Presentation is loading. Please wait.

Presentation is loading. Please wait.

November 14, 2016 bit.ly/nercomp_defendingyourdata16

Published byGervais Doyle Modified over 7 years ago

Similar presentations

Presentation on theme: "November 14, 2016 bit.ly/nercomp_defendingyourdata16"— Presentation transcript:

1 November 14, 2016 bit.ly/nercomp_defendingyourdata16

2 Agenda 9:00 -9:15 Agenda and Introductions
9:15 to 9:45        2016 Threat Landscape, Patty Patria 9: :30       Practical Advice for Finding Threats on Your Network, Tim LaGrant 10:30 – 10:45 Break 10: :00       Digital Forensics & Incident Response, Andy Obuchowski 12:00 - 1:00 Lunch 1: :00           Hands on Training, Tim LaGrant and Sherry Horeanopoulous

3 About the Presenters…. Patty Patria, VP for Information Technology, Becker College; CISSP and PMP Tim LaGrant, Technical Director, Becker College Sherry Horeanopoulos, Information Security Officer, Fitchburg State University; CISA Andy Obuchowski, Director at RSM

4 About the Day.... Let’s make this interactive!
Ask questions as they come up. Share ideas you might have on how you address similar problems. Introduce yourself and what you would like to get from the day.

5 Session 1 2016 Threat Landscape

6 2016 Verizon Breach Report Industry Total Small Large Unknown
Education 254 16 29 209 Source: 2016 Verizon Data Breach Report

7 Threat Sources Source: 2016 Verizon Data Breach Report

8 Threat reasons Source: 2016 Verizon Data Breach Report

9 Threat Vectors Source: 2016 Verizon Data Breach Report

10 Threat by device Source: 2016 Verizon Data Breach Report

11 Amount of time to compromise
Source: 2016 Verizon Data Breach Report

12 Major areas of compromise-CVE
Software Vulnerabilities in Adobe and Microsoft are exploited quickly. Source: 2016 Verizon Data Breach Report

13 Major areas of compromise- Phishing
Top Solutions for Phishing: Filter It Continuous Education Layer your most confidential data so even end user malware can’t get to it. Source: 2016 Verizon Data Breach Report

14 Major areas of compromise- Credential compromise
Top Solutions for Credential Compromise: Require strong passwords that change frequently Employ 2-factor authentication Source: 2016 Verizon Data Breach Report

15 Incidents by type Source: 2016 Verizon Data Breach Report

16 Affects on higher education
Attempts Breaches Source: 2016 Verizon Data Breach Report

17 Other things to worry about…
Monetarization of Malware- malware needs to produce revenue, not just be disruptive. This has led to an increase in ATM-related malware, banking Trojans, and ransomware. ZDNet expects ransomware profits to hit 1 Billion this year.

18 Other things to worry about…social
Social Media is the hacker’s new favorite target. Like-jacking is a new exploit where criminals post fake Facebook “like” buttons which download malware to your device. 1 in 10 social media users said they’ve been a victim of a cyber attack . 600,000 Facebook accounts are com-promised every day.

19 Other things to worry about…mobile
In October, an 18 Year old app developer was arrested for almost bringing down 911 systems via cell phones. He posted a link on the TheHackSpot YouTube channel and Twitter and encouraged followers to click on the link. Authorities said they found evidence it had been clicked 1,849 times. Once users clicked the link, their phones were hijacked and the phones constantly dialed 911 until they were turned off. Source:

20 Other things to worry about…Iot
With the Internet of Things (IoT) growing, experts predict large scale DDoS attacks will be the “new normal”. There are currently billions of Internet-connected devices that attackers can hijack and organize into botnets. In October, Netflix, Twitter, Spotify, Reddit, SoundCloud and other major sites went down due to a DDoS attack on Dyn. The Dyn attacked confirmed that tens of millions of IP addresses were utilized as Mirai botnets, many of which were Chinese webcams. Source:

21 Conclusion….. Attacks are on the rise. They are coming from all venues from known vulnerabilities, to phishing, to social media to IoT. It is impossible to stop every attack. However, if you leverage good risk management and employ current technology, you can try to reduce your risk. Source:

22 Questions bit.ly/nercomp_security16

Download ppt "November 14, 2016 bit.ly/nercomp_defendingyourdata16"

Similar presentations

Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.

Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.
Security for Internet Every Day Use Standard Security Practices and New Threats.

Security for Internet Every Day Use Standard Security Practices and New Threats.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Phishing, Pharming, and Spam Margaret StewartTuesday, Oct. 21, 2006.

Phishing, Pharming, and Spam Margaret StewartTuesday, Oct. 21, 2006.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
A Growing Threat Debbie Russ 1/28/2015. What is Ransomware? A type of malware which restricts access to the computer system that it infects, and demands.

A Growing Threat Debbie Russ 1/28/2015. What is Ransomware? A type of malware which restricts access to the computer system that it infects, and demands.
CCT355H5 F Presentation: Phishing November 22. 2012 Jennifer Li.

CCT355H5 F Presentation: Phishing November Jennifer Li.
Topic 5: Basic Security.

Topic 5: Basic Security.
Financial Sector Cyber Attacks Malware Types & Remediation Best Practices

Financial Sector Cyber Attacks Malware Types & Remediation Best Practices
Https://www.youtube.com/watch?v=1hpU_Neg1KA. INTRODUCTION & QUESTIONS.

INTRODUCTION & QUESTIONS.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.

Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.

Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.
Www.cygnia.co.uk 1 1 Advanced Cyber Security Event - Introduction 11 th May 2016 Matt Locker.

1 1 Advanced Cyber Security Event - Introduction 11 th May 2016 Matt Locker.
Cyber Attack – Not a case of if, but when! Housing Technology 2016 Kevin Doran – Chief Technology Officer Tim Cowland – Principal Consultant.

Cyber Attack – Not a case of if, but when! Housing Technology 2016 Kevin Doran – Chief Technology Officer Tim Cowland – Principal Consultant.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.

Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
CDAC ITS Security Awareness How to help your daily computer activities remain safe and sane.

CDAC ITS Security Awareness How to help your daily computer activities remain safe and sane.

Similar presentations

Ads by Google