Las Positas College Flex Day

Slides:



Advertisements
Similar presentations
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Advertisements

Parachute Neighborhood Watch Presentation February 9, 2010.
Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
CYBER CRIME.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Internet Security Breach & Its Impact on Business Operations Kim Nguyen Manish Shirke Wa Mo Saravanan Velrajan.
Topic 5: Basic Security.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholder to insert your own image. Cyber.
Data Security at Duke DECEMBER What happened: “At this time, we have no indication that research data or personal data managed by Harvard systems.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
INTRODUCTION & QUESTIONS.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,
The Dangers and Consequences of Identity Theft By: Deandre Bennett.
Government Agency’s Name April  At the end of this course, the learner will be able to: ◦ Define personally identifiable information ◦ List examples.
Carroll County Advisement Program FINANCIAL LITERACY *IDENTITY THEFT *MONEY MANAGEMENT.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.
Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.
Allison Gladkowski.  About privacy and why it matters  Spyware and spam vocabulary and examples  Identity theft  Unapproved access  Today's big issues.
Security Risks Todays Lesson Security Risks Security Precautions
Done by… Hanoof Al-Khaldi Information Assurance
IT Security  .
Unit 4 IT Security.
Protecting What’s Yours: Your Identity
Handling Personal Data
A Project on CYBER SECURITY
Data Compromises: A Tax Practitioners “Nightmare”
Security in the Workplace: Information Assurance
Information Security 101 Richard Davis, Rob Laltrello.
Protecting our institutional and your personal data
Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.
Phishing is a form of social engineering that attempts to steal sensitive information.
Year 10 ICT ECDL/ICDL IT Security.
Forensics Week 11.
Lesson 2- Protecting Yourself Online
Cybersecurity Awareness
Agenda Consumer ID theft issues Data breach trends Laws and regulations Assessing and mitigating your risk.
4 ways to stay safe online 1. Avoid viruses and phishing scams
Risk of the Internet At Home
Protecting Your Identity:
Identity Theft This presentation will focus on identity theft. What do you already know about identity theft? Do you know anyone who has had their identity.
Take Cyber Security “TO HEART”
Ethics, Part 2 Chapter 5 pp National Income Tax Workbook™
Philip Nichilo Vincent Carestia
Top Ten Cyber Security Hygiene Tips
How to keep the bad guys out and your data safe
Cyber Security: What the Head & Board Need to Know
Securing your system, protecting your digital data and devices.
Who am I?. Information Security and You: Identity Theft and Credit Card Encryption.
Anthem Data Breach Group 2: Jing Jiang, Dongjie Wang, Haitao Huang, Binju Gaire, Parneet Toor.
Lesson 2- Protecting Yourself Online
Security in mobile technologies
Company Name | Phone Number | Website | Address
Marcial Quinones-Cardona
Privacy, Security, and Ethics
Types of Cybercrime Cyber crime is any kind of unlawful behaviour that involves the use of computers, either as a tool for committing a crime (such as.
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
School of Medicine Orientation Information Security Training
Presentation transcript:

Las Positas College Flex Day Data Security Las Positas College Flex Day

Starting Point #1: What do we mean by IT Security?

IT Security tries to achieve three things

IT Security tries to achieve three things Maintain Confidentiality

IT Security tries to achieve three things Confidentiality IT Security tries to achieve three things Maintain Data Integrity

IT Security tries to achieve three things Integrity Confidentiality IT Security tries to achieve three things Maintain Availability

IT Security tries to do three things Availability Integrity Confidentiality IT Security tries to do three things C. I. A.

Confidentiality Today’s Focus -

Starting Point #2: What Is Personally Identifiable Information?

Personally Identifiable Information (PII) Is… More than just SSN Varies by state A combination of data elements…

What Is Personally Identifiable Information? An individual’s first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted: (A) Social security number. (B) Driver’s license number or California identification card number. (C) Account number or credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account. (D) Medical information. (E) Health insurance information. (F) Information or data collected through the use or operation of an automated license plate recognition system, as defined in Section 1798.90.5. (2) A user name or email address, in combination with a password or security question and answer that would permit access to an online account. (i) (1) For purposes of this section, “personal information” does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.*

Some Bad News The number of reported PII breaches in 2017 was up 88% from 2016 2.5 BILLION records were exposed Source: gemalto.com

At Least We Aren’t in “Financial Services” or “Health Care” Percentage of data breaches by industry Healthcare 27% Financial Services 12% Education 11% Government 11% Source: gemalto.com

Higher Education is enticing… We handle LOTS of PII We tend to promote open access Our cyber-security tends to be underfunded compared to other industries

Recent Breaches – Higher Ed

Recent Breaches - Higher Ed

Recent Breaches – Higher Ed

Recent Breaches – Higher Ed Augusta University August 16, 2018: The protected health information of 417,000 people has been exposed after a cyberattack on Augusta University. This data breach occurred after several email accounts were compromised in a phishing attack. The individuals affected are primarily patients of Augusta University Health, Augusta University Medical Center, Children’s Hospital of Georgia, and more than 80 outpatient clinics around the state

Biggest Breaches – Of Interest

Biggest Breaches – Of Interest

Biggest Breaches – Of Interest Equifax In 2017 Cybercriminals penetrated Equifax, one of the largest credit bureaus, in July and stole the personal data of 145 million people. It was considered among the worst breaches of all time because of the amount of sensitive information exposed, including Social Security numbers. The company only revealed the hack two months later. It could have an impact for years because the stolen data could be used for identity theft.

Biggest Breaches – Of Interest Apollo October 2, 2018: A startup sales engagement company Apollo suffered a hack that exposed more than 200 million contact records from its prospect database. Names, email addresses, company names, and other business contact information was included in the data. No financial or Social Security information was compromised.

How are breaches happening?

How are breaches happening?

Biggest Threats To Us In Higher Ed Phishing – Stealing a password via email Viruses – Malicious software Ransomware – Encrypt a person’s files and demand payment to get them back Data Loss – Devices with personal data are lost or stolen (phones, laptops, etc)

PHISHING https://www.youtube.com/watch?v=opRMrEfAIiI

Phishing No Amount of Cyber Security Works Firewalls Anti-Virus Activity Monitoring If someone gives away their username and password, or if someone can guess your password, they are YOU on our network.

YOU ARE THE MOST IMPORTANT PART OF OUR CYBER DEFENSES! Phishing No Amount of Cyber Security Works Firewalls Anti-Virus Activity Monitoring If someone gives away their username and password, or if someone can guess your password they are YOU on our network. YOU ARE THE MOST IMPORTANT PART OF OUR CYBER DEFENSES!

We Interrupt This Broadcast For An Important Message

Passwords Change your password regularly, but not too often Use a long, complex password where possible We are working on changing this for Classweb. Never log someone in under your credentials And, of course, never give it to anyone via email or over the phone.

Worst Passwords of 2018 According to Osterman Research, Inc. the typical information worker spends 153 minutes per day working in email and 51 minutes in social media – 42.5 percent of a typical eight - hour day – not to mention the various work - related and personal use of the web that takes place on a daily basis. Consequently, security for all of these tools must be of paramount concern for decision makers because of the substantial opportunity that they represent for ingress of malware and other threats. For example, our research found that during just the last 12 months: 74 percent of organizations have been infiltrated with malware through Websurfing 64 percent have experienced malware infiltration through email. 22 percent have experienced an accidental or malicious leak of sensitive or confidential data through email 14 percent of organizations have had malware enter the corporate network through social media or other Web 2.0 apps http://www2.trustwave.com/rs/trustwave/images/Best_Practices_in_Email_Web_and_Soc ial_Media_Security_Trustwave.pdf

Viruses

Viruses - The Good Ol’ Days Hackers wanted to show how smart they were Glorified “pranks” with no monetary incentive Fueled by “nerd rage” – the Melissa Virus

Viruses - Not So Long Ago Pop-up and “Adware” Hackers wanted to “take over” your computer Computer becomes a “Zombie” and is used to generate spam Zombies also used for attacks on businesses and government Money starting to creep in…

Viruses - Today Used to steal or gain access to information which can be sold Stealing passwords Stealing data directly off the computer Gaining access to other systems Mining for dollars, and…

Ransomware A newer form of Virus - Extortion Encrypts all or most of the files on a computer or server Victims are sent messages directing them to pay for access to the files One Southern California College paid ~$30k to unlock 1700 PCs

Data Loss & Theft

Data Loss / Theft PII lives in MANY places PC’s and Laptops Phones and Tablets Thumb Drives Email Hardcopy Files

So what are we able to do? Be vigilant for Phishing attacks Be “smart” with your passwords Password123 needs to be changed. ITS is implementing a security framework CIS 20 Controls

Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.