Antiphishing & Verified Communications

Slides:

Advertisements

Similar presentations

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

Advertisements

0-1 Team # Status Report (1 of 4) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team #: Team Name.

0-1 Team # Status Report (1 of 4) Client Contact –Status Point 1 –Status Point 2 Team Meetings –Status Point 1 –Status Point 2 Team Organization –Description.

SiteLock Internet Security: Big Threats for Small Business.

Website Hardening HUIT IT Security | Sep

Shocking Your Systems Examining Your Organization’s Internal & External Controls Alex Elmore, COO, Billy Casper Golf Curt McClellan, CFO, ClubCorp DJ Van.

Go to Select LOGINS Select MyUTK Go to Select LOGINS Select MyUTK FIRST.

OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.

IT Security CS5493(74293). IT Security Q: Why do you need security? A: To protect assets.

Virtual Private Network (VPN)

Managed Desktop Andrea Beesing April 5, 2016.

Printing (Net-Print) Joanne Button August 23rd 2016.

IT Service Management Suite

Network Service Laurie Collinsworth 10/18/2016.

SharePoint Online (Office 365)

Telephone Service Andrea Beesing November 15, 2016.

PCI Compliance Service

Web and Video Conferencing

Andrea Beesing September 6, 2016

Enterprise Content Management

Video Streaming and Hosting

Pete Bosanko & Vicky Mikula 1/26/2016

PHISHING Hi, The comms team asked if I could refresh everyone about Phishing after a fairly successful phishing circulated last week that led to.

IT Service Desk Service

Digital Signage M Scott Walters 4 Oct 2016.

Domain Name Service (DNS) Network Registry

Course Management System (Blackboard)

Scanning and Digitizing

Wi-Fi Network Service Laurie Collinsworth 10/18/2016.

Backup, Archive & Recovery

Electronic Lab Notebook (LabArchives)

Managed Server Service

Antivirus Service Rob Bandler May 17, 2016.

Plagiarism Detection (Turnitin)

Classroom Polling Service (i>clicker)

Confluence Wiki Vicky Mikula July 26th 2016.

(Presented by Eric Nobel)

Event Technical Support

Online Training (Lynda.com)

Lecture Capture Service (Panopto)

Password Escrow Service

Data Center Service Brian Messenger 11/15/2016.

Service Owner: Andrea Beesing 9 February 2016

Retirement Plans What are Your Options

Board Concerns About Cyber Security

Managed Security Services.

Managed Security Services

Managed Security Services.

Document Storage and Collaboration

Managed Security Services. Table Of Contents 1. Company profile 2. Managed Security Services 3.3. Features of Managed Security Services.

Presented by: Brendan Walsh Manager, Security and Access Management

IST 6160 Enthusiastic Studysnaptutorial.com

I have many checklists: how do I get started with cyber security?

SharePoint On Premises

Operations Damian Tanenbaum Executive Vice President, Operations.

Headline Risks High Probability

Curating an Effective Security Culture

We want to hear from you! chime16.org/evals

Structured Trade and Commodity Finance Advisory services

CHIPS for schools NSW Education Complaint Handling Improvement Program

Your Success Is Our Standard!

Co-produced children and young people's mental health training for hospital staff Change the Future.

Cyber Security in a Risk Management Framework

Phishing Don’t get caught!.

WHO - HOW - WHAT Communication & Training Needs

WORKSHOP Establish a Communication and Training Plan

WHO - HOW - WHAT Communication & Training Needs

“Workplace Behaviour: Activating your greatest security asset”

Presentation transcript:

Antiphishing & Verified Communications Rob Bandler March 8, 2016

Agenda Introductions Service Description Value Proposition Metrics Cost Security More information Q&A

Introductions Service owner: Rob Bandler Service manager: Rob Bandler Other service delivery team members: Lillian Isacks Meryl Bursic Shaley DeGiorgio

Service Description Antiphishing (Phishbowl) & Verified Communications http://www.it.cornell.edu/security/phishbowl.cfm https://www.it.cornell.edu/security/verified.cfm Two sites consist of current phishes targeting Cornell and Verified e-mail communications from service providers to community. Verified Communications are protected by NetID. Available to: Faculty, Staff, Instructional Professionals, TSPs, Students, Alumni, Guests No Fee Service Service tier: Two

Value Proposition Value proposition Customer impact Key benefits Available 24/7/365 for quick, easy self service use Current Info– Examples are updated in real time by ITSO No Fee – Can be leveraged by local IT to augment outreach and awareness training Customer impact Reduces successful phishing attacks & Credential Compromise Increases confidence in legitimate Cornell communications Key benefits Legitimate communications recognized, improved impact Feeds awareness and builds positive skeptical user culture Combats credential theft, greatest current threat to IT ecosystem

Metrics FY16 Q2 Quarterly Report Number of antiphishing examples: 30 12,433 page views Number of verified communications: 20 644 page views Availability: 100%

Cost Cost to deliver the service: $20,763* per year ($0.39 per page view) No Fee Service

Security What risks does use of the service mitigate? Credential loss, system compromise Financial loss Reputational harm Poor communication penetration How does the service mitigate risks? Stems credential theft, aids system security Outreach, awareness & cultural change aid Improves legitimate communication penetration

More information Service web page: http://www.it.cornell.edu/cms/security/phishbowl.cfm https://www.it.cornell.edu/security/verified.cfm Service catalog entry: https://catalog.it.cornell.edu/admin/6 Service quarterly report: http://cio.cornell.edu/resources/it-reports-documents-and-presentations/itcornell-quarterly-metrics/antiphishing-and

Questions?