Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security and Compliance with Security Standards/ Boss's Day

Published byJohn Hill Modified over 6 years ago

Similar presentations

Presentation on theme: "Security and Compliance with Security Standards/ Boss's Day"— Presentation transcript:

1 Security and Compliance with Security Standards/ Boss's Day
Investigator Scott Haugaard FBI Cyber Task Force – Omaha

2 Topics Communication Identity Authentication Phishing
Internal Employee Threats Reporting Security Events

3 Trends and the Future Thin Clients Cloud Computing
Cellular technology going away? Regional Wifi with your Internet Service Provider Encryption and other types of authentication Two-factor authentication

4 UNCLASSIFIED//FOUO UNCLASSIFIED//FOUO

5 What is the biggest threat to your organization?

6 Insider Threat #1 TRUSTING EMPLOYEE Disgruntled employee
Customer Service Oriented 80% Disgruntled employee Terminated Disagreement with management Policy change 19% Insider with access Paid money to complete a task Directed by foreign power Resources 1%

7 INFOSEC

8 Security and Safety are synonymous… Always have a plan!

9 Why do we have security in your organization?
SAFETY! LIABILITY Privacy concerns Copyright violations Identity Theft REPUTATION PROTECTION CLIENT AND CUSTOMER EXPECTATIONS Compliance, laws and regulations

10 Do you know what to do and who to contact if a security incident occurs?

11 Physical Security Internal Theft
Tailgating or Piggybacking into your area Shoulder surfing Lock your desk and keyboard Clean desk policy

12 What's in the Trash? Dumpster diving is a technique used by law enforcement and criminals to find information or contraband that has been improperly discarded. Credit cards Checks Floor plans and schematics Photocopies of Drivers Licenses Financial records

13 Social Networking Annually check your privacy settings
Check and clear out your “Friends” list Make a point to talk to your family about security Are you volunteering too much information NEVER USE YOUR PASSWORD FROM WORK AT HOME

14 Mobile Device Security
Personal Electronic Device (PED) Phones Tablets Laptops ALWAYS HAVE A PIN or password Encrypt your device Enable restrictions Enable “Lost” mode

15 Credit Reports Proactive approach to your own security
Free annually: annualcreditreport.com Itemize and verify your accounts to ensure they are yours Tax Season is a good time to do this?

16 INFOSEC Best Practices
Never write down passwords and leave unsecured Never share passwords Never click on links or open attachments to untrusted sources Use AV and Firewalls and don’t disable them Don’t send sensitive data over unencrypted channels Dispose of data properly Don’t run programs from untrusted sources Properly secure information when not in use Verify you are speaking to the correct person If something seems to good to be true, it probably is

17 Social Engineering Employees are the weakest link
All of the security measures in your company are defeated if you share your passwords and hold the door open for someone you don’t know Attempts to gain access Confidential information and credentials Access to sensitive areas and equipment Social Engineering can take many forms: In-person Phone Mail

18 Email Most common type of attack Best Practices Phishing
Malicious attachments Hoaxes SPAM Scams Best Practices Don’t talk to people you don’t know or can’t verify Don’t open attachments from unknown sources Don’t follow links Don’t attempt to “unsubscribe”

19 Phishing Deceptive s to get users to click on malicious links or open attachments Enter sensitive data Run applications Websites - Can and often do look like legitimate sites Banking (US Bank, FNB) PayPal / eBay Gov’t Sites Texting Vishing – combination of Voice or video call

20 Common Technology Facilitated Crimes
Criminal Cyber ACH Fraud Identity Theft Internet Fraud Criminal Intrusions Stalking Harassment Child Exploitation Child Pornography Child Sexual Assault Online Enticement Human Trafficking Gangs Drugs Liquor Traffic Enforcement Public Corruption

21 Sextortion Online exploitation of an individual to disrobe and video a sexual act for the purpose of extortion NEVER TALK TO A STRANGER

22 Selfies, your child producing porn
We could not tell you how many children we have seen nude in front of the mirror in one of your bathrooms!!! Short term consequences Humiliation at school or other activities Extorted Suicidal thoughts or ideas Long term consequences Employment opportunities Your child will always be remember as “that person that…” Your digital video camera Your digital camera Cell phone Computer Webcam Have you had a specific conversation with your child about this topic??? Please don’t wait.

23 Ransomware

24 PHISHING UNCLASSFIED

25 It is small for a reason…Think about reading emails on your phone!
Fraudulent Accounts It is small for a reason…Think about reading s on your phone!

26 Fraudulent Email Accounts
– not “m”, it is “n” – webmaster has a problem webmaster has a problem – never use personal – no “m”

27 UNCLASSIFIED//FOUO Hacktivism Attempt to cause disruption to networks and service and loss of data Actions are non-violent and not aimed at individuals, but rather a company or government entity Retaliation Recent threats – financial, Industrial Control Systems (ICS), etc.

Download ppt "Security and Compliance with Security Standards/ Boss's Day"

Similar presentations

Online Privacy A Module of the CYC Course – Personal Security 8-9-10.

Online Privacy A Module of the CYC Course – Personal Security
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
Cyber Safety Assessment Review

Cyber Safety Assessment Review
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?

1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.

BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Identity Theft Someone steals your personal information for his/her own gain It’s a crime!

Identity Theft Someone steals your personal information for his/her own gain It’s a crime!
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
Breaking Trust On The Internet

Breaking Trust On The Internet
What is identity theft, and how can you protect yourself from it?

What is identity theft, and how can you protect yourself from it?
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
CIT 1100. In this chapter you will learn how to:  Explain the threats to your computers and data  Describe key security concepts and technologies.

CIT In this chapter you will learn how to:  Explain the threats to your computers and data  Describe key security concepts and technologies.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
COMM 1010 Presentation By: Gina Haws Information for the presentation obtained from EVERYTHING YOU SAY, POST OR DO ON THE INTERNET CAN PUT YOU AT RISK.

COMM 1010 Presentation By: Gina Haws Information for the presentation obtained from EVERYTHING YOU SAY, POST OR DO ON THE INTERNET CAN PUT YOU AT RISK.
Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.

Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Similar presentations

Ads by Google