Michael Menne IT Solutions Chief Information Security Officer

Slides:



Advertisements
Similar presentations
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Advertisements

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
THE MEMBERS GROUP Safeguard Iowa Partnership – Cybersecurity Webinar Series.
Training solution for Mobile Workforce. People expect to consume content when and where they want to. Training for Mobile Workforce.
The Most Critical Risk Control: Human Behavior Lynn Goodendorf Director, Information Security Atlanta ISACA Chapter Meeting June 20, 2014.
David A. Brown Chief Information Security Officer State of Ohio
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Social Networking Services and User Data Protection
Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
New Faculty Orientation to Privacy and Security at UF Susan Blair, Chief Privacy Officer Kathy Bergsma, Information Security.
Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
Get Complete IT Compliance: Reduce Risk and Cost Jonathan CISO, Qualys Seth Automation Specialist, BMC.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
Information Security Technological Security Implementation and Privacy Protection.
Case Study: Department of Revenue Data Breach National Association of State Auditors, Comptrollers and Treasurers March 21, 2013.
Wireless Password:  “The cloud” is real  Electronic data growth is rapid and pervasive  Employees use the cloud to conduct government work.
Data Center Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory compliances?
October 29, 2015 The University Information Security Policy & InfoSec one year on… Tom Anstey Weatherall Institute of Molecular Medicine & InfoSec
STRATEGY SESSION SEPTEMBER 15, YEAR SECURITY DISCUSSION 1 NETWORK PLANNING TASK FORCE.
INFORMATION TECHNOLOGY SERVICES Mike Russo, PMP, CISSP, CISA, CFE, CGEIT Director, Information Security and Privacy Office CYBERSECURITY AND PRIVACY Information.
KTAC Security Task Force Superintendents Update April 23, 2015.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Cybersecurity Risk, Remediation, Response Nathan Gibson, CCE, CEH.
WHEN, NOT IF THE CYBER SECURITY CHALLENGES AMONG LOCAL GOVERNMENT UMBC Public Policy Forum Baltimore Maryland April 15, 2016 Gayle B. Guilford CISO Baltimore.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
October 28, 2015 Cyber Security Awareness Update.
November 14, 2016 bit.ly/nercomp_defendingyourdata16
Michael Wright • Chief Security Officer • Tech Lock
Earth’s Mightiest Heroes: Combating the Evils Lurking in Cyberspace
Performing Risk Analysis and Testing: Outsource or In-house
Cyber Security – An Existential Threat? (IIC, Singapore)
Sean Moriarty, Oswego State CTS 2016 Cyber Security Update
An Update on FERPA and Student Privacy
Your security risk is higher than ever.
Deployment Planning Services
Cloud Firewall.
2016 Data Breach Investigations Report
Data Center Firewall.
Journey to Microsoft Secure Cloud
Merit Process Budget Planning and Development FAR Meeting
THR2099 What to do BEFORE all hell breaks loose: Building a modern cybersecurity strategy.
ComArtSci Technology Update
What if tomorrow never comes
Information Security Board
Privacy or Security Are they the same?
Cybersecurity Awareness
Information is at the heart of any University, and Harvard is no exception. We create it, analyze it, share it, and apply it. As you would imagine, we.
Cyber Security in the Mortgage Industry
It’s About Time – ScheduleMe Outlook Add-In for Office 365 Enables Users to Schedule Meetings Easily with People Outside of Your Organization Partner Logo.
Auburn Information Technology
PRIVILEGED ACCOUNT ABUSE
SMB practice development: Security play
The Financial Impact of Cyber Risk 50 Questions Every CFO Should Ask
SMB practice development: Security play
Top Ten Cyber Security Hygiene Tips
Considerations for Cybersecurity and Data Security in Today’s World
Cyber Security Best Practices
Policies and Procedures to Protect you, your Office and your Data
Welcome to Liscio, our new client communication platform.
Technology Solutions Cybersecurity Report to the KCTCS Board of Regents March 14, 2019.
Information Protection
DATA BREACHES 6 4 , 9 3 There were…
In the attack index…what number is your Company?
Information Protection
The Digital University
Dr. Matthew Canham Dr. Clay Posey Institute for Simulation & UCF
Division of Engineering Computing Services
AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.
Presentation transcript:

Michael Menne IT Solutions Chief Information Security Officer National Cybersecurity Awareness Month Living in an Online World – Everyday Security Michael Menne IT Solutions Chief Information Security Officer

Why is Information Security Critical? New York Times 125 articles in 2013 700 articles in 2014 Verizon Data Breach Investigations Report (DBIR) 2015 70 Contributing Organizations 79,790 Security Incidents 2,122 Confirmed Data Breaches Forbes Ten-fold growth from 2012 to 2023 $60B to $639B 2013 2014 New York Times Articles 125 700+ Security Incidents 63,437 79,790 Data Breaches 1,367 2,122 Security Spending $60 billion (2012) $639 billion (2023) ITS Budget $5.0 Million (FY14) $4.8 Million (FY16)

What are the biggest risks to securing our data at Minnesota State? Awareness and Education Resources Human Capital Recurring costs versus one-time costs Old software and devices Mobile Devices Onerous legal requirements and processes Industry statistics $60B growth from 2012 to 2023 MSU isn’t growing at that pace. Our budgets are declining. 5.0B in 2013 to $4.8M in 2016

What are we doing right? Public Jobs, Private Data StarID Password Requirements System wide D2L Security Education Training Information Privacy and Security Policy Student Education Records Policy Review Directory Data Minnesota State System Office Policies, Procedures, Guidelines Budget Prioritization National Cybersecurity Awareness Month

National Cyber Security Awareness Month at MSU Everyday Security - Four Ps Passwords Phishing Patching Protect your Devices Cyber Security Guest Speaker Series Dr. Christophe Veltsos aka Dr. InfoSec – Oct. 3 Jeff Evenson – Oct. 12 Ryan Manship – Oct. 19 Craig Munson – Oct. 26 Dr. Christophe Veltsos aka Dr. InfoSec – Oct. 3 Faculty at Minnesota State Mankato Jeff Evenson – Oct. 12 Principal Security and Business Continuity Analyst at AgStar Ryan Manship – Oct. 19 Practice Director at RedTeam Security Craig Munson – Oct. 26 CISO – Minnesota State System Office

How can you help? Phishing

How can you help? Phishing Don’t be an easy target! Think before you click! Be suspicious! Dear e-mail user: Money transfer IMMEDIATE ACTION! Within 2 hours, 75% of opened phishing e-mails are clicked 92% compromised login/password

How can you help? Patching

How can you help? Patching Unpatched systems = Easy targets Keep software up to date Windows Update Apple Software Update 3rd party applications Keep mobile devices up to date Newer devices have monthly patches

How can you help? Protect your devices!

How can you help? Protect your devices! Use IT Solutions Center to reimage technology devices when purchased, moved, or transferred Use IT Solutions Center to recycle old technology Keep track of all devices at all times Especially mobile devices Use only apps from trusted app stores Google Play Apple App Store Microsoft Store

00711891 Purchased: August 1992 Sold: October 1999 Found: September 2016

00885648 Purchased: July 1996 Lost: August 2003 Found: September 2016

How can you help? Everyday Security All month long Promote National Cyber Security Awareness Month within each division / college Promote National Cyber Security Awareness Month with peers at other institutions All year long Partner with IT Solutions Information Security to improve our data practices and reduce risk to our data Watch for e-mails from IT Solutions Center Watch IT Solutions Information Security website https://www.mnsu.edu/its/security Join IT Solutions for a Data Privacy Day event in Jan. 2017

Questions