Your SlideShare is downloading. ×
Making Information Security Fun
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Making Information Security Fun

1,819
views

Published on

High level description of marketing plan and implementation of key messaging around security awareness at the Rochester Institute of Technology.

High level description of marketing plan and implementation of key messaging around security awareness at the Rochester Institute of Technology.

Published in: Technology, Education

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,819
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Per the MarkMonitor Brandjacking Index for Spring 2009:Phish attacks targeting social networks have grown 241 percent from Q1 2008 to Q1 2009 and have grown 1,500-fold since we first started tracking the category in 2007.
  • University of North Carolina exposed ssn for about 114,000-180,000 women that was part of a multi-year medical research study. The server with this data stored on it was not located behind a firewall, a minimal security precaution. Fingers were pointed back and forth between the researcher and the IT dept. managing the servers.
  • Transcript

    • 1. Making Information Security FunBen WoelkPolicy and Awareness AnalystInformation Security OfficeRochester Institute of Technology585.475.4122Ben.woelk@rit.edu
    • 2. Introduction—the Problem • Everyone is a target • Identity theft is big business • You can’t rely on others to protect you 2
    • 3. Avert Labs Malware Research 3Retrieved July 24, 2009 from:http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/
    • 4. Phishing on Social Network Sites 4 http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf
    • 5. Solution •We needed a plan – Systematic repeatable – Goals – Proactive
    • 6. Components of a Plan •Audience analysis •Key messages •Channels •Calendar •Relationships
    • 7. What are Our Key Messages? •Data handling •Mandatory compliance •Phishing, Social engineering •Protecting IP/Research
    • 8. RIT Profile Rochester Institute of Technology, founded 1829 • ~18,000 students, mainly residential • 10% international • 1300+ deaf or hard of hearing (NTID) • ~3000 faculty and staff Respected leader in professional and career-oriented education Eight colleges, 80 majors, 3600 co-op students yearly
    • 9. Branding Consistency
    • 10. Web Presence • Use official university communications channels • Target messages to faculty, staff, and/or students
    • 11. Social Media • Meet students where they are • Post directly from Facebook to Twitter
    • 12. Private Information Management
    • 13. Phishing Awareness • Temporarily reduced response rate from ~25 per attempt to ~4 per attempt
    • 14. Orientation
    • 15. Faculty • Participate in faculty events • Hit hot topics
    • 16. Practice Digital Self Defense @RIT_Infosec www.facebook.com/RITInfosec Security.rit.edu 16