Presentation is loading. Please wait.

Presentation is loading. Please wait.

CYBERSECURITY By Salomon Frangieh CISBC.

Published byMelissa Carroll Modified over 6 years ago

Similar presentations

Presentation on theme: "CYBERSECURITY By Salomon Frangieh CISBC."— Presentation transcript:

1 CYBERSECURITY By Salomon Frangieh CISBC

2 Information Security and Business Continuity
CYBERSECURITY By Salomon Frangieh Information Security and Business Continuity

3 Outline Cyber Attacks vs. Cyber Security Cyber Space & Cyber Attacks
Cyber Attacks Anatomy, Types, Weapons What’s happening in Cyber Space? Cyber Security Measures & Challenges What is your role in Cyber Security?

4 Cyber Attacks vs. Cyber Security
Cyber Attacks is a computer-to-computer attack that undermines the confidentiality, integrity, or availability of a computer or information resident on it. Cyber Security involves protection of sensitive personal and business information through prevention, detection and response to the different cyber attacks.

5 Cyberspace and Cyber Attacks
Cyberspace: the virtual world of Computer Networks and the Internet. The improvement of Online Banking and Mobile Computing systems, made these services a privileged target for cyber criminals. Cyber Attacks consequences: Heavy penalties. Reputational, regulatory, and legal. Undermining capability to conduct business. Huge financial profits for cyber criminals.

6 Cyber Attacks Anatomy Information gathering Network entry Malware probing & CnC Points of Compromise Target data gathered Data Exfiltration

7 Cyber Attacks Types Device Compromise Distributed Denial of Service Attacks (DDOS) Data Exfiltration Bad Data Injection (SQL, XSS, etc.) Advanced Persistent Threats (APT)

8 Cyber Attacks Weapons

9 What’s happening in Cyberspace?

10 What’s happening in Cyberspace?

11 Cybersecurity Measures and Challenges
Risk Management Program to help strengthen Cybersecurity. Regularly patch your systems and applications. Adopt effective SOC and evolve it to a security intelligence center. Establish a cyber incident management and response function. Create a cyber security awareness training program. Adopt a layered defense strategy. Establish an internal forensics function. Follow basic Cybersecurity hygiene. Harden ICT assets. Backup critical data.

12 Cybersecurity Measures and Challenges
Hire qualified Cybersecurity resources. Ensure IT Security & Information Security have adequate budgets. Know where your PII is. Vendor relationship. Conduct a RA for each vendor. Use DLP and MDM. Review and update your security policies and procedures. Cybersecurity resources: ISO 27001, PCI DSS, NIST, COBIT. Propagation speed: Facebook user publishes a picture: 1.2 min. 4,920 computers receive the picture 2.4 min. 341,015 computers receive the picture

13 Layered Defense Strategy
ACCESS CONTROLS ANTI-MALWARE AUDIT AND REVIEW AUTHENTICATION AWARENESS & TRAINING BACKUPS & CONTINUITY ENCRYPTION FIREWALLS & FILTERING INFO SECURITY POLICY MONITORING PATCHING PHYSICAL SECURITY THREAT INTELLIGENCE

14 What is your role in Cybersecurity?
Beware of: s impersonating Senior Managers: Using personal s and not a Corporate domain Verify the address address and name don’t match Do not respond but verify with sender via a different medium Suspicious s and attachments: Never open a file or a compressed file (such as .ZIP, .jar, etc.) that is attached to an from an unknown source. If an unexpected file or compressed file is attached to an from someone you know, forward to IT Help Desk for scanning the attachment. Avoid downloading files from untrusted sites.

15 What is your role in Cybersecurity?
Beware of: Suspicious Links embedded in s: Verify sender’s address Hover on the link before clicking Forward to IT Help Desk for verification Phishing Is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

16 What is your role in Cybersecurity?
Beware of: Social Engineering Is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter. Caller ID Spoofing Is the process of changing the caller ID to any number other than the calling number. The call-back method allows for some security when you think caller ID spoofing is being used. USB Sticks In case you find a USB stick, do not use it but rather hand it over to the IT Help Desk in order to have it scanned.

17 What is your role in Cybersecurity?
Beware of: hacking and the financial losses that could result from such acts. You need to scrutinize s coming from customers requesting wire transfers or other transactions. Tips to avoid falling victim of hacks: Do not respond to these s in case of doubt. Always verify the identity of your customers using the call-back method via phone numbers you have on file. Check for unusual trends: urgency of the request, time-bound, unusual Bank names and amounts, etc. Do not execute the payment instruction if you were not able to verify it with the customer directly. In case you suspect this is a fraudulent notify the customer immediately to change their password.

18 What is your role in Cybersecurity?
Ensure that: Your customers contact info used for authentication is always up-to-date (such as phone and fax numbers, home and addresses, etc.) No changes on customers contact info should be allowed over the phone. The customer must come in person to the branch and sign on the related documents that capture the change. Stay up-to-date.

19 What is your role in Cybersecurity?
Quick Security Tips Use two-factor authentication where possible. Use HTTPS whenever you can: check the identity and the security level of the websites you intend to browse. Look for secure links. Set strong passwords and don’t share them with anyone. Keep your operating system, browser, anti-virus, and other critical software optimized by installing updates. Limit the amount of personal information you post online and use privacy settings to avoid sharing information widely. Be cautious about what you receive or read online—if it sounds too good to be true, it probably is.

20 Be vigilant. Identify. React. Respond. Escalate.
What is your role in Cybersecurity? Be vigilant. Identify. React. Respond. Escalate. YOU are the LAST line of defense.

21 Questions and Answers Follow these simple steps to keep yourselves, assets, and your personal information safe online. Here are a few tips all Internet users can leverage to practice cybersecurity throughout the year.

Download ppt "CYBERSECURITY By Salomon Frangieh CISBC."

Similar presentations

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent emails.

Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Information Security Phishing Update CTC

Information Security Phishing Update CTC
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Cyber Crime & Security Raghunath M D BSNL Mobile Services,

Cyber Crime & Security Raghunath M D BSNL Mobile Services,
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.

Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
Malicious Attack Corporate Awareness and Walk through Date 29 September 2011.

Malicious Attack Corporate Awareness and Walk through Date 29 September 2011.
01110000011100100110100101101111011100100110100101110100011110010010000001100 10001100001011101000110000101110000011100100110100101101111011100100110100101.

A Matter of Your Personal Security Phishing. Beware of Phishing Emails Several employees received an email that looked legitimate, as if it was being.

A Matter of Your Personal Security Phishing. Beware of Phishing s Several employees received an that looked legitimate, as if it was being.
What is Spam? d 0-0.49 min.

What is Spam? d min.
A Matter of Your Personal Security Phishing Revised 11/30/15.

A Matter of Your Personal Security Phishing Revised 11/30/15.

Similar presentations

Ads by Google