SlideShare a Scribd company logo

Network Security - What Every Business Needs to Know

Download as PPTX, PDF
M
mapletronics

"There are two kinds of big companies in the United States. There are those who've been hacked and those who don't know they've been hacked." FBI Director James Comey Cyber security can feel overwhelming, and the items this slide deck covers will inform you on how to better prepare your business. 1) Why would a hacker target your business 2) What data should you protect 3) Avoiding security negligence 4) What can you do to protect your company

Technology
1 of 29
Network Security WHAT EVERY BUSINESS OWNER NEEDS TO KNOW
“There are two kinds of big companies in the United States. There are those who’ve been hacked…and those who don’t know they’ve been hacked.” - FBI Director James Comey
The dam has broken for small companies when it comes to security. Jeremy Grant, an adviser at the Department of Commerce’s National Institute of Standards and Technology, says in the past two years he has seen "a relatively sharp increase in hackers and adversaries targeting small businesses." According to the security company Symantec, cyberattacks on small businesses rose 300 percent in 2012 from the previous year. INK MAGAZINE JANUARY 2014
www.digitalattackmap.com
New York TimesPlus many more!
Cyber Security can feel overwhelming
Our objective today is to empower you to do something
Items to cover today 1. Why would a hacker target your business? 2. What Data should you protect? 3. Avoiding Security Negligence 4. What can I do to protect my company?
What do Hackers attack? Cause Disruption Personal Information Banking information Access Gateway to bigger fish Ransom Intellectual Property
Personal Information Free Credit! SSN of kids Drivers license numbers Social Security numbers
Ransom Typically comes through email Encrypts drives, even network drives Demands a ransom to unencrypt your data - typically have just a few days - typically hundreds of dollars Sometimes will give you a “sample” to prove they have integrity  CryptoLocker, TorrentLocker, CryptoFortress …
To Cause Disruption Questions to consider 1. If you no longer had access to your company data how long would you be able to function as a business? 2. How long until it becomes really painful? 3. How many past employees would cause you harm if given the chance?
What data should I secure? Any data that if no longer available would disrupt your business Any personal information Data with liability under compliance laws (PCI, HIPAA …) Intellectual property
Where is your data? Company data Local drives Smart phones Personal devices Tablets The Cloud
Avoid Security Negligence Failure to use reasonable care, resulting in damage or injury to another.
Indiana Law The Office of the Indiana Attorney General is committed to enforcing the Disclosure of Security Breach law to better protect Hoosiers from identity theft. This law requires Indiana businesses inform their customers about security breaches that have placed their personal information in jeopardy. The Office can seek up to $150,000 for data breaches that have not been properly disclosed to Indiana customers. http://www.in.gov/attorneygeneral/2410.htm What if I have a breach?
Avoid Security Negligence 1. Protect your data to the best of your ability 2. Consider an outside evaluation 3. Review and update plans and policies frequently 4. Consider data breech insurance Failure to use reasonable care, resulting in damage or injury to another.
What can I do to protect my company? Level 4 – Data breach could potentially harm lives; security breach simply must not happen Level 3 – Personal/Identity, compliance, intellectual property – i.e. account information, credit card or social security numbers, HIPAA, PCI, Sarbanes Oxley, etc. Level 2 – Some sensitive data but not relative to health, personal info, or credit card info Level 1 – No sensitive data
Detection Prevention
User Policy Perimeter End Point Access
Access 1. All patches, especially security patches must be up to date on your server. 2. Access Policy enforcement – setup employee access to only those areas where they should have access and restrict the rest. 3. Password Policy enforcement –server access should be set to follow your policy. Note guideline in handouts. 4. Centralized Data – keep as much data in one central location as possible for better control. 5. Business continuity plan – create a plan, test and review regularly.
End Point 1. Good Anti-virus program ◦ Example: Eset 2. Anti–Malware program ◦ Example: Malware Bytes 3. Patching – all software especially the Operating system should have all patches up to date. 4. Restrict ability to install software to Admin only What I use to get to my data
Perimeter Firewall ◦ Restricted or monitored Internet access ◦ Another layer of Anti- Malware and Anti-Virus at Gateway Wireless Access points ◦ Public access separated from private access Cable access ◦ Every cable goes somewhere Create a barrier from outside access
Policy and Procedures 1. Use Policy 2. PC/Laptop Policy 3. BYOD (bring your own device) Policy 4. Password policyCreate and enforce
Policy and Procedures 1. New user procedure 2. Terminated user procedure ◦ employee ◦ Leader ◦ IT employee or company 3. Hardware disposal procedure 4. Hardware refresh guideline Create and follow
Summery 1. Access – Secure your data and limit access 2. End Point – Protect yourself from users 3. Perimeter – establish a barrier from the rest of the world 4. Policy and Procedures – this allows for the beginning of education. 5. Review and update regularly
Questions

Recommended

Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...David Menken
 
Information security / Cyber Security ppt
Information security / Cyber Security pptInformation security / Cyber Security ppt
Information security / Cyber Security pptGryffin EJ
 
Cyber Security in the Interconnected World
Cyber Security in the Interconnected WorldCyber Security in the Interconnected World
Cyber Security in the Interconnected WorldRussell_Kennedy
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnKloudLearn
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information SecurityKen Holmes
 
Information security awareness training
Information security awareness trainingInformation security awareness training
Information security awareness trainingSandeep Taileng
 

Recommended

Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...David Menken
 
Information security / Cyber Security ppt
Information security / Cyber Security pptInformation security / Cyber Security ppt
Information security / Cyber Security pptGryffin EJ
 
Cyber Security in the Interconnected World
Cyber Security in the Interconnected WorldCyber Security in the Interconnected World
Cyber Security in the Interconnected WorldRussell_Kennedy
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnKloudLearn
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information SecurityKen Holmes
 
Information security awareness training
Information security awareness trainingInformation security awareness training
Information security awareness trainingSandeep Taileng
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Cyber Security Infotech
 
Cyber Domain Security
Cyber Domain SecurityCyber Domain Security
Cyber Domain SecurityICSA, LLC
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security ThreatsQuick Heal Technologies Ltd.
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityRahul Tyagi
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Cyber Risks
Cyber RisksCyber Risks
Cyber RisksRickWaldman
 
Information security for dummies
Information security for dummiesInformation security for dummies
Information security for dummiesIvo Depoorter
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 
Cyber security mis
Cyber security misCyber security mis
Cyber security misAditya Singh Rana
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uaeRishalHalid1
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security9784
 
Data security
Data security Data security
Data security Laura Breese
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threatsTIKAJ
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & PrivacyNawanan Theera-Ampornpunt
 
Information security
Information securityInformation security
Information securityVijayananda Mohire
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 
DSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleDSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleAndris Soroka
 
Information Security and your Business
Information Security and your BusinessInformation Security and your Business
Information Security and your BusinessCyberCon Security Solutions, LLC
 

More Related Content

What's hot

Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Cyber Security Infotech
 
Cyber Domain Security
Cyber Domain SecurityCyber Domain Security
Cyber Domain SecurityICSA, LLC
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityRahul Tyagi
 
Information security for dummies
Information security for dummiesInformation security for dummies
Information security for dummiesIvo Depoorter
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uaeRishalHalid1
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security9784
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threatsTIKAJ
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 

What's hot (20)

Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)
 
Cyber Domain Security
Cyber Domain SecurityCyber Domain Security
Cyber Domain Security
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe Security
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Cyber Risks
Cyber RisksCyber Risks
Cyber Risks
 
Information security for dummies
Information security for dummiesInformation security for dummies
Information security for dummies
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber Security
 
Cyber security mis
Cyber security misCyber security mis
Cyber security mis
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uae
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security
 
Data security
Data security Data security
Data security
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threats
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
 
Information security
Information securityInformation security
Information security
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awareness
 

Viewers also liked

DSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleDSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleAndris Soroka
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safewoodsy01
 
Cyber Security for Business Traveller
Cyber Security for Business TravellerCyber Security for Business Traveller
Cyber Security for Business TravellerRajneesh G
 
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...Sucuri
 
Information Security Business Middle East 2011
Information Security Business Middle East 2011Information Security Business Middle East 2011
Information Security Business Middle East 2011Arjun V
 
Security First: What it is and What it Means for Your Business
Security First: What it is and What it Means for Your BusinessSecurity First: What it is and What it Means for Your Business
Security First: What it is and What it Means for Your BusinessGeorgian
 
IT Security for your Business
IT Security for your BusinessIT Security for your Business
IT Security for your BusinessNeil Kemp
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
ISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementRamiro Cid
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practicesamiable_indian
 

Viewers also liked (12)

DSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business PeopleDSS @RIGA COMM2013 - The Value of an IT Security for Business People
DSS @RIGA COMM2013 - The Value of an IT Security for Business People
 
Information Security and your Business
Information Security and your BusinessInformation Security and your Business
Information Security and your Business
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
 
Cyber Security for Business Traveller
Cyber Security for Business TravellerCyber Security for Business Traveller
Cyber Security for Business Traveller
 
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
The Business of Security: The Nitty Gritty of Running a Multi-Million Dollar ...
 
Information Security Business Middle East 2011
Information Security Business Middle East 2011Information Security Business Middle East 2011
Information Security Business Middle East 2011
 
Security First: What it is and What it Means for Your Business
Security First: What it is and What it Means for Your BusinessSecurity First: What it is and What it Means for Your Business
Security First: What it is and What it Means for Your Business
 
IT Security for your Business
IT Security for your BusinessIT Security for your Business
IT Security for your Business
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
ISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementISO 22301 Business Continuity Management
ISO 22301 Business Continuity Management
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 

Similar to Network Security - What Every Business Needs to Know

A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsgppcpa
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guideMark Bennett
 
I’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextI’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextBrian Pichman
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...cyberprosocial
 
Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!Craig Rispin
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6seadeloitte
 
The Need for Internet Security for Small Businesses - 10 Best Practices | The...
The Need for Internet Security for Small Businesses - 10 Best Practices | The...The Need for Internet Security for Small Businesses - 10 Best Practices | The...
The Need for Internet Security for Small Businesses - 10 Best Practices | The...TheEntrepreneurRevie
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataAccellis Technology Group
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
Protecting Your Business from a Cyber Attack
Protecting Your Business from a Cyber AttackProtecting Your Business from a Cyber Attack
Protecting Your Business from a Cyber AttackBen Jones
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy IntroductionG Prachi
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfV2Infotech1
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxV2Infotech1
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
Kevin Wharram Security Summit
Kevin Wharram Security SummitKevin Wharram Security Summit
Kevin Wharram Security SummitKevin Wharram
 

Similar to Network Security - What Every Business Needs to Know (20)

A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guide
 
I’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextI’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take Next
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
 
Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6
 
The Need for Internet Security for Small Businesses - 10 Best Practices | The...
The Need for Internet Security for Small Businesses - 10 Best Practices | The...The Need for Internet Security for Small Businesses - 10 Best Practices | The...
The Need for Internet Security for Small Businesses - 10 Best Practices | The...
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
Protecting Your Business from a Cyber Attack
Protecting Your Business from a Cyber AttackProtecting Your Business from a Cyber Attack
Protecting Your Business from a Cyber Attack
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy Introduction
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdf
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptx
 
Document-3.docx
Document-3.docxDocument-3.docx
Document-3.docx
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
Kevin Wharram Security Summit
Kevin Wharram Security SummitKevin Wharram Security Summit
Kevin Wharram Security Summit
 

Recently uploaded

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Recently uploaded (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

Network Security - What Every Business Needs to Know

  • 1. Network Security WHAT EVERY BUSINESS OWNER NEEDS TO KNOW
  • 2. “There are two kinds of big companies in the United States. There are those who’ve been hacked…and those who don’t know they’ve been hacked.” - FBI Director James Comey
  • 3. The dam has broken for small companies when it comes to security. Jeremy Grant, an adviser at the Department of Commerce’s National Institute of Standards and Technology, says in the past two years he has seen "a relatively sharp increase in hackers and adversaries targeting small businesses." According to the security company Symantec, cyberattacks on small businesses rose 300 percent in 2012 from the previous year. INK MAGAZINE JANUARY 2014
  • 6.
  • 7.
  • 8. Cyber Security can feel overwhelming
  • 9. Our objective today is to empower you to do something
  • 10. Items to cover today 1. Why would a hacker target your business? 2. What Data should you protect? 3. Avoiding Security Negligence 4. What can I do to protect my company?
  • 11. What do Hackers attack? Cause Disruption Personal Information Banking information Access Gateway to bigger fish Ransom Intellectual Property
  • 13. Ransom Typically comes through email Encrypts drives, even network drives Demands a ransom to unencrypt your data - typically have just a few days - typically hundreds of dollars Sometimes will give you a “sample” to prove they have integrity  CryptoLocker, TorrentLocker, CryptoFortress …
  • 14. To Cause Disruption Questions to consider 1. If you no longer had access to your company data how long would you be able to function as a business? 2. How long until it becomes really painful? 3. How many past employees would cause you harm if given the chance?
  • 15. What data should I secure? Any data that if no longer available would disrupt your business Any personal information Data with liability under compliance laws (PCI, HIPAA …) Intellectual property
  • 17. Avoid Security Negligence Failure to use reasonable care, resulting in damage or injury to another.
  • 18. Indiana Law The Office of the Indiana Attorney General is committed to enforcing the Disclosure of Security Breach law to better protect Hoosiers from identity theft. This law requires Indiana businesses inform their customers about security breaches that have placed their personal information in jeopardy. The Office can seek up to $150,000 for data breaches that have not been properly disclosed to Indiana customers. http://www.in.gov/attorneygeneral/2410.htm What if I have a breach?
  • 19. Avoid Security Negligence 1. Protect your data to the best of your ability 2. Consider an outside evaluation 3. Review and update plans and policies frequently 4. Consider data breech insurance Failure to use reasonable care, resulting in damage or injury to another.
  • 20. What can I do to protect my company? Level 4 – Data breach could potentially harm lives; security breach simply must not happen Level 3 – Personal/Identity, compliance, intellectual property – i.e. account information, credit card or social security numbers, HIPAA, PCI, Sarbanes Oxley, etc. Level 2 – Some sensitive data but not relative to health, personal info, or credit card info Level 1 – No sensitive data
  • 23. Access 1. All patches, especially security patches must be up to date on your server. 2. Access Policy enforcement – setup employee access to only those areas where they should have access and restrict the rest. 3. Password Policy enforcement –server access should be set to follow your policy. Note guideline in handouts. 4. Centralized Data – keep as much data in one central location as possible for better control. 5. Business continuity plan – create a plan, test and review regularly.
  • 24. End Point 1. Good Anti-virus program ◦ Example: Eset 2. Anti–Malware program ◦ Example: Malware Bytes 3. Patching – all software especially the Operating system should have all patches up to date. 4. Restrict ability to install software to Admin only What I use to get to my data
  • 25. Perimeter Firewall ◦ Restricted or monitored Internet access ◦ Another layer of Anti- Malware and Anti-Virus at Gateway Wireless Access points ◦ Public access separated from private access Cable access ◦ Every cable goes somewhere Create a barrier from outside access
  • 26. Policy and Procedures 1. Use Policy 2. PC/Laptop Policy 3. BYOD (bring your own device) Policy 4. Password policyCreate and enforce
  • 27. Policy and Procedures 1. New user procedure 2. Terminated user procedure ◦ employee ◦ Leader ◦ IT employee or company 3. Hardware disposal procedure 4. Hardware refresh guideline Create and follow
  • 28. Summery 1. Access – Secure your data and limit access 2. End Point – Protect yourself from users 3. Perimeter – establish a barrier from the rest of the world 4. Policy and Procedures – this allows for the beginning of education. 5. Review and update regularly