Scribd Logo
Upload

Welcome to Scribd!

  • 4 views

    Cybersecurity & Data Privacy 1

    Uploaded by

    Mugisa B. Mustapha
    This document discusses cybersecurity and data privacy risks and opportunities. It outlines the significant costs of cybercrime and data breaches to organizations globally. Common cyber threats include weak credentials, misconfiguration, technical vulnerabilities, ransomware, and social engineering. The document recommends organizations assess their cybersecurity maturity and implement best practices and regulatory compliance standards to strengthen data protection and security. Building effective cyber defenses can help mitigate risks and reduce losses from cyber incidents.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Cybersecurity & Data Privacy 1

    Uploaded by

    Mugisa B. Mustapha
    4 views12 pages
    This document discusses cybersecurity and data privacy risks and opportunities. It outlines the significant costs of cybercrime and data breaches to organizations globally. Common cyber threats include weak credentials, misconfiguration, technical vulnerabilities, ransomware, and social engineering. The document recommends organizations assess their cybersecurity maturity and implement best practices and regulatory compliance standards to strengthen data protection and security. Building effective cyber defenses can help mitigate risks and reduce losses from cyber incidents.

    Original Description:

    A deep Dive into Cybersecurity and Data Privacy - the cost of cybercrime

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses cybersecurity and data privacy risks and opportunities. It outlines the significant costs of cybercrime and data breaches to organizations globally. Common cyber threats include weak credentials, misconfiguration, technical vulnerabilities, ransomware, and social engineering. The document recommends organizations assess their cybersecurity maturity and implement best practices and regulatory compliance standards to strengthen data protection and security. Building effective cyber defenses can help mitigate risks and reduce losses from cyber incidents.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    4 views12 pages

    Cybersecurity & Data Privacy 1

    Uploaded by

    Mugisa B. Mustapha
    This document discusses cybersecurity and data privacy risks and opportunities. It outlines the significant costs of cybercrime and data breaches to organizations globally. Common cyber threats include weak credentials, misconfiguration, technical vulnerabilities, ransomware, and social engineering. The document recommends organizations assess their cybersecurity maturity and implement best practices and regulatory compliance standards to strengthen data protection and security. Building effective cyber defenses can help mitigate risks and reduce losses from cyber incidents.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 12

    Cybersecurity & data

    privacy – risks and


    opportunities

    CPA Mustapha Bernabas Mugisa CFE, CEH


    www.summitcl.com

    be transformed
    6/5/2023
    Agenda
    1. The cost of cybercrime & data breach
    2. Cyber security maturity framework
    3. Data security objectives
    4. Building effective cyber defense

    be transformed
    6/5/2023 2
    Top 4 broad risk areas of concern

    Enterprise Incident & ERM


    Cybersecurity Fraud &
    Objectives
    risks compliance Crisis mgt Strategy
    at risk (BCP)
    risks

    be transformed
    How safe are you?
    How much do you estimate your
    organisation loses annually to
    (i) data breaches?
    (ii) cybercrime?

    be transformed
    6/5/2023 4
    The global cost of cybercrime…

    be transformed
    6/5/2023 5
    Cost of cybercrime (Uganda Police Report)

    Cyber loss 2019 99% Recovered 0.4% 0.4%

    Ugx.11.4 Bn Ugx. 51 Mn
    248 of the reported A lot of money is invested in
    cybercrime cases led to a trying to recover the big sums of
    loss of 11.4B lost money which is not on record

    99.6%

    Our frontline projects Recovered Confidential

    Ugx. 171.1 Bn Ugx. *


    450 clients, cyber crime costed Classified Information
    them over 13.4 billion
    be transformed
    Source: Project Frontline Uganda 2020
    published by www.summitcl.com
    Av. cost
    of data
    breach

    be transformed
    6/5/2023 7
    How long does it
    take to identify and
    contain
    cyberbreach?

    be transformed
    6/5/2023 8
    High value data for hackers
    1. Protected Health Information (PHI)
    • First responders, Ambulatory Services, Intensive Care Records, Personal Medical records

    2. Personal Identifiable Information (PII)


    • Citizen records, Utility & water records
    • Criminal records

    3. Credit card numbers


    • Property tax payments
    • Utility bills, water, power
    • Vehicle registration
    • Home addresses given through home delivery meal orders eg Jumia, SafeBoda, CJ, etc

    4. Bank account / payroll information, etc


    be transformed
    Regulatory compliance & best practices…
    1. Data Protection and Privacy Act, 2019 Laws of Uganda
    2. Payment Card Industry (PCI) DSS – and several Bank of Uganda prudential
    guidelines for financial institutions
    3. ISO/IEC 27001: best practices for information security management systems (ISMS).
    4. National Institute of Standards and Technology (NIST) Cybersecurity Framework
    5. The Health Insurance Portability and Accountability Act (HIPAA)
    6. The General Data Protection Regulation (GDPR)
    7. The Federal Information Security Management Act (FISMA)
    8. The Sarbanes-Oxley Act (SOX) is a US federal law that requires companies to
    establish internal controls and reporting measures to prevent fraud
    be transformed
    Common cyber threats and attack vectors
    A Weak and or compromised credentials

    46%
    B Misconfiguration

    38% 38% 38% 39% C Trust relationships

    D Missing or poor encryption


    29%
    Technical vulnerabilities including zero-day exploits,
    21% 21% E trojans, cross-site scripting, session high jacking, and man-
    in-the-middle
    F Ransomware

    G Malicious insiders and or former employees and service


    providers
    A B C D E F G H
    H Social engineering including phishing
    Source: Project Frontline Uganda 2021
    be transformed
    published by www.summitcl.com Forensic. Advisory.
    11 Security
    Cybersecurity & data
    privacy – risks and
    opportunities

    CPA Mustapha Bernabas Mugisa CFE, CEH


    www.summitcl.com

    be transformed
    6/5/2023

    You might also like