1 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Data Breach Prevention and Response: Front-End Detection and Back-End Protection

2 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Today’s Moderator

Bruce MacDougall

Senior Vice President WGA

3 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

“If we do not act, we leave our nation vulnerable to protect the technologies that have unleashed untold opportunities for people around the globe.”

4 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

783 Data Breaches hit U.S. Business in 2014,a 27.5% increase over 2013.

5 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Known Attacks 2014-2015

Affecting 80 million peoplecosts $8 to $16 billion

$1b bank hack

6 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Latest Hack

• Earlier this month, Premera Blue Cross • Security breach that exposed medical and

financial information • 11 million customers • Most devastating cyber-attack in the health

care industry to date

7 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Response takes center stage• Prevention• Protection

Cyber Threats: What to expect in 2015

8 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Today’s Featured Speakers

Paul Morville John Doernberg

FounderVP Product Confer Technologies, Inc.

Vice President Cyber Practice LeaderWGA

9 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Front End Prevention

10 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Reporter: “Willie, why do you rob banks?”

Willie:“Because that’s where the money is.”

11 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Bank Robbers in 2015Evgeniy Bogachev$3M reward for his arrest

• Has stolen an estimated $100M• Recently went into hiding• Uses Zeus malware to steal banking

information

12 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Where is the money in 2015?

13 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Other motivations beyond money

Hacktivism Cybercrime

Espionage Cyber War?

14 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

All Kinds of Businesses Targeted

45% of breaches in the private sector are of companies with less than 1,000 employees

Source: 2014 Verizon Breach Investigations Report

15 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

• How do they operate? Attack endpoint?

16 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Confer – What We Do

16

CROWDSOURCED BLACKLIST

Combined power of50 antivirus engines

BEHAVIORAL ANALYTICS

Detect combinations of attacker

techniques that all attacks share

APPLIED INTELLIGENCE

Apply crowdsourced threat intelligence on

endpoint

LIGHTWEIGHT SENSOR

MOBILE PCS SERVERS

WINDOWS, MAC, ANDROID(IOS and LINUX Coming

Soon) The Confer Cloud

THREAT PREVENTIONStop advanced and zero day attacks

INCIDENT RESPONSEWho, what, when, where, and how?

APPLIED INTELAutomated threat sharing andintelligence-based protection

17 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Multi-Engine Approach Dramatically Improves Detection

Signatures

Static Behavioral Dynamic Behavioral

Signatures5%

Static Behavioral20%

Confer has > 99% Detection Rates

Plus, incident response and applied intelligence provide context and understanding

18 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Exceptionally Lightweight Sensor

CPU Disk Network

< 1% increaseover baseline

CPUutilization

< 1% increaseover baseline

disk I/O utilization

< 3.5MB datatransferred

per day

In comparison, leaving the CNN web page open for 60 seconds results in

10MB data transferred and dramatically higher CPU utilization

versus Confer

19 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Confer: Redefining Endpoint Security

• Lightweight and cloud-based: simple to deploy and use

• Multiplatform: Windows, Mac, Android, iOS, Linux

• Prevents advanced attacks AND simplifies incident response

20 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Back End Protection

21 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Board are showing more concern about cyber threats

• SEC pushing for board members to take greater responsibility for cyber risks

• Not all measures are technical (i.e. deciding which breach prevention measures should we adopt)

• Legal Compliance and Disclosure Issues

Governance Cyber Considerations

22 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Cyber Concern at Board Level – 74%

50%

24%

23%3%

How Concerned are Directors about data security?

Extremely Concerned ConcernedSlightly Concerned Not Concerned

According to a 2014 NYSE Corporate Governance/FTI Consulting research study

23 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Generally fall into three major categories:• Human Error• System Glitches• Criminal Attack

Causes of a Breach

Most frequent cause

Most costly

24 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Current Cyber Trends• Sony Pictures breach a reminder that (1) data loss is a major

exposure (the attackers wiped out much of the data on Sony’s network), and (2) employee privacy is a major exposure

• Anthem breach a reminder that (1) attackers can penetrate a network months before an attack is discovered (thought to have broken into network in April 2014) and (2) notification responsibilities aren’t always clear

• Renewed focus on healthcare and HIPAA/HITECH:– Breach notification requirement – State Attorney Generals can bring civil actions in federal court– Civil monetary penalties range from $50k-$100k per violation and $25k-

$1.5M in a calendar year

25 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Cost of a breach in U.S. $5.9m average

26 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Cost of dealing with a breach

• Forensic costs -- can be significant• Data loss -- Sony Pictures situation• Business interruption exposures

27 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Thinking within the NIST Framework

• What is your risk• What are your cyber security practices• Where do you want/need to be

28 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Risk Practices

• Distinction between privacy breach and network security breach

• Not all losses are technical • Can face significant cyber losses even if you

don't have a lot of PII or PHI

29 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

The role of cyber insurance

• Risk management and insurance drives behavioral change in the marketplace

• Mitigates loss by forcing insureds to assess the potential risk and their cyber defense mechanisms

30 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Response Plan

• Having the right players as initial responders• Practicing and revising • Transfer risk

31 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

A look at the insurance marketplace

• $2B estimated total premium for cyber insurance in 2014

• Survey of insurance brokers finds: – 61% say cyber is viewed in the top three most significant

business threats to their clients– But just 18% of brokers say over 40% of their clients have

some cyber liability coverage

32 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Insurance Trends

• Some carriers are reasonably flexible on coverage terms, others more cautious

• Some carriers increase or eliminate sublimits on first-party costs (forensics, notification, credit monitoring, legal)

• Firming prices in industries where carriers see greater exposure (healthcare and especially retail)

33 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

More information

• Overwhelming amount of information out there when it comes to data security and privacy

• No shortage of new Cyber Threats • WGA has launched an open-source online

forum to collect data • CyberRiskHub.com

34 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc.

Contact Information

Paul Morville Conferpaul@confer.net617.821.1341

John DoernbergWGAjdoernberg@wgains.com617.646.0336

Bruce MacDougallWGA bmacdougall@wgains.com617.646.0279

Thank you for joining us today

Confer Technologies http://www.confer.net/

WGAhttp://www.WGAins.com