Protect Your Digital Information: Cybersecurity Essentials

Tom Stamulis Owner & Managing Director True North Group

Agenda• Why is Cybersecurity Important? • Who Wants Your Data? • What Data Do They Want • Top Techniques To Steal Your

Data • Myth vs. Reality? • Steps You Can Take

Thomas Stamulis Owner & Managing Director, True North Group

• 20-year U.S. Army veteran Counterintelligence Agent

• Over 25 years in the cybersecurity industry

• Co-Managed a cybersecurity program with over 35M in annual revenue to over 130 companies and 490 global sites

• Founded True North Group in 2019

Experience

• Senior-level cybersecurity positions at:

Previous Positions

BS Cybersecurity Policy & Management University of Maryland, University College

Education

• Previous positions in U.S. Army & Big-4 Professional Service Firms (PwC & KPMG)

Cybersecurity is here to Stay

Who Wants Your Data?

Travelers Insurance Company

What Data do they Want

• PHI - Protected Health Information • Health & Medical Records of patients and employees

• PCI - Payment Card Information • Credit & Debit Card Accounts Numbers

• PII - Personally Identifiable Information • Names, addresses, phone, SSN, etc.

• Intellectual Property • Marketing Strategies, Manufacturing Processes, Trade

Secrets and other non-public information • Other Proprietary Information

• Including Business Partner Information and Client Data

Top Techniques to Steal Data

• Criminal Hacking - 45% • Human Error - 22% • Social Engineering - 22% • Malware - 17% • Unauthorized Use - 8% • Physical Actions - 4%

2020 Verizon Data Breach Report

Myth or Reality

58% of cyber attack victims are small and medium businesses

Industry regulations are the bare minimum security controls

Software alone won’t protect your IT infrastructure

Anti-virus & Anti-malware are enough to

keep us safe

We are compliant with our industry regulations

and that’s enough

Cybercriminals don’t target small and

medium businesses

We have never had a cyberattack, our security

is strong enough

Cyber threats become more complex. It’s not

if, but when

Myth Fact

Myth or Reality

Modern malware and hacking techniques make it difficult to

Cybersecurity is an ongoing, new threats

are released daily

Insider threats are just as likely and harder to

detect

Cybersecurity threats only come from outside

your organization

Complete cybersecurity can be achieved

You’ll know immediately if your company is

breached

Cybersecurity is the IT department’s responsibility

All employees are responsible to help keep the company protected

Myth Fact

Complex Passwords Really Work

Steps You Can Take to Protect Your Business• Get Professional Help

• The SBDC offers no cost cybersecurity consultation • Inventory Your Assets and Data

• You can’t protect what you don’t know • Install a Firewall to Protect Your Network

• A Firewall is the front door to your home • Encrypt all Devices

• If your data is encrypted, you only lose a device • Back up, Back up & Back up

• If you don’t backup, don’t bother securing your data

Steps You Can Take to Protect Your Business• Regularly install updates and upgrades

• It’s the easiest way to protect your devices & it’s free • Train Your Employees

• Turn employees from a security liability to a security asset • Control physical access to your computers

• If I can get to it, I can steal it • Limit Employee Access to Data

• Tight controls over access, limit insider threat damage • Use Strong Passwords and Multi-Factor Authentication

• Require unique and complex passwords with MFA

Questions?

Additional Resources• FTC - Small Business Advice

• https://www.ftc.gov/tips-advice/business-center/small-businesses

• Windows 10 Upgrade

• https://www.zdnet.com/article/heres-how-you-can-still-get-a-free-windows-10-upgrade/

• Free Antivirus Vendors

• https://www.digitaltrends.com/computing/best-free-antivirus-software/

• Free Security Awareness Training

• https://go.kaspersky.com/stay_secure_course.html

• The Best VPN Service of 2020

• https://www.techradar.com/vpn/best-vpn

• 10 Best Hardware Firewalls for Home and Small Business Networks (2020)

• https://www.networkstraining.com/best-hardware-firewalls-for-home-small-business/