With cyber scams costing UK businesses an estimated £4.14bn* in lost data, reputational damage and online theft every year, Cyber Security is rapidly climbing the priority list of directors across the UK. This presentation will help you to: - spot the most common cyber attacks, defend your business and protect your critical data if the worst does happen; - understand the impact of GDPR on your business and how to protect yourself against expensive data losses.

1. WELCOME TO:
CYBER SECURITYAND THE IMPACT ON YOUR
BUSINESS
HOW DO YOU CURRENTLY
BACK UP YOUR DATA?
ADD YOUR RESPONSE AT WWW.SLI.DO
JOIN USING THIS CODE:
#5660

2. WHO WE ARE
"Our mission is to make IT simple. Enabling our customers
to succeed by delivering information technology services
better than anyone else."

3. CYBER SCAMS
What were the most prevalent cyber
scams of 2016?
How much damage did they cause?

4. Common frauds & scams in today’s
digital marketplace
• Phishing
• Vishing
• Invoice Redirection
• Bogus Boss
• Overpayment Fraud

5. PHISHING
Bogus emails which appear authentic and from legitimate sources
• High volume
• Fake links, websites, attachments
Tips to protect
• Antivirus, Trusteer Rapport, spam filters and firewalls
• Https://
• Do not respond
• Do not click links
• Forward suspect emails to: phishing@natwest.com

6. VISHING
Voice + Phishing = Vishing
• Social engineering
• Information jigsaws
Tips to protect
• Question who is calling
• Decline to provide personal information
• Do not rely on Caller ID
• Do not transfer money

7. INVOICE REDIRECTION
Specifically aimed at businesses
They research your business
• Suppliers’ details
• Payment profile
They attempt to issue a revised payment location controlled by fraudsters.
Tips to protect
• May begin with post going missing
• Validate any requests
• Dual-authorise changes
• Systems, processes and checks

8. CASE STUDY

9. BOGUS BOSS
• Email or text reportedly from your ‘boss’
• Requests an urgent transfer of funds due to a situation or in a light-
hearted conversation
• Fakes/spoofs internal email appearances
Tips to protect
• Question the request
• Validate the request
• Speak to the person

10. OVERPAYMENT FRAUD
• Customer advises they have ‘mistakenly’ overpaid your bill e.g.
£40,000 instead of £4,000
• Requests you keep the amount and return the difference
• Original payment subsequently bounces
Tips to protect
• Typically new clients
• Do usual background and reference checks
• Think about how you would treat a cheque
• Strange type of payment - validate

11. REMEMBER
• Do not share user accounts
• Install Trusteer Rapport software
• Have up to date antivirus
• Never give out your pin/password
Useful contacts
Email: phishing@natwest.com
NatWest Fraud: 0345 300 3986
Actionfraud: 0300 123 2040

12. CRYPTOLOCKER
A type of Ransomware that stealthily encrypts all your files and deletes the originals,
before demanding payment to reinstate your documents and data. Typically delivered
via email or an insecure internet-enabled computer.
In 2016, 54% of UK businesses were hit by some form of
Ransomware attack

13. CRYPTOLOCKER
HOW RANSOMWARE CAN IMPACT YOUR BUSINESS
IF YOU GET IT RIGHT…
Hotel in Belfast
Employees: ~500
Type of Backup: untested, internally managed
What happened: AAG brought in when
Cryptolocker hit for the 3rd time in 2 weeks
Response: Engineer deployed within 4 hours
Recovery time: <48 hours for all systems; no
downtime to booking or critical systems
Cost to business: £negligible
IF YOU GET IT WRONG…
Company in Rotherham
Employees: 149
Type of Backup: untested, externally managed
What happened: Cryptolocker got onto their
network via an infected email
Recovery time: 14 days for critical systems
Last viable Backup: May 2016 (lost five months’
worth of data)
Cost to business: £35,000 lost revenue

14. WHY SHOULD I BACK UP?
• 6.2 million cyber attacks on UK businesses took place in 2015
• 33% of attacks were caused by an employee
• 3,200% - the increase in attack infrastructure used by cybercriminals in 2016
• 80% of CIOs and IT Directors surveyed had experienced a cyber attack
• 37% lost revenue
• 20% had to halt operations*
*540 individuals surveyed by Malwarebytes, 2016

15. WHY SHOULD I BACK UP?
The typical cost to SMEs
of a cyber attack
(PWC IOC Report, 2015)
70%
70% of businesses who
suffer a major data loss fail
within one year
(PWC IOC Report, 2015)
75%
75% of businesses fail to
successfully execute an
untested Disaster Recovery plan
(PWC IOC Report, 2015)
£75k -
£311k

16. HOW SHOULD I BACK UP?
How do you back up?
Let’s have a look at the results
Popular + unreliable Less popular + more
reliable
Becoming popular +
most reliable
Optical Drive Disk-to-Disk Site-to-Site Backup
Tapes Cloud
USB Hard Drive Site-to-Site + Cloud
How often do you test your Backup method?

17. HOW SHOULD I BACK UP?
Cloud vs. Site-to-Site vs. Disk
The recommended Backup method is always down to your business
needs. Typically, Cloud and/or Site-to-Site Backup gives the best value
and peace of mind
Capacity Security Reliability
Cloud Unlimited Very secure 99.99% uptime
Site-to-Site Flexible Secure More reliable
Disk/USB Hard Drive Limited Easily corruptible Less reliable
Tape Limited Easily corruptible Unreliable

18. COST OF SECURING YOUR DATA
ANNUAL MONTHLY REVENUE
(21 WORKING DAYS)
£1 MILLION £82,677
£3 MILLION £248,031
£5 MILLION £413,385
£10 MILLION £826,770
CLOUD COST
(DATA-DEPENDENT)
£150
£250
£350
£500
% OF TURNOVER
0.007%
0.001%
0.0008%
0.0006%
ANNUAL COST OF 12 DAYS’ LOST BUSINESS
£1 MILLION £47,244
£3 MILLION £141,732
£5 MILLION £236,220
£10 MILLION £472,440 *based on 254 working days per year

19. BACKUP & DISASTER RECOVERY
Backup refers to the copying and archiving of computer data so
it may be used to restore the original after a data loss event.
Backup is different to Disaster Recovery:
• Backup is simply making one or more copies of your data in
case the original is lost or damaged
• Disaster Recovery is restoring that data in the instance that
the original is lost or damaged.

20. Backup, Disaster Recovery
and Cyber Security
LEGAL ISSUES

21. INTRODUCTION
• Shulmans LLP
• One of the fastest growing Commercial law firms in the UK
• Providing a national service from a cost effective base in Leeds
• Experienced team with a focus on compliance, risk management,
technology and good business practice
• Risk and Regulation
• Strategy and Risk Management
• Business Process Advice
• Crisis Management and Regulator Response
mlumley@shulmans.co.uk hgoldthorpe@shulmans.co.uk

22. CHANGING LANDSCAPE
• Increasingly connected world
• Obsolete or vulnerable technology
• Increasingly complex attacks
• Rise of the Super-Regulator
• ICO
• National Cyber Security Centre (or similar)
• HSE
• Sector-specific regulation e.g. Financial Services

23. RISK
What risks are we trying to avoid?
• Injury
• Financial Loss
• Reputational Damage
• IP & Confidential Information Loss
• Regulatory Intervention/fines
• Liability to third parties
• Interference with operation/production
• Maintaining services/data availability

24. REGULATION
• Any interruption to business could expose you to claims e.g. that you are
unable to carry out contracted services
• ALWAYS good business sense to protect against this risk
• In some sectors there are also specific obligations to put security in place:
• Personal Data
• Cyber Security Directive
• Financial Services
• Payment card information

25. PERSONAL DATA PROTECTION
• Specific regulation relating to personal data
• Currently Data Protection Act 1998
• General Data Protection Regulation in force 2018
• Both contain obligations to have appropriate security measures
“…the controller [and the processor] shall implement appropriate technical
and organisational measures to ensure a level of security appropriate to the
risk…”
• Stronger obligations for sensitive personal data
• Stronger notification requirements in GDPR

26. CYBER SECURITY DIRECTIVE
• Will take effect in UK by May 2018
• Impacts on operators of essential services and digital service providers
• Online marketplace, online search engine, cloud computing service
• NOT hardware manufacturers/software developers/micro or small enterprises
• Security requirements
“appropriate and proportionate organisational risk management measures including measures to prevent and
minimise the impact of incidents that affect security of networks and information systems”
• Incident notification
• Will require
• Risk management systems
• Reporting processes
• Enforcement - fines?

27. INCIDENT RESPONSE
• Legal obligations don’t just cover putting technical protection in
place
• Also cover how you respond to an incident – containment, recovery,
notification
• Disasters do happen – need to plan ahead
• Legal priorities
• Regulatory notification obligations
• Contractual notification obligations
• Potential liability to third parties
• Are you able to pursue the perpetrator (especially for employee fraud) or
recover money/IP/assets?
• Legal privilege
• Plan ahead so you can act fast!

28. DIRECTORS’ LIABILITY
• s61 DPA
• Directors’ duties
• Regulatory obligations
• ICO may request undertakings from directors

29. CASE STUDY: EMPLOYMENT FRAUD
• Apparently loyal employees
• Handed in notice, off sick
• No apparent warning signs
• But…
• Copied emails to home address
• Used FTP File transfer software to transfer large files – difficult to detect
• Software, designs, clients, suppliers and pricing all copied
• Loss?
• What did we do?

30. WHAT NEXT?
• I’m too busy!
• Schedule time to review risks and strategy
• Understand your risk profile
• Formulate an action plan
• Fit into your “business year”
• Who needs to be involved?
• Board, key managers, staff, consultants, key suppliers
• Lawyers and specialist consultants

31. OUR SOLUTION
• Data Protect Workshop with AAG and Shulmans
• A planned, time & cost controlled solution
• Intro to other key business participants - high level summary of law and approach to risk assessment
• Scoping questionnaire
• Workshop:
• legal and technical
• individual business needs
• Board, management & operational
• Outputs – technical requirements, risk analysis & risk register, business knowledge, policies,
procedures, training materials.
• Outputs - data protection policies, customer document and online policies, business continuity policy
update, disaster recovery, cyber Incident response & cyber risk training. Delivered in physical and
digital formats
• Outputs - high level summary for board, compliance protection & insurers/brokers
• Layered approach to information, role specific (board, management and operational)
• Annual review and access to ongoing technical and legal support.
• Available dates

32. SUMMARY
• If your business is important to you, it is worth protecting it with a Backup &
Disaster Recovery strategy that you can have confidence in
• Educate your staff of the latest cyber scams and types of Ransomware attacks
• Test your current Backup
• Review your Disaster Recovery plan
• Implement a responsibilities chart
• Book your Data Protect Workshop with AAG and Shulmans
sales@aagsystems.co.uk www.linkedin.com/company/aagsystems 0114 399 0995