Your SlideShare is downloading. ×
With respect to information security
Topics
 Introduction
 Is K-12 Doing What We Should?

 Protecting Private Data
 Preparing Kids Well
 You probably came...
Introduction – Evan Francen
• Co-founder of FRSecure
• Information security expert with 20 years of experience
• Areas of ...
Introduction – About FRSecure
• Information Security is all we do…
• Methodologies; we create and use a ton of „em
• Proje...
Protecting Private Data
• Types of data that K-12 is responsible for
• Types of people using our technology
How are we doi...
Protecting Private Data
Since 2005, there have been 716 breaches of
educational institutions involving more than 13
million private records*
(Sour...
Protecting Private Data
• People are the greatest risk
• We can‟t fix people with technology
How comfortable are you with ...
Protecting Private Data – Three Things
Every school should do these three things well.
• Information security governance
•...
Protecting Private Data – Three Things
Every school should do these three things well.
Information security governance – w...
Protecting Private Data – Three Things
Every school should do these three things well.
Information security training & awa...
Protecting Private Data – Three Things
Every school should do these three things well.
Information security incident respo...
Protecting Private Data – Three Things
Common deficiencies
Information security governance
• Everybody seems to think that...
Protecting Private Data – Three Things
Common deficiencies
Information security training & awareness
• There isn‟t a forma...
Preparing Kids Well
For a career in information security
We have a huge shortage of good information
security professional...
Preparing Kids Well
For a career in information security
Preparing Kids Well
For a career in information security
• Is there an opportunity to teach the kids real-world
informatio...
Preparing Kids Well
For life
• Are the kids taught about identity theft and how to
protect themselves?
• Are the kids taug...
Preparing Kids Well
Opportunity
FRSecure is very willing and able to work with K-12 to help
• Can we develop courses for t...
You probably came to see something cool
Didn‟t you?
Pretty basic, but still pretty cool.
1. ARP poisoning for passwords
2....
You probably came to see something cool
ARP Poisoning
We use ARP poisoning to audit networks, the bad guys use it to steal...
You probably came to see something cool
Bypassing your Web filtering
Works (almost) all the time.
Using Tor
Want step-by-s...
Let’s work together!
FRSecure exists to solve difficult information security challenges
with our clients & friends.
We don...
Questions?
FRSecure
141 West Main Street
Waconia, MN 55387

Evan Francen – evan@frsecure.com
Upcoming SlideShare
Loading in...5
×

TIES 2013 Education Technology Conference

88

Published on

Presentation delivered by FRSecure's President Evan Francen on 12/17/13 at the TIES 2013 Education Technology Conference

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
88
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "TIES 2013 Education Technology Conference"

  1. 1. With respect to information security
  2. 2. Topics  Introduction  Is K-12 Doing What We Should?  Protecting Private Data  Preparing Kids Well  You probably came to see something cool  Let‟s Work Together
  3. 3. Introduction – Evan Francen • Co-founder of FRSecure • Information security expert with 20 years of experience • Areas of expertise include information security governance, risk management, social engineering, compliance, and the things nobody else likes to do • Information security evangelist • Nickname is “the truth”
  4. 4. Introduction – About FRSecure • Information Security is all we do… • Methodologies; we create and use a ton of „em • Project Leaders all have 15+ years of experience • Transparent; we value knowledge transfer • Product agnostic means we can more easily serve your needs without conflict
  5. 5. Protecting Private Data • Types of data that K-12 is responsible for • Types of people using our technology How are we doing?
  6. 6. Protecting Private Data
  7. 7. Since 2005, there have been 716 breaches of educational institutions involving more than 13 million private records* (Source: Privacy Rights Clearinghouse - https://www.privacyrights.org/databreach/new) These are the breaches that we know about
  8. 8. Protecting Private Data • People are the greatest risk • We can‟t fix people with technology How comfortable are you with the mundane? (people want the new cool thing, but how “cool” is policy?)
  9. 9. Protecting Private Data – Three Things Every school should do these three things well. • Information security governance • Information security training & awareness • Information security incident response How comfortable are you with the mundane?
  10. 10. Protecting Private Data – Three Things Every school should do these three things well. Information security governance – what are the rules? • Management commitment • Information security policies • Information security processes How comfortable are you with the mundane?
  11. 11. Protecting Private Data – Three Things Every school should do these three things well. Information security training & awareness – people need to know the rules • Training & awareness are two separate, but related initiatives • Training – teaching the audience how to do something specific • Awareness – keeping a specific topic “top of mind” How comfortable are you with the mundane?
  12. 12. Protecting Private Data – Three Things Every school should do these three things well. Information security incident response – what do you do if someone breaks the rules or if the rules are ineffective? • If you don‟t know of an incident, it doesn‟t mean that one hasn‟t happened • Incident response should be a formalized, step-by-step process • An incident doesn‟t mean a breach How comfortable are you with the mundane?
  13. 13. Protecting Private Data – Three Things Common deficiencies Information security governance • Everybody seems to think that information security is an IT issue • If a school has policies, they are often ineffective and critical processes are sometimes missed • Compliance is not measured and/or enforced How comfortable are you with the mundane?
  14. 14. Protecting Private Data – Three Things Common deficiencies Information security training & awareness • There isn‟t a formal training & awareness program • People assume that there‟s common sense • Training is confused with awareness or vice versa How comfortable are you with the mundane?
  15. 15. Preparing Kids Well For a career in information security We have a huge shortage of good information security professionals, and the problem is only expected to get worse.
  16. 16. Preparing Kids Well For a career in information security
  17. 17. Preparing Kids Well For a career in information security • Is there an opportunity to teach the kids real-world information security skills in the classroom? • Is there an opportunity to teach the kids real-world information security skills after school?
  18. 18. Preparing Kids Well For life • Are the kids taught about identity theft and how to protect themselves? • Are the kids taught about regulatory compliance, policies, password management, etc.?
  19. 19. Preparing Kids Well Opportunity FRSecure is very willing and able to work with K-12 to help • Can we develop courses for the students? • Can we develop after school activities for students? How about a “Hacking Club”?
  20. 20. You probably came to see something cool Didn‟t you? Pretty basic, but still pretty cool. 1. ARP poisoning for passwords 2. Bypassing Website filtering
  21. 21. You probably came to see something cool ARP Poisoning We use ARP poisoning to audit networks, the bad guys use it to steal passwords. Using Cain & Abel Want step-by-step instructions? Give me your business card and I‟ll email you.
  22. 22. You probably came to see something cool Bypassing your Web filtering Works (almost) all the time. Using Tor Want step-by-step instructions? Give me your business card and I‟ll email you.
  23. 23. Let’s work together! FRSecure exists to solve difficult information security challenges with our clients & friends. We don’t have to do business together in order to work together. Two things: 1. Helping you secure your information 2. Helping equip students
  24. 24. Questions? FRSecure 141 West Main Street Waconia, MN 55387 Evan Francen – evan@frsecure.com

×