SlideShare una empresa de Scribd logo

The Unseen Enemy - Protecting the Brand, the Assets and the Customers

BDO_Consulting
BDO_Consulting

Michael Barba and Jeff Hall discuss the most pressing cyber-threats facing retailers and what companies can do in the event of a cyber breach, data loss or claim. Mr. Barba is a managing director and Mr. Hall is a senior manager with BDO Consulting.

EmpresarialesTecnología
1 de 18
Descargar para leer sin conexión
THE UNSEEN ENEMY PROTECTING THE BRAND, THE ASSETS AND THE CUSTOMERS
Technology – Connecting the world…  9 billon connected devices predicted to rise to 24 billion by 2020  If Facebook were a country, it would be the 3rd largest in the world  Facebook kicks off over 1000 users per day because they are too young  In 2011, more video was uploaded to YouTube in a two month time period than if ABC, CBS, and NBC had been airing new content 24/7/365 since: 1948 Page 2
In the News Page 3
Recent Studies  2013 Trustwave Global Security Report • Retail industry made up 45% of data breach investigations studied (15% increase from 2011) • E-commerce sites were #1 targeted asset, accounting for 48% of all investigations  Symantec • Cumulative bill for cyber crimes in 24 countries totaled $388 billion last year • 431 million adults experienced some form of cyber crime last year, equating to nearly 1.2 million people per day or 14 per second Page 4
Why Should Retailers Be Concerned?  Retail industry is now the top target for cybercriminals  Annual U.S. retail e-commerce spending has surged 143% since 2004 to $161.52 billion last year. In fact, a report from IRMG indicates that internet/mobile shopping increased 15% in 2013.  Early estimates indicate that 20% of the upcoming holiday sales will be online  E-commerce attacks are emerging as a growing trend, surpassing the amount of point-of-sale attacks  Financial cost of a cyber attack is higher for businesses that sell products on the front-end, such as retailers  The SEC is pushing to require that companies disclose data breaches in their financial statements Page 5
What Must Retailers Protect? Page 6 Credit card information Private employee data Intellectual Property Customer Information Reputation and good will Confidential business information
How Breaches Occur Criminal Act by Outsider Vendor Error Human Error Page 7 Technology Failure Employee Misconduct
Case Studies Resource: Retail Fail: Walmart, Target Fared Worst In Def Con Social Engineering Contest Page 8
What are the options for handling the risk? Retain Allocate Transfer Page 9 Keep the risk within the organization Involve counsel to shift risk to suppliers and business partners Transfer the risk to another entity
Types of Insurable Risks Third Party Page 10 First Party
Costs  Types • Hard • Soft • Time  Retail companies see much more significant costs around cyber attacks  According to Neustar’s May 2012 report: • 65% of businesses said a site outage would cost them up to $10,000 an hour • 21% said it would cost $50,000/hour • 13% would lose $100,000/hour Page 11
What Do You Know About Your Data?  Location • Cloud • Physical environment • Is your data co-located?  Service Level Agreements • Breach notification  Law enforcement considerations need to be considered and addressed: • Requests to maintain secrecy or limit knowledge • Maintaining control of the investigation  Communications with insurers presumably are not privileged Page 12
Actions Following a Breach Functional Steps Deploy Preserve Identify Notify DEPLOY AN INCIDENT RESPONSE TEAM PRESERVE SYSTEM LOGS  IT Director  CIO  Human Resources  Legal  Internal or external security experts  Date, time, duration, and location of Page 13 breach
Actions Following a Breach (Continued) Functional Steps Deploy Preserve Identify IDENTIFY THE FOLLOWING NOTIFY  How was the breach discovered?  By whom?  Any additional details: • Entry and exit points • Compromised systems • Data deleted vs. modified vs.  Public relations  Insurance carrier viewed  Identify and understand details of the affected data Page 14 Notify
Insurance Recovery Considerations in the Face of a Security Breach or Data Loss or Claim  Timely notice of claim (claims made and reported?)  Involvement of counsel (internal & external) to review how coverage may respond. Consent to incur prudent or necessary expenses may be required: • Costs of crisis stage or legal compliance such as breach notification, credit monitoring, call center, forensics are vast majority of the expense on per record figures ($194 /record) • Defense expenses (private claims, regulatory claims)  Communications with insurers presumably are not privileged  “Labeling” of first party costs/categorization Page 15
Who Provides Services Around Cyber Risk? Preventative/ Proactive Assessment Technology/ Data Analytics Legal Page 16 Data Hosting/ Monitoring Forensic Accounting Public Relations
CONTACT Michael Barba, CISSP, CPP, DFCP, CNE, EnCE Managing Director, BDO USA, LLP mbarba@bdo.com 212-885-8120 Jeff Hall Senior Manager, BDO USA, LLP jhall@bdo.com 212-885-7339 Page 17
BDO is the brand name for BDO USA, LLP, a U.S. professional services firm providing assurance, tax, financial advisory and consulting services to a wide range of publicly traded and privately held companies. For more than 100 years, BDO has provided quality service through the active involvement of experienced and committed professionals. The firm serves clients through more than 40 offices and more than 400 independent alliance firm locations nationwide. As an independent Member Firm of BDO International Limited, BDO serves multinational clients through a global network of 1,204 offices in 138 countries. BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. www.bdo.com To ensure compliance with Treasury Department regulations, we wish to inform you that any tax advice that may be contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding tax-related penalties under the Internal Revenue Code or applicable state or local tax or (ii) promoting, marketing or recommending to another party any tax-related matters addressed herein. Material discussed in this publication is meant to provide general information and should not be acted on without professional advice tailored to your individual needs. © 2013 BDO USA, LLP. All rights reserved. www.bdo.com Page 18

Recomendados

George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonnORagh
 
Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Shufti Pro
 
Accounting
AccountingAccounting
Accountingjerryrabin
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingIJSRED
 
3 ways to respond to a records request
3 ways to respond to a records request3 ways to respond to a records request
3 ways to respond to a records requestSmarsh
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementGrant Thornton LLP
 
Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesEchoworx
 

Recomendados

George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonnORagh
 
Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Shufti Pro
 
Accounting
AccountingAccounting
Accountingjerryrabin
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingIJSRED
 
3 ways to respond to a records request
3 ways to respond to a records request3 ways to respond to a records request
3 ways to respond to a records requestSmarsh
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementGrant Thornton LLP
 
Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesEchoworx
 
Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...Smarsh
 
Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Aspiration Software LLC
 
Data Breach White Paper
Data Breach White PaperData Breach White Paper
Data Breach White Paperspencerharry
 
FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015Smarsh
 
Smarsh social media in investment banking
Smarsh social media in investment bankingSmarsh social media in investment banking
Smarsh social media in investment bankingSmarsh
 
Cyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation GianinoCyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation Gianino-Gianino Gino Prieto -Dynamic Connector -Insurance Strategist
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!tomciolkosz
 
Article global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wrightArticle global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wrightPaul Wright MSc
 
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud SummitThe Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud SummitShawn Tuma
 
Ppt by
Ppt by Ppt by
Ppt by hilalmir
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskWilliam Gamble
 
The Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a SymptomThe Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a Symptommercatoradvisory
 
Emerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your CompanyEmerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your CompanyIAB Canada
 
employee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityemployee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityPaul Ferrillo
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsThe Economist Media Businesses
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilityDFickett
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfMoney 2Conf
 
Effective Negative News Screening
Effective Negative News ScreeningEffective Negative News Screening
Effective Negative News ScreeningTransparINT, LLC
 
Forensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPForensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPMonica Klunk
 
BDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market MonitorBDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market MonitorBDO Spain
 
Informe de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta direcciónInforme de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta direcciónBDO Spain
 
Showcase BDO global websites
Showcase BDO global websitesShowcase BDO global websites
Showcase BDO global websitesTrueLime
 

Más contenido relacionado

La actualidad más candente

Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...Smarsh
 
Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Aspiration Software LLC
 
Data Breach White Paper
Data Breach White PaperData Breach White Paper
Data Breach White Paperspencerharry
 
FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015Smarsh
 
Smarsh social media in investment banking
Smarsh social media in investment bankingSmarsh social media in investment banking
Smarsh social media in investment bankingSmarsh
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!tomciolkosz
 
Article global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wrightArticle global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wrightPaul Wright MSc
 
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud SummitThe Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud SummitShawn Tuma
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskWilliam Gamble
 
The Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a SymptomThe Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a Symptommercatoradvisory
 
Emerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your CompanyEmerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your CompanyIAB Canada
 
employee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityemployee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityPaul Ferrillo
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsThe Economist Media Businesses
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilityDFickett
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfMoney 2Conf
 
Effective Negative News Screening
Effective Negative News ScreeningEffective Negative News Screening
Effective Negative News ScreeningTransparINT, LLC
 

La actualidad más candente (18)

Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...
 
Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)
 
Data Breach White Paper
Data Breach White PaperData Breach White Paper
Data Breach White Paper
 
FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015
 
Smarsh social media in investment banking
Smarsh social media in investment bankingSmarsh social media in investment banking
Smarsh social media in investment banking
 
Cyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation GianinoCyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation Gianino
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
 
Article global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wrightArticle global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wright
 
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud SummitThe Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
 
Ppt by
Ppt by Ppt by
Ppt by
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
 
The Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a SymptomThe Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a Symptom
 
Emerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your CompanyEmerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your Company
 
employee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityemployee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurity
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next steps
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liability
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2Conf
 
Effective Negative News Screening
Effective Negative News ScreeningEffective Negative News Screening
Effective Negative News Screening
 

Destacado

Forensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPForensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPMonica Klunk
 
BDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market MonitorBDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market MonitorBDO Spain
 
Informe de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta direcciónInforme de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta direcciónBDO Spain
 
Showcase BDO global websites
Showcase BDO global websitesShowcase BDO global websites
Showcase BDO global websitesTrueLime
 
BDO showcase
BDO showcase BDO showcase
BDO showcase TrueLime
 
BDO Forensic Services
BDO Forensic ServicesBDO Forensic Services
BDO Forensic ServicesBDO Indonesia
 
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...BDO IT Solutions
 
How to Manage Scope Change in Your Next Project | BDO Connections 2016
How to Manage Scope Change in Your Next Project | BDO Connections 2016How to Manage Scope Change in Your Next Project | BDO Connections 2016
How to Manage Scope Change in Your Next Project | BDO Connections 2016BDO IT Solutions
 

Destacado (8)

Forensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPForensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLP
 
BDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market MonitorBDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market Monitor
 
Informe de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta direcciónInforme de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta dirección
 
Showcase BDO global websites
Showcase BDO global websitesShowcase BDO global websites
Showcase BDO global websites
 
BDO showcase
BDO showcase BDO showcase
BDO showcase
 
BDO Forensic Services
BDO Forensic ServicesBDO Forensic Services
BDO Forensic Services
 
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
 
How to Manage Scope Change in Your Next Project | BDO Connections 2016
How to Manage Scope Change in Your Next Project | BDO Connections 2016How to Manage Scope Change in Your Next Project | BDO Connections 2016
How to Manage Scope Change in Your Next Project | BDO Connections 2016
 

Similar a The Unseen Enemy - Protecting the Brand, the Assets and the Customers

Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceFinancial Poise
 
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Next Dimension Inc.
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryHNI Risk Services
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
Construction Cyber Risks
Construction Cyber RisksConstruction Cyber Risks
Construction Cyber RisksGraeme Cross
 
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...Elizabeth Dimit
 
Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Michael C. Keeling, Esq.
 
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...James Fisher
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)Financial Poise
 
For digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustFor digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustGrant Thornton LLP
 
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Financial Poise
 
The Ugly Secret about Third Party Risk Management.pdf
The Ugly Secret about Third Party Risk Management.pdfThe Ugly Secret about Third Party Risk Management.pdf
The Ugly Secret about Third Party Risk Management.pdfBreachSiren
 
Privacy Issues in Networked Economy
Privacy Issues in Networked EconomyPrivacy Issues in Networked Economy
Privacy Issues in Networked EconomySonia Kaul Takoo
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)Financial Poise
 
wp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industrywp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industryNumaan Huq
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon BradyStarttech Ventures
 

Similar a The Unseen Enemy - Protecting the Brand, the Assets and the Customers (20)

Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
 
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation Industry
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to Know
 
Construction Cyber Risks
Construction Cyber RisksConstruction Cyber Risks
Construction Cyber Risks
 
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
 
Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1
 
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
 
For digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustFor digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a must
 
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
 
The Ugly Secret about Third Party Risk Management.pdf
The Ugly Secret about Third Party Risk Management.pdfThe Ugly Secret about Third Party Risk Management.pdf
The Ugly Secret about Third Party Risk Management.pdf
 
Privacy Issues in Networked Economy
Privacy Issues in Networked EconomyPrivacy Issues in Networked Economy
Privacy Issues in Networked Economy
 
Data Privacy Compliance
Data Privacy ComplianceData Privacy Compliance
Data Privacy Compliance
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
 
Data Privacy
Data PrivacyData Privacy
Data Privacy
 
wp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industrywp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industry
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReport
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady
 

Último

Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadAyesha Khan
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...lizamodels9
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchirictsugar
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 

Último (20)

Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchir
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 

The Unseen Enemy - Protecting the Brand, the Assets and the Customers

  • 1. THE UNSEEN ENEMY PROTECTING THE BRAND, THE ASSETS AND THE CUSTOMERS
  • 2. Technology – Connecting the world…  9 billon connected devices predicted to rise to 24 billion by 2020  If Facebook were a country, it would be the 3rd largest in the world  Facebook kicks off over 1000 users per day because they are too young  In 2011, more video was uploaded to YouTube in a two month time period than if ABC, CBS, and NBC had been airing new content 24/7/365 since: 1948 Page 2
  • 4. Recent Studies  2013 Trustwave Global Security Report • Retail industry made up 45% of data breach investigations studied (15% increase from 2011) • E-commerce sites were #1 targeted asset, accounting for 48% of all investigations  Symantec • Cumulative bill for cyber crimes in 24 countries totaled $388 billion last year • 431 million adults experienced some form of cyber crime last year, equating to nearly 1.2 million people per day or 14 per second Page 4
  • 5. Why Should Retailers Be Concerned?  Retail industry is now the top target for cybercriminals  Annual U.S. retail e-commerce spending has surged 143% since 2004 to $161.52 billion last year. In fact, a report from IRMG indicates that internet/mobile shopping increased 15% in 2013.  Early estimates indicate that 20% of the upcoming holiday sales will be online  E-commerce attacks are emerging as a growing trend, surpassing the amount of point-of-sale attacks  Financial cost of a cyber attack is higher for businesses that sell products on the front-end, such as retailers  The SEC is pushing to require that companies disclose data breaches in their financial statements Page 5
  • 6. What Must Retailers Protect? Page 6 Credit card information Private employee data Intellectual Property Customer Information Reputation and good will Confidential business information
  • 7. How Breaches Occur Criminal Act by Outsider Vendor Error Human Error Page 7 Technology Failure Employee Misconduct
  • 8. Case Studies Resource: Retail Fail: Walmart, Target Fared Worst In Def Con Social Engineering Contest Page 8
  • 9. What are the options for handling the risk? Retain Allocate Transfer Page 9 Keep the risk within the organization Involve counsel to shift risk to suppliers and business partners Transfer the risk to another entity
  • 10. Types of Insurable Risks Third Party Page 10 First Party
  • 11. Costs  Types • Hard • Soft • Time  Retail companies see much more significant costs around cyber attacks  According to Neustar’s May 2012 report: • 65% of businesses said a site outage would cost them up to $10,000 an hour • 21% said it would cost $50,000/hour • 13% would lose $100,000/hour Page 11
  • 12. What Do You Know About Your Data?  Location • Cloud • Physical environment • Is your data co-located?  Service Level Agreements • Breach notification  Law enforcement considerations need to be considered and addressed: • Requests to maintain secrecy or limit knowledge • Maintaining control of the investigation  Communications with insurers presumably are not privileged Page 12
  • 13. Actions Following a Breach Functional Steps Deploy Preserve Identify Notify DEPLOY AN INCIDENT RESPONSE TEAM PRESERVE SYSTEM LOGS  IT Director  CIO  Human Resources  Legal  Internal or external security experts  Date, time, duration, and location of Page 13 breach
  • 14. Actions Following a Breach (Continued) Functional Steps Deploy Preserve Identify IDENTIFY THE FOLLOWING NOTIFY  How was the breach discovered?  By whom?  Any additional details: • Entry and exit points • Compromised systems • Data deleted vs. modified vs.  Public relations  Insurance carrier viewed  Identify and understand details of the affected data Page 14 Notify
  • 15. Insurance Recovery Considerations in the Face of a Security Breach or Data Loss or Claim  Timely notice of claim (claims made and reported?)  Involvement of counsel (internal & external) to review how coverage may respond. Consent to incur prudent or necessary expenses may be required: • Costs of crisis stage or legal compliance such as breach notification, credit monitoring, call center, forensics are vast majority of the expense on per record figures ($194 /record) • Defense expenses (private claims, regulatory claims)  Communications with insurers presumably are not privileged  “Labeling” of first party costs/categorization Page 15
  • 16. Who Provides Services Around Cyber Risk? Preventative/ Proactive Assessment Technology/ Data Analytics Legal Page 16 Data Hosting/ Monitoring Forensic Accounting Public Relations
  • 17. CONTACT Michael Barba, CISSP, CPP, DFCP, CNE, EnCE Managing Director, BDO USA, LLP mbarba@bdo.com 212-885-8120 Jeff Hall Senior Manager, BDO USA, LLP jhall@bdo.com 212-885-7339 Page 17
  • 18. BDO is the brand name for BDO USA, LLP, a U.S. professional services firm providing assurance, tax, financial advisory and consulting services to a wide range of publicly traded and privately held companies. For more than 100 years, BDO has provided quality service through the active involvement of experienced and committed professionals. The firm serves clients through more than 40 offices and more than 400 independent alliance firm locations nationwide. As an independent Member Firm of BDO International Limited, BDO serves multinational clients through a global network of 1,204 offices in 138 countries. BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. www.bdo.com To ensure compliance with Treasury Department regulations, we wish to inform you that any tax advice that may be contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding tax-related penalties under the Internal Revenue Code or applicable state or local tax or (ii) promoting, marketing or recommending to another party any tax-related matters addressed herein. Material discussed in this publication is meant to provide general information and should not be acted on without professional advice tailored to your individual needs. © 2013 BDO USA, LLP. All rights reserved. www.bdo.com Page 18