Your SlideShare is downloading. ×

Data Security for Nonprofits

521

Published on

Presentation on data security for nonprofit organizations presented by Ken Robey, CISSP, of Security in Focus, Inc., as part of the Project Ignite forum series.

Presentation on data security for nonprofit organizations presented by Ken Robey, CISSP, of Security in Focus, Inc., as part of the Project Ignite forum series.

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
521
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • 2 GbytesAnd these are the ones you can see. Others are just programs that install on your PC and continuously send back info.
  • Qualitative – rate the likelihood and impact of each threat you’ve identified.Look at Hugo:Likelihood – RareImpact – Material, maybe Catastrophic
  • Banking example from malwareBrowser overlay with keyloggerInformation captured and transmitted to criminals, but not bankAccount emptied within 3 minutes of user login while user being delayed by bogus error messagesUser then given false display showing old balance, and transaction list omitting those that emptied accountUser never actually connects with bank
  • Now you have one of these grids for each of the threats you identified and can make better decisions on which ones to mitigate.
  • If you decide to mitigate, there are two basic typesBehavioral (policy, process, education) – very effective for many threatsTechnological (anti-virus, firewall, intrusion detection, SPAM filters, …) – fairly effective in fighting yesterday’s threats; generally reacting to known threats; some new threat recognitionProbably need to do both. Avoid over reliance on technology.
  • ×