Small Business Development Opportunity: Healthcare CyberSecurity
|
|
- Ross Shields
- 8 years ago
- Views:
Transcription
1 Small Business Development Opportunity: Healthcare CyberSecurity 1
2 TABLE OF CONTENT Sections Pages Healthcare Cybersecurity Background Issues 3 Market Analysis 5 Private Investment Activities 8 Health Technology Startup Development & Growth Process Market Analysis Business Model Business Plan Small Business Development Funding Options Small Business Innovation Research (SBIR) Maine Technology Institute (MTI) 9 10 About HealthTech Maine 13 2
3 Healthcare Cybersecurity Background Issues Healthcare Industry Problem Information security is one the most critical issues facing the healthcare industry. Cybersecurity, in fact, is a significant problem that seriously impacts the industry s patients, reputation and financial bottom line. Here are a few facts that demonstrate the harm: Medical records of more than 40 million Americans were breached in According to the Ponemon Institute, medical identity theft increased by nearly 22 percent, in 2014, which resulted an estimated $12 billion annual, unbudgeted cost to the healthcare industry. Between 2010 and 2014, approximately 37 million healthcare records were compromised in data breaches, but in the first 4 months of 2015 alone, more than 99 million healthcare records have been exposed through 93 separate attacks. For the first time, the majority of breach activity in healthcare has been a direct result of criminal behavior. 2 Data breaches cost the healthcare industry approximately $5.6 billion annually 3 A TransUnion Healthcare survey found that nearly seven out of 10 consumers would avoid a healthcare provider that has experienced a data breach. 4 In 2014, the FBI warned healthcare providers their cybersecurity systems are lax compared to other sectors, making them vulnerable to attacks by hackers searching for Americans' personal medical records and health insurance data. 5 1 Wedi- Cybersecurity Perspective on Cybersecurity in Healthcare HIMSS Cybersecurity Survey Executive Summary June 30, The Fourth Annual Benchmark Study on Patient Privacy and Data Security, Ponemon Institute 4 For healthcare companies, data security is a critical test, Gerry McCarthy, President of TransUnion Healthcare, July 17, FBI warns healthcare sector vulnerable to cyberattacks, Modern Healthcare, April 24 th
4 Why The Healthcare Industry Is An Attractive Target HealthTech Maine There are a number of reasons why hackers target healthcare organizations. Many hospitals, physician practices and health plans, for example, lack the security, governance or risk management to effectively detect, mitigate and prevent front-line cyber threats according to the Perspectives on Cybersecurity in Healthcare June 2015 report, produced by the Workgroup for Electronic Data Interchange (WEDI). Another more significant reason has to do with patient medical records: Hackers are able to get $20 per patient medical record, compared to $1 or $2 for an individual s credit card numbers on the black market. Finally, industry critics believe healthcare executives and decision makers have failed to regard cybersecurity as a strategic business priority in terms of spending the necessary money to protect their information systems; as noted in the WEDI report, Many healthcare organizations have not invested sufficiently in robust IT security measures that can protect and encrypt health data in electronic health record (EHR) systems, interfaces, repositories, databases, connected medical devices and personal devices. Healthcare Industry Response In responding to the growing threat of cybersecurity, the 2015 HIMSS Cybersecurity Survey reported, The majority of respondents (87 percent) also indicated that information security had increased as a business priority at their organizations over the past year, resulting in improvements to security posture, such as improvements to network security capabilities, endpoint protection, data loss prevention, disaster recovery and information technology (IT) continuity. The healthcare industry, at the same time, is expected to spend only $10 billion dollars worldwide by 2020, according to ABI Research, which represents less 10 percent of global spending on critical infrastructure security. Industry executives, in other words, recognize the seriousness of their problem, but they are not appropriating the necessary money to effectively combat the problem. The healthcare industry is also trying to recruit experienced cybersecurity professionals as a response. However, this strategy is providing to be a difficult challenge because of the shortage and pay demands of this talented group. Moreover, the healthcare industry must compete directly against other industries, e.g., finance and defense, which have a more successful track record of attracting and hiring cybersecurity professionals. 4
5 Market Analysis Cybersecurity Market Outlook According to market research firm Gartner, global spending on IT security is set to increase 8.2 percent in 2015 to $77 billion, and the world will spend $101 billion on information security in The online industry source, Cybersecurity Market Report, indicates the cyber security market will be worth $75.4 Billion in The cybersecurity market is estimated to grow to $ billion by 2019, at a Compound Annual Growth Rate (CAGR) of 10.3 percent from 2014 to 2019, according to a report from Markets and Markets. Cybersecurity for healthcare is still a small, fragmented market but the potential opportunities for expansion are large and will continue to grow as healthcare organizations increasingly come under cyberfire, says Michela Menting, ABI Research Digital Security Practice Director. Healthcare Industry Security Situation ABI Research s Cybersecurity Strategies for Critical Infrastructure Market Research: Hospitals, clinics, trusts, and insurers are constantly under attack from malicious online agents. And yet the industry spends very little on cybersecurity, comparatively to other regulated critical industries. The New England Journal of Medicine, Perspective, Cybersecurity in Health Care, July 31, 2014: Within the health care industry, 72% of recent malicious traffic, viruses, and similar attacks have been directed against hospitals, clinics, large group practices, and individual providers, with the remaining 28% being spread among provider organizations, health plans, pharmaceutical companies, and other entities. 5
6 A Compilation of Healthcare Industry Executive Survey Findings 2015 KPMG Healthcare Cybersecurity Survey: When asked about readiness in the face of a cyber-attack, 66 percent of execs at health plans said they were prepared, while only 53 percent of providers said they were ready. Malware, software designed to disrupt or gain access to private computer systems, is the most frequently reported line of attack during the past 12 to 24 months, according to 65 percent of survey respondents. Botnet attacks, where computers are hijacked to issue spam or attack other systems, and internal attack vectors, such as employees compromising security, were cited by 26 percent of respondents. The areas with the greatest vulnerabilities within an organization include external attackers (65 percent), sharing data with third parties (48 percent), employee breaches (35 percent), wireless computing (35 percent) and inadequate firewalls (27 percent) PwC Global State of Information SecuritySurvey 2015: When compared with last year, security spending over the next 12 months will? 62.19% Increase 25.61% Stay the same 12.2% Decrease 2015 Healthcare Tech Purchasing: Healthcare providers are on the lookout for better security products: Over 24% of the respondents are planning to make a purchase in Only 22% of hospital leaders are definitely renewing their existing product, which means there is an incredibly large replacement market in the world of data security HIMSS Cybersecurity Survey: 81% of respondents believe more innovative and advanced tools are needed to combat security threats. 6
7 Cybersecurity Market Snapshot Leading Industry Participating Companies IBM Intel Trend Micro Symantec Cisco Sophos Barracuda VMware Computer Sciences Corporation Security Market Segments The market is segmented into solutions such as identity and access management, risk and compliance management, encryption, data loss prevention, unified threat management, firewall, antivirus and antimalware, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), Security Information and Event Management (SIEM), disaster recovery, Distributed Denial of Service (DDoS) mitigation, and whitelisting. Healthcare Industry Landscape 2015 Healthcare Tech Purchasing report: The data security market currently has a few major power players and a lot of smaller contenders. There doesn t seem to be a vendor that is specifically dedicated to healthcare data security. Cisco is the largest vendor for hospitals with up to 500 beds McAfee leads among hospitals with beds VMware pulls into a tie with Cisco for hospitals with beds Most hospital executives at the largest facilities are unsure who they are currently using for data security 7
8 Private Investment Activity CB Insights reported that in the first half of 2015 investors poured in $1.2 billion into cybersecurity startups. In 2014, security startups brought in $2.3 billion in investor funding for the whole year. PrivCo, a private research firm, noted companies in the cybersecurity sector jumped by nearly 60 percent in early stage funding from 2012 to Cybersecurity Startups Acquiring Private Investment Company Technology Solution Description Bitglass Protenus Bitglass is a cloud security gateway that helps enterprises move to SaaS-based and mobile deployments securely. Their product detects inappropriate EMR access in real-time, with a focus on insider threats. By addressing unauthorized access at the moment of breach, the company s solution seeks to transform employee behavior to better protect patient privacy and minimize the risk of lawsuits, fines, and reputational damage. CloudLock CloudLock is a leading cloud data security company that provides enterprise class solutions designed to give organizations control over their data in the public cloud, without requiring invasive in-band technology, complicated overhead, or unanswered regulatory risk. E8 Security E8 Security helps enterprises analyze and detect advanced attacks and malicious insider activities. The company was founded by security experts (Google, Visa, Loglogic) with complementary skills and experience in threat modeling and big data. 8
9 Health Technology Startup Development & Growth Process A successful health technology startup development and growth process relies on entrepreneurs implementing three things: a thorough market analysis, a comprehensive business model and a practical business plan. These documents, in fact, provide health technology entrepreneurs with key information and data enabling the company to perform the following: (1) Develop a viable cybersecurity technology solution that meets an identified need; (2) Recognize and respond to the needs of potential buyers and users, e.g., hospitals, physician practices, or health plans; (3) Capture and utilize the company s competitive advantages; and (4) Articulate a cost-effective business operational strategy that results in keeping costs down, generating consistent revenues and earning profits. (2) Business Model (1) Market Analysis (3) Business Plan Your Health Technology Startup & Proposed Cybersecurity Solution: Incorporating and implementing a market analysis, a business model and a business plan to develop a novel cybersecurity solution and grow a successful small business. 9
10 Small Business Innovation Research (SBIR) Program Started at the National Science Foundation in 1982 and now includes eleven other participating federal agencies, SBIR is a small business development program. It encourages and enables health technology entrepreneurs to compete for research and development (R&D) non-dilutive seed capital to create market-driven novel medical technologies or healthcare IT solutions. The National Science Foundation (NSF) SBIR program offers small health technology startups the best opportunity to develop innovative cybersecurity technologies. Small health technology startups, through a competitive proposal submission process, can seek two rounds of SBIR R&D funding. The first round funding, $225,000, is used to determine the feasibility of a proposed cybersecurity technology concept; while the second round funding, $750,000, is used to produce a technology prototype. GigaShield USB Security Gigashield Inc., Dallas, TX NSF SBIR Funded Cybersecurity Projects Examples This Small Business Innovation Research (SBIR) project addresses the rapidly growing threats to endpoint security from attacks and data loss over USB. At present, virtually all USB security measures are located as software on the host or as a secured physical device. Neither of these approaches is truly capable of addressing the vulnerability as a whole - software solutions can be bypassed and a physical peripheral device cannot secure the data that is transmitted on the bus. The proposed technology is located next to the host, so it is capable of securing the entire bus. Our specific technical objectives include the construction of a security device capable of stopping representative attacks in the USB Threat Model that are not solved by existing solutions. Such a device would enable a disruptive improvement in the field of USB cybersecurity. The anticipated results for proposed project will be the development of the product for deployment to customers. The broader impact/commercial potential of this project would be a disruptive change to USB security. USB security has become critical for many organizations with secure networks, especially healthcare, financial, and defense institutions. 10
11 Immunizing Software Against Exploits and Malware Immunant, Inc., Irvine, CA HealthTech Maine The broader impact/commercial potential of this Small Business Innovation Research (SBIR) Phase I project will result from a reduced incidence of cyber-enabled crime and cyber-related industrial espionage. The company plans to accomplish this by transforming a unique, academically peer-reviewed idea into a production-grade software defense product. If successful, this project will produce robust and practical methods to automatically mitigate a broad class of software vulnerabilities that currently put millions of users and critical national infrastructure at risk. To accomplish these goals, the company will develop its capability to build state-ofthe-art software diversity solutions that are not only secure, but also practical and efficient. Specifically, the project will study and address challenges related to distribution and patching of diversified software as well as the need to hide the effects of diversity during automatic reporting of residual defects found in software after it has been released into production. The availability of practical software diversity techniques will open the door to industry adoption and offer software developers a cost-effective mechanism to improve product security. Security and Privacy: Passwords for Real People Neurocrypt, Bloomington, IN The broader impact/commercial potential of this Small Business Innovation Research (SBIR) Phase I project is to enable individuals and businesses to create and manage the plethora of passwords required by today's information infrastructure. The National Cyber Leap Year initiative identified the need to change the game in cybersecurity, increasing costs for attackers and easing the burdens of self-defense. A broader impact of the proposal is changing the game in favor of defenders, against password guessing or masquerade attacks. The company's technology builds on the human strengths of linguistic diversity and contextual memory to solve the core challenges of passwords: lack of entropy, reuse, and lack of contextualization. People are asked to create passwords without thinking of the domain name, the purpose, the word "password", or the keyboard in front of them. Thus people cannot secure their accounts. The high potential of commercial payback is the protection of personal and commercial assets. Aligning human behaviors and incentives is a promising approach in designing technologies to address social engineering - a problem that has proven intractable in the face of current education, awareness, and technological efforts. 11
12 Maine Technology Institute Maine health technology entrepreneurs, such as physicians, nurses, researchers, scientists, engineers, inventors and experienced healthcare professionals, are able to acquire Maine Technology Institute (MTI) grants to help grow a health technology startup and develop an innovative cybersecurity solution for the healthcare industry. For example, MTI offers TechStart $5,000 grants for startup and small business development activities. The TechStart grant is designed to help health technology entrepreneurs produce key strategic growth documents like a business plan. Startups can use a TechStart Grant to prepare a business plan The KickStarter $5,000 grant, for example, enables health technology startups to use the funding for the preparation and submission of a NSF Phase I SBIR proposal for the development of cybersecurity solutions. More specifically, the money can be used for hiring grant writers, subject matter experts, other consultants or purchasing market research reports needed to complete the proposal. Startups can use a Phase 0 KickStarter Grant to prepare a NSF SBIR Phase I Proposal 12
13 About HealthTech Maine HealthTech Maine is a private consulting firm providing small business development assistance to Maine's health technology entrepreneurs, such as physicians, nurses, researchers, scientists, inventors, engineers, technologists, and experienced healthcare professionals. In particular, we help health technology entrepreneurs formulate, start and build successful small health technology firms. We also help health technology entrepreneurs and eligible small businesses acquire Maine Technology Institute (MTI) and Small Business Innovation Research (SBIR) grants to produce innovative medical technologies or novel healthcare IT solutions for the U.S. and worldwide healthcare marketplaces. SBIR Proposal Development Service HealthTech Maine provides direct SBIR Phase I proposal development services. We work with clients to collect, analyze and apply the necessary information needed to complete each proposal section. We also work with successful, experienced National Science Foundation (NSF) and National Institutes of Health (NIH) SBIR Phase I proposal writers, editors and reviewers to ensure the proposal meet the standards for approval. Page 14 outlines our service approach and delivery process. Leadership & Experienced Professional HealthTech Maine was founded and developed by Mr. Darrell Williams, a Bates College graduate. Mr. Williams is an experienced small business development consultant and advisor. His professional experience includes providing consulting services to small Medical Technology and Healthcare IT firms. He has been involved in the SBIR program since From 1999 to 2004, Mr. Williams led US Small Business Administration (SBA) grant funded SBIR outreach activities for the Washington, DC metropolitan area. He is an award-winning US Small Business Administration (SBA) volunteer. Business Partners We partner with professionals who provide legal, marketing/public relations and proposal development services to our clients. For example, Dr. Laura Hales, Boston, MA -based Isis Group, provides consulting and communications services to the international scientific community. She is an experienced, successful National Science Foundation and National Institutes of Health SBIR Phase I proposal writer, editor and reviewer. She is also an established scientific and business consultant to start-up biotech companies and entrepreneurs. 13
14 Our Approach HealthTech Maine Business Development Assistance We help our clients with: Defining a technology concept that potentially solves a medical/healthcare problem Conducting market research and analysis for new technology development and small business growth Preparing business models and business plans that serve as small business strategic growth documents Preparing Small Business Innovation Research (SBIR) & Maine Technology Institute (MTI) grant proposals HealthTech Maine s business development services are based on: Maine Health Technology Startup Leadership involvement in SBIR program since 1999 Small business planning & market analysis experience, knowledge and skills Publisher of healthcare market segment briefs that illustrate industry small business development opportunities. Partnership with experienced, successful SBIR Phase I proposal writers, editors and reviewers Access to business, healthcare/medical industry and scientific/technical information databases and research materials used to prepare business growth documents, e.g., business plans, and grant proposals. Contact Person: Mr. Darrell Williams, (207) or Darrell@healthtechmaine.com. Contact Mr. Williams today and learn how HealthTech Maine can help you succeed. 14
HealthTech Maine. Three Healthcare Business Development Opportunities
With numerous business development opportunities available to exploit in the U.S. $2.8 trillion dollars New Health Economy, HealthTech Maine has identified three emerging growth sectors offering Maine
More informationPhone: +44 20 8123 2220 Fax: +44 207 900 3970 office@marketpublishers.com https://marketpublishers.com
Cyber Security Market by Solution (IAM, Encryption, DLP, Risk and Compliance Management, IDS/IPS, UTM, Firewall, Antivirus/Antimalware, SIEM, Disaster Recovery, DDOS Mitigation, Web Filtering, and Security
More informationPerspectives on Cybersecurity in Healthcare June 2015
SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright
More informationCyber Security Market by Solution - Global Forecast to 2020
Brochure More information from http://www.researchandmarkets.com/reports/3287011/ Cyber Security Market by Solution - Global Forecast to 2020 Description: 'Cyber Security Market by Solution (IAM, Encryption,
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationCyber Security Solutions:
ThisIsCable for Business Report Series Cyber Security Solutions: A Sampling of Cyber Security Solutions Designed for the Small Business Community Comparison Report Produced by BizTechReports.com Editorial
More informationCyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community
Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community A Sampling of Cyber Security Solutions Designed for the
More informationAnatomy of a Healthcare Data Breach
BUSINESS WHITE PAPER Anatomy of a Healthcare Data Breach Prevention and remediation strategies Anatomy of a Healthcare Data Breach Table of Contents 2 Increased risk 3 Mitigation costs 3 An Industry unprepared
More informationHealthcare Analytics: Small Business Development Opportunities
Healthcare Analytics: Small Business Development Opportunities 1 P a g e TABLE OF CONTENT Sections Pages Healthcare Analytics Overview 3 Market Analysis 4 Private Investment Activities 8 Business Formation
More informationSmall Business Development Opportunity: Population Health Management
Small Business Development Opportunity: Population Health Management 1 P a g e TABLE OF CONTENT Sections Pages Population Health Management (PHM) Concept 3 Market Analysis 5 Small Business Development
More informationSome Perspectives On Cybersecurity. Shernon Osepa Manager Regional Affairs Latin America & Caribbean www.internetsociety.org
Some Perspectives On Cybersecurity Shernon Osepa Manager Regional Affairs Latin America & Caribbean www.internetsociety.org Agenda What is the Internet Society (ISOC) On the IETF Cyber Security Themes
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationCyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013
Cyber Security and Information Assurance Controls Prevention and Reaction 1 About Enterprise Risk Management Capabilities Cyber Security Risk Management Information Assurance Strategic Governance Regulatory
More informationSeamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.
Seamless Mobile Security for Network Operators Build a secure foundation for winning new wireless services revenue. New wireless services drive revenues. Faced with the dual challenges of increasing revenues
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationBuilding a Business Case:
Building a Business Case: Cloud-Based Security for Small and Medium-Size Businesses table of contents + Key Business Drivers... 3... 4... 6 A TechTarget White Paper brought to you by Investing in IT security
More informationLogging In: Auditing Cybersecurity in an Unsecure World
About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that
More information2012 Endpoint Security Best Practices Survey
WHITE PAPER: 2012 ENDPOINT SECURITY BEST PRACTICES SURVEY........................................ 2012 Endpoint Security Best Practices Survey Who should read this paper Small and medium business owners
More informationCGI Cyber Risk Advisory and Management Services for Insurers
CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their
More informationCyber-Security Risk in the Global Organization:
Cyber-Security Risk in the Global Organization: Trends, Challenges and Strategies for Effective Management David Childers, CCEP, CIPP CEO, Compli Todd Carroll Assistant Special Agent in Charge, FBI Three
More informationEndpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014
Endpoint & Server Protection Brent Biernat First Vice President Network Services May 13, 2014 The Evolution of Cyber Crime 1878 Bell Telephone Teenage Switchboard Operator Disconnected calls, eavesdropped,
More informationWorldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares
EXCERPT Worldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares IN THIS EXCERPT Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015
More informationCyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties
Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Pamela Passman President and CEO Center for Responsible Enterprise And Trade (CREATe.org)
More informationProtecting Your Data, Intellectual Property, and Brand from Cyber Attacks
White Paper Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks A Guide for CIOs, CFOs, and CISOs White Paper Contents The Problem 3 Why You Should Care 4 What You Can Do About It
More informationIndustrial Cyber Security. Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities
Industrial Cyber Security Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities WE HEAR ABOUT CYBER INCIDENTS EVERY DAY IN THE NEWS, BUT JUST HOW RELEVANT ARE THESE
More informationTake back the initiative
Take back the initiative IT S TIME TO FOCUS ON OUTCOMES. NOT TOOLS. CEO VANTAGE POINT CHRIS DRAKE FOUNDER & CEO ARMOR @ARMOR ARMOR.COM PAGE PAGE 1 1 A prologue: defending the chocolate makers Imagine any
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationTestimony of PETER J. BESHAR. Executive Vice President and General Counsel. Marsh & McLennan Companies
Marsh & McLennan Companies, Inc. 1166 Avenue of the Americas New York, NY 10036 +1 212 345 5000 Fax +1 212 345 4808 Testimony of PETER J. BESHAR Executive Vice President and General Counsel Marsh & McLennan
More informationData Breach Lessons Learned. June 11, 2015
Data Breach Lessons Learned June 11, 2015 Introduction John Adams, CISM, CISA, CISSP Associate Director Security & Privacy 410.707.2829 john.adams@protiviti.com Powerful Insights. Proven Delivery. Kevin
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationU. S. Attorney Office Northern District of Texas March 2013
U. S. Attorney Office Northern District of Texas March 2013 What Is Cybercrime? Hacking DDOS attacks Domain name hijacking Malware Other computer related offenses, i.e. computer and internet used to facilitate
More informationRetail Security: Enabling Retail Business Innovation with Threat-Centric Security.
Retail Security: Enabling Retail Business Innovation with Threat-Centric Security. 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco public information. (1110R) 1 In the past
More informationIs the PCI Data Security Standard Enough?
Is the PCI Data Security Standard Enough? By: Christina M. Freeman ICTN 6870 Advanced Network Security Abstract: This paper will present the researched facts on Payment Card Industry Data Security Standard
More informationHEALTH CARE AND CYBER SECURITY:
HEALTH CARE AND CYBER SECURITY: Increasing Threats Require Increased Capabilities kpmg.com 1 HEALTH CARE AND CYBER SECURITY EXECUTIVE SUMMARY Four-fifths of executives at healthcare providers and payers
More informationChoose Your Own - Fighting the Battle Against Zero Day Virus Threats
Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats 1 of 2 November, 2004 Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats Choose Your Weapon: Fighting the Battle
More informationAfrica Cyber Security Market by Solution, by Service, by Verticals, by Country - Global forecast to 2020
Brochure More information from http://www.researchandmarkets.com/reports/3281044/ Africa Cyber Security Market by Solution, by Service, by Verticals, by Country - Global forecast to 2020 Description: Africa
More informationPractice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited
Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident
More informationTop five strategies for combating modern threats Is anti-virus dead?
Top five strategies for combating modern threats Is anti-virus dead? Today s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce.
More informationAccess is power. Access management may be an untapped element in a hospital s cybersecurity plan. January 2016. kpmg.com
Access is power Access management may be an untapped element in a hospital s cybersecurity plan January 2016 kpmg.com Introduction Patient data is a valuable asset. Having timely access is critical for
More informationDOWNTIME BREACHES DATA LOSS. SYMANTEC TECHNICAL SERVICES HELP YOU AVOID THEM.
DOWNTIME BREACHES DATA LOSS. SYMANTEC TECHNICAL SERVICES HELP YOU AVOID THEM. Symantec Technical Services 2015 Symantec Corporation. All rights reserved. Go ahead, you ve got There s More to Protect By
More informationFirst Line of Defense to Protect Critical Infrastructure
RFI SUBMISSION First Line of Defense to Protect Critical Infrastructure Developing a Framework to Improve Critical Infrastructure Cybersecurity Response to NIST Docket # 130208119-3119-01 Document # 2013-044B
More informationEY Cyber Security Hacktics Center of Excellence
EY Cyber Security Hacktics Center of Excellence The Cyber Crime Underground Page 2 The Darknet Page 3 What can we find there? Hit men Page 4 What can we find there? Drug dealers Page 5 What can we find
More informationIBM Global Small and Medium Business. Keep Your IT Infrastructure and Assets Secure
IBM Global Small and Medium Business Keep Your IT Infrastructure and Assets Secure Contents 2 Executive overview 4 Monitor IT infrastructure to prevent malicious threats 5 Protect IT assets and information
More informationCYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS
CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations
More informationNew York State Department of Financial Services. Report on Cyber Security in the Insurance Sector
New York State Department of Financial Services Report on Cyber Security in the Insurance Sector February 2015 Report on Cyber Security in the Insurance Sector I. Introduction Cyber attacks against financial
More informationStaying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro
Staying Secure After Microsoft Windows Server 2003 Reaches End of Life Trevor Richmond, Sales Engineer Trend Micro Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock)
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationCyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats
Cyber4sight TM Threat Intelligence Services Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats Preparing for Advanced Cyber Threats Cyber attacks are evolving faster than organizations
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationSecurity and Privacy of Electronic Medical Records
White Paper Security and Privacy of Electronic Medical Records McAfee SIEM and FairWarning team up to deliver a unified solution Table of Contents Executive Overview 3 Healthcare Privacy and Security Drivers
More informationHealthcare Security: Improving Network Defenses While Serving Patients
White Paper Healthcare Security: Improving Network Defenses While Serving Patients What You Will Learn Safeguarding the privacy of patient information is critical for healthcare providers. However, Cisco
More informationNine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity
Nine recommendations for alternative funds battling cyber crime kpmg.ca/cybersecurity Cyber criminals steal user names and passwords and use it to conduct financial trading activity illicitly. Hackers
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationHow are we keeping Hackers away from our UCD networks and computer systems?
How are we keeping Hackers away from our UCD networks and computer systems? Cybercrime Sony's Hacking Scandal Could Cost The Company $100 Million - http://www.businessinsider.com/sonys-hacking-scandal-could-cost-the-company-100-million-2014-12
More informationState of Security Survey GLOBAL FINDINGS
2011 State of Security Survey GLOBAL FINDINGS CONTENTS Introduction... 4 Methodology... 6 Finding 1: Cybersecurity is important to business... 8 Finding 2: The drivers of security are changing... 10 Finding
More informationA BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper
A BUSINESS CASE FOR BEHAVIORAL ANALYTICS White Paper Introduction What is Behavioral 1 In a world in which web applications and websites are becoming ever more diverse and complicated, running them effectively
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationCisco Cyber Threat Defense Solution: Delivering Visibility into Stealthy, Advanced Network Threats
Solution Overview Cisco Cyber Threat Defense Solution: Delivering Visibility into Stealthy, Advanced Network Threats What You Will Learn The network security threat landscape is ever-evolving. But always
More informationPerceptions About Network Security Survey of IT & IT security practitioners in the U.S.
Perceptions About Network Security Survey of IT & IT security practitioners in the U.S. Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2011 Ponemon
More informationData Security. So many businesses leave their data exposed, That doesn t mean you have to. 2014 Computerbilities, Inc.
Data Security So many businesses leave their data exposed, That doesn t mean you have to. 2014 Computerbilities, Inc. Table of Contents: 1. Introduction 3 2. Cybersecurity: The loopholes in the system
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationHope for the best, prepare for the worst:
Hope for the best, prepare for the worst: Why your customers will demand self-service back-up Presented by Ridley Ruth, COO Breaking News Yahoo email Accounts were hacked in Jan 2014 (Washington Post)
More informationThe SMB Cyber Security Survival Guide
The SMB Cyber Security Survival Guide Stephen Cobb, CISSP Security Evangelist The challenge A data security breach can put a business out of business or create serious unbudgeted costs To survive in today
More informationCDW-G Federal Cybersecurity Report: Danger on the Front Lines. November 2009. 2009 CDW Government, Inc.
CDW-G Federal Cybersecurity Report: Danger on the Front Lines November 2009 2009 CDW Government, Inc. 1 Table of Contents Introduction 3 Key Findings 4 The Threats 5 Frequent Threats 6 Persistence and
More informationDoyourwebsitebot defensesaddressthe changingthreat landscape?
WHITEPAPER Doyourwebsitebot defensesaddressthe changingthreat landscape? Don tletbotsturnaminorincident intoamegasecuritybreach 1.866.423.0606 Executive Summary The website security threat landscape has
More informationHealthcare Cybersecurity Perspectives from the Michigan Healthcare Cybersecurity Council
Healthcare Cybersecurity Perspectives from the Michigan Healthcare Cybersecurity Council Presented by Doug Copley, Chairman Michigan Healthcare Cybersecurity Council Mr. Chairman and Committee Members,
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationTop Five Ways to Protect Your Network. A MainNerve Whitepaper
A MainNerve Whitepaper Overview The data security challenges within the business world have never been as challenging as they are today. Not only must organizations providers comply with stringent State
More informationFederal Cyber Security Outlook for 2010
Federal Cyber Security Outlook for 2010 National IT Security Challenges Mounting How well prepared are IT professionals within U.S. government agencies to respond to foreign cyber threats? Will government
More informationCYBER SECURITY, A GROWING CIO PRIORITY
www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------
More informationDesign Your Security
Design Your Security We build tailored, converged security for you. converged Technology. Strategy. People. The synergetic collaboration. agile Hackers sleep - we don t. We re ready whenever, wherever.
More informationOVERVIEW. Enterprise Security Solutions
Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s
More informationDESIGN YOUR SECURITY. We build tailored, converged security for you. Technology. Strategy. People. The synergetic collaboration.
converged DESIGN Technology. Strategy. People. The synergetic collaboration. YOUR SECURITY agile Hackers sleep - we don t. We re ready whenever, wherever. We build tailored, converged security for you.
More informationData Center security trends
Data Center security trends Tomislav Tucibat Major accounts Manager, Adriatic Copyright Fortinet Inc. All rights reserved. IT Security evolution How did threat market change over the recent years? Problem:
More informationAre you prepared to be next? Invensys Cyber Security
Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber
More informationThe Role of Security Monitoring & SIEM in Risk Management
The Role of Security Monitoring & SIEM in Risk Management Jeff Kopec, MS, CISSP Cyber Security Architect Oakwood Healthcare Jeff Bell, CISSP, GSLC, CPHIMS, ACHE Director, IT Security & Risk Services CareTech
More informationINFORMATION PROTECTED
INFORMATION PROTECTED Symantec Protection Suite Effective, comprehensive threat protection Safeguarding your organization s business-critical assets in today s ever-changing threat landscape has never
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationSecurity for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape
White Paper Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape Financial services organizations have a unique relationship with technology: electronic data and transactions
More informationHow To Build Security By Silo
Leading The World Into Connected Security Building Security By Silo Technology Acquisition Process Has Delivered Security Chaos Endpoint Protection Firewall Gateway Security Network IPS Compliance Data
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationCybersecurity and Hospitals. What Hospital Trustees Need to Know About Managing Cybersecurity Risk and Response
Cybersecurity and Hospitals What Hospital Trustees Need to Know About Managing Cybersecurity Risk and Response This resources was prepared exclusively for American Hospital Association members by Mary
More informationWRITTEN TESTIMONY OF
WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you
More informationNew Devices Mean New Risks: The Potential for Liability When Software is a Component of Medical Devices. September 25, 2013
New Devices Mean New Risks: The Potential for Liability When Software is a Component of Medical Devices September 25, 2013 The Hartford Insuring Innovation Joe Coray Dan Silverman Providing insurance solutions
More informationAsset Management Equity Business Security, Safety & Protection Industry
Asset Management Equity Business Security, Safety & Protection Industry September 2014 Dear Reader, IT security industry: Update and overview Despite billions of dollars having been spent over the past
More informationCyber Security and the Board of Directors
Helping clients build operational capability in cyber security. A DELTA RISK VIEWPOINT Cyber Security and the Board of Directors An essential responsibility in financial services About Delta Risk is a
More informationWEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World
Securing Your Web World WEBTHREATS Constantly Evolving Web Threats Require Revolutionary Security ANTI-SPYWARE ANTI-SPAM WEB REPUTATION ANTI-PHISHING WEB FILTERING Web Threats Are Serious Business Your
More informationSMALL BUSINESS PRESENTATION
STOP.THINK.CONNECT NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION ABOUT STOP.THINK.CONNECT. In 2009, President Obama issued the Cyberspace Policy Review, which tasked the Department
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationCyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist
Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationGlobal Corporate IT Security Risks: 2013
Global Corporate IT Security Risks: 2013 May 2013 For Kaspersky Lab, the world s largest private developer of advanced security solutions for home users and corporate IT infrastructures, meeting the needs
More informationRETHINKING CYBER SECURITY Changing the Business Conversation
RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.
More informationThe Impact of Cybercrime on Business
The Impact of Cybercrime on Business Studies of IT practitioners in the United States, United Kingdom, Germany, Hong Kong and Brazil Sponsored by Check Point Software Technologies Independently conducted
More informationSMB Data Breach Risk Management Best Practices. By Mark Pribish February 19, 2015
SMB Data Breach Risk Management Best Practices By Mark Pribish February 19, 2015 Presentation Agenda About Mark Pribish Information Governance The Threat Landscape Data Breach Trends Legislative and Regulatory
More informationCYBER EXPOSURES OF SMALL AND MIDSIZE BUSINESSES A DIGITAL PANDEMIC. October 2014. Sponsored by:
CYBER EXPOSURES OF SMALL AND MIDSIZE BUSINESSES A DIGITAL PANDEMIC October 2014 Cyber Exposures of Small and Midsize Businesses A digital pandemic Executive Summary Gone are the days when data breaches,
More information