Security and Compliance with Security Standards/ Boss's Day

Slides:

Advertisements

Similar presentations

Online Privacy A Module of the CYC Course – Personal Security

Advertisements

How to protect yourself, your computer, and others on the internet

Cyber Safety Assessment Review

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?

BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.

Identity Theft Someone steals your personal information for his/her own gain It’s a crime!

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Breaking Trust On The Internet

What is identity theft, and how can you protect yourself from it?

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

CIT In this chapter you will learn how to:  Explain the threats to your computers and data  Describe key security concepts and technologies.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

COMM 1010 Presentation By: Gina Haws Information for the presentation obtained from EVERYTHING YOU SAY, POST OR DO ON THE INTERNET CAN PUT YOU AT RISK.

Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Stay Safe & Secure Online. Outline Passwords Everyday Security Security Physical Security Protecting Personal Information.

Scams & Schemes Common Sense Media.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

End User Cyber Security Awareness Training. Who should complete this training This training is required for all individuals that owns a computer, mobile.

BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)

By: Lukas Touder Cortney Warrick Jennifer Wehner Zachary Westpy Nicholas Whelan Cybercrime.

How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.

Phishing Internet scams. Phishing phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and.

PORTFOLIO 1 CITIZEN MUHAMMAD TAUFIQ BIN TAHA FA

Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.

Protecting Your Identity: Information Security Basics Presented by:Barbara D. Kissner SVP & CIO International Fidelity Insurance Company March 18, 2014.

Topic 5: Basic Security.

Internet Safety Internet Safety LPM

Cyber Safety Jamie Salazar.

Safe Computing Practices. What is behind a cyber attack? 1.

Information Security Awareness Program. Agenda  What is Information Security?  Why is Information Security important?  Education Data Breach  Appropriate.

Identity Theft SS.8.FL.6.7 Evaluate social networking sites and other online activity from the perspective of making individuals vulnerable to harm caused.

Avoiding Frauds and Scams Barbara Martin-Worley Director, Consumer Fraud Protection 18 th Judicial District Attorney’s Office Serving Arapahoe, Douglas,

PCS Technology for Students: Acceptable Use, Privacy, and Safety.

How to Make Yourself More Secure Using Public Computers and Free Public Wi-Fi.

Digital Citizenship Project Submitted by: Etta Pope Instructor: Laurie Fowler.

Digital Citizenship Project Justin Lann. Netiquette Netiquette on Social Media Sites – A set of social conventions that facilitate interactions over networks.

Information Technology Security Office of the Vice President for Information Technology New Employee Orientation II.

Internet Safety.

Identity Theft It’s a crime!

Edexcel GCSE Cyber security threats Computer Science 1CP1

Phishing, identity theft, and more

Done by… Hanoof Al-Khaldi Information Assurance

Learn how to protect yourself against common attacks

PCS Technology for Staff: Acceptable Use, Privacy, and Safety

Digital Citizenship Middle School

Social Engineering Charniece Craven COSC 316.

Internet Safety & Acceptable Use Standards

Tax Identity Theft Presenter Date

Information Security 101 Richard Davis, Rob Laltrello.

Phishing is a form of social engineering that attempts to steal sensitive information.

Appropriate Use of Technology

Cybersecurity Awareness

Information Security Awareness 101

Robert Leonard Information Security Manager Hamilton

Protecting Yourself from Fraud including Identity Theft

HOW DO I KEEP MY COMPUTER SAFE?

Information Security – Creating Awareness, Educating Staff, and Protecting Information Session 46 Chris Aidan, CISSP Information Security Manager Pearson.

How to keep the bad guys out and your data safe

What is Phishing? Pronounced “Fishing”

Security in mobile technologies

Protecting Yourself from Fraud including Identity Theft

Why Cyber Security is important to SME? Useful Tips on how you protect and secure your business. By Ronald Soh from Win-Pro Consultancy Pte Ltd

Presentation transcript:

Security and Compliance with Security Standards/ Boss's Day Investigator Scott Haugaard FBI Cyber Task Force – Omaha

Topics Communication Identity Authentication Phishing Internal Employee Threats Reporting Security Events

Trends and the Future Thin Clients Cloud Computing Cellular technology going away? Regional Wifi with your Internet Service Provider Encryption and other types of authentication Two-factor authentication

UNCLASSIFIED//FOUO UNCLASSIFIED//FOUO

What is the biggest threat to your organization?

Insider Threat #1 TRUSTING EMPLOYEE Disgruntled employee Customer Service Oriented 80% Disgruntled employee Terminated Disagreement with management Policy change 19% Insider with access Paid money to complete a task Directed by foreign power Resources 1%

INFOSEC

Security and Safety are synonymous… Always have a plan!

Why do we have security in your organization? SAFETY! LIABILITY Privacy concerns Copyright violations Identity Theft REPUTATION PROTECTION CLIENT AND CUSTOMER EXPECTATIONS Compliance, laws and regulations

Do you know what to do and who to contact if a security incident occurs?

Physical Security Internal Theft Tailgating or Piggybacking into your area Shoulder surfing Lock your desk and keyboard Clean desk policy

What's in the Trash? Dumpster diving is a technique used by law enforcement and criminals to find information or contraband that has been improperly discarded. Credit cards Checks Floor plans and schematics Photocopies of Drivers Licenses Financial records

Social Networking Annually check your privacy settings Check and clear out your “Friends” list Make a point to talk to your family about security Are you volunteering too much information NEVER USE YOUR PASSWORD FROM WORK AT HOME

Mobile Device Security Personal Electronic Device (PED) Phones Tablets Laptops ALWAYS HAVE A PIN or password Encrypt your device Enable restrictions Enable “Lost” mode

Credit Reports Proactive approach to your own security Free annually: annualcreditreport.com Itemize and verify your accounts to ensure they are yours Tax Season is a good time to do this?

INFOSEC Best Practices Never write down passwords and leave unsecured Never share passwords Never click on links or open attachments to untrusted sources Use AV and Firewalls and don’t disable them Don’t send sensitive data over unencrypted channels Dispose of data properly Don’t run programs from untrusted sources Properly secure information when not in use Verify you are speaking to the correct person If something seems to good to be true, it probably is

Social Engineering Employees are the weakest link All of the security measures in your company are defeated if you share your passwords and hold the door open for someone you don’t know Attempts to gain access Confidential information and credentials Access to sensitive areas and equipment Social Engineering can take many forms: In-person Email Phone Mail

Email Most common type of attack Best Practices Phishing Malicious attachments Hoaxes SPAM Scams Best Practices Don’t talk to people you don’t know or can’t verify Don’t open attachments from unknown sources Don’t follow links Don’t attempt to “unsubscribe”

Phishing Deceptive emails to get users to click on malicious links or open attachments Enter sensitive data Run applications Websites - Can and often do look like legitimate sites Banking (US Bank, FNB) PayPal / eBay Gov’t Sites Texting Vishing – combination of Voice or video call

Common Technology Facilitated Crimes Criminal Cyber ACH Fraud Identity Theft Internet Fraud Criminal Intrusions Stalking Harassment Child Exploitation Child Pornography Child Sexual Assault Online Enticement Human Trafficking Gangs Drugs Liquor Traffic Enforcement Public Corruption

Sextortion Online exploitation of an individual to disrobe and video a sexual act for the purpose of extortion NEVER TALK TO A STRANGER

Selfies, your child producing porn We could not tell you how many children we have seen nude in front of the mirror in one of your bathrooms!!! Short term consequences Humiliation at school or other activities Extorted Suicidal thoughts or ideas Long term consequences Employment opportunities Your child will always be remember as “that person that…” Your digital video camera Your digital camera Cell phone Computer Webcam Have you had a specific conversation with your child about this topic??? Please don’t wait.

Ransomware

PHISHING UNCLASSFIED

It is small for a reason…Think about reading emails on your phone! Fraudulent Email Accounts publicrelations@armamebraska.org kperkins@armanebraska.org Kim.Perkins@armanebraska.org Kim.Perkins@nngcom.com It is small for a reason…Think about reading emails on your phone!

Fraudulent Email Accounts publicrelations@armamebraska.org – not “m”, it is “n” kperkins@armanebraska.org – webmaster has a problem Kim.Perkins@armanebraska.org webmaster has a problem Kim.Perkins@hushmail.com – never use personal email Kim.Perkins@nngcom.com – no “m”

UNCLASSIFIED//FOUO Hacktivism Attempt to cause disruption to networks and service and loss of data Actions are non-violent and not aimed at individuals, but rather a company or government entity Retaliation Recent threats – financial, Industrial Control Systems (ICS), etc.