTS
CYBERCRIMEOPERATIONS
FREE GIFTS
CYBERCRIMEOPERATIONS
FREE GIFTS
CYBERCRIMEOPERATIONS
what should you be looking out for?
stages of advanced threats & data theft
Train your people to recognise the threats A report by the National Audit Office claims the IT security skills gap will take up to 20 years to close, leaving the UK
vulnerable to regular attacks.Public and private sector organisations must train staff to
follow security policies and procedures and provide them with the essential skills to tackle cyber crime. More than that, senior management must invest the time in understanding the risks
and what investments to make.
Trust in the ability of government organisations to protect citizen data is at an all-time low.
Fujitsu presents: 5 practical ways you can start to protect citizen data.
Source: National Audit Office & Information Commissioner’s Office
4
ACTIONUnderstand which skills already exist and which ones
are missing and then create a programme of staff training for all levels of the organisation.
44mcyber attacks in
2011 in the UK
£2.6MIllION
Fines handed out by the ICO to government
organisations in 2012
80%Proportion of cyber attacks
that could be prevented through simple
computer and network ‘hygiene’
Working together with expert security partners:
PROTECTIONPROTECTION
RISK
HACKERS
THEFT
SECURITY CONNECTEDCITIZENS5 ways to protect citizen data.
Source: Fujitsu Source: Clearswift
80%Number of councils that experienced a
security breach in 2012
Those with ‘implicit trust’ in central government to use data securely
6%2013
14%2003
The question is: Are you taking them seriously?
Meanwhile, cyber attacks are on the increase.