JISC FRAMEWORKS FOR CYBERSECURITY Implementation at Havering College

Slides:



Advertisements
Similar presentations
P3, M2,M3,M4.
Advertisements

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.
Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
RSA Attack Analysis Karl F. Lutzen, CISSP S&T Information Security Officer.
Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.
LittleOrange Internet Security an Endpoint Security Appliance.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.
IP Blacklisting Causes & Solution Marcus Low, R&D Director InternetNow International Sdn Bhd.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Information Technology Services 1 Copyright Copyright Marc Wallman and Theresa Semmens, This work is the intellectual property of the authors. Permission.
Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology.
Information Security Phishing Update CTC
Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
SharePoint Security Training Creating and Managing Users
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.
Security Version 6.1 | August Need for Complete Security Stop threats at the perimeter High volume spam, phishing, viruses and.
TECHDOTCOMP SUPPORT TECHDOTCOMP nd Ave, Seattle, WA 98122, USA Phone:
What’s New in Fireware v WatchGuard Training.
Implementing a Security Policy JISC – ICT Security Threats & Promises, April 2002 Mick Ismail ICT Services Manager City of Wolverhampton College.
FIREWALLS Created and Presented by: Dawn Blitch & Fredda Hutchinson.
Information Security in Laurier Grant Li Wilfrid Laurier University.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
ITS220 – How To Prevent Your PC From Infected by Virus presented by Desmond Ho.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
OIT Security Operations
Working at a Small-to-Medium Business or ISP – Chapter 8
Critical Security Controls
Direct Deposit Phishing Attack
Phishing Simulation #1
Backdoor Attacks.
Get to know SQL Manager SQL Server administration done right 
Basic Policy Overview Palo Alto.
How a Stateful Firewall Works
9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.
Utilization of Azure CDN for the large file distribution
Jon Peppler, Menlo Security Channels
Demo Advanced Threat Protection
What’s New in Fireware v12.1.1
Ways to Secure CMS Websites. The most widely used Content Management Systems are Wordpress, Joomla and Drupal as per statistics. The highest CMS platforms.
Information Security Session October 24, 2005
* Essential Network Security Book Slides.
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Welcome and thank you for choosing SharkGate
Security Essentials for Small Businesses
David J. Carter, CISO Commonwealth Office of Technology
12 STEPS TO A GDPR AWARE NETWORK
REDCap and Data Governance
1/16/2019 4:44 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Matt Langford, UNC Mike Hart, MSU Denver
Tom Murphy Chief Information Security Officer
Technology Solutions Cybersecurity Report to the KCTCS Board of Regents March 14, 2019.
Cybersecurity and Cyberhygiene
Employee Cybersecurity Program
XX XX $ $ Dark Web Scans Simulated Phishing
Securing web applications Externally
Using Software Restriction Policies
Why Cyber Security is important to SME? Useful Tips on how you protect and secure your business. By Ronald Soh from Win-Pro Consultancy Pte Ltd
Cybersecurity Simplified: Phishing
Presentation transcript:

JISC FRAMEWORKS FOR CYBERSECURITY Implementation at Havering College www.havering-college.ac.uk

About FE and HE College 407 FTE staff, 6,000 students 3000 workstations 2 main sites 1 construction centre www.havering-college.ac.uk

Why use the Jisc Framework? Approved tender, fixed pricing Affordable in lower quantity (helped to get initial scans in place) Range of services Tendered & approved by Jisc Account manager & College keen to make use of Jisc subscription Permission to scan the Jisc network www.havering-college.ac.uk

Vulnerability scan Analyse current state Remove vulnerable products Implement additional layers of protection Upgrade to latest secure versions Inform users and management www.havering-college.ac.uk

Results Scanned entire IP range for active systems Found 1 serious vulnerability (immediately removed) Some minor fixes (SSL ciphers) www.havering-college.ac.uk

Follow up Ensure new services are included in scan Joomla vulnerability found on a recent point release Otherwise only “low” entries Firewall on for scans (thoughts?) www.havering-college.ac.uk

Phishing simulation Initial test of user awareness >40% clicked link UCISA training follow-up Cybersecurity SD sessions Things to consider… Blanket or targeted? Internal or external style mail? Train first or phish first? www.havering-college.ac.uk

Phishing simulation www.havering-college.ac.uk

Phishing simulation Highlights a need for more robust email filtering Office 365 EOP no longer fit for purpose (?) but MS will happily sell you ATP… Accounts found on haveibeenpwned email spam lists Volume of phishing rapidly rising Framework for email security would be useful www.havering-college.ac.uk

CAD P.O.C. Analyse activity of Office 365 accounts Alert on (potentially) breached accounts Compare cost and features against Azure AD Premium www.havering-college.ac.uk

CAD P.O.C. At present can only do this manually Check daily for suspicious logins (country, time etc.) www.havering-college.ac.uk

Other services Best practice health checks Palo Alto SLR interesting insights into top traffic sources DNS Sinkholing Blocking CnC traffic Threat Profile www.havering-college.ac.uk

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.