Surviving the Rise of Cybercrime: A non-technical executive guide (Australia) by Craig McDonald


2459b4d9064271a-261x361.jpg Author Craig McDonald
Isbn
File size 5.22MB
Year 2017
Pages 134
Language English
File format PDF
Category security


 

YOUR KEY TAKEAWAYS This guide aims to provide a non-technical insight into cybersecurity for time-poor executives who are new to the threats emerging in this space. In less than 60 minutes, I aim to provide you with an understanding of cybersecurity and what it means for your organisation, to highlight some real-world examples, and to make you familiar with some industry jargon and terminology. I’m Craig McDonald, CEO & Founder of MailGuard. A cloud-based email and web security business since 2001, MailGuard was recently commended as a “world-leading” innovator by the Australian Prime Minister, The Hon. Malcolm Turnbull MP. SURVIVING THE RISE OF CYBERCRIME öö Identifying the threats to your business öö Finding out why cybercriminals are targeting your business and staff öö Understanding why your IT team is struggling to prevent these threats “[MailGuard is] among the leading cloud and email security solutions anywhere in the world.” The Hon Malcolm Turnbull MP, Prime Minister of Australia öö Knowing your role and responsibilities as a C-level executive or business leader, and öö How to educate and empower your managers and teams as the frontline in your cyber-defence. 2 “Everybody is online, and everybody is vulnerable.” Barack Obama President of the United States of America1 SURVIVING THE RISE OF CYBERCRIME 3 WHY WRITE ANOTHER GUIDE ON CYBERSECURITY? Every day I meet with successful C-level business leaders who are charged with the responsibility of steering their organisations to success. To many, the sphere of cybersecurity is relatively new and unfamiliar. There is a plethora of extensive texts and guides that have been commissioned by experts in the cybersecurity space, however despite their thoroughness, in my experience they are rarely read. They are simply too detailed, and too technical, and as a result they often ask too much of their audience. In cybersecurity, the human factor is the greatest vulnerability for any organisation, and a large part of the challenge is generating awareness and educating those who are in harm's way. This is particularly the case with C-level executives who are time-poor and SURVIVING THE RISE OF CYBERCRIME often feel that there’s too much to consider. Some executives take the view that it’s somebody else’s problem – most commonly a member of their IT team. In today's climate such attitudes are outdated and plain dangerous. I am not alone in calling for business leaders to be more proactive tackling the rise of cybercrime. Inside this guide is a collection of thoughts, opinions and quotes from some of our most informed and respected leaders, including Australia’s Prime Minister, The Hon. Malcolm Turnbull MP, Barack Obama, President of the United States, Robert S. Mueller III, Director of the FBI, and business visionaries including Bill Gates, Elon Musk and Jeff Bezos. 4 “Cybersecurity is a leadership issue, not an IT issue” Craig McDonald Founder & CEO, MailGuard2 SURVIVING THE RISE OF CYBERCRIME 5 ABOUT THE AUTHOR CRAIG MCDONALD CEO & FOUNDER MAILGUARD Over 15 years ago, an email-borne virus caused havoc for one of my businesses. I was astounded that something as simple as an email could have such a devastating effect, especially when that business was protected by all the latest antivirus software. As a non-technical business professional I struggled to reconcile the fact that my business had for years been paying for a service that didn’t do what it said on the box. Those events in 2001 inspired me to start MailGuard, and I have made it my mission ever since to provide a service that delivers on its promise. Not only a businessman and entrepreneur, I am also a family man, a husband and a father. I am dedicated to protecting the state of the nation we live in, and the state of the global digital economy, so that my children grow up in a digital age that is safe and secure. SURVIVING THE RISE OF CYBERCRIME An Australian company, MailGuard has grown to become the world’s largest private email Software as a Service [SaaS] security provider, and now delivers business email and web security worldwide. MailGuard applies immediate protection to thousands of businesses, stopping fast-breaking, zero-day email threats 2-48 hours ahead of the market. With advanced AI (artificial intelligence) threat-detection engines, MailGuard is uniquely positioned to predict and stop emerging threats before they reach your network. Today, MailGuard has partnerships with some of the world’s largest email hosting providers, and works collaboratively alongside industry leaders including Microsoft, KPMG, Deakin University and Xero. MailGuard is a member of the Centre for Cyber Security Research (CCSR) and is CSA STAR accredited. MailGuard was recognised by ANZIA, at the Australia & New Zealand Internet Awards, as the 2016 Security Award winner. 6 CONTENTS CONTENTS 01 02 LEARNING THE HARD LESSONS FROM OTHERS T HERE’S NO STOPPING PROGRESS A look at some high-profile breaches. The speed of change. PAGE 18 PAGE 8 06 THE CHANGING SECURITY LANDSCAPE Security in depth. PAGE 70 07 YOUR ACTION PLAN What to consider. PAGE 79 03  N EXPLOSION A OF EASY-ACCESS DATA 04 THE EMERGENCE OF A NEW GLOBAL INDUSTRY 05 LET’S TALK NUMBERS Quantifying the impact. The new norm in this digital economy. A sophisticated network of cybercriminals. PAGE 26 PAGE 40 08 09 10 Looking forward. The beginnings of a cybersecurity lexicon. HAVING THE RIGHT TEAM IN PLACE Roles and responsibilities. SO WHAT’S NEXT? PAGE 103 PAGE 65 TALKING THE TALK PAGE 113 PAGE 93 SURVIVING THE RISE OF CYBERCRIME 7 01 LEARNING THE HARD LESSONS FROM OTHERS Let’s start by taking a look at some high-profile breaches SURVIVING THE RISE OF CYBERCRIME 8 “Your brand is what other people say about you when you’re not in the room” Jeff Bezos CEO & Founder Amazon19 SURVIVING THE RISE OF CYBERCRIME 9 01 L EARNING THE HARD LESSONS FROM OTHERS Let’s start by taking a look at some high-profile breaches Yahoo! In late 2014, Yahoo! suffered one of the world's largest breaches of public information. It wasn’t until two years later, in September 2016, that Yahoo! revealed user information – including names, email addresses, phone numbers, dates of birth, passwords and even the answers to encrypted security questions – had been stolen from at least 500 million accounts. Exchange Commission which reportedly stated it did not have knowledge of “any incidents of, or third-party claims alleging … unauthorised access” of personal data of its customers that could have a material adverse effect on Verizon’s acquisition.56 But Verizon said in October it had “reasonable basis” to believe Yahoo’s massive data breach of email accounts represented a material impact that could allow Verizon to withdraw from the deal to buy the technology company. The resultant damage could be far more than just reputational. Just months before the breach As of December 2016, the deal was still in was revealed, Verizon had reportedly agreed to negotiation. pay $4.83 billion for Yahoo’s core business. As part of the negotiations, Yahoo! made a regulatory filing with the US Securities and SURVIVING THE RISE OF CYBERCRIME 10 “The individuals who planned the attempted Times Square bombing in May 2010 used public web cameras for reconnaissance. They used file-sharing sites to share sensitive operational details. They deployed remote conferencing software to communicate. They used a proxy server to avoid being tracked by an IP address. And they claimed responsibility for the attempted attack – on YouTube. To date, terrorists have not used the internet to launch a fullscale cyber attack. But we cannot underestimate their intent. In one hacker recruiting video, a terrorist proclaims that cyber warfare will be the warfare of the future.” Robert S. Mueller, III Director, Federal Bureau of Investigation (FBI)20 SURVIVING THE RISE OF CYBERCRIME 11 01 L EARNING THE HARD LESSONS FROM OTHERS Let’s start by taking a look at some high-profile breaches eBay In May 2014, cybercriminals obtained the log-in credentials of three eBay corporate employees. The credentials gave cybercriminals access to the personal data of 145 million eBay customers. The crime was so sophisticated that eBay Global Marketplaces Chief, David Weng, said at the time: “For a very long time we did not believe that there was any eBay customer data compromised.”57 The credentials gave cybercriminals access to the personal data of 145 million eBay customers. Subsequent investigations confirmed the extent of the breach. SURVIVING THE RISE OF CYBERCRIME 12 “Our connectivity brings extraordinary benefits to our daily lives, but it also brings risks. And when companies get hacked, Americans’ personal information, including their financial information, gets stolen. Identity theft can ruin your credit rating and turn your life upsidedown. In recent breaches, more than 100 million Americans had their personal data compromised, including, in some cases, credit card information. We want our children to go online and explore the world, but we also want them to be safe and not have their privacy violated.  So this is a direct threat to the economic security of American families, not just the economy overall, and to the wellbeing of our children, which means we’ve got to put in place mechanisms to protect them.” Barack Obama President of the United States of America21 SURVIVING THE RISE OF CYBERCRIME 13 01 Target Let’s start by taking a look at some high-profile breaches In 2013, attackers lifted an estimated 40 million credit and debit cards from the retail megachain’s point of sale systems in the United States. The breach has been attributed to an unwary business partner. L EARNING THE HARD LESSONS FROM OTHERS Investigators suspect attackers gained access to Target’s network credentials from an air-conditioning and ventilation subcontractor who fell prey to a phishing email containing the Citadel Trojan. The attack hit the headlines, followed by a Congressional Enquiry, executive firings, and a lawsuit against the board of directors.58 Investigators suspect attackers gained access to Target’s network credentials from an air-conditioning and ventilation subcontractor who fell prey to a phishing* email containing the Citadel Trojan. *See dictionary defintion on page 124 SURVIVING THE RISE OF CYBERCRIME 14 “There are many similarities between marketers and cybercriminals: the need for clickthrough, high engagement rates, an effective ROI, reaching the right audience. The list goes on. The big difference, however, is the success rate between the two groups, as cybercriminals are simply outmarketing the marketers. Sophisticated cybercriminal networks are more effective than ever in understanding their target ‘audience’. Through thorough research, they can create a phishing scam designed around a person's typical email use, preferences and habits.” Craig McDonald Founder & CEO, MailGuard22 SURVIVING THE RISE OF CYBERCRIME 15 01 L EARNING THE HARD LESSONS FROM OTHERS Let’s start by taking a look at some high-profile breaches Ubiquiti In June 2015, Ubiquiti Networks, a Silicon Valley computer networking company, was scammed of nearly $47 million by cyber thieves. The company fell prey to a “CEO fraud” email phishing scam. In a statement, Ubiquiti cited that it was “the victim of ‘criminal fraud’ involving "employee impersonation and fraudulent requests from an outside entity targeting the company's finance department". The company fell prey to a “CEO fraud” email phishing scam. The scam led to the transfer of $46.7 million held by a Ubiquiti subsidiary incorporated in Hong Kong to other overseas accounts held by third parties, the company said.59 SURVIVING THE RISE OF CYBERCRIME 16 “American companies are being targeted, their trade secrets stolen, intellectual property ripped off.  The North Korean cyber attack on Sony Pictures destroyed data and disabled thousands of computers, and exposed the personal information of Sony employees.  And these attacks are hurting American companies and costing American jobs. So this is also a threat to America’s economic security.” Barack Obama President of the United States of America23 SURVIVING THE RISE OF CYBERCRIME 17 02 THERE'S NO STOPPING PROGRESS The speed of change SURVIVING THE RISE OF CYBERCRIME 18 “It is the most important piece of infrastructure ever created by mankind and yet it has not been created, as most infrastructure is, by governments. A free and open internet supports our democratic rights of freedom – of speech, religious expression, political thought and choice." The Hon. Malcolm Turnbull MP Prime Minister of Australia3 SURVIVING THE RISE OF CYBERCRIME 19 02 THERE'S NO STOPPING PROGRESS The speed of change As leaders, the enormous challenge we face is anticipating what the future will bring. Which trends will take hold? Which technologies will transform the way we live, and the way we do business? SURVIVING THE RISE OF CYBERCRIME 20

Author Craig McDonald Isbn File size 5.22MB Year 2017 Pages 134 Language English File format PDF Category Security Book Description: FacebookTwitterGoogle+TumblrDiggMySpaceShare This guide aims to provide a non-technical insight into cybersecurity for time-poor executives who are new to the threats emerging in this space. In less than 60 minutes, I aim to provide you with an understanding of cybersecurity and what it means for your organisation, to highlight some real-world examples, and to make you familiar with some industry jargon and terminology. I’m Craig McDonald, CEO & Founder of MailGuard. A cloud-based email and web security business since 2001, MailGuard was recently commended as a “world-leading” innovator by the Australian Prime Minister, The Hon. Malcolm Turnbull MP. Your key takeaways will be: 1) Identifying threats to your business 2) Finding out why cybercriminals are targeting your business and staff 3) Understanding why your IT team is struggling to prevent these threats 4) Knowing your role and responsibilities as a C-level executive or business leader, and 5) How to educate and empower your managers and teams as the frontline in your cyber-defence. Here’s what some experts are saying about the book: “Cybercrime is a serious and growing business risk. Building an effective cybersecurity culture within an organisation requires directors and executives to lead by example. Surviving the Rise of Cybercrime is a must-read for directors and executives across business and in government and provides strong foundations for leaders determined to address cyber risk.” Rob Sloan, Cybersecurity Research Director, Wall Street Journal “Effective cybersecurity has become a key foundation for the digital transformation initiatives of government and businesses. This guide provides a clear assessment of the threat, while providing a set of very practical steps that executive leaders can take to build a modern, resilient platform for their business innovation.” James Kavanagh, National Technology Officer, Microsoft Australia “It is easy to read, it is understandable, I think it’s the sort of publication that we do need to get being read in every single boardroom in Australia.” The Hon Dan Tehan MP, Minister Assisting the Australian Prime Minister on Cyber Security “Knowledge of cybersecurity issues is essential for all executives irrespective of the business they are in. This guide puts the current state of cybersecurity into perspective with deep insights from visionaries in government and commerce, and offers practical advice on defining and protecting critical assets.” Bradley Bastow Chief Technology Officer, Department of Prime Minister and Cabinet     Download (5.22MB) Cyber Attack, Cybercrime, Cyberwarfare – Cybercomplacency Security: The Human Factor How HIPAA Can Crush Your Medical Practice Cyberphobia: Identity, Trust, Security And The Internet Accounting Information Systems and Cyber Security: Stay ahead of the technology curve Load more posts

Leave a Reply

Your email address will not be published. Required fields are marked *