10 things you can do today to reduce your security risk.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Ethics, Privacy and Information Security
Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College, This work is the intellectual property of the author.
Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Security Awareness: Applying Practical Security in Your World
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.
Security+ Guide to Network Security Fundamentals
© 2003, Educational Institute Chapter 12 Systems and Security Maintenance Managing Technology in the Hospitality Industry Fourth Edition (469T or 469)
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
© 2006 PCE Systems Ltd IT Systems Integrity Chris Nabavi BSc SMIEEE.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 6 Enterprise Security.
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
Factors to be taken into account when designing ICT Security Policies
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Initial Findings  Secure all contracts with third party vendors immediately  Develop a strong understanding of the ‘Flow of PHI’ within and outside of.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Securing a Wireless Network
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
New Data Regulation Law 201 CMR TJX Video.
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.
2008© COPYRIGHT 1 1 ATHN DATA SUMMIT DISASTER PREPAREDNESS JULY 31, 2008 PANEL MEMBER - JOY MAHURIN COMPREHENSIVE BLEEDING DISORDERS CENTER CONTINUITY.
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Chapter 13: Data Security & Disaster Recovery Database Management Systems.
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
{ EduSolutions Auditoria.  EduSolutions background  EduSolutions Description  EduSolutions Organizational Structure  EduSolutions System   Critical.
Chapter 12 by Lisa Reeves Bertin Securing Information in a Network.
Chapter 6 of the Executive Guide manual Technology.
Managing Technology and Information Chapter 15. Distinguish between data and information and explain the role of management information systems in business.
Information Collection, Storage and Sharing. The use of computers have made it easier than before, to collect, store and share large amounts of information.
Preventing Common Causes of loss. Common Causes of Loss of Data Accidental Erasure – close a file and don’t save it, – write over the original file when.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Using Technology to Manage Information
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Appendix C: Designing an Operations Framework to Manage Security.
Note1 (Admi1) Overview of administering security.
Disaster Planning The Ten Commandments of Success June 2014.
Prepared by Natalie Rose1 Managing Information Resources, Control and Security Lecture 9.
Module 11: Designing Security for Network Perimeters.
Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &
Lecture 24 Wireless Network Security
Communication in Administration (Security)
Computer Security By Duncan Hall.
Disaster Recovery: Can Your Business Survive Data Loss? DR Strategies for Today and Tomorrow.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Networking Network Classification, by there: 3 Security And Communications software.
CPT 123 Internet Skills Class Notes Internet Security Session B.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
THE NEED FOR NETWORK SECURITY Hunar & Nawzad & Kovan & Abdulla & Aram.
CSC4003: Computer and Information Security Professor Mark Early, M.B.A., CISSP, CISM, PMP, ITILFv3, ISO/IEC 27002, CNSS/NSA 4011.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
NETWORK SECURITY. What do you see THE IMPORTANCE OF SECURITY THE ARE WEBSITES ON THE INTERNET COULD INFORM PEOPLE THE RANGE AND AVAILABLE UNSECURED SITES.
UNIT V Security Management of Information Technology.
Chapter 17 Risks, Security and Disaster Recovery
Computer Security for Businesses
Implementing Client Security on Windows 2000 and Windows XP Level 150
Operational procedures for preventing misuse
Why Cyber Security is important to SME? Useful Tips on how you protect and secure your business. By Ronald Soh from Win-Pro Consultancy Pte Ltd
Presentation transcript:

10 things you can do today to reduce your security risk.

2 10 things to do today Review security budget

3  Asset allocation = prioritization  Security budgets are among the first casualties in a budget crunch  The cost of prevention is much lower then the cost of remediation Review security budget

4 10 things to do today Review human resource practices 10. Review security budget

5  Fact: CSI ( Computer Security Institute ) states that insiders accounted for 80% of security attacks on IT systems  Consider your hiring practices and those of your Vendors  Are your employees security aware?  When practical distribute key resources, company assets and processes to prevent “domino effect” Review human resource practices

6 10 things to do today Review vendors 9. Review human resource practices 10. Review security budget

7  Obtain a copy of your vendors security policies  Review your vendors disaster recovery plan  Develop “plan b”  Review vendors cyber liability coverage Review vendors

8 10 things to do today Stay current with software updates 8. Review vendors 9. Review human resource practices 10. Review security budget

9  Software security is evolutionary  Create an update routine  Operating system and antivirus updates are critical  Update both servers and personal machines Stay current with software updates

10 10 things to do today Firewall and antivirus 7. Stay current with software updates 8. Review vendors 9. Review human resource practices 10. Review security budget

11  Your primary lines of defense  Cheap and Easy  Keep your data and your friends  Not all products are created equal Firewall and antivirus

12 10 things to do today Wi-Fi 6. Firewall and antivirus 7. Stay current with software updates 8. Review vendors 9. Review human resource practices 10. Review security budget

13  Change your SSID and admin password  Wired Equivalent Privacy (WEP)  Media Access Control (MAC) filtering  Turn on Firewall  Firmware Wi-Fi

14 10 things to do today I T policies and procedures 5. Wi-Fi 6. Firewall and antivirus 7. Stay current with software updates 8. Review vendors 9. Review human resource practices 10. Review security budget

15  Set the tone from day 1  Develop an Acceptable Use Policy (AUP)  Explicitly forbid bypassing security checkpoints  Establish desktop management policies  Audit your systems and procedures periodically IT policies and procedures

16 10 things to do today Be judicious with information 4. I T policies and procedures 5. Wi-Fi 6. Firewall and antivirus 7. Stay current with software updates 8. Review vendors 9. Review human resource practices 10. Review security budget

17  Social engineering  Unsecured lines of communication (IM)  Two-thirds of companies surveyed do not restrict critical data to confined areas on the network, and servers that contain critical information communicate directly with other systems that are accessible from the Internet. -CIO  Taking it with you Be judicious with information

18 10 things to do today Review physical security 3. Be judicious with information 4. I T policies and procedures 5. Wi-Fi 6. Firewall and antivirus 7. Stay current with software updates 8. Review vendors 9. Review human resource practices 10. Review security budget

19  Be meticulous and consistent  Lock every wiring closet and server cabinet  Change locks or door pass codes, and passwords to any shared accounts immediately when employees leave  Don’t give keys to vendors  Paper Shredder  Escort visitors in and out of secure areas Review physical security

20 10 things to do today 1. Back up and recovery 2. Review physical security 3. Be judicious with information 4. I T policies and procedures 5. Wi-Fi 6. Firewall and antivirus 7. Stay current with software updates 8. Review vendors 9. Review human resource practices 10. Review security budget

21  Develop a backup and recovery strategy that fits your company  The creation and maintenance of backup metadata and media management. “The five golden rules” 1. That which has not been backed up cannot be recovered. 2. That which has not been backed up off-site will not survive a fire. 3. Any backup that has not been tested with a recovery is not a backup. 4. Ignored backup systems become poorly performing backup systems. 5. Back it up or give it up. Backup and recovery

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.