1 / 15

Assessing Human Risk Factors - Proactively Preventing Data Breaches

This presentation covers the importance of assessing human risk factors and implementing proactive measures to prevent data breaches. Topics include the results and improvements of a phishing and training baseline assessment, 5 steps to a successful security program, continuous education, simulated phishing, continuous dark web monitoring, security policies, ongoing analytics, and employee vulnerability assessment.

freeland
Download Presentation

Assessing Human Risk Factors - Proactively Preventing Data Breaches

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. PREPARATION – DELETE BEFORE MEETING • Fill in the following: • Slide 2: • Enter the “Presented By: Name, Title, Company” with your information • Replace the “Your Logo Here” logo with your company logo • Slide 3: • Fill this slide out with your personal information as well as your Company information • TIPS: • PRACTICE – run through the deck multiple times • Focus on the impact to their business, not the stats or the technology • Be relatable and have talking points • Don’t read right off the slides.

  2. ASSESSING THE HUMAN RISK FACTORSTAYING PROACTIVE PRESENTED BY: [NAME, TITLE, COMPANY]

  3. WHO AM I? • [Your name and job title] • [Brief speaker biography] • [Note some personal tidbits, get personal and real with your prospects] • One hobby or activity • [Company Name] • [Brief company biography] • Security-focused • We pride ourselves on helping small to mid-size businesses strengthen their security posture and protect them from cybertheft.

  4. PROACTIVELY PREVENTING A DATA BREACH Last time we met we discussed the dangers of the Dark Web and proceeded with a Phishing & Training Baseline Assessment • Results • Improvements • 5 Steps to a Successful Security Program • Strengthening Your Weakest Links • Next Steps

  5. HOW DID YOUR EMPLOYEES STACK UP? Your employees are opening the door for cybercriminals. A% If cybercriminals start to become less successful in one area, they find new ways to trick their victims. C/5 If your employees don’t take security seriously, it could be detrimental.

  6. 5 STEPS TO EFFECTIVE EMPLOYEE SECURITY Security Policies Simulated Phishing STEP STEP STEP STEP STEP Continuous Education Continuous Dark Web Monitoring Ongoing Analytics

  7. CONTINUOUS EDUCATION 48% of cybercriminals spend 1-5 hours per week keeping up with the latest trends. Why aren’t we doing the same? Humans learn on a continuous basis, once and done education isn’t enough. Cybercriminals start to become less successful in one area and must find new ways to trick their victims. Annual training is a great first step, but what they learn today may be forgotten in 6 months. The 2018 Nuix Black Report

  8. SIMULATED PHISHING Simulated phishing campaigns run monthly are the industry standard for effectively reducing your human-factor associated risks. 38% of successful phishing attacks lead to compromised accounts Cybercriminals target low-hanging fruit: humans 94% of malware is delivered via email Phishing is used because it WORKS. Humans are gullible and make mistakes. Without education, employees are sitting ducks.

  9. CONTINOUS DARK WEB MONITORING Data records are lost or stolen at alarming rates Breached accounts lead to phishing and the need of password change The sooner you know, the quicker you can react Monitoring the Dark Web can detect potential risks before they occur Identity Theft Resource Center, “Identity Theft: The Aftermath 2017”

  10. SECURITY POLICIES Security policies protect your organization’s critical information/intellectual property by clearly outlining employee responsibilities with regard to what information needs to be safeguarded and why. I DIDN’T KNOW I WASN’T SUPPOSED TO DO THAT… I FOUND MY PHONE! WHY DID YOU WIPE ALL MY PHOTOS?! POLICIES NEED TO BE ENFORCED IN ORDER TO BE EFFECTIVE. Security policies lower breaches. Large organizations have policies as a core piece of their security structure. https://linfordco.com/blog/information-security-policies/

  11. ONGOING ANALYTICS Importance of measuring success. Employees need to know where they stand, what their expectations are, progress is important, measurement = improvement Which employees pose the highest risk is critical  need insight into which employees need more help Reason why, need encouragement so they can do better Looking at the details graphic  magnifying glass Identity Theft Resource Center, “Identity Theft: The Aftermath 2017”

  12. EMPLOYEE VULNERABILITY ASSESSMENT (EVA) Transform your weakest links, into your strongest defenses Our Employee Secure Score is a standard measurement of comparison Interactive Leaderboards increase employee engagement Suggested next steps keep you improving Dark web data increases awareness both at work and at home Written security policies and a security risk assessmentallow you to provide a multitude of services in one portal! Test their retention with simulated phishing Weekly Micro-Training and Monthly Newsletters make up our continuous education

  13. WHICH EMPLOYEE IS THE WEAKEST LINK? • Compare each employee, watch their progress, and track who needs improvement . See which of your employees pose the highest risk to your organization. Create a security culture and stress the importance of sharing the cybersecurity responsibility. Setting standards and expectations for your employees helps stimulate growth.

  14. BREACH PREVENTION PLATFORM (BPP) Transform your weakest links into your strongest defenses! Benefits of a comprehensive security program Continuous Education & Monitoring Train like a cybercriminal: Learn the newest threats & monitor your accounts for new breaches. Unlimited Simulated Phishing We’ve got your baseline, now let’s watch that fail rate drop with weekly education & routine phishing! Security Policies & Analytics Cover your bases with security policies and strengthen your human defenses with EVA! 01 03 02

  15. NEXT STEPS • [PRICE STRUCTURE] Breach Prevention Program • Employee Vulnerability Assessment (EVA) • How-to guides make onboarding a breeze • Employee facing email template explaining your brand-new security program • What do I need from you? • Lead by example • Signed proposal agreement by [date] • Ongoing communication to discuss patterns and growth initiatives

More Related