CYBERSECURITY By Salomon Frangieh CISBC.

Slides:

Advertisements

Similar presentations

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

Advertisements

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.

Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security Phishing Update CTC

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber Crime & Security Raghunath M D BSNL Mobile Services,

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.

Malicious Attack Corporate Awareness and Walk through Date 29 September 2011.

A Matter of Your Personal Security Phishing. Beware of Phishing s Several employees received an that looked legitimate, as if it was being.

What is Spam? d min.

A Matter of Your Personal Security Phishing Revised 11/30/15.

Cyber Safety Jamie Salazar.

Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.

Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,

Do you know who you’re dealing with? Social Engineering: Minimise the risk of becoming a victim.

OCTOBER IS CYBER SECURITY AWARENESS MONTH. October is Cyber Security Awareness Month  Our Cyber Security Awareness Campaign focuses on topics such as.

1 Outline of this module By the end of this module, you will be able to: – Understand what is meant by “identity crime”; – Name the different types of.

Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.

Computer Security Keeping you and your computer safe in the digital world.

Outline of this module By the end of this module, you will be able to: Understand the benefits that internet banking provides; Name the different dangers.

CURRENT STATUS OF CYBERCRIME  Security is the fastest growing service in IT  Cyber Crime Costs $750 Billion annually  70% of threats arrive via .

Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.

Important Information Provided by Information Technology Center

Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC

INTERNET SAFETY FOR EVERYONE

Edexcel GCSE Cyber security threats Computer Science 1CP1

Done by… Hanoof Al-Khaldi Information Assurance

Information Security.

Lesson 3 Safe Computing.

I S P S loss Prevention.

Data Compromises: A Tax Practitioners “Nightmare”

How to Protect Yourself from ID Theft and Social Engineering

Home Computer Security

Information Security 101 Richard Davis, Rob Laltrello.

Joe, Larry, Josh, Susan, Mary, & Ken

Phishing is a form of social engineering that attempts to steal sensitive information.

Staying Austin College

Teaching Computing to GCSE

Cybersecurity Awareness

Call AVG Antivirus Support | Fix Your PC

Information Security Awareness 101

IT Security awareness Training.

Robert Leonard Information Security Manager Hamilton

Mary Kummer Jim McNall PRIMA Spring Training 2018

Risk of the Internet At Home

Cyber Issues Facing Medical Practice Managers

DON’T GET HOOKED! YOU MAY BE UNAWARE BUT YOU ARE A PHISHING TARGET FOR CYBER CRIMINALS. A. Unknown sender address B. Offer too good to be true &

Network Security Best Practices

David J. Carter, CISO Commonwealth Office of Technology

Chapter 9 E-Commerce Security and Fraud Protection

Top Ten Cyber Security Hygiene Tips

9 ways to avoid viruses and spyware

Bethesda Cybersecurity Club

Business Compromise and Cyber Threat

Premier Employee Program Version 4.0

What is Phishing? Pronounced “Fishing”

Spear Phishing Awareness

6. Application Software Security

Why Cyber Security is important to SME? Useful Tips on how you protect and secure your business. By Ronald Soh from Win-Pro Consultancy Pte Ltd

Cybersecurity Simplified: Phishing

Presentation transcript:

CYBERSECURITY By Salomon Frangieh CISBC

Information Security and Business Continuity CYBERSECURITY By Salomon Frangieh Information Security and Business Continuity

Outline Cyber Attacks vs. Cyber Security Cyber Space & Cyber Attacks Cyber Attacks Anatomy, Types, Weapons What’s happening in Cyber Space? Cyber Security Measures & Challenges What is your role in Cyber Security?

Cyber Attacks vs. Cyber Security Cyber Attacks is a computer-to-computer attack that undermines the confidentiality, integrity, or availability of a computer or information resident on it. Cyber Security involves protection of sensitive personal and business information through prevention, detection and response to the different cyber attacks.

Cyberspace and Cyber Attacks Cyberspace: the virtual world of Computer Networks and the Internet. The improvement of Online Banking and Mobile Computing systems, made these services a privileged target for cyber criminals. Cyber Attacks consequences: Heavy penalties. Reputational, regulatory, and legal. Undermining capability to conduct business. Huge financial profits for cyber criminals.

Cyber Attacks Anatomy Information gathering Network entry Malware probing & CnC Points of Compromise Target data gathered Data Exfiltration

Cyber Attacks Types Device Compromise Distributed Denial of Service Attacks (DDOS) Data Exfiltration Bad Data Injection (SQL, XSS, etc.) Advanced Persistent Threats (APT)

Cyber Attacks Weapons

What’s happening in Cyberspace?

What’s happening in Cyberspace?

Cybersecurity Measures and Challenges Risk Management Program to help strengthen Cybersecurity. Regularly patch your systems and applications. Adopt effective SOC and evolve it to a security intelligence center. Establish a cyber incident management and response function. Create a cyber security awareness training program. Adopt a layered defense strategy. Establish an internal forensics function. Follow basic Cybersecurity hygiene. Harden ICT assets. Backup critical data.

Cybersecurity Measures and Challenges Hire qualified Cybersecurity resources. Ensure IT Security & Information Security have adequate budgets. Know where your PII is. Vendor relationship. Conduct a RA for each vendor. Use DLP and MDM. Review and update your security policies and procedures. Cybersecurity resources: ISO 27001, PCI DSS, NIST, COBIT. Propagation speed: Facebook user publishes a picture: 1.2 min. 4,920 computers receive the picture 2.4 min. 341,015 computers receive the picture

Layered Defense Strategy ACCESS CONTROLS ANTI-MALWARE AUDIT AND REVIEW AUTHENTICATION AWARENESS & TRAINING BACKUPS & CONTINUITY ENCRYPTION FIREWALLS & FILTERING INFO SECURITY POLICY MONITORING PATCHING PHYSICAL SECURITY THREAT INTELLIGENCE

What is your role in Cybersecurity? Beware of: Emails impersonating Senior Managers: Using personal emails and not a Corporate domain Verify the email address Email address and name don’t match Do not respond but verify with sender via a different medium Suspicious emails and attachments: Never open a file or a compressed file (such as .ZIP, .jar, etc.) that is attached to an email from an unknown source. If an unexpected file or compressed file is attached to an email from someone you know, forward to IT Help Desk for scanning the attachment. Avoid downloading files from untrusted sites.

What is your role in Cybersecurity? Beware of: Suspicious Links embedded in emails: Verify sender’s email address Hover on the link before clicking Forward to IT Help Desk for verification Phishing Is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

What is your role in Cybersecurity? Beware of: Social Engineering Is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter. Caller ID Spoofing Is the process of changing the caller ID to any number other than the calling number. The call-back method allows for some security when you think caller ID spoofing is being used. USB Sticks In case you find a USB stick, do not use it but rather hand it over to the IT Help Desk in order to have it scanned.

What is your role in Cybersecurity? Beware of: Email hacking and the financial losses that could result from such acts. You need to scrutinize emails coming from customers requesting wire transfers or other transactions. Tips to avoid falling victim of email hacks: Do not respond to these emails in case of doubt. Always verify the identity of your customers using the call-back method via phone numbers you have on file. Check for unusual trends: urgency of the request, time-bound, unusual Bank names and amounts, etc. Do not execute the payment instruction if you were not able to verify it with the customer directly. In case you suspect this is a fraudulent email notify the customer immediately to change their email password.

What is your role in Cybersecurity? Ensure that: Your customers contact info used for authentication is always up-to-date (such as phone and fax numbers, home and email addresses, etc.) No changes on customers contact info should be allowed over the phone. The customer must come in person to the branch and sign on the related documents that capture the change. Stay up-to-date.

What is your role in Cybersecurity? Quick Security Tips Use two-factor authentication where possible. Use HTTPS whenever you can: check the identity and the security level of the websites you intend to browse. Look for secure links. Set strong passwords and don’t share them with anyone. Keep your operating system, browser, anti-virus, and other critical software optimized by installing updates. Limit the amount of personal information you post online and use privacy settings to avoid sharing information widely. Be cautious about what you receive or read online—if it sounds too good to be true, it probably is.

Be vigilant. Identify. React. Respond. Escalate. What is your role in Cybersecurity? Be vigilant. Identify. React. Respond. Escalate. YOU are the LAST line of defense.

Questions and Answers Follow these simple steps to keep yourselves, assets, and your personal information safe online. Here are a few tips all Internet users can leverage to practice cybersecurity throughout the year.